I have an own domain for my homeserver and working DNS for that.
In the past I created quid a few sub.domains in yunohost and for all of them I could create a Let’s Encrypt certificate without any problems…
Now recently I created new sub.domains – the proses does work - even so it takes much longer processing time than it used to take. When the job is finally done I can´t create a Let’s Encrypt certificate … don´t knew why but the option is not given because it says:
“Die Domain scheint nicht korrekt konfiguriert zu sein, um ein Let’s Encrypt Zertifikat installieren zu können ! Bitte überprüfe deine DNS-Konfiguration und die Erreichbarkeit deines HTTP-Servers.”
even so I did not change any setting for DNS
What could be the reason, what could I try??
Thanks for help
Hmwell if you really are confident that your server is reachable from the domain name and from outside your local network, then you can try to do this in CLI : yunohost domain cert-renew --no-checks
Thanks Aleks,
e.g. I have a working hubzilla installation running and it´s domain is reachable indeed… so when I do this yunohost domain cert-renew --no-checks do i risk to lose this working reachable domain which I use for hubzilla or not?
root@my:~# yunohost domain cert-renew --no-checks
Info: No certificate needs to be renewed.
root@my:~#
by reinstalling the domain I get this messages:
Skriptausführung fehlgeschlagen: /usr/share/yunohost/hooks/conf_regen/43-dnsmasq
See “systemctl status dnsmasq.service” and “journalctl -xe” for details.
Job for dnsmasq.service failed because the control process exited with error code.
root@my:~# systemctl restart dnsmasq
Job for dnsmasq.service failed because the control process exited with error code.
See "systemctl status dnsmasq.service" and "journalctl -xe" for details.
root@my:~# systemctl status dnsmasq.service
● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Sun 2019-11-17 20:57:49 UTC; 25s ago
Process: 3131 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=2)
Process: 3128 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS)
Nov 17 20:57:49 my.xyx.de systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS serve
Nov 17 20:57:49 my.xyx.de dnsmasq[3128]: dnsmasq: syntax check OK.
Nov 17 20:57:49 my.xyx.de dnsmasq[3131]: dnsmasq: failed to create listening socket for port 53:
Nov 17 20:57:49 my.xyx.de systemd[1]: dnsmasq.service: Control process exited, code=exited status
Nov 17 20:57:49 my.xyx.de systemd[1]: Failed to start dnsmasq - A lightweight DHCP and caching DN
Nov 17 20:57:49 my.xyx.de systemd[1]: dnsmasq.service: Unit entered failed state.
Nov 17 20:57:49 my.xyx.de systemd[1]: dnsmasq.service: Failed with result 'exit-code'.
lines 1-13/13 (END)
root@my:~# journalctl -xe
Nov 17 21:00:17 my.xyx.de CRON[3185]: pam_unix(cron:session): session closed for user nextcloud
Nov 17 21:00:17 my.xyx.de postfix/pickup[2525]: 70C76CDE: uid=987 from=<nextcloud>
Nov 17 21:00:17 my.xyx.de postfix/cleanup[3226]: 70C76CDE: message-id=<20191117210017.70C76CDE@my
Nov 17 21:00:17 my.xyx.de postfix/qmgr[2526]: 70C76CDE: from=<nextcloud@my.xyx.de>, size=802,
Nov 17 21:00:17 my.xyx.de postfix/pipe[3230]: 70C76CDE: to=<nextcloud@my.xyx.de>, orig_to=<ne
Nov 17 21:00:18 my.xyx.de postsrsd[3228]: srs_forward: <""> not rewritten: No at sign in sender a
Nov 17 21:00:18 my.xyx.de postfix/cleanup[3226]: 00BCACE6: message-id=<20191117210018.00BCACE6@my
Nov 17 21:00:18 my.xyx.de postfix/bounce[3235]: 70C76CDE: sender non-delivery notification: 00BCA
Nov 17 21:00:18 my.xyx.de postfix/qmgr[2526]: 00BCACE6: from=<>, size=2653, nrcpt=1 (queue active
Nov 17 21:00:18 my.xyx.de postfix/qmgr[2526]: 70C76CDE: removed
Nov 17 21:00:23 my.xyx.de postfix/pipe[3230]: 00BCACE6: to=<nextcloud@my.xyx.de>, relay=dovec
Nov 17 21:00:23 my.xyx.de postfix/qmgr[2526]: 00BCACE6: removed
Nov 17 21:00:51 my.xyx.de sshd[3245]: Connection from 27.70.153.187 port 28844 on 192.168.5.22 po
Nov 17 21:00:56 my.xyx.de sshd[3245]: Invalid user public from 27.70.153.187 port 28844
Nov 17 21:00:56 my.xyx.de sshd[3245]: input_userauth_request: invalid user public [preauth]
Nov 17 21:00:56 my.xyx.de sshd[3245]: pam_unix(sshd:auth): check pass; user unknown
Nov 17 21:00:56 my.xyx.de sshd[3245]: pam_unix(sshd:auth): authentication failure; logname= uid=0
Nov 17 21:00:58 my.xyx.de sshd[3245]: Failed password for invalid user public from 27.70.153.187
Nov 17 21:01:01 my.xyx.de sshd[3245]: Connection closed by 27.70.153.187 port 28844 [preauth]
Nov 17 21:01:07 my.xyx.de login[3277]: pam_unix(login:session): session opened for user root by S
Nov 17 21:01:07 my.xyx.de systemd[1]: Started Session 8 of user root.
-- Subject: Unit session-8.scope has finished start-up
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Unit session-8.scope has finished starting up.
--
-- The start-up result is done.
Nov 17 21:01:07 my.xyx.de systemd-logind[799]: New session 8 of user root.
-- Subject: A new session 8 has been created for user root
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- Documentation: http://www.freedesktop.org/wiki/Software/systemd/multiseat
--
-- A new session with the ID 8 has been created for the user root.
--
-- The leading process of the session is 3277.
Nov 17 21:01:07 my.xyx.de login[3343]: ROOT LOGIN on '/dev/pts/1' from '127.0.0.1'
never heard about bind9 - is it part of nextcloud?
root@my:~# apt install aptitude -y aptitude why bind9
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package why is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
root@my:~# apt install aptitude -y
Reading package lists… Done
Building dependency tree
Reading state information… Done
aptitude is already the newest version (0.8.7-1).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@my:~# aptitude why bind9
i man-db Suggests www-browser
p w3m Provides www-browser
p w3m Suggests mpv
p mpv Depends libdvdread4 (>= 4.1.3)
p libdvdread4 Suggests libdvdcss2
p libdvd-pkg Provides libdvdcss2
p libdvd-pkg Depends wget | devscripts
p devscripts Suggests reprotest
p reprotest Suggests qemu-system
p qemu-system Depends qemu-system-x86
p qemu-system-x86 Suggests samba
p samba Suggests bind9 (>= 1:9.5.1)
root@my:~#
root@my:~# dpkg --list | grep bind9
ii bind9 1:9.10.3.dfsg.P armhf Internet Domain Name Server
ii bind9-host 1:9.10.3.dfsg.P armhf Version of 'host' bundled with BIND 9.X
ii bind9utils 1:9.10.3.dfsg.P armhf Utilities for BIND
ii libbind9-140:armhf 1:9.10.3.dfsg.P armhf BIND9 Shared Library used by BIND
root@my:~#
root@my:~# apt remove bind9
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following package was automatically installed and is no longer required:
libirs141
Use ‘apt autoremove’ to remove it.
The following packages will be REMOVED:
bind9
0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded.
After this operation, 1,419 kB disk space will be freed.
Do you want to continue? [Y/n]