Cant Create a Cert cloudflare

[Paddy0293]

Hey Guys,
hope some can help me :)

i want to create a cert for my vaultwarden and follow this tutorial

Youtube Tutorial

I wanted to create a certificate but got the following error

DNS problem: NXDOMAIN looking up TXT for _acme-challenge.blablub.de - check that a DNS record exists for this domain

I dont know, whats wrong :(
Hope u can help me :)

 

[danb35]

It doesn't look like Cloudflare are the DNS host for blablub.de:

Code:

 dan@Dan-Mac-Mini-2  ~  dig ns blablub.de

; <<>> DiG 9.10.6 <<>> ns blablub.de
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35144
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;blablub.de.            IN    NS

;; ANSWER SECTION:
blablub.de.        7200    IN    NS    ns6.kasserver.com.
blablub.de.        7200    IN    NS    ns5.kasserver.com.

;; Query time: 895 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Wed Sep 28 06:49:09 EDT 2022
;; MSG SIZE  rcvd: 88

 

[Paddy0293]

I try now another way with my netcup domain, how i can set the key file location, i got following error

No such file or directory: '/root/.acme.sh/truenas/truenas.key'

i created a cert, how can i change the path for the "deploy freenas"

 

[Paddy0293]

okay now i change the FQDN in deploy config and i get this error now :(

[Wed Sep 28 05:01:07 PDT 2022] Run reload cmd: ~/deploy-freenas/deploy_freenas.p y
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 169, in _new _conn
conn = connection.create_connection(
File "/usr/lib/python3/dist-packages/urllib3/util/connection.py", line 96, in create_connection
raise err
File "/usr/lib/python3/dist-packages/urllib3/util/connection.py", line 86, in create_connection
sock.connect(sa)
ConnectionRefusedError: [Errno 111] Connection refused

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 699, in urlopen
httplib_response = self._make_request(
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 394, in _make_request
conn.request(method, url, **httplib_request_kw)
File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 234, in requ est
super(HTTPConnection, self).request(method, url, body=body, headers=headers)
File "/usr/lib/python3.9/http/client.py", line 1255, in request
self._send_request(method, url, body, headers, encode_chunked)
File "/usr/lib/python3.9/http/client.py", line 1301, in _send_request
self.endheaders(body, encode_chunked=encode_chunked)
File "/usr/lib/python3.9/http/client.py", line 1250, in endheaders
self._send_output(message_body, encode_chunked=encode_chunked)
File "/usr/lib/python3.9/http/client.py", line 1010, in _send_output
self.send(msg)
File "/usr/lib/python3.9/http/client.py", line 950, in send
self.connect()
File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 200, in conn ect
conn = self._new_conn()
File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 181, in _new _conn
raise NewConnectionError(
urllib3.exceptions.NewConnectionError: <urllib3.connection.HTTPConnection object at 0x7f5509d41a60>: Failed to establish a new connection: [Errno 111] Connectio n refused

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 439, in send
resp = conn.urlopen(
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 755, in urlopen
retries = retries.increment(
File "/usr/lib/python3/dist-packages/urllib3/util/retry.py", line 574, in incr ement
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPConnectionPool(host='localhost', port=80): Max retries exceeded with url: /api/v2.0/certificate/ (Caused by NewConnectionE rror('<urllib3.connection.HTTPConnection object at 0x7f5509d41a60>: Failed to es tablish a new connection: [Errno 111] Connection refused'))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/root/deploy-freenas/deploy_freenas.py", line 91, in <module>
r = session.post(
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 590, in post
return self.request('POST', url, data=data, json=json, **kwargs)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 542, in reque st
resp = self.send(prep, **send_kwargs)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 655, in send
r = adapter.send(request, **kwargs)
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 516, in send
raise ConnectionError(e, request=request)
requests.exceptions.ConnectionError: HTTPConnectionPool(host='localhost', port=8 0): Max retries exceeded with url: /api/v2.0/certificate/ (Caused by NewConnecti onError('<urllib3.connection.HTTPConnection object at 0x7f5509d41a60>: Failed to establish a new connection: [Errno 111] Connection refused'))
[Wed Sep 28 05:01:07 PDT 2022] Reload error for :

 

[danb35]

Your NAS is refusing connections on port 80. Have you changed the port for the GUI?

Edit: If you followed that video and other TrueCharts videos, you almost certainly did. But if you're using SCALE, the solution is simple:

• Move DNS hosting of the domain in question to Cloudflare (you don't have to move the domain registration there, just DNS hosting--it's free)
• Follow the video you linked to get the cert. Be sure to set the "Renew Certificate Days" to 30 (this step isn't covered in the video), or you'll get cert expiration notices every couple of months.

 

[Paddy0293]

@danb35
ty for help :)

i tried to move the dns hosting, like this ?

i got the same error after creating :(
i change the port to 80

Details: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.paddybitwarden.de - check that a DNS record exists for this domain

 

[Paddy0293]

edit: i get the free version of cloudflare, i need to buy a domain ?

 

[danb35]

i need to buy a domain ?

You at least need to own a domain (there may be free ones available); you can't just make up random domain names. paddybitwarden.de doesn't seem to exist.

 

[Paddy0293]

@danb35 okay i have a netcup domain and i want to use it.
can u tell me what i need to do ? is this enoug

 

[danb35]

I have no idea what a "netcup domain" is. Is this a domain you own? Do you control its DNS records?

 

[Paddy0293]

@danb35 sorry for late reply, netcup is a german provider, i buyed a domain last year,
Yeah i have control about the dns records, i only need register the cloudflare dns name in to netcup dns records ? Not anymore?

 

[danb35]

i only need register the cloudflare dns name in to netcup dns records ? Not anymore?

You'll also need to move any existing DNS records for that domain to Cloudflare--though I think Cloudflare does that automatically when you set up the domain there. But from there, generate the API token, and you'll be able to follow the instructions from the video you linked in the OP.