danb35
Hall of Famer
- Joined
- Aug 16, 2011
- Messages
- 15,504
It should.Does this mean that we don't have to install docker and do all that reverse proxy stuff?
It should.Does this mean that we don't have to install docker and do all that reverse proxy stuff?
Yesterday some certificates got revoked by lets encrypt. Have you checked your certificates against non-complaince with ALPN TLS versions by letsencrypt? (https://tls-alpn-check.letsencrypt.org/)
You can do that with:curl -X POST -d 'fqdn=YOURFQDN' https://tls-alpn-check.letsencrypt.org/checkhost
My nexcloud page certificated still revoked, what i have to do to fix it? Please helpi check the link that u gave, it said that I have to renew my SSL certificate ? please tell me what command that I have to run on my freenas to renew or reissued letsenscrypt SSL from my freenas-iocage-nextcloud .
Or any other things that i've should do ?
Please advice how to solve this problem.
Thanks n regards,
My nexcloud page certificated still revoked, what i have to do to fix it? Please help
certbot renew
certbot renew , not working on my freenas nextcloud, it shown like below :I
Inside your nextcloud jail,certbot renew
No version of my script has ever used certbot. Old versions (when I was using Apache as the webserver) used acme.sh; Caddy now handles the cert automatically. And it will see that it's been revoked and renew it automatically.Inside your nextcloud jail,certbot renew
hi mr.danb35, please let me know how to fix the problem,No version of my script has ever used certbot. Old versions (when I was using Apache as the webserver) used acme.sh; Caddy now handles the cert automatically. And it will see that it's been revoked and renew it automatically.
uh yes, you're right. I assumed a non-ssl setup with your script behind a reverse-proxy that handles certs with certbot, like in my setup. @InGenetic, sorry that was bad advice.No version of my script has ever used certbot. Old versions (when I was using Apache as the webserver) used acme.sh; Caddy now handles the cert automatically. And it will see that it's been revoked and renew it automatically.
As I've said at least twice in the last few days, Caddy will renew the affected cert automatically. It will do this when it tries to renew OCSP and gets the response that the cert is revoked, which would ordinarily happen no more than four days after the cert was revoked.please help how to solve this problem.
No, that isn't what that says; it says the cert expires on 11 March. Certs are ordinarily renewed 30 days before expiration, so that would happen starting on 9 February--but as I said above, it should actually happen sooner.it seem the renewal will be at March 11, 2022
caddy version
Do you notice a difference between this line of your config file and every other line?DNS_TOKEN:xxxxxx
i try to run caddy version , but the result is like below :As I've said at least twice in the last few days, Caddy will renew the affected cert automatically. It will do this when it tries to renew OCSP and gets the response that the cert is revoked, which would ordinarily happen no more than four days after the cert was revoked.
No, that isn't what that says; it says the cert expires on 11 March. Certs are ordinarily renewed 30 days before expiration, so that would happen starting on 9 February--but as I said above, it should actually happen sooner.
What version of Caddy are you running? From inside the jail, runcaddy version
Really isn't a supported configuration with this script, but some edits to the Caddyfile should do the job.What needs to be done to browse to example.com/nextcloud?
hi mr.danb35What aboutpkg info caddy
?
Hello,
Please immediately renew your TLS certificate(s) that were issued from Let's Encrypt using the TLS-ALPN-01 validation method and the following ACME registration (account) ID(s):
836515xx
We've determined that an error made it possible for TLS-ALPN-01 challenges, completed before today, to not comply with certificate issuance requirements. We have remediated this problem and will revoke all unexpired certificates that used this validation method at 16:00 UTC on 28 January 2022. Please renew your certificates now to ensure an uninterrupted experience for your site visitors.
We apologize for any inconvenience this may cause. If you need support in the renewal process, please comment on our forum post. Our staff and community members are available to help:
![]()
Questions about Renewing before TLS-ALPN-01 Revocations
UPDATE 08 February 2022: The rate limit adjustments have been reverted to normal conditions. You can read about our rate limits here. UPDATE 29 January 2022: We completed the revocation of approximately 2.7 million certificates validated with the TLS-ALPN-01 method. If a subscriber did not...community.letsencrypt.org
Thank you,
The Let's Encrypt Team
hi mr.danb35,In the jail, is there anything in /etc/ssl/caddy?