Dehydrated setup

@lbutlr kremels at kreme.com
Tue Nov 8 13:39:33 UTC 2016 

I’m having issues getting dehydrated to work after installing it, and there seems to be no documentation installed with it that I can find.

The package is installed, but I am unable to get the web side of things working and have found conflicting information.

I tried creating a directory in my webroot named .well-known with permissions of 770 and owned by www:_dehydrated. I then linked it to /usr/local/etc/dehydrated

Now, if I run

# su -m _dehydrated -c 'bash /usr/local/bin/dehydrated —cron'

I get:

ERROR: Challenge is invalid! (returned: invalid) (result: {
 "type": "http-01",
 "status": "invalid",
 "error": {
   "type": "urn:acme:error:unauthorized",
   "detail": "Invalid response from http://covisp.net/.well-known/acme-challenge/….

So I create the acme-challenge directory with the same permissions.

Same error.

# ls -lsRa /www/.well-known/
total 24
8 drwxrwxrwx   3 www   _dehydrated   512 Nov  8 05:40 .
8 drwxr-xr-x  30 root  wheel        1024 Nov  8 05:32 ..
8 drwxrwx---   2 www   _dehydrated   512 Nov  8 05:37 acme-challenge
0 -rw-r--r--   1 root  _dehydrated     0 Nov  8 05:11 index.html

/www/.well-known/acme-challenge:
total 16
8 drwxrwx---  2 www   _dehydrated  512 Nov  8 05:37 .
8 drwxrwxrwx  3 www   _dehydrated  512 Nov  8 05:40 ..
0 -rw-r--r--  1 root  _dehydrated    0 Nov  8 05:26 index.html

I can load http://covisp.net/.well-known and http://covisp.net/.well-known/acme-challenge/ (they show a blank page because I put a blank index.html file there).

I even tried setting both directories to 777 permissions, but to no avail.

the http error log just shows the file that is trying to be accessed is not there:

[client 66.133.109.36:50250] AH00128: File does not exist: /usr/local/www/.well-known/acme-challenge/bXxlfu… 

Certs are being created in /usr/local/etc/dehydrated/certs each time I try to run the script.

_______________________________________________
freebsd-ports at freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscribe at freebsd.org"

More information about the freebsd-ports mailing list