You are here
Sophie Moreira - Mon, 2024/04/15 - 13:01
Hi guys,
I am trying to setup 2 nextcloud embedded in containers. The host being proxmox. All the thing is hosted in a private server in OVH.
I am very new to networking and unix administration (I have though a little knowledge of some commands as a former developper).
I have set up a container with turnkey-nextcloud and initiate the installation process with turnkey-init.
When I try to reach the login page with curl I have this:
curl https://10.0.0.2 curl: (60) SSL: no alternative certificate subject name matches target host name '10.0.0.2' More details here: https://curl.se/docs/sslcerts.html curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above.
when I try with the full domain name I have this:
curl https://ncloud1.domain.fr:443 curl: (35) OpenSSL/3.0.11: error:0A00010B:SSL routines::wrong version number
Any help would be appreciated. Is there a tutorial about setting up the SSL ?
Thank you,
Sophie
Forum:
more details : I have tried
more details : I have tried to get a certificate using conf console and validating the domain by using the dns provider. but I get the error :
/usr/bin/turnkey-lexicon: line 78: 74712 Illegal │
│ instruction "$VENV_BASE/lexicon/bin/lexicon" │
│ $(printf '%q ' "$@")
thx in advance
Hi Sophie
In your op, the 2 issues you encountered sound to me like respectively:
The 2nd one you could test my suspicion like this:
Regarding your issue with getting a Let's Encrypt cert via Confconsole using DNS-01 validation, I'm not 100% sure, but unless you've updated to the latest version of Confconsole I think you might be hitting an issue that was in the initial release. If I'm right then updating Confconsole should fix it. Update like this:
Alternatively, you could upgrade all available packages like this:
I hope that helps. Regardless, please post back to let me know how you go.
Hi
Hi
thank you Jeremy, unfortunately i have resetted the server and I am now unable to have the exact same setup.
I have setup a haproxy and now I request the urls from internet.
I still can't get a let's encrypt certificate. I updated confconsole as you suggested. I tried both methods http and dns. I have a nextcloud initiated with the turnkey-init command that answers to ncloud1-parthenos.egide-vault.fr
For the http method I got the logs :
I have not found any .well-known folder on the server btw...
For the dns method I still have the exact same error as before.
Thank you in advance for your help.
Sophie
Does external port 80 point to the server?
I have reformatted your post a bit to make it easier to read.
Does the external port 80 of your domain point to you internal server? According to the log message you provided, when the Let's Encrypt server tried to contact your server via port 80, it received a 403 HTTP code "Forbidden".
That suggests you have port 80 publicly available (which is good) but it is configured to not allow external access. You note that you have HAProxy set up. I'm not personally familiar with it, but I suspect that is not allowing access. Having said that, I tried accessing your server myself and it redirects to https - via a 301 HTTP code "Moved Permanently".
Regardless, when I tried contacting your server, it seems to have a valid Let's Encrypt SSL/TLS certificate? I guess that you are doing the https termination at your HAProxy server?
Add new comment