Comments (22)
no subdomain because the domain and the zone are identical: domain.com.
It seems that the error is returned by the dns provider, have you try to issue the certificate again, or try another dns prodiver?
from nginx-ui.
no subdomain because the domain and the zone are identical: domain.com.
It seems that the error is returned by the dns provider, have you try to issue the certificate again, or try another dns prodiver?
I've installed acme.sh and got certificate (using same API keys) after issuing:
acme.sh --issue -d domain.com -d '*.domain.com' --dns dns_ovh --server letsencrypt --keylength ec-384
To me it looks like nginxui acme client doesn't submit correctly either keys or domain while sending request...
from nginx-ui.
You can try https://github.com/go-acme/lego with CLI mode, in nginxui we use this tool to obtain certificate, if the problem still exists maybe we should turn to the author of that project for help.
from nginx-ui.
What version of lego package do you use? In debian there's available lego/stable 4.9.1-1 amd64.
When I have spare time, I'll try to install and test it...
from nginx-ui.
v4.16.1
from nginx-ui.
So, after issuing command:
lego --email [email protected] --dns ovh --domains domain.com --domains *.domain.com run
I received:
2024/05/27 03:26:33 No key found for account [email protected]. Generating a P256 key.
2024/05/27 03:26:33 Saved key to /root/.lego/accounts/acme-v02.api.letsencrypt.org/[email protected]/keys/[email protected]
2024/05/27 03:26:34 Please review the TOS at https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf
Do you accept the TOS? Y/n
y
2024/05/27 03:26:36 [INFO] acme: Registering account for [email protected]
!!!! HEADS UP !!!!
Your account credentials have been saved in your Let's Encrypt
configuration directory at "/root/.lego/accounts".
You should make a secure backup of this folder now. This
configuration directory will also contain certificates and
private keys obtained from Let's Encrypt so making regular
backups of this folder is ideal.
2024/05/27 03:26:37 [INFO] [domain.com, *.domain.com] acme: Obtaining bundled SAN certificate
2024/05/27 03:26:37 [INFO] [*.domain.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/355956570702
2024/05/27 03:26:37 [INFO] [domain.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/355956570712
2024/05/27 03:26:37 [INFO] [*.domain.com] acme: use dns-01 solver
2024/05/27 03:26:37 [INFO] [domain.com] acme: Could not find solver for: tls-alpn-01
2024/05/27 03:26:37 [INFO] [domain.com] acme: Could not find solver for: http-01
2024/05/27 03:26:37 [INFO] [domain.com] acme: use dns-01 solver
2024/05/27 03:26:37 [INFO] [*.domain.com] acme: Preparing to solve DNS-01
2024/05/27 03:26:38 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."
2024/05/27 03:26:38 [INFO] [domain.com] acme: Preparing to solve DNS-01
2024/05/27 03:26:38 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."
2024/05/27 03:26:38 [INFO] [*.domain.com] acme: Trying to solve DNS-01
2024/05/27 03:26:38 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."
2024/05/27 03:26:38 [INFO] [*.domain.com] acme: Checking DNS record propagation using [1.1.1.1:53]
2024/05/27 03:26:40 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]
2024/05/27 03:26:47 [INFO] [*.domain.com] The server validated our request
2024/05/27 03:26:47 [INFO] [domain.com] acme: Trying to solve DNS-01
2024/05/27 03:26:47 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."
2024/05/27 03:26:47 [INFO] [domain.com] acme: Checking DNS record propagation using [1.1.1.1:53]
2024/05/27 03:26:49 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]
2024/05/27 03:26:57 [INFO] [domain.com] The server validated our request
2024/05/27 03:26:57 [INFO] [*.domain.com] acme: Cleaning DNS-01 challenge
2024/05/27 03:26:57 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."
2024/05/27 03:26:57 [INFO] [domain.com] acme: Cleaning DNS-01 challenge
2024/05/27 03:26:57 [INFO] Found CNAME entry for "_acme-challenge.domain.com.": "domain.com."
2024/05/27 03:26:57 [INFO] [domain.com, *.domain.com] acme: Validations succeeded; requesting certificates
2024/05/27 03:26:58 [INFO] [domain.com] Server responded with a certificate.
Thus, it seems like issue is within nginxui...
from nginx-ui.
I'm unable to get wildcard certificates, too. But they worked in the past with nginx-ui.
from nginx-ui.
