Closed ghost closed 8 years ago
P.s now the webserver doesn't work any more.
sent from mobile
Am 6. April 2016 18:25:55 MESZ, schrieb Marku1397 notifications@github.com:
Platform/Firmware Information
Platform = ARM_MS DISPLAY_NAME=TS-231 Model = TS-X31 Internal Model = TS-X31 Version = 4.2.0 Build Number = 20160130 Rsync Model = QNAP Build Date = 2016-01-30
Issue Summary (provide relevant error messages and log output): Dear Yannik,
I first want to say thank you for this tool. But i really had problems by using it. First of all i couldn't get your git-files: Cloning into 'qnap-letsencrypt'... fatal: unable to access 'https://github.com/Yannik/qnap-letsencrypt.git/': error setting certificate verify locations: CAfile: /share/CACHEDEV1_DATA/cacert.pem CApath: none
I could get the files by not checking the certificate. The second problem that did come up while running the renew_certificate.sh was: Checking whether to renew certificate on Wed, 06 Apr 2016 18:02:56 +0200 Renewing certificate... Stopping Qthttpd hogging port 80.. Shutting down Qthttpd services: OK. Started python SimpleHTTPServer with pid 10375 Serving HTTP on 0.0.0.0 port 80 ... Parsing account key... Parsing CSR... Traceback (most recent call last): File "acme-tiny/acme_tiny.py", line 198, in
main(sys.argv[1:]) File "acme-tiny/acme_tiny.py", line 194, in main signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca) File "acme-tiny/acme_tiny.py", line 70, in get_crt raise IOError("Error loading {0}: {1}".format(csr, err)) IOError: Error loading letsencrypt/domain.csr: unable to load X509 request 715900112:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:689:Expecting: CERTIFICATE REQUEST
You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/Yannik/qnap-letsencrypt/issues/8
Sry yannik now the hole system crashed and i have to make a total reset..
Checking whether to renew certificate on Thu, 07 Apr 2016 18:20:31 +0100
Renewing certificate...
Stopping Qthttpd hogging port 80..
Shutting down Qthttpd services: OK.
Started python SimpleHTTPServer with pid 21958
Serving HTTP on 0.0.0.0 port 80 ...
Parsing account key...
Parsing CSR...
Registering account...
Traceback (most recent call last):
File "acme-tiny/acme_tiny.py", line 198, in <module>
main(sys.argv[1:])
File "acme-tiny/acme_tiny.py", line 194, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca)
File "acme-tiny/acme_tiny.py", line 85, in get_crt
"agreement": "https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf",
File "acme-tiny/acme_tiny.py", line 47, in _send_signed_request
protected["nonce"] = urlopen(CA + "/directory").headers['Replay-Nonce']
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/urllib2.py", line 126, in urlopen
return _opener.open(url, data, timeout)
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/urllib2.py", line 400, in open
response = self._open(req, data)
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/urllib2.py", line 423, in _open
'unknown_open', req)
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/urllib2.py", line 378, in _call_chain
result = func(*args)
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/urllib2.py", line 1240, in unknown_open
raise URLError('unknown url type: %s' % type)
urllib2.URLError: <urlopen error unknown url type: https>
-----BEGIN CERTIFICATE REQUEST-----
MIICdzCCAV8CAQAwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKzi
iBQ3J0lgkv42SjFm9lGLd2m0GhD6t2lFMuPO+7YAA35DRKkW5Q1SQgYWD2pEAjuJ
/Uw/g5y7I7woxvPMON0XWV57j3JqcMaPeoGbwjMNciWvZ1YAHOrTC77p7VfqdiJO
3IH04TcSZK3pkBmdHIy2Y+SFQjveVfjJ/2W1/+za9EysapX/W78ytUs0PXX9zdFk
9I2tjrziMi1UGoafFORG/ODKTprreMHSPOPHEktd+LsAKjyKLeVrt5iVEThVmaNy
R5DwpKvhiHq7q0iVRpMLcSQlZMKlwqSC7VZMcmJ+QpAb12tIZk7zzG4BlaLqoIY4
H5z4fePEBuJlvtQwvAUCAwEAAaAyMDAGCSqGSIb3DQEJDjEjMCEwHwYDVR0RBBgw
FoIUaWIta2F1Zm1hbm4uZGRucy5uZXQwDQYJKoZIhvcNAQELBQADggEBADm9cWgb
UOdxy9BiIAOh6uFqsyVBpWw6/h/rE6Vm34+0REyyfS2APMeVkexK3A328qw4aQ/i
vBvgzy1m0TDxDsffJnGKxvAGikSoMo29ZuYBRxazEeIY3a5qaayOZu0Jft5YHZMY
VaXytNU5YI6mDiIOKbtVwoRvFSQyh6c3i3IGwtos8PGIKqrh8bbZ1IRUVBS+h2pZ
ykmJq0C1uZoJBe7g+q+iMLSMOZXE3K0J/mil6ZHQawpqxsz6kQMyMUfiynUm686B
7csfu2SmppaMbz2FW2qdsu55lY6dwK/WbZM3C279zMHi34nibKRQ1au5wGMXpPAF
GYEIf56tOX+B7XY=
-----END CERTIFICATE REQUEST-----
Please document ALL the steps you have done prior to this error here. This very much seems like a user error to me.
