Jump to content


Photo

Let’s Encrypt support for SSL certificates

https secure ssl tls

  • Please log in to reply
106 replies to this topic

#101 aptalca OFFLINE  

aptalca

    Advanced Member

  • Members
  • 207 posts
  • Local time: 07:30 AM

Posted 31 May 2017 - 03:57 PM

Will i need to do anything to to reapply for certificate after 90 days, or will it take care of itself if it's running in docker? Thanks.

As long as port 443 is still mapped, it will auto update.

Cron runs every night and if the cert will expire in 30 days, it will attempt to renew. The log is in the config folder

#102 eraser8 OFFLINE  

eraser8

    Advanced Member

  • Members
  • 233 posts
  • Local time: 06:30 AM

Posted 31 May 2017 - 10:47 PM

Hi Guys!

 

I would like to thank you for this because this solved my main problem I had with emby. With this certificate, I can use my chromecast in HTTPS with the emby server. 

 

Great thanks to you!



#103 snake98 OFFLINE  

snake98

    Advanced Member

  • Members
  • 113 posts
  • Local time: 03:30 AM

Posted 15 August 2017 - 11:48 AM

As long as port 443 is still mapped, it will auto update.

Cron runs every night and if the cert will expire in 30 days, it will attempt to renew. The log is in the config folder

Thanks for the help, it's been running great, but i would like to try to update the docker image.  What i'm seeing is i need to pull the newest image and recreate the docker.  But won't that recreate the private key?  or is that stored in /config?

Is there a better way than to have to save my original create command to recreate it?

 

Updated.

I found that is beyond the scope of docker for technical reasons.  I just pulled the new image and recreated the container with the same command line and it works just fine that way


Edited by snake98, 16 August 2017 - 01:08 PM.


#104 ebike OFFLINE  

ebike

    Advanced Member

  • Members
  • 62 posts
  • Local time: 01:30 AM

Posted 17 April 2018 - 12:09 AM

Hi,

Tried this and when fetching the certificate get this error:

Performing the following challenges:
http-01 challenge for xxxxxxxxxxx.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. xxxxxxxx.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://xxxxxxxxxx.com/.well-known/acme-challenge/eBAimMymCHQy-lo1EkovNyir9Hy385Lx8XPMY5LIpuQ: "<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>"

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: xxxxxxxxx.com
   Type:   unauthorized
   Detail: Invalid response from
   http://xxxxxxxx.com/.well-known/acme-challenge/eBAimMymCHQy-lo1EkovNyir9Hy385Lx8XPMY5LIpuQ:
   "<html>
   <head><title>403 Forbidden</title></head>
   <body bgcolor="white">
   <center><h1>403 Forbidden</h1></center>
   <hr><center>"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP addreess

Any ideas? The howto on page3 does not specify what ports need to be open to emby jail from WAN, so I opened 8096,8920 & 443 ... still this error ...


Edited by ebike, 17 April 2018 - 12:10 AM.


#105 daimonogoro OFFLINE  

daimonogoro

    Newbie

  • Members
  • 1 posts
  • Local time: 01:30 PM

Posted 07 July 2019 - 09:39 AM

 

Automating Lets Encrypt for Emby on FreeNAS
 
--to get started go to the jails tab on the top panel and select your emby jail and then click on the terminal button on the bottom 
 
--run this command to upgrade your packages
pkg upgrade
 
--press y when prompted and hit enter
 
--run this command to install certbot (let's Encrypt)
pkg install py27-certbot

 

Cool, except:

 

root@emby:~ # pkg install py27-certbot
Updating iocage-plugins repository catalogue...
iocage-plugins repository is up to date.
All repositories are up to date.
pkg: No packages available to install matching 'py27-
certbot' have been found in the repositories
 

I'm honestly a complete ignoramus on all matters freeBDS/Linux, but still. pkg search yields no certbot package. None, not py27-certbot, not py36-certbot...  All there is is Mozilla cert providers.

 

This is an Emby 4.1.1.0 server as a plugin in a jail for FreeNAS-11.2-STABLE (U4.1 and U5).

 

I was under the impression the DEFAULT repositories already included certbot. Do I need to add a repository? No walkthrough I found so far mentioned anything of the sort, letsencrypt's official own included. Any ideas?


Edited by daimonogoro, 07 July 2019 - 10:18 AM.


#106 chigh OFFLINE  

chigh

    Member

  • Members
  • 13 posts
  • Local time: 06:30 AM

Posted 07 July 2019 - 10:31 AM

Looks like its py36-certbot according to here so no need for adding repo's. is your pkg up to date? ohhhhhhh. did you install emby from the plugins? if so then the that might cause some issues. It looks like it going by what its says in your terminal "iocage-plugins repository is up to date". I've only installed emby from pkg or some would argue to install from ports. ANYWAY... What .conf files do you have in /usr/local/etc/pkg/repos ?



#107 chigh OFFLINE  

chigh

    Member

  • Members
  • 13 posts
  • Local time: 06:30 AM

Posted 07 July 2019 - 10:35 AM

Cool, except:

 

root@emby:~ # pkg install py27-certbot
Updating iocage-plugins repository catalogue...
iocage-plugins repository is up to date.
All repositories are up to date.
pkg: No packages available to install matching 'py27-
certbot' have been found in the repositories
 

I'm honestly a complete ignoramus on all matters freeBDS/Linux, but still. pkg search yields no certbot package. None, not py27-certbot, not py36-certbot...  All there is is Mozilla cert providers.

 

This is an Emby 4.1.1.0 server as a plugin in a jail for FreeNAS-11.2-STABLE (U4.1 and U5).

 

I was under the impression the DEFAULT repositories already included certbot. Do I need to add a repository? No walkthrough I found so far mentioned anything of the sort, letsencrypt's official own included. Any ideas?

 

Looks like its py36-certbot according to here so no need for adding repo's. is your pkg up to date? ohhhhhhh. did you install emby from the plugins? if so then the that might cause some issues. It looks like it going by what its says in your terminal "iocage-plugins repository is up to date". I've only installed emby from pkg or some would argue to install from ports. ANYWAY... What .conf files do you have in /usr/local/etc/pkg/repos ?







Also tagged with one or more of these keywords: https, secure, ssl, tls

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users