!MthpOIxqJhTgrMNxDS:nixos.org

NixOS ACME / LetsEncrypt

86 Members
Another day, another cert renewal39 Servers

Load older messages

SenderMessageTime
19 Oct 2024
@nakibrayan:matrix.imRayan Nakib (ريان نقيب)20241019_171424.png
Download 20241019_171424.png		16:15:14
@nakibrayan:matrix.imRayan Nakib (ريان نقيب)why I am getting this error?16:15:20
@k900:0upti.meK900It will tell you if you scroll down16:16:12
@nakibrayan:matrix.imRayan Nakib (ريان نقيب)image.png
Download image.png		16:16:42
@k900:0upti.meK900That means it's a self-signed certificate16:17:18
@nakibrayan:matrix.imRayan Nakib (ريان نقيب)it's self singed?16:17:19
@nakibrayan:matrix.imRayan Nakib (ريان نقيب)why it's not using lt's encrypt?16:17:30
@nakibrayan:matrix.imRayan Nakib (ريان نقيب) * why it's not using lt's encrypt?!16:17:33
@k900:0upti.meK900The ACME module generates temporary self-signed certificates by default, to use while it's trying to obtain proper ones from Let's Encrypt16:17:43
@k900:0upti.meK900Presumably, the certificate request failed16:17:52
@k900:0upti.meK900You should check the logs on the machine to see why16:18:00
@nakibrayan:matrix.imRayan Nakib (ريان نقيب)
16:19:16
@nakibrayan:matrix.imRayan Nakib (ريان نقيب) * 
Oct 19 17:18:58 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[140901]: Waiting to acquire lock /run/acme/1.lock
Oct 19 17:18:58 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[140901]: Acquired lock /run/acme/1.lock
Oct 19 17:18:59 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[140905]: 2024/10/19 17:18:59 [nextcloud-rayanlab.duckdns.org] The certificate expires in 89 days, the number of days defined to perform the renewal is 30: no renewal.
Oct 19 17:18:59 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[140901]: Releasing lock /run/acme/1.lock
Oct 19 17:18:59 MacBook-Pro-8-1 systemd[1]: acme-nextcloud-rayanlab.duckdns.org.service: Deactivated successfully.
░░ Subject: Unit succeeded
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░ 
░░ The unit acme-nextcloud-rayanlab.duckdns.org.service has successfully entered the 'dead' state.
Oct 19 17:18:59 MacBook-Pro-8-1 systemd[1]: Finished Renew ACME certificate for nextcloud-rayanlab.duckdns.org.
░░ Subject: A start job for unit acme-nextcloud-rayanlab.duckdns.org.service has finished successfully
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░ 
░░ A start job for unit acme-nextcloud-rayanlab.duckdns.org.service has finished successfully.
░░ 
░░ The job identifier is 24232.
Oct 19 17:18:59 MacBook-Pro-8-1 systemd[1]: acme-nextcloud-rayanlab.duckdns.org.service: Consumed 643ms CPU time, 18.8M memory peak, 5.3K incoming IP traffic, 1.3K outgoing IP traffic.
░░ Subject: Resources consumed by unit runtime
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░ 
░░ The unit acme-nextcloud-rayanlab.duckdns.org.service completed and consumed the indicated resources.
16:19:26
@nakibrayan:matrix.imRayan Nakib (ريان نقيب)I don't see any errors16:19:40
@k900:0upti.meK900Then you probably need to reload nginx or whatever you're using16:19:57
@k900:0upti.meK900So it picks up new certificates16:20:01
@nakibrayan:matrix.imRayan Nakib (ريان نقيب)restarted the pc, and it's still, the same error16:22:07
@nakibrayan:matrix.imRayan Nakib (ريان نقيب) * restarted the pc, and it's still, the same error.16:22:28
@k900:0upti.meK900Then check your Nginx config and see what certificates it's configured to use 16:23:19
@nakibrayan:matrix.imRayan Nakib (ريان نقيب)the service failed, after I restarted my pc?!16:24:05
@nakibrayan:matrix.imRayan Nakib (ريان نقيب)I am using impermanence, my I need to persist some files?16:24:55
@nakibrayan:matrix.imRayan Nakib (ريان نقيب)not it's still failing after I restarted the service.16:26:12
@nakibrayan:matrix.imRayan Nakib (ريان نقيب) 
Oct 19 17:24:08 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1535]: Waiting to acquire lock /run/acme/1.lock
Oct 19 17:24:08 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1535]: Acquired lock /run/acme/1.lock
Oct 19 17:24:10 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1538]: 2024/10/19 17:24:10 [INFO] [nextcloud-rayanlab.duckdns.org, nextcloud-rayanlab.duckdns.org] acme: Obtaining bundled SAN certificate
Oct 19 17:24:11 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1538]: 2024/10/19 17:24:11 [INFO] [nextcloud-rayanlab.duckdns.org] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/418406013657
Oct 19 17:24:11 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1538]: 2024/10/19 17:24:11 [INFO] [nextcloud-rayanlab.duckdns.org] acme: Could not find solver for: tls-alpn-01
Oct 19 17:24:11 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1538]: 2024/10/19 17:24:11 [INFO] [nextcloud-rayanlab.duckdns.org] acme: Could not find solver for: http-01