Installing Phyton 2.7 over the web interface
Installing Entware-ng APP over the web interface
Installing git via telnet opkg install git-http
The other steps are out of your instruction
<get --no-check-certificate https://curl.haxx.se/ca/cacert.pem
--2016-04-09 10:36:33-- https://curl.haxx.se/ca/cacert.pem
Resolving curl.haxx.se... 80.67.6.50, 2a00:1a28:1200:9::2
Connecting to curl.haxx.se|80.67.6.50|:443... connected.
WARNING: cannot verify curl.haxx.se's certificate, issued by ‘/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3’:
Unable to locally verify the issuer's authority.
HTTP request sent, awaiting response... 200 OK
Length: 252451 (247K)
Saving to: ‘cacert.pem’
cacert.pem 100%[=====================>] 246.53K 1.40MB/s in 0.2s
2016-04-09 10:36:34 (1.40 MB/s) - ‘cacert.pem’ saved [252451/252451]
[/share/CACHEDEV1_DATA] # sha1sum cacert.pem
18377b10a901da25144cd4d535ae4d653d4692a2 cacert.pem
[/share/CACHEDEV1_DATA] # git config --system http.sslVerify true
[/share/CACHEDEV1_DATA] # git config --system http.sslCAinfo `pwd`/cacert.pem
<it clone https://github.com/Yannik/qnap-letsencrypt.git
Cloning into 'qnap-letsencrypt'...
remote: Counting objects: 156, done.
remote: Total 156 (delta 0), reused 0 (delta 0), pack-reused 155
Receiving objects: 100% (156/156), 20.16 KiB | 0 bytes/s, done.
Resolving deltas: 100% (62/62), done.
Checking connectivity... done.
[/share/CACHEDEV1_DATA] # ls
Buero/ Multimedia/ aquota.user qnap-letsencrypt/
Calendar/ Public/ cacert.pem
Download/ Recordings/ homes/
IB/ Web/ lost+found/
[/share/CACHEDEV1_DATA] # mv cacert.pem qnap-letsencrypt
[/share/CACHEDEV1_DATA] #
[/share/CACHEDEV1_DATA] # ls
Buero/ IB/ Recordings/ homes/
Calendar/ Multimedia/ Web/ lost+found/
Download/ Public/ aquota.user qnap-letsencrypt/
[/share/CACHEDEV1_DATA] # cd qnap-letsencrypt/
<-letsencrypt] # git config --system http.sslCAinfo `pwd`/cacert.pem
[/share/CACHEDEV1_DATA/qnap-letsencrypt] # ls
README.md init.sh* renew_certificate.sh*
cacert.pem openssl.cnf
[/share/CACHEDEV1_DATA/qnap-letsencrypt] # ./init.sh
Cloning into 'acme-tiny'...
remote: Counting objects: 232, done.
remote: Total 232 (delta 0), reused 0 (delta 0), pack-reused 232
Receiving objects: 100% (232/232), 47.71 KiB | 0 bytes/s, done.
