After installing Django I tried to install SSL using Let's Encrypt with Nginx,
sudo certbot --nginx -d [mydomain.com]
But I get this error,
Domain: [mydomain.com]
Type: unknownHost
Detail: No valid IP addresses found for [mydomain.com]
My domain is accessible and there are A entries.
What is wrong?
Related
Hey I got a couple of errors and I need help to fix them because I can't find a solution for that.
Why am I using an old af version of ubuntu?
Because I need to build android 4 and the easiest way to get the right versions of the needed packages is to use an older version of ubuntu which is confirmed to work
So please don't tell me to just upgrade to the latest ubuntu
Some commands that don't work because of a failure with ssl
when trying to access any website with firefox it returns ssl_error_no_cypher_overlap
BUT google searches are working fine
$ repo init --depth=1 -u http://github.com/CyanogenMod/android.git -b ics
Downloading Repo source from http://gerrit.googlesource.com/git-repo
fatal: Cannot get http://gerrit.googlesource.com/git-repo/clone.bundle
fatal: error unknown url type: https
fatal: cloning the git-repo repository failed, will remove '.repo/repo'
a small information how I got repo to work but didn't break apt (apt uses python2 and repo needs python3)
I aliased python as python3 so when I run python as user it refers to python3 but when I run python as root it refers to the python symlink (/usr/bin/python) which is python2
$ sudo apt-add-repository ppa:relan/exfat
Traceback (most recent call last):
File "/usr/bin/apt-add-repository", line 88, in <module>
ppa_info = get_ppa_info_from_lp(user, ppa_name)
File "/usr/lib/python2.7/dist-packages/softwareproperties/ppa.py", line 83, in get_ppa_info_from_lp
curl.perform()
pycurl.error: (60, 'server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none')
$ wget https://www.python.org/ftp/python/3.10.1/Python-3.10.1.tgz
--2021-12-25 21:43:11-- https://www.python.org/ftp/python/3.10.1/Python-3.10.1.tgz
Resolving www.python.org... 2a04:4e42:3::223, 151.101.12.223
Connecting to www.python.org|2a04:4e42:3::223|:443... connected.
OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version
Unable to establish SSL connection.
$ curl -v https://www.python.org/ftp/python/3.10.1/Python-3.10.1.tgz
* About to connect() to www.python.org port 443 (#0)
* Trying 2a04:4e42:3::223... connected
* Connected to www.python.org (2a04:4e42:3::223) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS alert, Server hello (2):
* error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version
* Closing connection #0
curl: (35) error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version
Solutions I found online and tried but didn't work
checked if time is correct
update-ca-certificates -f
Tell me if you need further information/logs or anything else
Every help is appreciated!
The problem is not (yet) the certificates, it fails before validating these. Instead the versions of the SSL libraries used a simply too old. This means your software stack is way to old for today's requirements. There is no easy way to fix this.
In detail:
The openssl version in 11.10 is 0.9.8 which has no support for modern protocols like TLS 1.2 or even TLS 1.3. Similar the version of Firefox at the time of Ubuntu 11.10 did not support TLS 1.2 either (even though NSS and not openssl was used as SSL library).
I am getting an error when trying to secure a Flask website with Certbot. I do not receive the following error on a normal site but when running Certbot on a Flask sudo certbot --apache
site I get:
Failed authorization procedure. example.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://example.com/.well-known/acme-challenge/j7Q5mIX-Cmk9wevuSQxxfBV5KBBgyQuoG9HXUEbU2Gw:
I am running Apache on Ubuntu 18.04 and Python2.7
I'm using Debian 9 and NGINX to deploy my app Django.
When I type:
sudo certbot --nginx -d example.com -d www.example.com
I get the next error:
Failed authorization procedure. example.com (http-01):
urn:acme:error:tls :: The server experienced a TLS error during domain
verification :: Fetching https://example.com/.well-known/acme-
challenge/H9WJVzPYJ93jewGJjkUFFKQJBJ8-YT7t9z-Sw_PQQUg: remote error: tls:
internal error
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: example.com
Type: tls
Detail: Fetching
https://example.com/.well-known/acme-
challenge/H9WJVzPYJ93jewGJjkUFFKQJBJ8-YT7t9z-Sw_PQQUg:
remote error: tls: internal error
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
you have an up-to-date TLS configuration that allows the server to
communicate with the Certbot client.
I do not know what I'm doing wrong...
I have a a private PyPi repository, however the test server does not have a valid ssl certificate for its domain. When uploading the test package, i.e.,
python setup.py sdist upload -r privatepypi
I get this error:
ssl.CertificateError: hostname 'pypi.xxx.com' doesn't match either of 'www.yyy.com', 'api.yyy.com', 'pypi.yyy.com'
is it possible to tell it to ignore the server ssl certificate?
https://devcenter.heroku.com/articles/python
When i'm trying to deploy my code through $ git push heroku master i get an error:
Warning: Permanently added the RSA host key for IP address '50.19.85.132' to the list of known hosts.
Permission denied (publickey).
fatal: The remote end hung up unexpectedly
Next, I was able to add the RSA host key for that IP address by $ heroku keys:add but I still get this error:
Found existing public key: /Users/opalkale/.ssh/github_rsa.pub
Uploading SSH public key /Users/opalkale/.ssh/github_rsa.pub... done
(venv)Opal-Kales-MacBook-Pro:helloflask opalkale$ git push heroku master
Permission denied (publickey).
What am I doing wrong...?
Add your id_rsa.pub SSH key to your Heroku account online: https://dashboard.heroku.com/account
And make sure that the corresponding private key has been added to your identity
$ ssh-add ~/.ssh/id_rsa
E.g.
$ ssh-add ~/.ssh/github_rsa