Let's encrypt green with nginx webproxy nethserver websites

Hello folks happy 2021

I want to validate all my nginx subdomains with

Valid let’s encrypt certificate, into nethserver nginx proxy.

When I try to into the nethserver gui, nginx webproxy it doesn’t work

But the websites are in https on nginx nethserver working like a charm… Misses the valid let’s encrypt think… The message that he sends to me when I try it…

Validation failed: Challenge failed for this domain(s)

Hi @Vitor_Hugo_Barbosa.

My best guess is you redirect all incoming traffic on port 80 with your nginx proxy to https (port 443).

If this is true you can not request a let’s encrypt certificate form the nethserver administration interface.

Incoming traffic (for all the domains you request a certificate for) on port 80 with destination .well-known/acme-challenge/ must be directed to /var/www/html/.well-known/acme-challenge/ . In this location the let’s encrypt servers can find the challenge for validation.

So with that in mind my objective is to generate an let’s encrypt with certbot into terminal and store it into the folder that nginx serves…

Ohh… Acme is a different one and
Is the folder that acme generates his certs

I have tried acme also to but it says to me he can achieve that port 80 block witch is not true

I can try to see with netstat - tulpn maybe

once the request succeeds your certificate, chainfile and private-key are stored in /etc/letsencrypt/live/

Are you sure you do not redirect all traffic to port 80 to https?

Yes I take off the https redir i will try now

No it isn’t solved

Validation failed: Challenge failed for this domain(s) nextcloud.tuxadmin.ch

On gui thing I am not so savvy with this… And I have tried from gui

1 Like

I think I have found some thing micronator

NethServer with let’s encrypt and Acme recognize cloud flare Acme challenge

I have the pdf already

I have no ip as dyndns

But… I think it doesn’t matter if I have also cloud flare as second ddns to the same domain

The DNS challenge is added recently, your DNS service provider must be supported by cerbot.

if that does not work for you you some further reading:

You can consider using DNS challenge instead to circumvent the port 80 requirement.

Thanks guys I will try gently this week