Let's Encrypt Fehler(haftes Setup)

MikeFrizz

Member
Ich habe bei der Einrichtung einer meiner Domains ein Fehler gemacht. Es ist bereits einige Zeit her,das ich auf einem früheren Server LE installiert hatte. So war mir nicht mehr bewußt, wann nich welches Skript laufen lassen soll. Bei der Konfiguration der Website hatte ich LE angeklickt, jedoch certbot-auto boch nicht installiert. Das habe ich nun nachgeholt. Und dennoch läuft LE nicht korrekt durch. Mit der Fehlermeldung in er Logdatei kann ich nicht so viel anfangen:

Code:
DeserializationError: Deserialization error: Wrong directory fields
    raise jose.DeserializationError(str(error))
  File "/usr/lib/python2.7/dist-packages/acme/messages.py", line 169, in from_json
    self.net.get(directory).json())
  File "/usr/lib/python2.7/dist-packages/acme/client.py", line 63, in __init__
    return acme_client.Client(config.server, key=key, net=net)
  File "/usr/lib/python2.7/dist-packages/letsencrypt/client.py", line 41, in acme_from_config_key
    acme = acme_from_config_key(config, self.account.key)
  File "/usr/lib/python2.7/dist-packages/letsencrypt/client.py", line 183, in __init__
    return client.Client(config, acc, authenticator, installer, acme=acme)
  File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 213, in _init_le_client
    le_client = _init_le_client(config, authenticator, installer)
  File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 689, in obtain_cert
    return config.func(config, plugins)
  File "/usr/lib/python2.7/dist-packages/letsencrypt/cli.py", line 1986, in main
    load_entry_point('letsencrypt==0.4.1', 'console_scripts', 'letsencrypt')()
  File "/usr/bin/letsencrypt", line 9, in <module>
Traceback (most recent call last):
2018-10-01 11:42:02,015:DEBUG:letsencrypt.cli:Exiting abnormally:
2018-10-01 11:42:02,012:DEBUG:acme.client:Received response <Response [200]> (headers: {'Content-Length': '658', 'Expires': 'Mon, 01 Oct 2018 11:42:02 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Mon, 01 Oct 2018 11:42:02 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json'}): '{\n  "glOvP2pNyXA": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",\n  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",\n  "meta": {\n    "caaIdentities": [\n      "letsencrypt.org"\n    ],\n    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",\n    "website": "https://letsencrypt.org"\n  },\n  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",\n  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",\n  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",\n  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"\n}'
2018-10-01 11:42:02,011:DEBUG:root:Received <Response [200]>. Headers: {'Content-Length': '658', 'Expires': 'Mon, 01 Oct 2018 11:42:02 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Mon, 01 Oct 2018 11:42:02 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json'}. Content: '{\n  "glOvP2pNyXA": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",\n  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",\n  "meta": {\n    "caaIdentities": [\n      "letsencrypt.org"\n    ],\n    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",\n    "website": "https://letsencrypt.org"\n  },\n  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",\n  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",\n  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",\n  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"\n}'
2018-10-01 11:42:02,008:DEBUG:requests.packages.urllib3.connectionpool:"GET /directory HTTP/1.1" 200 658
2018-10-01 11:42:01,805:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
2018-10-01 11:42:01,803:DEBUG:root:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. args: (), kwargs: {}
2018-10-01 11:42:01,800:DEBUG:letsencrypt.cli:Picked account: <Account(898ac25333dbd3d42022fa80995d5a00)>
2018-10-01 11:42:01,789:DEBUG:letsencrypt.cli:Selected authenticator <letsencrypt.plugins.webroot.Authenticator object at 0x7f9ddf0754d0> and installer None
Prep: True
Initialized: <letsencrypt.plugins.webroot.Authenticator object at 0x7f9ddf0754d0>
Entry point: webroot = letsencrypt.plugins.webroot:Authenticator
Interfaces: IAuthenticator, IPlugin
Description: Webroot Authenticator
2018-10-01 11:42:01,788:DEBUG:letsencrypt.display.ops:Single candidate plugin: * webroot
2018-10-01 11:42:01,788:DEBUG:letsencrypt.plugins.webroot:Creating root challenges validation dir at /usr/local/ispconfig/interface/acme/.well-known/acme-challenge
2018-10-01 11:42:01,788:DEBUG:letsencrypt.plugins.webroot:Creating root challenges validation dir at /usr/local/ispconfig/interface/acme/.well-known/acme-challenge
2018-10-01 11:42:01,788:DEBUG:letsencrypt.cli:Requested authenticator webroot and installer None
2018-10-01 11:42:01,788:DEBUG:letsencrypt.cli:Discovered plugins: PluginsRegistry(PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
2018-10-01 11:42:01,788:DEBUG:letsencrypt.cli:Arguments: ['-n', '--text', '--agree-tos', '--expand', '--authenticator', 'webroot', '--server', 'https://acme-v02.api.letsencrypt.org/directory', '--rsa-key-size', '4096', '--email', 'postmaster@cad-kon.com', '--domains', 'cad-kon.com', '--domains', 'www.cad-kon.com', '--webroot-path', '/usr/local/ispconfig/interface/acme']
2018-10-01 11:42:01,788:DEBUG:letsencrypt.cli:letsencrypt version: 0.4.1
2018-10-01 11:42:01,787:INFO:letsencrypt.cli:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2018-10-01 11:42:01,787:DEBUG:letsencrypt.cli:Root logging level set at 30

