search

Signum / ispmail-bookworm-ansible

Ansible playbook to set up a mail server as described in the ISPmail guide at workaround.org
MIT License
29 stars 8 forks source link

TASK [ispmail-webmail-apache-roundcube : Create certificate for this site] #2

Open cmonty14 opened 7 months ago

cmonty14 commented 7 months ago

Hi, I'm running into this error on my VM where I want to setup a test-ispmail-server:

TASK [ispmail-webmail-apache-roundcube : Create certificate for this site] ***************************************************
fatal: [localhost]: FAILED! => {"changed": true, "cmd": "certbot -a apache --non-interactive --apache-le-vhost-ext \"s.conf\" --agree-tos --register-unsafely-without-email --domains mail.local.example.com", "delta": "0:00:00.890664", "end": "2024-02-25 14:46:54.004900", "msg": "non-zero return code", "rc": 1, "start": "2024-02-25 14:46:53.114236", "stderr": "Saving debug log to /var/log/letsencrypt/letsencrypt.log\nMissing command line flags. For non-interactive execution, you will need to specify a plugin on the command line.  Run with '--help plugins' to see a list of options, and see https://eff.org/letsencrypt-plugins for more detail on what the plugins do and how to use them.\nAsk for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.", "stderr_lines": ["Saving debug log to /var/log/letsencrypt/letsencrypt.log", "Missing command line flags. For non-interactive execution, you will need to specify a plugin on the command line.  Run with '--help plugins' to see a list of options, and see https://eff.org/letsencrypt-plugins for more detail on what the plugins do and how to use them.", "Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details."], "stdout": "", "stdout_lines": []}

The related error message in /var/log/letsencrypt/letsencrypt.log is clear about the root cause:

certbot.errors.Error: An e-mail address or --register-unsafely-without-email must be provided.
2024-02-25 14:47:44,970:ERROR:certbot._internal.log:An e-mail address or --register-unsafely-without-email must be provided.

Can you please advise how to fix this error?

mikysal78 commented 6 months ago

I want to use my own existing certificate, I don't want to create a new one. How to do that? Best regards.

Signum commented 5 months ago

@cmonty14 Please add "certbot_admin_email" in your group_vars/all file so that there is a valid email address for Let's Encrypt. I haven't witnessed that yet and have to reproduce it.

Signum commented 5 months ago

@mikysal78 You need to set tls_key and tls_cert (found in group_vars/all) to the path where you put your own key and certificate files. Then just omit the "certbot" role in the ispmail.yml main playbook.

mikysal78 commented 5 months ago

@mikysal78 You need to set tls_key and tls_cert (found in group_vars/all) to the path where you put your own key and certificate files. Then just omit the "certbot" role in the ispmail.yml main playbook.

I put the keys in but certbot still runs. Need to find a way to make a skip when tls_key is defined and tls_cert already exists. I didn't spend a lot of time and made some manual modifications. If you want I can try to find some time to figure out how to fix it

cmonty14 commented 5 months ago

I want to use my own existing certificate, I don't want to create a new one. How to do that? Best regards.

Why are you using this issue for your specific issue?