First letsencrypt certificate problem

-have checked all related posts eng and fr
yuno version 4.0.8
-old i386 laptop.
-orange adsl
-ip address (xxx.ynh.fr) checks out with dnschecker.org
-diagnosis shows all email ports not working, but am not worried by them at this stage. this goes for 22 and 25 though yougetsignal shows 22 open despite diagnosis showing closed.
-diagnosis claims the domain is misconfigured and therefore a letsencrypt certificate cannot be installed.
-443 is diagnosed as working fine and is reachable thro a browser.
-nextcloud does not connect thro an app (showing port 6379 in config. opening this, receives a timeout error). using port 443 on app returns failed to connect…unknown error. But it does connect on the browser.
-80 is redirected to 443 and diagnosed as not to be accessible through HTTP and not reachable from outside in ipv6.
-checks with yougetsignal etc shows both 80 + 443 are being forwarded ok.
-router/modem port 80 + 443 forwarded, staticIP set, firewalls in router and laptop adjusted etc. but upnp will not work.

?where is the dns configuration record to be edited? “type name and value”? the ‘dns configuration’ page is just a page of recomendations, no links or indicators as to where to find it?

-?what other checks or adjustments to get 80 + 443 operating correctly so as to set up letsencrypt certificate. as diagnosis claims the domain is misconfigured. dyndns update force appears to do nothing. ?

-?are there any conf/hosts/sites files that need editing?

Eh wokay I’m confused here, is it a typo or are you really meaning that port 80 is redirected 443, and if yes what do you mean exactly …?

It’s to be edited on your registrar, but if you’re using a nohost.me / ynh.fr domain, then your registrar is yunohost (in terms of “us”, the team) and it’s integrated automatically in yunohost so you have nothing to do about that, and the dns diagnosis section should be all green.

80 redirected to 443 = when trying to force in the browser with http://xxx.ynh.fr:80 it opens with https.
the dns is with ynh.fr but its not green but red and it keeps recommending editing the dns record.
thanks for being so quick a pleasant surprise.

Not sure how / why exactly that’s the case, but Yunohost don’t expect this and 90% sure that this is why you can’t obtain a Let’s Encrypt certificate … The Let’s Encrypt certificate automatic verification process (ACME protocol) except to be able to contact your server on port 80 in regular HTTP…

Can you elaborate on which entries exactly the diagnosis complains about ?

at top of domain page
“Domain xxxx.ynh.fr does not seem to be accessible through HTTP. Please check the ‘Web’ category in the diagnosis for more info. (If you know what you are doing, use ‘–no-checks’ to turn off those checks.)”

result of diagnosis- PORTS EXPOSURE
“Port 80 is not reachable from outside in IPv6.
Exposing this port is needed for web features (service nginx)
To fix this issue, you most probably need to configure port forwarding on your internet router as described in https://yunohost.org/isp_box_config

DNS RECORDS section is green for “basic, xmpp, mail and extra”

yunoports output

yuno

is there some other test to run netstat, nmap …?

Can you please elaborate on “80 redirected to 443” … is it something that you configured yourself or …

it was just a test. type in the domain to the browser address bar with the port added on the end to test what happens. nothing has been changed on the set up or files. its almost an irrevelance.

the question is why do different sections of the diagnosis make differing statements about connectivity and how can they be brought into line? where are the roots of the diagnosis, which files.

this is the output of diagnosis on command line. have checked the router and nothing appears out of order. is there a way to check this?

Aleks
thank you for your efforts. i have reinstalled yunohost and the problem has disappeared. (actually reinstalled 3 times, finally worked after total format of the disk to get rid of old users etc). now to see if i can get nextcloud working.
Closed now.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.