-
Important Announcement for the TrueNAS Community.
The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums
Resource icon
- Thread starter danb35
- Start date
i check the link that u gave, it said that I have to renew my SSL certificate ? please tell me what command that I have to run on my freenas to renew or reissued letsenscrypt SSL from my freenas-iocage-nextcloud .
Or any other things that i've should do ?
Please advice how to solve this problem.
Thanks n regards,
Last edited:
My nexcloud page certificated still revoked, what i have to do to fix it? Please help
mistermanko
Guru
- Joined
- Jan 27, 2020
- Messages
- 577
Last edited:
Maybe consider it as an option ? Building OnlyOffice takes like 3 hours from ports lol.
certbot renew , not working on my freenas nextcloud, it shown like below :
when i try to open from mozilla , it shown like this :
please more advice
Regards,
danb35
Hall of Famer
- Joined
- Aug 16, 2011
- Messages
- 15,504
No version of my script has ever used certbot. Old versions (when I was using Apache as the webserver) used acme.sh; Caddy now handles the cert automatically. And it will see that it's been revoked and renew it automatically.
hi mr.danb35, please let me know how to fix the problem,
when i checked with this link : https://tls-alpn-check.letsencrypt.org/ .
the result is :
[cloud.mynextcloud.com]: The certificate retrieved from your web server has serial 033c5e7ad28270exxx1ec89434bc70bbe351 and was found in our affected data set. Please renew your certificate as soon as possible.
Help is available at https://community.letsencrypt.org/t/questions-about-renewing-before-tls-alpn-01-revocations/170449
and when i checked the status of ssl of my nextcloud , it seem the renewal will be at March 11, 2022
did i have to run this command : iocage exec nextcloud /root/remove-staging.sh ?
please help how to solve this problem.
Thanks & Regards,
Last edited:
mistermanko
Guru
- Joined
- Jan 27, 2020
- Messages
- 577
uh yes, you're right. I assumed a non-ssl setup with your script behind a reverse-proxy that handles certs with certbot, like in my setup. @InGenetic, sorry that was bad advice.
Hello.
I got this error:/freenas-iocage-nextcloud/nextcloud-config: DNS_TOKEN:...: not found
My Config File:
JAIL_IP="192.168.1.50"
DEFAULT_GW_IP="192.168.1.1"
POOL_PATH="/mnt/tank2"
TIME_ZONE="America/New_York"
HOST_NAME="nextcloud.example.com"
DNS_CERT=1
DNS_PLUGIN=cloudflare
DNS_TOKEN:xxxxxx
CERT_EMAIL="admin@example.com"
I have setup an API Token at Cloudflare for domain example.com
Zone Zone Read
Zone DNS Edit
Please help.
I got this error:/freenas-iocage-nextcloud/nextcloud-config: DNS_TOKEN:...: not found
My Config File:
JAIL_IP="192.168.1.50"
DEFAULT_GW_IP="192.168.1.1"
POOL_PATH="/mnt/tank2"
TIME_ZONE="America/New_York"
HOST_NAME="nextcloud.example.com"
DNS_CERT=1
DNS_PLUGIN=cloudflare
DNS_TOKEN:xxxxxx
CERT_EMAIL="admin@example.com"
I have setup an API Token at Cloudflare for domain example.com
Zone Zone Read
Zone DNS Edit
Please help.
danb35
Hall of Famer
- Joined
- Aug 16, 2011
- Messages
- 15,504
As I've said at least twice in the last few days, Caddy will renew the affected cert automatically. It will do this when it tries to renew OCSP and gets the response that the cert is revoked, which would ordinarily happen no more than four days after the cert was revoked.
No, that isn't what that says; it says the cert expires on 11 March. Certs are ordinarily renewed 30 days before expiration, so that would happen starting on 9 February--but as I said above, it should actually happen sooner.
What version of Caddy are you running? From inside the jail, run
caddy version
danb35
Hall of Famer
- Joined
- Aug 16, 2011
- Messages
- 15,504
Do you notice a difference between this line of your config file and every other line?
i try to run caddy version , but the result is like below :
please advice
Thanks n regards,
danb35
Hall of Famer
- Joined
- Aug 16, 2011
- Messages
- 15,504
Really isn't a supported configuration with this script, but some edits to the Caddyfile should do the job.
hi mr.danb35
here the result of "pkg info caddy"
by the way , this's my caddy version :
root@nextcloud:~ # caddy --version
v1.0.4
root@nextcloud:~ #
and i've got this email from letsencrypt last week :
Hello,
Please immediately renew your TLS certificate(s) that were issued from Let's Encrypt using the TLS-ALPN-01 validation method and the following ACME registration (account) ID(s):
836515xx
We've determined that an error made it possible for TLS-ALPN-01 challenges, completed before today, to not comply with certificate issuance requirements. We have remediated this problem and will revoke all unexpired certificates that used this validation method at 16:00 UTC on 28 January 2022. Please renew your certificates now to ensure an uninterrupted experience for your site visitors.
We apologize for any inconvenience this may cause. If you need support in the renewal process, please comment on our forum post. Our staff and community members are available to help:
Questions about Renewing before TLS-ALPN-01 Revocations
UPDATE 08 February 2022: The rate limit adjustments have been reverted to normal conditions. You can read about our rate limits here. UPDATE 29 January 2022: We completed the revocation of approximately 2.7 million certificates validated with the TLS-ALPN-01 method. If a subscriber did not...community.letsencrypt.org
Thank you,
The Let's Encrypt Team
mr.danb35, i want to ask about how to use ssl commercial for my nextcloud ? do you have any refference which ssl with a cheap price but ok for my nextcloud ?
i've just thinking how if i use the commercial ssl , is it will better than letsencrypt or same ?
can i use this SSL for my nextcloud ?
please advice me ..if i can use this SSL, please let me know how to implementation this SSL on my nextcloud.
nb : so there're 2 questions from me :
1. urgently needed is how to renew my letsencrypt , my caddy version is v.1.0.4
2, For the future, maybe, if i want to use commercial ssl , how to step by step to use a commercial ssl
Thanks & Regards,
Last edited:
hi mr.danb35,
i can't find caddy folder , where exactly that folder located ?
i just can find below :
root@nextcloud:~ # cd /etc/ssl/
cert.pem@ openssl.cnf
root@nextcloud:~ # cd /etc/ssl/
i can find that folder on windows explorer, but can not find on linux putty
is that the right folder ?
regards,
Last edited:
