I am trying to renew my SSL Cert on Gcloud VM Instance SSH with Bitnami. But it's giving me the
"Please type a directory that contains a Bitnami installation. The default installation directory for Linux installers is a directory inside /opt."
every time i run the bncert-tool
I have followed the steps to try and revert to backup files as directed in this post (thinking i might have did it poorly last time) I copied the backup file to the bitnami.conf and httpd.conf but I still get the same error.
Copying contents of the backup file is this right?
Please help, my ssl expires in 15 days! Is it not easier to just get SSL Through Wordpress plugin? Is it possible to remove this Bitnami SSL Completely?
Related
I installed a brand new DigitalOcean droplet using a marketplace base (so on paper everything should be OK out of the box).
When trying to issue certificates, i am getting this error:
[11.13.2019_04-48-28] /root/.acme.sh/acme.sh --issue -d thehouseinkorazim.co.il -d www.thehouseinkorazim.co.il --cert-file /etc/letsencrypt/live/thehouseinkorazim.co.il/cert.pem --key-file /etc/letsencrypt/live/thehouseinkorazim.co.il/privkey.pem --fullchain-file /etc/letsencrypt/live/thehouseinkorazim.co.il/fullchain.pem -w /home/thehouseinkorazim.co.il/public_html --force
[11.13.2019_04-48-28] [Errno 2] No such file or directory [Failed to obtain SSL. [obtainSSLForADomain]]
[11.13.2019_04-48-28] 283 Failed to obtain SSL for domain. [issueSSLForDomain]
[11.13.2019_04-48-34] Trying to obtain SSL for: thehouseinkorazim.co.il and: www.thehouseinkorazim.co.il
I checked and UFW is not installed.
I do have a network firewall but it is the same one as another droplet that does allow for certificates (same rules) so I think it is not the cause.
I searched all the answers online and no luck.
I even installed certboot to manually issue certificate but same error (i did it because I know you need to register initially to get certificates and I haven't so I thought it was the cause).
Any ideas? Thanks!
update: i did a clean droplet again, this is the issue without anything I did manually:
Cannot issue SSL. Error message: ln: failed to create symbolic link '/usr/local/lsws/admin/conf/cert/admin.crt': No such file or directory ln: failed to create symbolic link '/usr/local/lsws/admin/conf/cert/admin.key': No such file or directory 0,283 Failed to obtain SSL for domain. [issueSSLForDomain]
I checked and there is no folder "cert" under "conf" in the path written above.
There's an known SSL issue on recent version due to some environment/code changing. We already aware it and submitted a new version which has that issue fixed included. Please give it a day or two and you should be able to launch the new version from marketplace which comes with CyberPanel v1.9.2.
Best
How to manually install SSL certificate without Cpanel access on Centos 7/Apache? My Cpanel license is expired (simply have no money), so I can't login and can't use WHM API (command line) because API try to read Cpanel license file.
The certificate is already stored on system (issued by Lets Encrypt plugin). But I don't know how to make it effective on my site since Apache config folder is different on Cpanel system. What file should I edit to input my cert address?
Certificate is stored at: /etc/letsencrypt/live/mydomain.com/fullchain.pem
Private key is stored at: /etc/letsencrypt/live/mydomain.com/privkey.pem
Note: I use Engintron (Nginx Cpanel plugin), don't know if this change anything. I have root access.
I got to install SSL certificate (by Let's Encrypt) on cPanel directly by running Certbot-Auto command on SSH screen. Certbot-Auto will generate certificate and install it. It is very simple: https://certbot.eff.org/docs/install.html#certbot-auto.
I had to delete the old expired certificates from my /home/mydomain/ssl folder to avoid conflict. I don't know how things are inside cPanel cause I still have no license to access. I will renew license soon, but can't stop working on my site just because I have no SSL.
I am trying to set up our EC2 instance with an SSL. Non-SSL web traffic has always been fine.
I'm following the tutorial here: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-an-instance.html
On step 2 part 5 it says to remove the old certificate from /etc/pki/tls/certs and place the new certificate here.
Remove the old self-signed host certificate localhost.crt from the /etc/pki/tls/certs directory and place the new CA-signed certificate there (along with any intermediate certificates).
Unfortunately I get permission denied errors when attempting both. I've tried through console SSH and through FileZilla SSH, and as expected, both have the same problem. I'm logged in as ec2-user.
I'm able to create / modify / delete files in other directories, such as the public web folders etc, but this directory seems to have more protection.
Does anyone know how to get the necessary permissions in this directory so I can complete setup?
I am trying to understand the process of installing a letsencrypt certificate on Apache on Centos.
I have read the installation instructions, cloned the git repository, and there I’m stuck.
Has anybody had experience with this and what to do next?
Thanks
You didn't really make it clear what your error was, but I'll take a guess and say that you left off with cloning the Git repository.
From here, you'll need to run some commands with the letsencrypt-auto program that you just cloned to actually obtain a certificate and install it. Let's Encrypt and their automatic configuration feature isn't necessarily stable yet, so I recommend running the command to only obtain a certificate, then manually configure SSL yourself. Head into the directory that you cloned the Git repository to and run the following commands:
chmod +x letsencrypt-auto
./letsencrypt-auto certonly
Let's Encrypt will begin to download its dependencies and a prompt will finally appear requesting which domains you want a certificate for. Just fill it in and press enter. If all goes well, you'll get an output that looks similar to this:
- Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/example.com/fullchain.pem. Your
cert will expire on 2016-03-08. To obtain a new version of the
certificate in the future, simply run Let's Encrypt again.
This path will differ from my path since I'm running Ubuntu 14.04. Note the path to the folder, which will hold all of the files you need. Now, head into your Apache configuration and edit the configuration file to link to the SSL certificates that you just created, restart Apache, and you should be good to go!
If you need any further instructions, let me know.
So I want to do SSL certification on HAProxy to make the connection secure. I started of downloading HAProxy through appstore but later found out that the installation package doesnt support SSL. So I downloaded HAProxy 1.5.14 and compiled it with USE_OPENSSL=1. when I do haproxy -vv I am able to see that SSL is enabled in it.
The issue that I am facing is that when I compile and then install the file by using the command (sudo make install), I am unable to find the haproxy.cfg. I dont know where it is so I am unable to configure and set the setting to the requirement.
The installation package that I got is from the HAProxy official site and I would like someone's help. Please advice me how to solve this issue.
Thank you,
Safiul Hasan
The default config file location is:
/etc/haproxy/haproxy.cfg
You can also search your system for the file with this command:
find / -name 'haproxy.cfg'
If haproxy is already running successfully you can find out what config file it is using by looking at the command that is used to run it:
ps x | grep haproxy
This will result in output like this:
28548 ? S 0:00 /usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg
The part after the "-f" is the path to the config file haproxy is currently using.
There are no default haproxy.cfg file, you have to create it from scratch.
Look for some samples on the internet to get one fitting your needs.
You can put your configuration file anywhere and ask to haproxy to use it by using the "-f" parameter.