nextcloudpi
nextcloudpi copied to clipboard
Published
20 hours ago •
nextcloud
nextcloud
letsencrypt - second certificate not issued
Trying to eissue an additional certificate for my www.my.dom domain it does nothing, more than geting the cert for nextcloud.my.dom
System information
NextcloudPi diagnostics
NextcloudPi version v1.52.4
NextcloudPi image NextCloudPi_RaspberryPi_v1.52.2.img
OS Debian GNU/Linux 11. 5.15.61-v8+ (aarch64)
automount yes
USB devices sda
datadir /media/myCloudDrive/ncdata
data in SD no
data filesystem btrfs
data disk usage 1,4T/1,9T
rootfs usage 6,0G/29G
swapfile /var/swap
dbdir /media/USBdrive/ncdatabase
Nextcloud check ok
Nextcloud version 26.0.3.2
HTTPD service up
PHP service up
MariaDB service up
Redis service up
HPB service up
Postfix service up
Internet check ok
Public IPv4 ***REMOVED SENSITIVE VALUE***
Public IPv6 ***REMOVED SENSITIVE VALUE***
Port 80 open
Port 443 open
IP ***REMOVED SENSITIVE VALUE***
Gateway ***REMOVED SENSITIVE VALUE***
Interface eth0
Certificates ***REMOVED SENSITIVE VALUE***
NAT loopback yes
Uptime 2days
Nextcloud configuration
{
"system": {
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": {
"0": "localhost",
"5": "nextcloudpi.local",
"1": "10.0.0.4",
"2": "nextcloud.my.dom",
"7": "nextcloudpi",
"8": "nextcloudpi.lan",
"11": "nextcloud.my.dom",
"4": "nextcloud.my.dom",
"12": "nextcloud.my.dom",
"20": "10.0.0.1",
"3": "nextcloud.my.dom",
"22": "nextcloud.my.dom",
"14": "nextcloudpi",
"": "nextcloud.my.dom"
},
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"tempdirectory": "\/media\/myCloudDrive\/ncdata\/tmp",
"overwrite.cli.url": "https:\/\/nextcloud.my.dom\/",
"dbtype": "mysql",
"version": "26.0.3.2",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"instanceid": "***REMOVED SENSITIVE VALUE***",
"memcache.local": "\\OC\\Memcache\\Redis",
"memcache.locking": "\\OC\\Memcache\\Redis",
"redis": {
"host": "***REMOVED SENSITIVE VALUE***",
"port": 0,
"timeout": 0,
"password": "***REMOVED SENSITIVE VALUE***"
},
"appstoreenabled": true,
"mail_smtpmode": "smtp",
"mail_smtpauthtype": "LOGIN",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"overwriteprotocol": "https",
"maintenance": false,
"logfile": "\/media\/myCloudDrive\/ncdata\/nextcloud.log",
"loglevel": "2",
"log_type": "file",
"theme": "",
"updater.release.channel": "stable",
"htaccess.RewriteBase": "\/",
"jpeg_quality": "60",
"data-fingerprint": "***REMOVED SENSITIVE VALUE***",
"default_locale": "REMOVED",
"default_phone_region": "REMOVED",
"app_install_overwrite": [
"apporder",
"impersonate",
"defaultlinkopen",
"initialcheck",
"occweb",
"files_texteditor",
"dashboard",
"radio",
"files_external_onedrive",
"social",
"printer",
"admin_notifications",
"previewgenerator",
"weather",
"files_trackdownloads",
"folderplayer",
"keeporsweep",
"files_external_dropbox",
"files_markdown",
"sharingpath",
"cms_pico",
"ransomware_protection",
"dicomviewer",
"duplicatefinder"
],
"mail_sendmailmode": "smtp",
"mail_smtpsecure": "tls",
"mail_smtpauth": 1,
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": "587",
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
"trusted_proxies": "***REMOVED SENSITIVE VALUE***"
}
}
NCP Log
[ letsencrypt ] (Sat Aug 5 09:08:32 BST 2023)
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate for nextcloud.my.dom and www.my.dom
Running deploy-hook command: /etc/letsencrypt/renewal-hooks/deploy/ncp
Error output from deploy-hook command ncp:
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
admin user not found
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/nextcloud.my.dom/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/nextcloud.my.dom/privkey.pem
Your certificate will expire on 2023-11-03. To obtain a new or
tweaked version of this certificate in the future, simply run
certbot again. To non-interactively renew *all* of your
certificates, run "certbot renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
Installing template 'nextcloud.conf.sh'...
INFO: Letsencrypt domain is nextcloud.my.dom
INFO: Metrics enabled: no
Apache self check:
Syntax OK
System config value trusted_domains => 11 set to string nextcloud.my.dom
System config value trusted_domains => 3 set to string nextcloud.my.dom
System config value overwrite.cli.url set to string https://nextcloud.my.dom/
System config value trusted_proxies => 11 set to string 127.0.0.1
System config value trusted_proxies => 12 set to string ::1
System config value trusted_proxies => 13 set to string nextcloud.my.dom
System config value trusted_proxies => 14 set to string 10.0.0.4
Setup notify_push (attempt 1/5)
✓ redis is configured
✓ push server is receiving redis messages
✓ push server can load mount info from database
✓ push server can connect to the Nextcloud server
✓ push server is a trusted proxy
✓ push server is running the same version as the app
configuration saved
It's not supposed to get a second certificate. Instead it adds a second domain to the letsencrypt certificate, so you can use both domains and clients trust both. Do both work?
