Hi, I am trying to set up a server for the first time.
Hardware: Raspberry Pi 3 at home
YunoHost version: 3.6.4.6 (stable).
I have access to my server : Through SSH and through Mozilla Firefox web browser on LAN
I have an active free domain to learn how things work before I rebuild the server for a small club of external users.
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no
Description of my issue
I am trying to build a server to give secure access to plans and documents for a club of users external to my LAN. The server will reside either at my home or later at the club building which has internet access.
I can access the Yunohost server from any device on my LAN.
My Android phone with WIFI OFF - Web browser complains it is not safe and will not give access. I tried to launch Let’s Encrypt certificate!, but it fails.
I am doing something stupid, but I do not know where to start looking to correct it. Please can you provide some guidance?
Many thanks for such a great forum.
args:
force: false
no_checks: false
staging: false
ended_at: 2019-09-21 17:26:39.681618
error: 'Certificate installation for alctjpccgm.tk failed !
Exception: Signing the new certificate failed’
operation: letsencrypt_cert_install
related_to:
-
- domain
- alctjpccgm.tk
started_at: 2019-09-21 17:26:11.892542
success: false
============
2019-09-21 18:26:11,901: DEBUG - Nginx configuration file for ACME challenge already exists for domain, skipping.
2019-09-21 18:26:11,904: DEBUG - Making sure tmp folders exists…
2019-09-21 18:26:12,155: DEBUG - Could not get public IPv6 : Invalid url https://ip6.yunohost.org (does this site exists?)
2019-09-21 18:26:12,158: DEBUG - Prepare key and certificate signing request (CSR) for alctjpccgm.tk…
2019-09-21 18:26:22,934: DEBUG - Saving to /tmp/acme-challenge-private/alctjpccgm.tk.csr.
2019-09-21 18:26:22,936: DEBUG - Now using ACME Tiny to sign the certificate…
2019-09-21 18:26:22,937: INFO - Parsing account key…
2019-09-21 18:26:22,995: INFO - Parsing CSR…
2019-09-21 18:26:23,030: INFO - Found domains: alctjpccgm.tk
2019-09-21 18:26:23,032: INFO - Getting directory…
2019-09-21 18:26:23,418: INFO - Directory found!
2019-09-21 18:26:23,422: INFO - Registering account…
2019-09-21 18:26:24,321: INFO - Already registered!
2019-09-21 18:26:24,323: INFO - Creating new order…
2019-09-21 18:26:25,317: INFO - Order created!
2019-09-21 18:26:25,606: INFO - Verifying alctjpccgm.tk…
2019-09-21 18:26:39,144: ERROR - Challenge did not pass for alctjpccgm.tk: {u’status’: u’invalid’, u’challenges’: [{u’status’: u’invalid’, u’validationRecord’: [{u’url’: u’http://alctjpccgm.tk/.well-known/acme-challenge/9PMxvrpxtZ4D4LM9rd3Mj0d0vBcV4DD_M6vcxEFUS5M’, u’hostname’: u’alctjpccgm.tk’, u’addressUsed’: u’81.220.81.77’, u’port’: u’80’, u’addressesResolved’: [u’81.220.81.77’]}], u’url’: u’https://acme-v02.api.letsencrypt.org/acme/chall-v3/443646495/N2PBJw’, u’token’: u’9PMxvrpxtZ4D4LM9rd3Mj0d0vBcV4DD_M6vcxEFUS5M’, u’error’: {u’status’: 400, u’type’: u’urn:ietf:params:acme:error:connection’, u’detail’: u’Fetching http://alctjpccgm.tk/.well-known/acme-challenge/9PMxvrpxtZ4D4LM9rd3Mj0d0vBcV4DD_M6vcxEFUS5M: Timeout during connect (likely firewall problem)’}, u’type’: u’http-01’}, {u’status’: u’invalid’, u’url’: u’https://acme-v02.api.letsencrypt.org/acme/chall-v3/443646495/jjBEvg’, u’token’: u’9PMxvrpxtZ4D4LM9rd3Mj0d0vBcV4DD_M6vcxEFUS5M’, u’type’: u’dns-01’}, {u’status’: u’invalid’, u’url’: u’https://acme-v02.api.letsencrypt.org/acme/chall-v3/443646495/82nXTw’, u’token’: u’9PMxvrpxtZ4D4LM9rd3Mj0d0vBcV4DD_M6vcxEFUS5M’, u’type’: u’tls-alpn-01’}], u’identifier’: {u’type’: u’dns’, u’value’: u’alctjpccgm.tk’}, u’expires’: u’2019-09-28T17:26:25Z’}
2019-09-21 18:26:39,433: WARNING - Debug information:
- domain ip from DNS 81.220.81.77
- domain ip from local DNS 81.220.81.77
- public ip of the server 81.220.81.77
2019-09-21 18:26:39,678: WARNING - Debug information:
- domain ip from DNS 81.220.81.77
- domain ip from local DNS 81.220.81.77
- public ip of the server 81.220.81.77
2019-09-21 18:26:39,680: ERROR - Certificate installation for alctjpccgm.tk failed !
Exception: Signing the new certificate failed