Closed sivashankerN closed 6 years ago
chose letsencrypt. Working on this, performing the steps mentioned here
unable to add PPA
sudo add-apt-repository ppa:certbot/certbot
we are getting below error
ERROR: '~certbot' user or team does not exist.
Looking into this
The above problem is solved. Th problem was network proxy.
Executed following commands on edx-platform vm
$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install python-certbot-nginx
when we run following command
certbot --nginx
It asks for email address for regular updates to be notified to.
Like bellow
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel):
For this test,not given any email id.. If we don't give email address it suggests as follows
If you really want to skip this, you can run the client with
--register-unsafely-without-email but make sure you then backup your account key
from /etc/letsencrypt/accounts
(Enter 'c' to cancel):
So, executed
certbot --register-unsafely-without-email
Followed the instructions and completed the steps.
one of the step is asked for domain name. Given alpha.vlabs.ac.in but output says as follows
Cannot find a VirtualHost matching domain alpha.vlabs.ac.in. In order for Certbot to correctly perform the challenge please add a corresponding server_name directive to your nginx configuration: https://nginx.org/en/docs/http/server_names.html
checking this issue
Added domain name alpha.vlabs.ac.in
in /etc/nginx/sites-enabled/lms
as a server_name
and executed
certbot --register-unsafely-without-email
this time there is another problem
Failed authorization procedure. alpha.vlabs.ac.in (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: DNS problem: NXDOMAIN looking up A for alpha.vlabs.ac.in
So for this, we may need to add A record in our DNS server.
making entry for alpha.vlabs.ac.in in private DNS server
Still same problem exists even after giving A record in DNS server
There is a problem with Letsencrypt configuration. We will look into this later
As Enabling SSL certificates in edx-platform is an urgent, we are enabling Self-Signed certificates
Reference for enabling SSL self signed certificates in Ubuntu 16.04 on nginx service. Digital Ocean
We were unable to access the web using domain name "alpha-openedx.vlabs.ac.in" from browser.
checked this link https://www.vagrantup.com/docs/networking/public_network.html
There is a problem with default route in Virtualbox( vagrant box), so add the line
use_dhcp_assigned_default_route: true
in Vagrantfile
and reloaded the box
then we are able to access the web page.
LDS service is not loading iframe links with https( Self-signed certificates).
So, we are going to apply purchased certificates in the openedx-platform vagrant box.
@ksripathi and @travula
As per our requirement
Purchased SSL certificates are enabled for "alpha-openedx.vlabs.ac.in" domain.
Please check and confirm.
for how to install ssl certificates in edx platform, please check the link https://gitlab.com/vlead-systems/port-labs-to-openedx/blob/master/src/platform-install-configure/index.org
Enable SSL certificates in ginkgo-edx-platform (vagrant box).
For this to be done, we can approach two methods