search

nextcloud / nextcloudpi

📦 Build code for NextcloudPi: Raspberry Pi, Odroid, Rock64, curl installer...
https://nextcloudpi.com
2.49k stars 295 forks source link

letsencrypt - second certificate not issued #1809

Open FadeFx opened 1 year ago

FadeFx commented 1 year ago

Trying to eissue an additional certificate for my www.my.dom domain it does nothing, more than geting the cert for nextcloud.my.dom

System information

NextcloudPi diagnostics ``` NextcloudPi version v1.52.4 NextcloudPi image NextCloudPi_RaspberryPi_v1.52.2.img OS Debian GNU/Linux 11. 5.15.61-v8+ (aarch64) automount yes USB devices sda datadir /media/myCloudDrive/ncdata data in SD no data filesystem btrfs data disk usage 1,4T/1,9T rootfs usage 6,0G/29G swapfile /var/swap dbdir /media/USBdrive/ncdatabase Nextcloud check ok Nextcloud version 26.0.3.2 HTTPD service up PHP service up MariaDB service up Redis service up HPB service up Postfix service up Internet check ok Public IPv4 ***REMOVED SENSITIVE VALUE*** Public IPv6 ***REMOVED SENSITIVE VALUE*** Port 80 open Port 443 open IP ***REMOVED SENSITIVE VALUE*** Gateway ***REMOVED SENSITIVE VALUE*** Interface eth0 Certificates ***REMOVED SENSITIVE VALUE*** NAT loopback yes Uptime 2days ```
Nextcloud configuration ``` { "system": { "passwordsalt": "***REMOVED SENSITIVE VALUE***", "secret": "***REMOVED SENSITIVE VALUE***", "trusted_domains": { "0": "localhost", "5": "nextcloudpi.local", "1": "10.0.0.4", "2": "nextcloud.my.dom", "7": "nextcloudpi", "8": "nextcloudpi.lan", "11": "nextcloud.my.dom", "4": "nextcloud.my.dom", "12": "nextcloud.my.dom", "20": "10.0.0.1", "3": "nextcloud.my.dom", "22": "nextcloud.my.dom", "14": "nextcloudpi", "": "nextcloud.my.dom" }, "datadirectory": "***REMOVED SENSITIVE VALUE***", "tempdirectory": "\/media\/myCloudDrive\/ncdata\/tmp", "overwrite.cli.url": "https:\/\/nextcloud.my.dom\/", "dbtype": "mysql", "version": "26.0.3.2", "dbname": "***REMOVED SENSITIVE VALUE***", "dbhost": "***REMOVED SENSITIVE VALUE***", "dbport": "", "dbtableprefix": "oc_", "mysql.utf8mb4": true, "dbuser": "***REMOVED SENSITIVE VALUE***", "dbpassword": "***REMOVED SENSITIVE VALUE***", "installed": true, "instanceid": "***REMOVED SENSITIVE VALUE***", "memcache.local": "\\OC\\Memcache\\Redis", "memcache.locking": "\\OC\\Memcache\\Redis", "redis": { "host": "***REMOVED SENSITIVE VALUE***", "port": 0, "timeout": 0, "password": "***REMOVED SENSITIVE VALUE***" }, "appstoreenabled": true, "mail_smtpmode": "smtp", "mail_smtpauthtype": "LOGIN", "mail_from_address": "***REMOVED SENSITIVE VALUE***", "mail_domain": "***REMOVED SENSITIVE VALUE***", "overwriteprotocol": "https", "maintenance": false, "logfile": "\/media\/myCloudDrive\/ncdata\/nextcloud.log", "loglevel": "2", "log_type": "file", "theme": "", "updater.release.channel": "stable", "htaccess.RewriteBase": "\/", "jpeg_quality": "60", "data-fingerprint": "***REMOVED SENSITIVE VALUE***", "default_locale": "REMOVED", "default_phone_region": "REMOVED", "app_install_overwrite": [ "apporder", "impersonate", "defaultlinkopen", "initialcheck", "occweb", "files_texteditor", "dashboard", "radio", "files_external_onedrive", "social", "printer", "admin_notifications", "previewgenerator", "weather", "files_trackdownloads", "folderplayer", "keeporsweep", "files_external_dropbox", "files_markdown", "sharingpath", "cms_pico", "ransomware_protection", "dicomviewer", "duplicatefinder" ], "mail_sendmailmode": "smtp", "mail_smtpsecure": "tls", "mail_smtpauth": 1, "mail_smtphost": "***REMOVED SENSITIVE VALUE***", "mail_smtpport": "587", "mail_smtpname": "***REMOVED SENSITIVE VALUE***", "mail_smtppassword": "***REMOVED SENSITIVE VALUE***", "trusted_proxies": "***REMOVED SENSITIVE VALUE***" } } ```
NCP Log ``` [ letsencrypt ] (Sat Aug 5 09:08:32 BST 2023) Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator webroot, Installer None Renewing an existing certificate for nextcloud.my.dom and www.my.dom Running deploy-hook command: /etc/letsencrypt/renewal-hooks/deploy/ncp Error output from deploy-hook command ncp: ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES) admin user not found IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/nextcloud.my.dom/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/nextcloud.my.dom/privkey.pem Your certificate will expire on 2023-11-03. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le Installing template 'nextcloud.conf.sh'... INFO: Letsencrypt domain is nextcloud.my.dom INFO: Metrics enabled: no Apache self check: Syntax OK System config value trusted_domains => 11 set to string nextcloud.my.dom System config value trusted_domains => 3 set to string nextcloud.my.dom System config value overwrite.cli.url set to string https://nextcloud.my.dom/ System config value trusted_proxies => 11 set to string 127.0.0.1 System config value trusted_proxies => 12 set to string ::1 System config value trusted_proxies => 13 set to string nextcloud.my.dom System config value trusted_proxies => 14 set to string 10.0.0.4 Setup notify_push (attempt 1/5) ✓ redis is configured ✓ push server is receiving redis messages ✓ push server can load mount info from database ✓ push server can connect to the Nextcloud server ✓ push server is a trusted proxy ✓ push server is running the same version as the app configuration saved ```
rababerladuseladim commented 11 months ago

It's not supposed to get a second certificate. Instead it adds a second domain to the letsencrypt certificate, so you can use both domains and clients trust both. Do both work?