search

VojtechMyslivec / letsencrypt-zimbra

Files to automate the deployment process of Let's Encrypt certificates to Zimbra Collaboration Suite
GNU General Public License v3.0
171 stars 92 forks source link

cp: cannot stat 'configs/sudoers.conf': No such file or directory #68

Closed mehmetozbakir closed 3 years ago

mehmetozbakir commented 3 years ago

Dear Brother, I tried to the acordingly codes as my (zimbra 8.8.15 - Ubuntu 18.04.05) server but I got the error

code : 

cp configs/sudoers.conf /etc/sudoers.d/zimbra_certbot

error:

cp: cannot stat 'configs/sudoers.conf': No such file or directory
mehmetozbakir commented 3 years ago

Sorry, user zimbra is not allowed to execute '/usr/bin/sudo /usr/bin/certbot -h' as zimbra on mail.gizahosting.com.

mehmetozbakir commented 3 years ago

Almost I fixed it different solution but I couldn't pass any of solution about this error

zimbra@mail:~$ /opt/letsencrypt-zimbra/obtain-and-deploy-letsencrypt-cert.sh -v
obtain-and-deploy-letsencrypt-cert.sh: info: Zimbra certificate does not exist. New cert will be deployed.
obtain-and-deploy-letsencrypt-cert.sh: info: Generating RSA private key '/opt/zimbra/ssl/zimbra/commercial/commercial.key'
obtain-and-deploy-letsencrypt-cert.sh: info: create csr config '/tmp/tmp.07i5EJYGJl/openssl.cnf'
obtain-and-deploy-letsencrypt-cert.sh: info: generate csr '/tmp/tmp.07i5EJYGJl/request.pem'
obtain-and-deploy-letsencrypt-cert.sh: info: stop nginx
obtain-and-deploy-letsencrypt-cert.sh: info: issue certificate; certbot_extra_args: --non-interactive --agree-tos
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Performing the following challenges:
http-01 challenge for gaziantepnetsisbayi.com
http-01 challenge for gizahosting.com
http-01 challenge for mail.gizahosting.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. gaziantepnetsisbayi.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://gaziantepnetsisbayi.com/.well-known/acme-challenge/eOyWUovdXsmBH7GiCBSFkWrQk9GOC20PK2Z2V4VnB1U [173.249.5.108]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p", gizahosting.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://gizahosting.com/.well-known/acme-challenge/xLwGso_1z5FltL30YyOcPFDxLXvdPtoDtMw4X_0T3hQ [173.249.5.108]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: gaziantepnetsisbayi.com
   Type:   unauthorized
   Detail: Invalid response from
   http://gaziantepnetsisbayi.com/.well-known/acme-challenge/eOyWUovdXsmBH7GiCBSFkWrQk9GOC20PK2Z2V4VnB1U
   [173.249.5.108]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
   2.0//EN\">\n<html><head>\n<title>404 Not
   Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"

   Domain: gizahosting.com
   Type:   unauthorized
   Detail: Invalid response from
   http://gizahosting.com/.well-known/acme-challenge/xLwGso_1z5FltL30YyOcPFDxLXvdPtoDtMw4X_0T3hQ
   [173.249.5.108]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
   2.0//EN\">\n<html><head>\n<title>404 Not
   Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
obtain-and-deploy-letsencrypt-cert.sh: error: The certificate cannot be obtained with '/usr/bin/certbot' tool.
obtain-and-deploy-letsencrypt-cert.sh: info: start nginx
VojtechMyslivec commented 3 years ago

Hello,

if you want to issue a certificate for gaziantepnetsisbayi.com and gizahosting.com, both domains must point to your zimbra mailserver, where you are issuing the cert with the letsencrypt-zimbra script.

Are you sure all these domains (web sites) are served via you zimbra server?

You should issue a cert for your mailserver – a domain name you use to access your zimbra web interface and you use for smtp and imap and other services. Such as mail.gizahosting.com and not for your "MX records" like gizahosting.com.

Vojtech