Jump to content

Let’s Encrypt support for SSL certificates


Recommended Posts

aptalca

Will i need to do anything to to reapply for certificate after 90 days, or will it take care of itself if it's running in docker? Thanks.

As long as port 443 is still mapped, it will auto update.

 

Cron runs every night and if the cert will expire in 30 days, it will attempt to renew. The log is in the config folder

Link to post
Share on other sites
eraser8

Hi Guys!

 

I would like to thank you for this because this solved my main problem I had with emby. With this certificate, I can use my chromecast in HTTPS with the emby server. 

 

Great thanks to you!

Link to post
Share on other sites
  • 2 months later...

As long as port 443 is still mapped, it will auto update.

 

Cron runs every night and if the cert will expire in 30 days, it will attempt to renew. The log is in the config folder

Thanks for the help, it's been running great, but i would like to try to update the docker image.  What i'm seeing is i need to pull the newest image and recreate the docker.  But won't that recreate the private key?  or is that stored in /config?

Is there a better way than to have to save my original create command to recreate it?

 

Updated.

I found that is beyond the scope of docker for technical reasons.  I just pulled the new image and recreated the container with the same command line and it works just fine that way

Edited by snake98
Link to post
Share on other sites
  • 8 months later...

Hi,

Tried this and when fetching the certificate get this error:

Performing the following challenges:
http-01 challenge for xxxxxxxxxxx.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. xxxxxxxx.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://xxxxxxxxxx.com/.well-known/acme-challenge/eBAimMymCHQy-lo1EkovNyir9Hy385Lx8XPMY5LIpuQ: "<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>"

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: xxxxxxxxx.com
   Type:   unauthorized
   Detail: Invalid response from
   http://xxxxxxxx.com/.well-known/acme-challenge/eBAimMymCHQy-lo1EkovNyir9Hy385Lx8XPMY5LIpuQ:
   "<html>
   <head><title>403 Forbidden</title></head>
   <body bgcolor="white">
   <center><h1>403 Forbidden</h1></center>
   <hr><center>"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP addreess

Any ideas? The howto on page3 does not specify what ports need to be open to emby jail from WAN, so I opened 8096,8920 & 443 ... still this error ...

Edited by ebike
Link to post
Share on other sites
  • 1 year later...
daimonogoro

 

Automating Lets Encrypt for Emby on FreeNAS
 
--to get started go to the jails tab on the top panel and select your emby jail and then click on the terminal button on the bottom 
 
--run this command to upgrade your packages
pkg upgrade
 
--press y when prompted and hit enter
 
--run this command to install certbot (let's Encrypt)
pkg install py27-certbot

 

Cool, except:

 

root@emby:~ # pkg install py27-certbot

Updating iocage-plugins repository catalogue...

iocage-plugins repository is up to date.

All repositories are up to date.

pkg: No packages available to install matching 'py27-certbot' have been found in the repositories

 

I'm honestly a complete ignoramus on all matters freeBDS/Linux, but still. pkg search yields no certbot package. None, not py27-certbot, not py36-certbot...  All there is is Mozilla cert providers.

 

This is an Emby 4.1.1.0 server as a plugin in a jail for FreeNAS-11.2-STABLE (U4.1 and U5).

 

I was under the impression the DEFAULT repositories already included certbot. Do I need to add a repository? No walkthrough I found so far mentioned anything of the sort, letsencrypt's official own included. Any ideas?

Edited by daimonogoro
Link to post
Share on other sites

Looks like its py36-certbot according to here so no need for adding repo's. is your pkg up to date? ohhhhhhh. did you install emby from the plugins? if so then the that might cause some issues. It looks like it going by what its says in your terminal "iocage-plugins repository is up to date". I've only installed emby from pkg or some would argue to install from ports. ANYWAY... What .conf files do you have in /usr/local/etc/pkg/repos ?

Link to post
Share on other sites

Cool, except:

 

root@emby:~ # pkg install py27-certbot

Updating iocage-plugins repository catalogue...

iocage-plugins repository is up to date.

All repositories are up to date.

pkg: No packages available to install matching 'py27-certbot' have been found in the repositories

 

I'm honestly a complete ignoramus on all matters freeBDS/Linux, but still. pkg search yields no certbot package. None, not py27-certbot, not py36-certbot...  All there is is Mozilla cert providers.

 

This is an Emby 4.1.1.0 server as a plugin in a jail for FreeNAS-11.2-STABLE (U4.1 and U5).

 

I was under the impression the DEFAULT repositories already included certbot. Do I need to add a repository? No walkthrough I found so far mentioned anything of the sort, letsencrypt's official own included. Any ideas?

 

Looks like its py36-certbot according to here so no need for adding repo's. is your pkg up to date? ohhhhhhh. did you install emby from the plugins? if so then the that might cause some issues. It looks like it going by what its says in your terminal "iocage-plugins repository is up to date". I've only installed emby from pkg or some would argue to install from ports. ANYWAY... What .conf files do you have in /usr/local/etc/pkg/repos ?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...