On Tuesday, 27 February 2018 09:54:38 UTC+11, mpl wrote:
>
> Let's Encrypt now uses the http-01 challenge, so camlistored (for now) has
> to listen on port 80 too for Let's Encrypt to work. Since you're not
> getting any error message about that, I suppose this part at least is
> working. But are packets to port 80 getting to your camlistored instance?
> Do you have a frontend or a router where you need to open that maybe?
>
That sounds like it, its behind an ADSL NAT home router and has only been
set up to route 443 to the ubuntu box. I think 80 is black-holed, I'll
check it out when I get home and can access the router. Do I have to
update the "listen" entry in server-config.json as well? Currently it says:
"listen": ":443",
Adrian
> On 26 February 2018 at 23:45, Adrian Tritschler <[email protected]
> <javascript:>> wrote:
>
>> I've been running a reasonably up-to-date camlistore on my home ubuntu
>> box for a few years, periodically breaking and fixing it as bugs come and
>> go. I'd been running it on port 443, via dynamic dns registered to $
>> HOMEPC.dyndns.org
>>
>> A few weeks ago the current version stopped working for me and I've not
>> been able to get it going again.
>>
>> 2018/02/27 09:35:26 Starting camlistored version 2018-02-26-1c69fb09da;
>> Go go1.10 (linux/amd64)
>> 2018/02/27 09:35:26 TLS enabled, with Let's Encrypt for $
>> HOMEPC.dyndns.org
>> 2018/02/27 09:35:26 Starting to listen on https://localhost:443
>> 2018/02/27 09:35:27 Starting index integrity check.
>> 2018/02/27 09:35:27 Index integrity check done.
>> :
>> 2018/02/27 09:35:27 ui: serving Closure from embedded resources
>> 2018/02/27 09:35:27 Available on https://$HOMEPC.dyndns.org:443/ui/
>>
>> When I try to access it from a browser, the browser reports "Try running
>> Network Diagnostics. ERR_SSL_PROTOCOL_ERROR"
>>
>> While camlistored reports:
>>
>> 2018/02/27 09:36:12 http: TLS handshake error from XX.XX.XX.XX:61361:
>> acme/autocert: unable to authorize "$HOMEPC.dyndns.org"; tried
>> ["tls-sni-02" "tls-sni-01" "http-01"]
>>
>> Any suggestions?
>> Adrian
>>
>> (Values of $HOMEPC available on request)
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Camlistore" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected] <javascript:>.
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
--
You received this message because you are subscribed to the Google Groups
"Camlistore" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
