NetTalk Central

NetTalk Web Server => Web Server - Ask For Help => Topic started by: Thys on February 01, 2019, 05:24:04 AM

Title: LE cert does not get created
Post by: Thys on February 01, 2019, 05:24:04 AM

Hi,

I've added a settings tab to the WebServer procedure, for an older app. For some reason the CRT file does not get created. Attached are screenshots showing the setup and the logs.

Any ideas, please?

Thys

Title: Re: LE cert does not get created
Post by: Alberto on February 01, 2019, 01:33:01 PM

Is your server running listening to your URl site? thys.xx.xxx.co.... on port 80?

Title: Re: LE cert does not get created
Post by: DonRidley on February 02, 2019, 09:02:14 AM

The "crt does not exist" is normal behavior.

Looks like you're listening to port 80.

If I had to guess, your DNS settings are incorrect and LetsEncrypt cannot resolve your domain to the correct IP address.

So, double check that your domain is pointed at the correct IP address.

See ya,

Don

Title: Re: LE cert does not get created
Post by: Bruce on February 04, 2019, 10:14:04 PM

there is no DNS record for
thys.incasudev.co.za

Cheers
Bruce

Title: Re: LE cert does not get created
Post by: Thys on February 04, 2019, 10:19:49 PM

Hi Bruce.

Correct - when I started with this, I actually wanted to devise a way to have all development being done with SSL - so that when it's deployed we won't have to struggle by adding SSL. After the replies above I realised that the IncauDev domain doesn't exist and therefore LE won't work for dev workstations.

I know there is a method whereby you can firstly create a CA and then issue your own certificates. Then a dev workstation can issue its own certificate, do the development and deploy to a public web server by just changing the certificate information.

Thys

Title: Re: LE cert does not get created
Post by: Bruce on February 06, 2019, 10:27:02 PM

Hi Thys,

>> I actually wanted to devise a way to have all development being done with SSL - so that when it's deployed we won't have to struggle by adding SSL.

It's a good idea to test with SSL - because some web features (like webcams etc) only work on SSL.
But you're making it over complicated by setting the domain to thys.incasudev.co.za

If you just set the domain to be the local server name [1] then it'll do what you want. [2]

[1] For example, my development machine name here is hulk. So if I set the domain to hulk then a local, self-signed, certificate will be created. This machine, or other machines on the LAN, can then access the server by going to
https://hulk

[2] The certificate is self-signed so you will get a warning in your browser. If you would prefer not to get the warning then you can install your CA certificate as a root certificate in your certificate store. I've plans to automate that in the future, but you can manually install it yourself. It's in the \certificates folder.

Cheers
Bruce

Title: Re: LE cert does not get created
Post by: Thys on February 06, 2019, 10:39:45 PM

Thanks Bruce.

In the webinar you did have "hulk" below the CapeSoft URL but did not explain the meaning of it. It seams to be what I need - I'll try it.

Thys