lets-encrypt

问题 I am following this tutorial https://about.gitlab.com/2016/04/11/tutorial-securing-your-gitlab-pages-with-tls-and-letsencrypt/ Next step instructions are: Make sure your web server displays the following content at http://YOURDOMAIN.org/.well-known/acme-challenge/5TBu788fW0tQ5EOwZMdu1Gv3e9C33gxjV58hVtWTbDM before continuing: 5TBu788fW0tQ5EOwZMdu1Gv3e9C33gxjV58hVtWTbDM.ewlbSYgvIxVOqiP1lD2zeDKWBGEZMRfO_4kJyLRP_4U # # output omitted # Press ENTER to continue According to the tutorial, it's using

问题 I am following this tutorial https://about.gitlab.com/2016/04/11/tutorial-securing-your-gitlab-pages-with-tls-and-letsencrypt/ Next step instructions are: Make sure your web server displays the following content at http://YOURDOMAIN.org/.well-known/acme-challenge/5TBu788fW0tQ5EOwZMdu1Gv3e9C33gxjV58hVtWTbDM before continuing: 5TBu788fW0tQ5EOwZMdu1Gv3e9C33gxjV58hVtWTbDM.ewlbSYgvIxVOqiP1lD2zeDKWBGEZMRfO_4kJyLRP_4U # # output omitted # Press ENTER to continue According to the tutorial, it's using

问题 I'm trying to score 100 on all categories when testing my SSL certs at www.ssllabs.com However, I am struggling to get A+ and 100 on all scores. Any tips as to what NGINX config I should use? Or how I should generate my Let's Encrypt certs? thx 回答1: These instructions apply to all certs (including Let's Encrypt certs). However, one or two Let's Encrypt specific tips are given. The NGINX SSL config given below will give you the following SSL Labs scores. You choose: Recommended A+ Certificate

问题 I tried to use SSL by Node.js but it doesn't work because permission denied . try { var TLSoptions = { key: fs.readFileSync("/etc/letsencrypt/live/domain.work/privkey.pem"), cert: fs.readFileSync("/etc/letsencrypt/live/domain.work/cert.pem") }; https.createServer(TLSoptions, app).listen(port, host, function() { console.log("TLS Website started.") }); catch(e) { console.log(e) } => { Error: EACCES: permission denied, open '/etc/letsencrypt/live/domain.work/privkey.pem' at Object.fs.openSync

问题 I am trying to reach my local server via IPv6 which is failing due to certificate issues. E.g. the nextcloud client gives following error: $nextcloudcmd --trust --logdebug Nextcloud https://nextcloud.domain.de 10-20 12:47:43:798 [ info nextcloud.sync.accessmanager ]: 2 "" "https://nextcloud.domain.de/ocs/v1.php/cloud/capabilities?format=json" has X-Request-ID "19a2a694-1912-4813-b3f5-2d4d5720fa80" 10-20 12:47:43:799 [ info nextcloud.sync.networkjob ]: OCC::JsonApiJob created for "https:/

问题 I tried setting up test container to work with traefik and lets encrypt. Traefik is not running on default ports 80 and 443. The server already has apache, reverse proxy ngnix and tomcat locally installed so ports: 80, 443 and 8080 are not available. As far as I can understand the log, there is a misconfiguration concerning the ACME ports. The test container seems to get correctly wired to the entrypoint. How do I get lets encrypt and traefik to work in this scenario or did I do something

问题 I hope someone can help me get my site set up with HTTPS correctly on Openshift. Here's the steps I took: I have an Openshift site let's call it - myOSsite-myname.rhcloud.com I have a domain name through GoDaddy -- mydomain.com. I've set my domain on GoDaddy to forward to Openshift so now: www.mydomain.com --> myOSsite-myname.rhcloud.com I set up two aliases on Openshift -- mydomain.com & www.mydomain.com I went through some letsencrypt tutorials to manually generate a certificate. So now the

问题 I am trying to set up letsencrypt (now greenlock apparently) for port forwarding with express. I had this first issue that I solved with: iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 3000 iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 3443 The issue is that, now, I get: Fetching certificate for 'xxx' to use as default for HTTPS server... [acme-v2] handled(?) rejection as errback: Error: connect ECONNREFUSED 127.0.1.1:80 at TCPConnectWrap

问题 I'm trying to figure out how to grant security to a private key in Windows Server 2012 via powershell (v5). I've got an SSL certificate from LetsEncrypt, and need to use it for my email server, which relies on it being in the certificate store. I can successfully add the cert, but can't quite figure out how to grant security to the private key. Of course, doing manually via GUIs everything works fine, but I want to automate using powershell scripts so renewal is lights-out easy. With a PS

问题 I have certbot including automatic renewal in use in several installations with clients. Now I have been reading here: https://community.letsencrypt.org/t/2018-01-11-update-regarding-acme-tls-sni-and-shared-hosting-infrastructure/50188 here https://community.letsencrypt.org/t/solution-client-with-the-currently-selected-authenticator-does-not-support-any-combination-of-challenges-that-will-satisfy-the-ca/49983 and here https://github.com/certbot/certbot/issues/5405 as well here: https:/