Resolving deltas: 100% (122/122), done.
Checking connectivity... done.
Generating RSA private key, 4096 bit long modulus
..................................................................................................................................................................++
...............++
e is 65537 (0x10001)
Generating RSA private key, 2048 bit long modulus
..+++
..........+++
e is 65537 (0x10001)
[/share/CACHEDEV1_DATA/qnap-letsencrypt] # cd letsencrypt/
< -key keys/domain.key -subj "/CN=ib-kaufmann.ddns.net" > domain.csr
<# mv /etc/stunnel/stunnel.pem /etc/stunnel/stunnel.pem.orig
[/share/CACHEDEV1_DATA/qnap-letsencrypt/letsencrypt] # cd ..
[/share/CACHEDEV1_DATA/qnap-letsencrypt] # ./renew_certificate.sh
Checking whether to renew certificate on Sat, 09 Apr 2016 10:40:15 +0100
Renewing certificate...
Stopping Qthttpd hogging port 80..
Shutting down Qthttpd services: OK.
Started python SimpleHTTPServer with pid 24376
Traceback (most recent call last):
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/runpy.py", line 162, in _run_module_as_main
"__main__", fname, loader, pkg_name)
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/SimpleHTTPServer.py", line 220, in <module>
test()
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/SimpleHTTPServer.py", line 216, in test
BaseHTTPServer.test(HandlerClass, ServerClass)
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/BaseHTTPServer.py", line 595, in test
httpd = ServerClass(server_address, HandlerClass)
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/SocketServer.py", line 408, in __init__
self.server_bind()
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/BaseHTTPServer.py", line 108, in server_bind
SocketServer.TCPServer.server_bind(self)
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/SocketServer.py", line 419, in server_bind
self.socket.bind(self.server_address)
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/socket.py", line 224, in meth
Parsing account key...
return getattr(self._sock,name)(*args)
socket.error: [Errno 98] Address already in use
Parsing CSR...
Registering account...
Traceback (most recent call last):
File "acme-tiny/acme_tiny.py", line 198, in <module>
main(sys.argv[1:])
File "acme-tiny/acme_tiny.py", line 194, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca)
File "acme-tiny/acme_tiny.py", line 85, in get_crt
"agreement": "https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf",
File "acme-tiny/acme_tiny.py", line 47, in _send_signed_request
protected["nonce"] = urlopen(CA + "/directory").headers['Replay-Nonce']
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/urllib2.py", line 126, in urlopen
return _opener.open(url, data, timeout)
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/urllib2.py", line 400, in open
response = self._open(req, data)
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/urllib2.py", line 423, in _open
'unknown_open', req)
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/urllib2.py", line 378, in _call_chain
result = func(*args)
File "/share/CACHEDEV1_DATA/.qpkg/Python/lib/python2.7/urllib2.py", line 1240, in unknown_open
raise URLError('unknown url type: %s' % type)
Well, at first there seems to be this issue: socket.error: [Errno 98] Address already in use
. Check what is still listening on port 80 after the services have been shutdown by the renew script.
And post the output of
from urllib2 import urlopen
urlopen("https://acme-v01.api.letsencrypt.org/directory")
here.
