Hi
Im having issues to get ACME certs signed for new domains. I have my primary domain running on an Let´s encrypt cert. This domain i use for logging in. But now i have a nextcloud instance on my on a subdomain where i want a signed cert but i get some error when trying to issue one.
I have port 80, 443 and 5222 open and reachable from the internet. I have no warning in the diagnosis related to the DNS
Blockquote
args:
force: false
no_checks: false
staging: false
ended_at: 2021-08-11 21:02:44.387445
error: 'Certificate installation for nc.domain2.tld failed !
Exception: Could not sign the new certificate’
interface: api
operation: letsencrypt_cert_install
parent: null
related_to:
-
- domain
- nc.domain2.tld
started_at: 2021-08-11 21:02:33.484088
success: false
yunohost_version: 4.2.7
============
2021-08-11 23:02:33,501: DEBUG - Making sure tmp folders exists…
2021-08-11 23:02:33,506: DEBUG - Reusing IPv4 from cache: xx.xx.xx.xx
2021-08-11 23:02:33,507: DEBUG - Reusing IPv6 from cache: None
2021-08-11 23:02:33,509: DEBUG - Prepare key and certificate signing request (CSR) for nc.domain2.tld…
2021-08-11 23:02:39,146: DEBUG - Saving to /tmp/acme-challenge-private/nc.domain2.tld.csr.
2021-08-11 23:02:39,147: DEBUG - Now using ACME Tiny to sign the certificate…
2021-08-11 23:02:39,147: INFO - Parsing account key…
2021-08-11 23:02:39,170: INFO - Parsing CSR…
2021-08-11 23:02:39,191: INFO - Found domains: nc.domain2.tld
2021-08-11 23:02:39,193: INFO - Getting directory…
2021-08-11 23:02:39,848: INFO - Directory found!
2021-08-11 23:02:39,849: INFO - Registering account…
2021-08-11 23:02:41,315: INFO - Already registered!
2021-08-11 23:02:41,317: INFO - Creating new order…
2021-08-11 23:02:42,837: INFO - Order created!
2021-08-11 23:02:44,310: INFO - Verifying nc.domain2.tld…
2021-08-11 23:02:44,384: ERROR - Wrote file to /tmp/acme-challenge-public/AP_DCRyKVNfpZ03CXeZkZPPQAslYNPfzCnsx3-LOSbY, but couldn’t download http://nc.domain2.tld/.well-known/acme-challenge/AP_DCRyKVNfpZ03CXeZkZPPQAslYNPfzCnsx3-LOSbY: Error:
Url: http://nc.domain2.tld/.well-known/acme-challenge/AP_DCRyKVNfpZ03CXeZkZPPQAslYNPfzCnsx3-LOSbY
Data: None
Response Code: None
Response: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1056)>
2021-08-11 23:02:44,386: ERROR - Certificate installation for nc.domain2.tld failed !
Exception: Could not sign the new certificate
< Blockquote