I'm unable to get wildcard certificates, too. But they worked in the past with nginx-ui.
Please provide the logs, thanks!
from nginx-ui.
I will add also that dashboard's graphs (CPU and Network) aren't refreshed properly:
Graphs are visible only on page load and after a few seconds - with first auto refresh, they are gone...
from nginx-ui.
Did you use nginx to proxy the nginx-ui?
from nginx-ui.
I will add also that dashboard's graphs (CPU and Network) aren't refreshed properly:
Graphs are visible only on page load and after a few seconds - with first auto refresh, they are gone...
This issue is common if the websocket is not available, you can press F12 to open the console of the browser, switch to the Network tab and check if the server send the analytics data through websocket properly.
from nginx-ui.
What version of lego package do you use? In debian there's available lego/stable 4.9.1-1 amd64. When I have spare time, I'll try to install and test it...
I will upgrade lego to the latest version(v4.17.3) in next beta verison of nginx-ui, but I can't ensure this will solve your problem.
from nginx-ui.
This issue is common if the websocket is not available, you can press F12 to open the console of the browser, switch to the Network tab and check if the server send the analytics data through websocket properly.
"nodes?token" https status is 101 (switching protocols) and there are empty ("{}") messages sent. Same behaviour is on non proxied (port 9000, raw nginxui data) service as is on proxied https - which uses http2.
"nginx_log?token" has same status (101) and in messages: '{"type":"error","server_idx":null,"directive_idx":null}'
In both cases payload consists of the same token.
from nginx-ui.
"nodes?token" https status is 101 (switching protocols) and there are empty ("{}") messages sent. Same behaviour is on non proxied (port 9000, raw nginxui data) service as is on proxied https - which uses http2. "nginx_log?token" has same status (101) and in messages: '{"type":"error","server_idx":null,"directive_idx":null}' In both cases payload consists of the same token.
Ok, I've re-applied your Nginx config for nginxui and now I receive messages but dashboard graphs (except Disk I/O) remaining empty...
But non proxied (port 9000) doesn't receive any message...
from nginx-ui.
Did you try to reinstall nginx-ui? I mean remove the database.db and app.ini in /usr/local/etc/nginx-ui, and use the installation script to reinstall it.
from nginx-ui.
Did you try to reinstall nginx-ui? I mean remove the database.db and app.ini in /usr/local/etc/nginx-ui, and use the installation script to reinstall it.
That's what I did:
root@nginx:~# service nginx-ui stop
root@nginx:~# cd /usr/local/etc/nginx-ui
root@nginx:/usr/local/etc/nginx-ui# mv app.ini app.ini-old
root@nginx:/usr/local/etc/nginx-ui# mv database.db database.db-old
root@nginx:/usr/local/etc/nginx-ui# cd
root@nginx:~# bash <(curl -L -s https://raw.githubusercontent.com/0xJacky/nginx-ui/master/install.sh) remove
Removed "/etc/systemd/system/multi-user.target.wants/nginx-ui.service".
removed: /usr/local/bin/nginx-ui
removed: /etc/systemd/system/nginx-ui.service
removed: /etc/systemd/system/nginx-ui.service.d
You may need to execute a command to remove dependent software: apt purge curl
info: Nginx UI has been removed.
info: If necessary, manually delete the configuration and log files.
info: e.g., /usr/local/etc/nginx-ui ...
root@nginx:~# ls -l /usr/local/etc/nginx-ui
total 33
-rw-r--r-- 1 root root 983 May 29 13:30 app.ini-old
-rw-r--r-- 1 root root 155648 May 31 04:45 database.db-old
root@nginx:~# bash <(curl -L -s https://raw.githubusercontent.com/0xJacky/nginx-ui/master/install.sh) install
info: Installing Nginx UI v2.0.0-beta.24 for x86_64
Downloading Nginx UI archive: https://github.com/0xJacky/nginx-ui/releases/download/v2.0.0-beta.24/nginx-ui-linux-64.tar.gz
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
100 32.7M 100 32.7M 0 0 22.1M 0 0:00:01 0:00:01 --:--:-- 47.7M
/tmp/tmp.V7yiV6MOdV/nginx-ui-linux-64.tar.gz
info: Extract the Nginx UI package to /tmp/tmp.V7yiV6MOdV and prepare it for installation.
installed: /usr/local/bin/nginx-ui
info: Systemd service files have been installed successfully!
note: The following are the actual parameters for the nginx-ui service startup.
note: Please make sure the configuration file path is correctly set.