I hope u can find what you are looking for
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost:58080 *:* LISTEN
tcp 0 0 *:49152 *:* LISTEN
tcp 0 0 *:49153 *:* LISTEN
tcp 0 0 *:9251 *:* LISTEN
tcp 0 0 *:8200 *:* LISTEN
tcp 0 0 *:9288 *:* LISTEN
tcp 0 0 *:6889 *:* LISTEN
tcp 0 0 *:rsync *:* LISTEN
tcp 0 0 *:13131 *:* LISTEN
tcp 0 0 *:netbios-ssn *:* LISTEN
tcp 0 0 localhost:3310 *:* LISTEN
tcp 0 0 *:www *:* LISTEN
tcp 0 0 *:webcache *:* LISTEN
tcp 0 0 *:4433 *:* LISTEN
tcp 0 0 *:ftp *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 *:631 *:* LISTEN
tcp 0 0 *:8889 *:* LISTEN
tcp 0 0 *:445 *:* LISTEN
tcp 0 0 localhost:3310 localhost:34451 ESTABLISHED
tcp 0 0 localhost:34444 localhost:3310 ESTABLISHED
tcp 0 0 localhost:3310 localhost:34444 ESTABLISHED
tcp 0 0 localhost:57028 localhost:webcache TIME_WAIT
tcp 0 410 NASE39E60:13131 192.168.0.14:49732 ESTABLISHED
tcp 0 0 localhost:3310 localhost:34445 ESTABLISHED
tcp 0 0 localhost:34445 localhost:3310 ESTABLISHED
tcp 0 0 localhost:34460 localhost:3310 ESTABLISHED
tcp 0 0 localhost:34461 localhost:3310 ESTABLISHED
tcp 0 0 localhost:57027 localhost:webcache TIME_WAIT
tcp 0 0 localhost:34450 localhost:3310 ESTABLISHED
tcp 0 0 localhost:3310 localhost:34461 ESTABLISHED
tcp 0 0 localhost:3310 localhost:34460 ESTABLISHED
tcp 0 0 localhost:34451 localhost:3310 ESTABLISHED
tcp 0 0 localhost:3310 localhost:34450 ESTABLISHED
netstat: no support for `AF INET6 (tcp)' on this system.
udp 0 0 *:39455 *:*
udp 0 0 NASE39E60:33338 *:*
udp 0 0 localhost:53065 *:*
udp 0 0 localhost:40796 localhost:syslog ESTABLISHED
udp 0 0 *:1900 *:*
udp 0 0 NASE39E60:1900 *:*
udp 0 0 localhost:1900 *:*
udp 0 0 *:1900 *:*
udp 0 0 *:1900 *:*
udp 0 0 *:1900 *:*
udp 0 0 NASE39E60:6771 *:*
udp 0 0 localhost:6771 *:*
udp 0 0 *:6771 *:*
udp 0 0 localhost:45189 *:*
udp 0 0 192.168.0.25:netbios-ns *:*
udp 0 0 NASE39E60:netbios-ns *:*
udp 0 0 *:netbios-ns *:*
udp 0 0 192.168.0.2:netbios-dgm *:*
udp 0 0 NASE39E60:netbios-dgm *:*
udp 0 0 *:netbios-dgm *:*
udp 0 0 NASE39E60:37517 *:*
udp 0 0 localhost:60318 *:*
udp 0 0 255.255.255.255:8097 *:*
udp 0 0 255.255.255.255:8097 *:*
udp 15936 0 255.255.255.255:8097 *:*
udp 0 0 localhost:46793 *:*
udp 0 0 *:52942 *:*
udp 0 0 *:6889 *:*
udp 164262 0 *:5353 *:*
udp 164210 0 *:5353 *:*
udp 0 0 *:5353 *:*
udp 0 0 *:33518 *:*
udp 0 0 NASE39E60:38385 *:*
netstat: no support for `AF INET6 (udp)' on this system.
netstat: no support for `AF INET6 (raw)' on this system.
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 36770 @ISCSIADM_ABSTRACT_NAMESPACE
unix 2 [ ACC ] STREAM LISTENING 27420 /tmp/.@qdmc.ipc.xxx
unix 2 [ ACC ] STREAM LISTENING 33271 //var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 35875 /tmp/airplay_svc_qnap_qts_sw2
unix 2 [ ACC ] STREAM LISTENING 34738 /var/run/avahi-daemon/socket
unix 2 [ ACC ] STREAM LISTENING 39473 /tmp/porter.sock
unix 2 [ ACC ] STREAM LISTENING 28984 /tmp/qpkg_sock
unix 2 [ ACC ] STREAM LISTENING 22072 /var/run/lvm/lvmetad.socket
unix 2 [ ] DGRAM 4382 @@/org/kernel/udev/udevd1
unix 2 [ ACC ] STREAM LISTENING 35918 /tmp/airplay_svc_qnap_qts_sw2
unix 2 [ ACC ] STREAM LISTENING 40530 /tmp/dsd.lock
unix 2 [ ACC ] STREAM LISTENING 34415 @/org/bluez/audio
unix 2 [ ACC ] STREAM LISTENING 26780 /usr/local/samba/nosanitychecks/var/run/nmbd/unexpected
unix 2 [ ACC ] STREAM LISTENING 25572 @QNAP_NOTIFY_NAMESPACE
unix 2 [ ACC ] STREAM LISTENING 30329 /var/run/cups/cups.sock
unix 2 [ ACC ] STREAM LISTENING 29835 /tmp/mysql_mediadb.sock
unix 2 [ ACC ] STREAM LISTENING 34704 /tmp/screens/S-admin/7646.QAIRP
unix 2 [ ACC ] STREAM LISTENING 28599 /tmp/.@qRPlayerCenter.xxx
unix 2 [ ACC ] STREAM LISTENING 33471 /var/run/sdp
unix 2 [ ACC ] STREAM LISTENING 32455 /var/run/php-fpm-sys-proxy.sock
unix 2 [ ACC ] STREAM LISTENING 45880 /usr/local/apache/logs/cgisock.6350
unix 2 [ ACC ] STREAM LISTENING 35049 /tmp/screens/S-admin/7726.QAIRP
unix 3 [ ] STREAM CONNECTED 34740 //var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 34739
unix 3 [ ] STREAM CONNECTED 34421 //var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 34420
unix 3 [ ] STREAM CONNECTED 34397 //var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 33468
unix 3 [ ] STREAM CONNECTED 34272
unix 3 [ ] STREAM CONNECTED 34271
unix 3 [ ] STREAM CONNECTED 32454
unix 3 [ ] STREAM CONNECTED 32453
lsof -Pnl +M -i4
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nmbd 3449 0 11u IPv4 25820 0t0 UDP *:137
nmbd 3449 0 12u IPv4 25821 0t0 UDP *:138
nmbd 3449 0 13u IPv4 26286 0t0 UDP 192.168.0.4:137
nmbd 3449 0 14u IPv4 26287 0t0 UDP 192.168.0.255:137
nmbd 3449 0 15u IPv4 26288 0t0 UDP 192.168.0.4:138
nmbd 3449 0 16u IPv4 26289 0t0 UDP 192.168.0.255:138
qDmcd 4454 0 4u IPv4 28608 0t0 TCP *:49152 (LISTEN)
qDmcd 4454 0 5u IPv4 28609 0t0 UDP 127.0.0.1:60318
qDmcd 4454 0 6u IPv4 28610 0t0 UDP *:39455
qDmcd 4454 0 7u IPv4 28611 0t0 UDP *:1900
mysqld 4936 0 14u IPv4 29834 0t0 TCP 127.0.0.1:3310 (LISTEN)
mysqld 4936 0 16u IPv4 32878 0t0 TCP 127.0.0.1:3310->127.0.0.1:34450 (ESTABLISHED)
mysqld 4936 0 17u IPv4 32881 0t0 TCP 127.0.0.1:3310->127.0.0.1:34451 (ESTABLISHED)
mysqld 4936 0 18u IPv4 34899 0t0 TCP 127.0.0.1:3310->127.0.0.1:34460 (ESTABLISHED)
mysqld 4936 0 19u IPv4 34654 0t0 TCP 127.0.0.1:3310->127.0.0.1:34461 (ESTABLISHED)
mysqld 4936 0 24u IPv4 29637 0t0 TCP 127.0.0.1:3310->127.0.0.1:34444 (ESTABLISHED)
mysqld 4936 0 25u IPv4 30879 0t0 TCP 127.0.0.1:3310->127.0.0.1:34445 (ESTABLISHED)
cupsd 5663 0 7u IPv4 30327 0t0 TCP *:631 (LISTEN)
smbd 5860 0 29u IPv4 30630 0t0 TCP *:445 (LISTEN)
smbd 5860 0 30u IPv4 30632 0t0 TCP *:139 (LISTEN)
_thttpd_ 6033 0 0u IPv4 29618 0t0 TCP 127.0.0.1:58080 (LISTEN)
_thttpd_ 6033 0 3u IPv4 30854 0t0 UDP 127.0.0.1:40796->127.0.0.1:514
mymediadb 6039 0 6u IPv4 29630 0t0 TCP *:8889 (LISTEN)
