search

Yannik / qnap-letsencrypt

Let's Encrypt on QNAP
317 stars 59 forks source link

Which QPython release is needed. The installation of release 3.8.6 did fail... #118

Closed Itsme1609 closed 2 years ago

Itsme1609 commented 2 years ago

Platform/Firmware Information

QNAP TS-239 Pro II Firmware: 4.2.6 (latest Update)


Run
grep -e ^Platform -e ^DISPLAY_NAME  /etc/platform.conf
grep -e ^Version -e ^Build -e Model -e "\[" /etc/default_config/uLinux.conf | grep -v "\[System\]" | awk '1;/\[/{exit}' |grep -v "\["

and paste it here!
Platform = X86_PINEVIEW

Model = TS-239PROII
Internal Model = TS-259
Version = 4.2.6
Build Number = 20220623
Rsync Model = QNAP
Build Date = 2022-06-23

**Is this the latest firmware for your device?**
Yes

**Issue Summary (provide relevant error messages and log output):**
I´m not able to create a letsencrypt certificate. I always get an Error. This probably is related to the QPython release which is installed. It is 3.5.0.2. You recommend 3.8.6.0 but the installation failed...

Do you have any ideas ? 

If you could support me, would be great !
Yannik commented 1 year ago

@Itsme1609 Before trying a complete reinstall, you can simply use git pull to update to the newest version. I think in this case it would have helped, since that problem was fixed in an update.

Itsme1609 commented 11 months ago

Hi Yannik, I don´t know why but it occurred again an error by renewing the certificate. I tried to install everything again after trying your proposal to use git pull that didn´t work.

I´m know getting the following error by running renew_certificate.sh.

Do you have any idea ?

[/share/MD0_DATA/.qpkg/Entware/letsencrypt/qnap-letsencrypt] # sh renew_certificate.sh Checking whether to renew certificate on Sat, 25 Nov 2023 15:53:42 +0100 Renewing certificate... qnap-letsencrypt version: f08d947 Using python path: python3 Stopping Qthttpd hogging port 80.. Shutting down Qthttpd services: OK. Started python HTTP server with pid 1157 Parsing account key... Parsing CSR... Found domains: 259i.souso-lopez.de Getting directory... Directory found! Registering account... Registered! Account ID: https://acme-v02.api.letsencrypt.org/acme/acct/1432939466 Creating new order... Order created! Verifying 259i.souso-lopez.de... 2a00:6021:b03d:e901:208:9bfe:febe:3520 - - [25/Nov/2023 15:54:03] "GET /.well-known/acme-challenge/dV1KOb46b5XV0CT_bUgofHK4tGNhotIs-33NSgybtoQ HTTP/1.1" 200 - Traceback (most recent call last): File "/share/MD0_DATA/.qpkg/Entware/letsencrypt/qnap-letsencrypt/acme-tiny/acme_tiny.py", line 199, in main(sys.argv[1:]) File "/share/MD0_DATA/.qpkg/Entware/letsencrypt/qnap-letsencrypt/acme-tiny/acme_tiny.py", line 195, in main signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca, disable_check=args.disable_check, directory_url=args.directory_url, contact=args.contact, check_port=args.check_port) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/share/MD0_DATA/.qpkg/Entware/letsencrypt/qnap-letsencrypt/acme-tiny/acme_tiny.py", line 153, in get_crt raise ValueError("Challenge did not pass for {0}: {1}".format(domain, authorization)) ValueError: Challenge did not pass for 259i.souso-lopez.de: {'identifier': {'type': 'dns', 'value': '259i.souso-lopez.de'}, 'status': 'invalid', 'expires': '2023-12-02T14:54:00Z', 'challenges': [{'type': 'http-01', 'status': 'invalid', 'error': {'type': 'urn:ietf:params:acme:error:connection', 'detail': '2a00:6021:b03d:e901:208:9bfe:febe:3520: Fetching http://259i.souso-lopez.de/.well-known/acme-challenge/dV1KOb46b5XV0CT_bUgofHK4tGNhotIs-33NSgybtoQ: Error getting validation data', 'status': 400}, 'url': 'https://acme-v02.api.letsencrypt.org/acme/chall-v3/287399599216/qmmkKQ', 'token': 'dV1KOb46b5XV0CT_bUgofHK4tGNhotIs-33NSgybtoQ', 'validationRecord': [{'url': 'http://259i.souso-lopez.de/.well-known/acme-challenge/dV1KOb46b5XV0CT_bUgofHK4tGNhotIs-33NSgybtoQ', 'hostname': '259i.souso-lopez.de', 'port': '80', 'addressesResolved': ['2a00:6021:b03d:e901:208:9bff:febe:3520'], 'addressUsed': '2a00:6021:b03d:e901:208:9bfe:febe:3520'}], 'validated': '2023-11-25T14:54:06Z'}]} An error occured. Restoring system state. Start apache proxy: OK Starting Qthttpd services: OK [

Yannik commented 11 months ago

I can see that your domain is being resolved to ipv6, is that correct? Make sure that port 80 of your nas is reachable on that ipv6 address or change your domain to ipv4.

Itsme1609 commented 11 months ago

You've solved it again.

Many thanks for your support. I just work on the themes too rarely and then stumble across these slight errors... Thanks again :-)