# /etc/systemd/system/nginx-ui.service
[Unit]
Description=Yet another WebUI for Nginx
Documentation=https://github.com/0xJacky/nginx-ui
After=network.target
[Service]
Type=simple
ExecStart=/usr/local/bin/nginx-ui -config /usr/local/etc/nginx-ui/app.ini
Restart=on-failure
TimeoutStopSec=5
KillMode=mixed
[Install]
WantedBy=multi-user.target
installed: /etc/systemd/system/nginx-ui.service
removed: /tmp/tmp.V7yiV6MOdV
info: Nginx UI v2.0.0-beta.24 is installed.
info: The default configuration file was installed to '/usr/local/etc/nginx-ui/app.ini' successfully!
note: The following are the current configuration for the nginx-ui.
note: Please change the information if needed.
# /usr/local/etc/nginx-ui/app.ini
[server]
RunMode = release
HttpPort = 9000
HTTPChallengePort = 9180
Created symlink /etc/systemd/system/multi-user.target.wants/nginx-ui.service -> /etc/systemd/system/nginx-ui.service.
info: Start and enable the Nginx UI service.
Content of app.ini:
[server]
RunMode = release
HttpPort = 9000
HTTPChallengePort = 9180
HttpHost = 0.0.0.0
JwtSecret = xxxxxxxxx
NodeSecret = xxxxxxxxxx
Email = [email protected]
Database = database
StartCmd = login
CADir =
Demo = false
PageSize = 10
GithubProxy =
CertRenewalInterval = 7
RecursiveNameservers =
SkipInstallation = false
Name =
[nginx]
AccessLogPath =
ErrorLogPath =
ConfigDir =
PIDPath =
TestConfigCmd =
ReloadCmd =
RestartCmd =
[openai]
BaseUrl =
Token =
Proxy =
Model =
[casdoor]
Endpoint =
ClientId =
ClientSecret =
Certificate =
Organization =
Application =
RedirectUri =
[logrotate]
Enabled = false
CMD = logrotate /etc/logrotate.d/nginx
Interval = 1440
[cluster]
Node =
And reinstallation didn't change anything...
from nginx-ui.
Did you visit http://ip:port/install in the browser?
from nginx-ui.
Did you visit http://ip:port/install in the browser?
Yes, of course. User and database were created at that step...
root@nginx:/usr/local/etc/nginx-ui# ls -la
total 43
drwxr-xr-x 2 root root 6 Jun 1 09:36 .
drwxr-xr-x 3 root root 3 May 23 21:31 ..
-rw-r--r-- 1 root root 973 Jun 1 09:24 app.ini
-rw-r--r-- 1 root root 983 May 29 13:30 app.ini-old
-rw-r--r-- 1 root root 90112 Jun 1 09:36 database.db
-rw-r--r-- 1 root root 155648 May 31 04:45 database.db-old
from nginx-ui.
Related Issues (20)
- 手动上传的证书,建议增加即将到期的通知提醒 HOT 1
- 一键轻松部署并自动续签 Let's Encrypt 证书。有具体说明文档吧,没明白如何做 HOT 10
- 二级域名的反向代理可随意访问 HOT 3
- 证书无法获取 HOT 12
- 到期SSL证书重复申请 | SSL certificate repeat application in beta.23 HOT 10
- 网站管理建议增加自定义分类并以多个TAB显示 HOT 2
- 终端鉴权优化 HOT 4
- 请求DNS 服务商增加华为云 HOT 1
- 如何管理集群里每个节点上的静态网站文件? HOT 1
- 申请证书显示如下错误请问如何解决 HOT 12
- 向 Telegram bot 发送证书续签通知
- docker 挂载 window目录,无法申请证书 HOT 3
- docker是只要映射80和443?那监听也是这两个端口吗,UI和80监听端口放在一起了? HOT 4
- 证书自动续期失败 HOT 1
- 控制nginx 的重启和重载无效果 HOT 10
- Syncing certificates between nodes in a cluster
- Browser Search not working properly HOT 2
- Basic options missed HOT 2
- Terminal not working in HTTPS HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nginx-ui.