mymediadb 6039 0 7u IPv4 30878 0t0 TCP 127.0.0.1:34444->127.0.0.1:3310 (ESTABLISHED)
mymediadb 6039 0 8u IPv4 29639 0t0 TCP 127.0.0.1:34445->127.0.0.1:3310 (ESTABLISHED)
apache_pr 6350 0 3u IPv4 31522 0t0 TCP *:8080 (LISTEN)
mysystemc 6667 0 4u IPv4 32584 0t0 TCP *:9288 (LISTEN)
proftpd 6749 65534 0u IPv4 32870 0t0 TCP *:21 (LISTEN)
myidbserv 6781 0 4u IPv4 32750 0t0 TCP 127.0.0.1:34450->127.0.0.1:3310 (ESTABLISHED)
myidbserv 6781 0 5u IPv4 32752 0t0 TCP 127.0.0.1:34451->127.0.0.1:3310 (ESTABLISHED)
mytransco 7359 0 6u IPv4 34342 0t0 TCP *:9251 (LISTEN)
sshd 7365 0 4u IPv4 34336 0t0 TCP *:22 (LISTEN)
utelnetd 7495 0 3u IPv4 33641 0t0 TCP *:13131 (LISTEN)
utelnetd 7495 0 4u IPv4 2006415 0t0 TCP 192.168.0.4:13131->192.168.0.14:49732 (ESTABLISHED)
myupnpmed 7595 0 6u IPv4 34651 0t0 TCP 127.0.0.1:34460->127.0.0.1:3310 (ESTABLISHED)
myupnpmed 7595 0 7u IPv4 34653 0t0 TCP 127.0.0.1:34461->127.0.0.1:3310 (ESTABLISHED)
myupnpmed 7595 0 8u IPv4 34663 0t0 UDP *:1900
myupnpmed 7595 0 9u IPv4 34664 0t0 TCP *:8200 (LISTEN)
myupnpmed 7595 0 10u IPv4 34665 0t0 UDP 192.168.0.4:38385
php 7651 0 4u IPv4 35874 0t0 UDP *:5353
avahi-dae 7662 65534 11u IPv4 34806 0t0 UDP *:5353
avahi-dae 7662 65534 12u IPv4 34807 0t0 UDP *:33518
php 7732 0 4u IPv4 35917 0t0 UDP *:5353
python 8946 0 3u IPv4 2010653 0t0 TCP *:80 (LISTEN)
rsyncd 9537 0 3u IPv4 36576 0t0 TCP *:873 (LISTEN)
dsd 11400 0 5u IPv4 41453 0t0 TCP *:6889 (LISTEN)
dsd 11400 0 6u IPv4 41454 0t0 TCP *:4433 (LISTEN)
dsd 11400 0 7u IPv4 41459 0t0 UDP *:6889
dsd 11400 0 10u IPv4 41470 0t0 UDP *:6771
dsd 11400 0 11u IPv4 41471 0t0 UDP 127.0.0.1:6771
dsd 11400 0 12u IPv4 41472 0t0 UDP 127.0.0.1:45189
dsd 11400 0 13u IPv4 41473 0t0 UDP 192.168.0.4:6771
dsd 11400 0 30u IPv4 41474 0t0 UDP 192.168.0.4:37517
dsd 11400 0 31u IPv4 41477 0t0 UDP *:1900
dsd 11400 0 32u IPv4 41478 0t0 UDP 127.0.0.1:1900
dsd 11400 0 33u IPv4 41479 0t0 UDP 127.0.0.1:46793
dsd 11400 0 34u IPv4 41480 0t0 UDP 192.168.0.4:1900
dsd 11400 0 35u IPv4 41481 0t0 UDP 192.168.0.4:33338
dsd 11400 0 36u IPv4 41504 0t0 UDP *:52942
apache_pr 12740 0 3u IPv4 31522 0t0 TCP *:8080 (LISTEN)
upnpd 13116 0 0u IPv4 46044 0t0 TCP *:49153 (LISTEN)
upnpd 13116 0 1u IPv4 46045 0t0 UDP 127.0.0.1:53065
upnpd 13116 0 3u IPv4 46047 0t0 UDP *:1900
apache_pr 23042 0 3u IPv4 31522 0t0 TCP *:8080 (LISTEN)
apache_pr 23225 0 3u IPv4 31522 0t0 TCP *:8080 (LISTEN)
from urllib2 import urlopen
-sh: from: command not found
<-letsencrypt] # urlopen("https://acme-v01.api.letsencrypt.org/directory")
-sh: syntax error near unexpected token `"https://acme-v01.api.letsencrypt.org/directory"'
same issue here try this [/share/CACHEDEV1_DATA/qnap-letsencrypt] # lsof -i :80 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME python 13700 admin 3u IPv4 13380 0t0 TCP *:www (LISTEN) [/share/CACHEDEV1_DATA/qnap-letsencrypt] # kill 13700
unfortunately, we tried too many times before and are required to wait a few days before we finalize other documentation ^_^ File "acme-tiny/acme_tiny.py", line 161, in get_crt raise ValueError("Error signing certificate: {0} {1}".format(code, result)) ValueError: Error signing certificate: 429 {"type":"urn:acme:error:rateLimited","detail":"Error creating new cert :: Too many certificates already issued for: ddns.net","status":429}