Soweit ich das versrtehe, stimmen einige Verzeichniseinträge nicht. Habe ich etwa den falschen Certbot laufen lassen?
 

MikeFrizz

Member
Ich habe festgestellt, das es mit dem runterladen und abspielen des certbot Skripts nicht getan ist. So habe ich noch einmal das Setup gemäß dieser Seite hier durchgeführt:
Certbot
Im Terminal konnte ich die Meldungen verfolgen und im Log stehen diese Infos:

Code:
Donating to EFF:                    https://eff.org/donate-le
Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate

2018-10-01 14:01:20,155:DEBUG:certbot.reporter:Reporting to user: If you like Certbot, please consider supporting our work by:
Your cert will expire on 2018-12-30. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew"
/etc/letsencrypt/live/xxxxxxxx.com-0001/privkey.pem
Your key file has been saved at:
/etc/letsencrypt/live/xxxxxxxxx.com-0001/fullchain.pem
2018-10-01 14:01:20,155:DEBUG:certbot.reporter:Reporting to user: Congratulations! Your certificate and chain have been saved at:
2018-10-01 14:01:20,152:DEBUG:certbot.storage:Writing new config /etc/letsencrypt/renewal/xxxxxx.com-0001.conf.
2018-10-01 14:01:20,152:DEBUG:certbot.cli:Var webroot_map={'webroot_path'} (set by user).
2018-10-01 14:01:20,152:DEBUG:certbot.cli:Var webroot_path=/usr/local/ispconfig/interface/acme (set by user).
2018-10-01 14:01:20,147:DEBUG:certbot.cli:Var webroot_path=/usr/local/ispconfig/interface/acme (set by user).
2018-10-01 14:01:20,143:DEBUG:certbot.cli:Var authenticator=webroot (set by user).
2018-10-01 14:01:20,138:DEBUG:certbot.cli:Var server=https://acme-v02.api.letsencrypt.org/directory (set by user).
2018-10-01 14:01:20,135:DEBUG:certbot.cli:Var account={'server'} (set by user).
2018-10-01 14:01:20,135:DEBUG:certbot.cli:Var server=https://acme-v02.api.letsencrypt.org/directory (set by user).
2018-10-01 14:01:20,135:DEBUG:certbot.cli:Var rsa_key_size=4096 (set by user).
2018-10-01 14:01:20,134:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer <certbot.cli._Default object at 0x7f032a0d1438>
2018-10-01 14:01:20,121:DEBUG:certbot.storage:Writing README to /etc/letsencrypt/live/xxxxxx.com-0001/README.
2018-10-01 14:01:20,121:DEBUG:certbot.storage:Writing full chain to /etc/letsencrypt/live/xxxxxxxxx.com-0001/fullchain.pem.
2018-10-01 14:01:20,120:DEBUG:certbot.storage:Writing chain to /etc/letsencrypt/live/xxxxxxxx.com-0001/chain.pem.
2018-10-01 14:01:20,120:DEBUG:certbot.storage:Writing private key to /etc/letsencrypt/live/xxxxxxx.com-0001/privkey.pem.
2018-10-01 14:01:20,120:DEBUG:certbot.storage:Writing certificate to /etc/letsencrypt/live/xxxxxxxx.com-0001/cert.pem.
2018-10-01 14:01:20,119:DEBUG:certbot.storage:Archive directory /etc/letsencrypt/archive/xxxxxx.com-0001 and live directory /etc/letsencrypt/live/xxxxxxx.com-0001 created.
Wenn die Seite mit https aufgerufen wird, erhalte ich einen Lasdefehler. Weisse Seite.
 

MikeFrizz

Member
Wie blöd kann man sein?
Ziemlich. Eine kleine Anfrage mit ufw nach dem Status und die Problematik war klar. Der Port war dicht.
Vielen dank für die Mühe.
 

Werbung

Top