- Platform information:
- Hardware: rpi3
- OS: openhabian buster
- openHAB version: 2.5
Hi all!
Yesterday I successfully secure my openhab 2.4 with let’sencrypt ssl for https connection. Today I retry that with a new openhab 2.5 (new install) and I meet problems with certbot.
The error :
openhabian@openhab:~ $ sudo certbot certonly --webroot -w /var/www/mydomain/ -d domo.kriniben.fr
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for domo.kriniben.fr
Using the webroot path /var/www/mydomain for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. domo.kriniben.fr (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://domo.kriniben.fr/.well-known/acme-challenge/C58HkSLcWWDVcGJWp_iJynyOjMf-TSt_kfZjdNwiO-M [82.64.235.104]: "<html>\r\n<head><title>401 Authorization Required</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>401 Authorization Required</"
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: domo.kriniben.fr
Type: unauthorized
Detail: Invalid response from
http://domo.kriniben.fr/.well-known/acme-challenge/C58HkSLcWWDVcGJWp_iJynyOjMf-TSt_kfZjdNwiO-M
[82.64.235.104]: "<html>\r\n<head><title>401 Authorization
Required</title></head>\r\n<body
bgcolor=\"white\">\r\n<center><h1>401 Authorization Required</"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My conf :
openhabian@openhab:~ $ sudo cat /etc/nginx/sites-enabled/openhab
server {
listen 80;
server_name domo.kriniben.com;
ssl_certificate /etc/ssl/openhab.crt;
ssl_certificate_key /etc/ssl/openhab.key;
location / {
proxy_pass http://localhost:8080/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
auth_basic "Username and Password Required";
auth_basic_user_file /etc/nginx/.htpasswd;
satisfy any;
allow 192.168.0.0/24;
allow 127.0.0.1;
deny all;
}
location /.well-known/acme-challenge/ {
root /var/www/mydomain;
}
}
- It’s not a problem of dns or of access because I can connect my openhab by http.
- after I run the certbot
sudo certbot certonly --webroot -w /var/www/mydomain/ -d domo.kriniben.fr
I can’t see /.well-known/acme-challenge/ folders in /var/www/my domain path
So, I create its manually and a file test. /var/www/mydomain/.well-known/acme-challenge/test
- In my browser http://domo.kriniben.fr/.well-known/acme-challenge/test display
HTTP ERROR 404
Problem accessing /.well-known/acme-challenge/test. Reason:
Not Found
Powered by Jetty:// 9.4.20.v20190813
However my path is good…
http://domo.kriniben.fr/.well-known/acme-challenge/test = /var/www/mydomain/.well-known/acme-challenge/test
I don’t know what can I try more. If someone can give me help!
Thank you!