@Marku1397: @QBoxTW is probably right, you are running a python web server instance from a previous failed attempt to generate the certificate. Kill that one. You will ofc need to run the python code in python and post the output of that.
Was only an remark. Your script worked already 2 days ago with miner issues ^-^ ( wrong Python and suddenly changed virtual side pointers) . I was just making an dummy proof wiki page for it but due to the application allocations I fucked up the server again. ( you need to start the Python script when you are at the correct directory, otherwise it failed due to an missing pem and screws up ...haha) Extra backups of certain files are really important to resurrect the qnap.
When you experiment like this, you have to keep in mind, that letsencrypt only allows a certain number of side actions in 5 or 7 days. After that you need to wait some days to continue
By the way, I have several virtual sides on my 459 pro and next I will check if this script also works for the other virtual side's.
PS: you must also change some Apache items . I will send the info ASAP. Smartphones need to have an special approach otherwise you get an security error
Regards Tws.ddns.net On Apr 12, 2016 6:37 PM, "Yannik" notifications@github.com wrote:
@Marku1397 https://github.com/Marku1397: @QBoxTW https://github.com/QBoxTW is probably right, you are running a python web server instance from a previous failed attempt to generate the certificate. Kill that one. You will ofc need to run the python code in python and post the output of that.
— You are receiving this because you were mentioned. Reply to this email directly or view it on GitHub https://github.com/Yannik/qnap-letsencrypt/issues/8#issuecomment-208839944
Close due to inactivity.
Platform/Firmware Information
Platform = ARM_MS DISPLAY_NAME=TS-231 Model = TS-X31 Internal Model = TS-X31 Version = 4.2.0 Build Number = 20160130 Rsync Model = QNAP Build Date = 2016-01-30
Issue Summary (provide relevant error messages and log output): Dear Yannik,
I first want to say thank you for this tool. But i really had problems by using it. First of all i couldn't get your git-files: Cloning into 'qnap-letsencrypt'... fatal: unable to access 'https://github.com/Yannik/qnap-letsencrypt.git/': error setting certificate verify locations: CAfile: /share/CACHEDEV1_DATA/cacert.pem CApath: none
I could get the files by not checking the certificate. The second problem that did come up while running the renew_certificate.sh was: Checking whether to renew certificate on Wed, 06 Apr 2016 18:02:56 +0200 Renewing certificate... Stopping Qthttpd hogging port 80.. Shutting down Qthttpd services: OK. Started python SimpleHTTPServer with pid 10375 Serving HTTP on 0.0.0.0 port 80 ... Parsing account key... Parsing CSR... Traceback (most recent call last): File "acme-tiny/acme_tiny.py", line 198, in
main(sys.argv[1:])
File "acme-tiny/acme_tiny.py", line 194, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca)
File "acme-tiny/acme_tiny.py", line 70, in get_crt
raise IOError("Error loading {0}: {1}".format(csr, err))
IOError: Error loading letsencrypt/domain.csr: unable to load X509 request
715900112:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:689:Expecting: CERTIFICATE REQUEST