Dehydrated setup
@lbutlr
kremels at kreme.com
Tue Nov 8 13:39:33 UTC 2016
I’m having issues getting dehydrated to work after installing it, and there seems to be no documentation installed with it that I can find.
The package is installed, but I am unable to get the web side of things working and have found conflicting information.
I tried creating a directory in my webroot named .well-known with permissions of 770 and owned by www:_dehydrated. I then linked it to /usr/local/etc/dehydrated
Now, if I run
# su -m _dehydrated -c 'bash /usr/local/bin/dehydrated —cron'
I get:
ERROR: Challenge is invalid! (returned: invalid) (result: {
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:acme:error:unauthorized",
"detail": "Invalid response from http://covisp.net/.well-known/acme-challenge/….
So I create the acme-challenge directory with the same permissions.
Same error.
# ls -lsRa /www/.well-known/
total 24
8 drwxrwxrwx 3 www _dehydrated 512 Nov 8 05:40 .
8 drwxr-xr-x 30 root wheel 1024 Nov 8 05:32 ..
8 drwxrwx--- 2 www _dehydrated 512 Nov 8 05:37 acme-challenge
0 -rw-r--r-- 1 root _dehydrated 0 Nov 8 05:11 index.html
/www/.well-known/acme-challenge:
total 16
8 drwxrwx--- 2 www _dehydrated 512 Nov 8 05:37 .
8 drwxrwxrwx 3 www _dehydrated 512 Nov 8 05:40 ..
0 -rw-r--r-- 1 root _dehydrated 0 Nov 8 05:26 index.html
I can load http://covisp.net/.well-known and http://covisp.net/.well-known/acme-challenge/ (they show a blank page because I put a blank index.html file there).
I even tried setting both directories to 777 permissions, but to no avail.
the http error log just shows the file that is trying to be accessed is not there:
[client 66.133.109.36:50250] AH00128: File does not exist: /usr/local/www/.well-known/acme-challenge/bXxlfu…
Certs are being created in /usr/local/etc/dehydrated/certs each time I try to run the script.
_______________________________________________
freebsd-ports at freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscribe at freebsd.org"
More information about the freebsd-ports
mailing list