search

DoliCloud / SellYourSaas

Sell-Your-Saas is an Open Source solution to automate and sell any Web application as a SaaS service
https://www.sellyoursaas.org
GNU General Public License v3.0
220 stars 76 forks source link

the certbot #239

Closed mstoluca closed 2 months ago

mstoluca commented 2 years ago

input

domain= my domain real

certbot certonly -n --manual-public-ip-logging-ok --server https://acme-v02.api.letsencrypt.org/directory --agree-tos --manual --preferred-challenges=dns --manual-auth-hook /home/admin/wwwroot/dolibarr_sellyoursaas/scripts/letsencrypt_authenticator.sh -d "*.withX.domain.com,withX.domain.com" -m mstoluca@gmail.com --deploy-hook "systemctl restart apache2"

output

Certbot failed to authenticate some domains (authenticator: manual). The Certificate Authority reported these problems: Domain: withx.domain.com Type: unauthorized Detail: Incorrect TXT record "oitD_Tswcf8fGgU_w_ggET1iHNFrb076-Kgjrz3b2F85Yp6jgjCIO8" found at _acme-challenge.withx.domain.com

Domain: withx.domain.com Type: unauthorized Detail: Incorrect TXT record "oitD_TNwcf8fGgU_w_ggET1iHNFrb076-Kgjrz3b2F85Yp6jgjCIO8" found at _acme-challenge.withx.domain.com

Hint: The Certificate Authority failed to verify the DNS TXT records created by the --manual-auth-hook. Ensure that this hook is functioning correctly and that it waits a sufficient duration of time for DNS propagation. Refer to "certbot --help manual" and the Certbot User Guide.

Some challenges have failed. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details. root@saas:/etc/apache2/sellyoursaas-enabled#

Describe the bug A clear and concise description of what the bug is.

To Reproduce Steps to reproduce the behavior:

  1. Go to '...'
  2. Click on '....'
  3. Scroll down to '....'
  4. See error

Expected behavior A clear and concise description of what you expected to happen.

Screenshots If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

Smartphone (please complete the following information):

Additional context Add any other context about the problem here.

mstoluca commented 2 years ago

ya he cambiado los dns varias veces como dice acme, espero la propagacion y despues de 4 -8 hrs nada me manda el mismo

eldy commented 1 year ago

If you ping withX.domain.com , do you get the ip of your deployment server ? And what do you receive when launching host -a _acme-challenge.withX.domain.com

erwinpalma commented 1 year ago

I had the same Error, but my server is located in Hetzner, this provides has a free DNS service (like NOIP, DynDns, etc), and I have located there my domain.

And I followed this tutorial.

https://github.com/hetzneronline/community-content/blob/master/tutorials/letsencrypt-dns/01.en.md

erwinpalma commented 12 months ago

@mstoluca

¿Ya revisaste los logs?

¿Ya has solucionado el problema?

have you checked the logs? have you solved the issue?

eldy commented 5 months ago

You don't need external DNS (free ot not) because on sellyoursaas, the DNS server is provided by the deployment server itself withX.domain.com You must however have declared the withX.domain.com as NS server in the DNS of your domain.com

Some changes were done into the hook /home/admin/wwwroot/dolibarr_sellyoursaas/scripts/letsencrypt_authenticator.sh to better manage retreival of wilcard ssl certificate for the *.withX.domain.com Do you still have trouble ?