Oct 19 17:24:11 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1538]: 2024/10/19 17:24:11 [INFO] [nextcloud-rayanlab.duckdns.org] acme: use dns-01 solver
Oct 19 17:24:11 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1538]: 2024/10/19 17:24:11 [INFO] [nextcloud-rayanlab.duckdns.org] acme: Preparing to solve DNS-01
Oct 19 17:24:17 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1538]: 2024/10/19 17:24:17 [INFO] [nextcloud-rayanlab.duckdns.org] acme: Trying to solve DNS-01
Oct 19 17:24:22 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1538]: 2024/10/19 17:24:22 [INFO] [nextcloud-rayanlab.duckdns.org] acme: Checking DNS record propagation. [nameservers=8.8.8.8:53]
Oct 19 17:24:24 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1538]: 2024/10/19 17:24:24 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]
Oct 19 17:24:49 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1538]: 2024/10/19 17:24:49 [INFO] [nextcloud-rayanlab.duckdns.org] acme: Waiting for DNS record propagation.
Oct 19 17:25:08 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1538]: 2024/10/19 17:25:08 [INFO] [nextcloud-rayanlab.duckdns.org] acme: Waiting for DNS record propagation.
Oct 19 17:25:21 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1538]: 2024/10/19 17:25:21 [INFO] [nextcloud-rayanlab.duckdns.org] acme: Waiting for DNS record propagation.
Oct 19 17:25:33 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1538]: 2024/10/19 17:25:33 [INFO] [nextcloud-rayanlab.duckdns.org] acme: Waiting for DNS record propagation.
Oct 19 17:25:35 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1538]: 2024/10/19 17:25:35 [INFO] [nextcloud-rayanlab.duckdns.org] acme: Cleaning DNS-01 challenge
Oct 19 17:25:40 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1538]: 2024/10/19 17:25:40 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/418406013657
Oct 19 17:25:40 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1538]: 2024/10/19 17:25:40 Could not obtain certificates:
Oct 19 17:25:40 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1538]:         error: one or more domains had a problem:
Oct 19 17:25:40 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1538]: [nextcloud-rayanlab.duckdns.org] propagation: time limit exceeded: last error: DNS call error: dial udp: lookup ns4.duckdns.org.: i/o timeout [ns=ns4.duckdns.org.:53, question='_acme-challenge.nextcloud-rayanlab.duckdns.org. IN  TXT']
Oct 19 17:25:41 MacBook-Pro-8-1 acme-nextcloud-rayanlab.duckdns.org-start[1535]: Failed to fetch certificates. This may mean your DNS records are set up incorrectly. Selfsigned certs are in place and dependant services will still start.
Oct 19 17:25:41 MacBook-Pro-8-1 systemd[1]: acme-nextcloud-rayanlab.duckdns.org.service: Main process exited, code=exited, status=10/n/a
░░ Subject: Unit process exited
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░ 
░░ An ExecStart= process belonging to unit acme-nextcloud-rayanlab.duckdns.org.service has exited.
░░ 
░░ The process' exit code is 'exited' and its exit status is 10.
Oct 19 17:25:41 MacBook-Pro-8-1 systemd[1]: acme-nextcloud-rayanlab.duckdns.org.service: Failed with result 'exit-code'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░ 
░░ The unit acme-nextcloud-rayanlab.duckdns.org.service has entered the 'failed' state with result 'exit-code'.
Oct 19 17:25:41 MacBook-Pro-8-1 systemd[1]: Failed to start Renew ACME certificate for nextcloud-rayanlab.duckdns.org.
░░ Subject: A start job for unit acme-nextcloud-rayanlab.duckdns.org.service has failed
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░ 
░░ A start job for unit acme-nextcloud-rayanlab.duckdns.org.service has finished with a failure.
░░ 
░░ The job identifier is 1221 and the job result is failed.
Oct 19 17:25:41 MacBook-Pro-8-1 systemd[1]: acme-nextcloud-rayanlab.duckdns.org.service: Consumed 592ms CPU time, 19M memory peak, 22.1K incoming IP traffic, 9.4K outgoing IP traffic.
░░ Subject: Resources consumed by unit runtime
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░ 
░░ The unit acme-nextcloud-rayanlab.duckdns.org.service completed and consumed the indicated resources.
16:26:44
@nakibrayan:matrix.imRayan Nakib (ريان نقيب)these ☝️ are the logs16:26:53
@k900:0upti.meK900Well you need to persist /var/lib/acme at least 16:27:45
@k900:0upti.meK900And I guess you need to figure out why it's failing to reach the network 16:28:02
@nakibrayan:matrix.imRayan Nakib (ريان نقيب)it work, thank you so much :)17:11:40
@nakibrayan:matrix.imRayan Nakib (ريان نقيب) * it works, thank you so much :)17:11:48
@nakibrayan:matrix.imRayan Nakib (ريان نقيب)NixOS is amazing17:12:08

There are no newer messages yet.

Back to Room ListRoom Version: 6