Hi Steffen, could you check the v2.1.1 I just released? I fixed the recognition of the "amce-tls/1" protocol when using it in the base server. Hope this works for you as well.
- Stefan > Am 06.08.2019 um 10:48 schrieb Steffen <[email protected]>: > > Forget to attached the log. > > On 5-8-2019 15:19, Steffen wrote: >> Thanks, >> >> Same, also get again : >> The https: challenge 'tls-alpn-01' is disabled because the Protocols >> configuration does not include the 'acme-tls/1' protocol. >> >> It is in the protocols directive: >> >> ProtocolsHonorOrder On >> Protocols h2 http/1.1 acme-tls/1 >> >> MDomain apachelounge.nl www.apachelounge.nl vosadministraties.nl >> www.vosadministraties.nl land10web.com >> MDBaseServer on >> MDPortMap https:443 >> MDCertificateAgreement accepted >> MDRenewMode Always >> >> - Steffen >> >> >> >> On Monday 05/08/2019 at 14:52, Stefan Eissing wrote: >>> I think mod_md is not particularly suited to server setups without any >>> VirtualHosts. I have at least no tests for this. >>> >>> You can try (with a 2.4.40): >>> >>> # the new, shorter form >>> MDCertificateAgreement accepted >>> # we want the base server to be managed >>> MDBaseServer on >>> # the list of domains, including one from the base server >>> MDomain apachelounge.nl http://www.apachelounge.nl >>> vosadministraties.nlhttp://www.vosadministraties.nl land10web.com >>> # since we have no vhost, we need to say where https requests arrive >>> MDPortMap https:443 >>> # since we have only https, we need to enable the new ACME tls challenge >>> protocol >>> Protocols h2 http/1.1 acme-tls/1 >>> ... >>> >>> - Stefan >>> >>> >>>> Am 05.08.2019 um 14:06 schrieb Steffen <[email protected]>: >>>> >>>> >>>> I read in the new docu that you can generate a certificate for domains(s) >>>> that does not appear in any host. >>>> >>>> So I did a try to generate one certificate for two domains (in Subject >>>> Alternative Name) >>>> >>>> Configuration >>>> >>>> SSL only on port 443 >>>> No vhosts >>>> >>>> >>>> >>>> Listen 443 >>>> >>>> Protocols h2 http/1.1 acme-tls/1 >>>> >>>> MDomain apachelounge.nl http://www.apachelounge.nl >>>> vosadministraties.nlhttp://www.vosadministraties.nl >>>> MDCertificateAgreement >>>> https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf >>>> MDRenewMode Always >>>> >>>> ServerName land10web.com >>>> >>>> SSLEngine on >>>> ... >>>> ... >>>> >>>> Apache does not start. It exits with a mod_ssl error, no SSL certificates >>>> configured and no other module contributed any >>>> See attachment serror1.log >>>> >>>> >>>> When I add to the config a valid certificate >>>> >>>> SSLCertificateFile conf/land10web.com-chain.pem >>>> SSLCertificateKeyFile conf/land10web.com key.pem >>>> >>>> Then Apache starts but mod_md gives error in the log. >>>> See attachment serror2.log >>>> >>>> See now e.g. : . >>>> - server seems not reachable via http: (port 80->80) and reachable via >>>> https: (port 443->443) >>>> - The https: challenge 'tls-alpn-01' is disabled because the Protocols >>>> configuration does not include the 'acme-tls/1' protocol. (it is in the >>>> protocols directive). >>>> >>>> >>>> Or what I want is not supported, or I do some wrong. Appreciate some help. >>>> >>>> >>>> - Steffen >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>> >> > > <serror.log>
