https not working again #899
Comments
|
Weird that renewal is not yet needed, because checking the certificate gives that it's nearly expired: Although Just to be sure, checking what |
|
I saw that the program could not bind TCP port 80.
I had this note saved:
CERTbot wants port 80 open:
steps:
sudo ufw allow 80/tcp
sudo ufw status
systemctl stop apache2.service
certbot renew -v
But when I ran those steps, it still said:
The following certificates are not due for renewal yet:
/etc/letsencrypt/live/abkiteliti.my.id/fullchain.pem expires on
2023-07-13 (skipped)
No renewals were attempted.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- -
Yes. weird.
Pada tanggal Sab, 20 Mei 2023 pukul 10.46 Teus Benschop <
***@***.***> menulis:
… Weird that renewal is not yet needed, because checking the certificate
gives that it's nearly expired:
$ openssl x509 -in /etc/letsencrypt/live/timkita.xyz/cert.pem -text -noout
Certificate:
...
Validity
Not Before: Feb 21 19:22:04 2023 GMT
Not After : May 22 19:22:03 2023 GMT
Although certbot says it not yet due for renewal, it better to renew it
now.
Just to be sure, checking what certbot says, I ran the command too:
$ certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/timkita.xyz.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Renewing an existing certificate for timkita.xyz
Failed to renew certificate timkita.xyz with error: Could not bind TCP port 80 because it is already in use by another process on this system (such as a web server). Please stop the program in question and then try again.
—
Reply to this email directly, view it on GitHub
<#899 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABDSIJKNASILURDETF54SKDXHDRL5ANCNFSM6AAAAAAYIG6P54>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
|
The reported issue is that "https has stopped" but this is unclear. More details are needed. What is the exact error that is being reported on https? |
|
Now is the 22nd. But unfortunately, the site is still giving the https error!!!! You can see that also in the screenshot above. But even worse: Now our tim's Bibledit site is manifesting the same problem.j |
|
Well guess what?! But alas, as you can see from the page behind the terminal (which I renewed) the HTTPS is still broken!!!
|
|
Teus: Could this error siege have anything to do with the port forwarding issue that you addressed recently? |
This is the issue: #866
Here is the page with steps to take to renew the certificate: http://bibledit.org:8090/help/config The information mention step 1, step 2, and so on, till step 5. Which of those steps were taken? |
|
You are SO Right! I forgot to copy the certs and change their ownership. The certs are definitely renewed.
How do I solve this: Error binding socket: Address already in use. The *.pem file permissions seem right: In your help file, there are several singulars that should be plural. I will try to give you some suggestions on that. So, bottom line: How do I solve this: Error binding socket: Address already in use. |
|
I tried the missing steps in the Timkita site as well, and the results are the same. I wonder if it matters that there are several early steps of the process (like stopping apache2) that I assume don't need to be done if I successfully get new certificates. OK, checking the Journal: I have pages of this same error. I discovered that I copied this command wrong, so I executed |
|
The command copied poorly above. It should end with *.pem. Using the correct command (ugo+r) doesn't seem to change anything. |
|
Evidently the error stops showing and things resume normally? (but still not change to https.)
|
Thank you that would be great, it's good to improve the language.
Usually this is resolved through
This website is fine when opening it over here. It gives the secure lock in the browser address bar. |
|
At the other site, abkiteliti, after I ran those two commands, I get pages of this in the journal: Note that this is not the same message as before, which was the Error binding socket: Address already in use. Aren't the two commands you gave (stop and start) the same as Your message makes me wonder if the USA connection I have has some fault that you don't have in Holland! Thanks so much for fixing the timkita site. |
Yes, they are different, the messages mean that now the https server is running, and that someone is messing with it, but the server handles this messing gracefully.
Yes, they are essentially the same, but the difference is that the
The transition does happen, but it gives an expired certificate, in other words, the certificate is just expired somehow. Yes, I can help but do not have the credentials to access it, could I receive them by email offline? |
|
What do you mean by "someone is messing with it"? |
The "messing" looks like someone, perhaps even unknowingly, tries to connect to the https server in an incorrect way. Perhaps it's benign.
Thanks, and I received it. Checking your server out, it appears there are three instances of Bibledit running in parallel. Here is the list of them: Someone has started multiple instances, and I don't know which instance is the one you work with. Likely the solution for you would be to stop the two extra Bibledit instances and only keep the one you want. And then to refresh the certificates in the instance you you want. |
|
I thought that I knew what to do! So I did it, and messed things up royally! I easily found the other instances of Bibledit-cloud and deleted the folders. But I didn't realize that the material in Home/8080 needed to stay there. So I deleted that also. (I thought that the only folder I needed was in /var/bibledit/bibledit-cloud.) The 2-3 extra Bibledit-cloud folders were from when Aranggi installed things initially. When I realized that Bibledit would not run anymore, with the complaint that it needed Home/8080, then I tried to undelete the folder using a program (named something like TestDisk). This resulted in me running out of space in the 2GB server. When I ran out of space, it would no longer run anything at all, not even mc. So I am going through the learning process once again of reinstalling everything. And it may actually be a blessing in disguise. I have a good back up of the /var/bibledit/bibledit-cloud folder. But I will need to reinstall all the certificates and the Google Translate stuff. More bulletins as events warrant. :-( |
|
The correct chmod command for the copied certificates starts with My certificates did not change as the ones previously did. |
|
Sorry for the situation of erasing the data, and good to hear there's a good backup of the stuff, and good luck getting the server back online. The |
|
I have studied the instructions you wrote about https. The instructions are so useful, but I think they are more suited to a kind of informative article online, than for technical instructions included in Bibledit. If you were able to write an article online, then I would be so happy to be able to link to it from the main bibledit.org website. |
|
https works now. |
Sometime in the last week, https has stopped at the Indonesian site. I tested to see if the certificates need to be renewed, and evidently not.
I have changed nothing in the config folder in the last months. I have installed all the updates. Something has broken https. What do I do to trouble shoot this problem?
This is for the abkiteliti.my.id site.
The text was updated successfully, but these errors were encountered: