"Įcho "/usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh $EMAIL"Īnd the certificate being served for is a self-signed certificate for the domain name $ openssl s_client -showcerts -servername .net -connect .net:443 < /dev/nullĭepth=0 O = localdomain, OU = david-MacBookPro, CN = evenstar.Jitsi Meet is an open source, high quality, video conferencing application that is 100% end-to-end encrypted. # it maybe this certificate already exists (code 2 - skip, no need to renew)Įcho "Issuing the certificate from Let's Encrypt failed, continuing. Install-letsencrypt-cert.sh contents: #!/bin/bashĮcho "-"Įcho "- Need a working DNS record pointing to this machine(for hostname $\"" I am going to paste in the contents of that script though, as maybe there is some useful information in there. I'm very confused about this myself actually. So I was assuming that was something to do with how it was getting routed by the ISP or something, although I guess that doesn't really make sense that the ISP would need to going through AWS. My DNS (NameCheap) seems to be properly routing to my public IP as far as I can tell. I was not personally intending any redirect though, so if that's not coming from Let's Encrypt, I'm not sure what's going on.Īs I just mentioned above, I am not using AWS, so I'm not sure where that AWS stuff is coming from. Regarding the redirect to ` ', I had been assuming that that was part of the verification process that Let's Encrypt does for the certificate. Hmm, it seems that when I reply to a specific response, it just sticks my reply at the very bottom or all the responses, so I guess I just give one combined reply at this point. It seems like there are no problems with the DNS, port forwarding, firewall, etc., but why can't Let's Encrypt get through to me? I've been trying to get this simple certificate issuance to work for almost four hours now, and I've read and tried everything I can find, but nothing seems to make any difference. I also went into my router and disabled the firewall, but this didn't make a difference either. I've also tried the command "sudo ufw allow 'Nginx Full'" but that made no difference. output of certbot -version or certbot-auto -version if you're using Certbot): Command 'certbot' not foundĬomments: per the Jitsi installation instructions on github ( Self-Hosting Guide - Debian/Ubuntu server | Jitsi Meet), I had previously run the following commands:Īfter the failed certification issuance, I verified that these ports were open in terminal by running "telnet 80" (and also for ports 443, 10000, etc.). I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no I can login to a root shell on my machine (yes or no, or I don't know): yes My hosting provider, if applicable, is: n/a The operating system my web server runs on is (include version): Linux Mint Mate 20.3 Issuing the certificate from Let's Encrypt failed, continuing. Please add '-debug' or '-log' to check more details. :Verify error:18.221.195.49: Fetching : Timeout during connect (likely firewall problem) Pending, The CA is processing your order, please just wait. Getting domain auth token for each domain Good, bash is found, so change the shebang to use bash as preferred. Installing cron jobġ7 0 * * * "/opt/acmesh/.acme.sh"/acme.sh -cron -home "/opt/acmesh/.acme.sh" > /dev/null No profile is found, you will need to go into /opt/acmesh/.acme.sh to use acme.sh Installed to /opt/acmesh/.acme.sh/acme.sh If you don't use standalone mode, just ignore this warning. We use socat for standalone server if you use standalone mode. It is recommended to install socat first. Install additional dependencies in order to request Let’s Encrypt certificate (acme.sh)Ĭonfigure and reload nginx or apache2, whichever is usedĬonfigure the coturn server to use Let's Encrypt certificate and add required deploy hooks Need a working DNS record pointing to this machine(for hostname ) I ran this command: sudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh produced this output: ), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. Note: you must provide your domain name to get help. Please fill out the fields below so we can help you better.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |