s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
cont-init: info: running /etc/cont-init.d/file-structure.sh
cont-init: info: /etc/cont-init.d/file-structure.sh exited 0
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun lets-encrypt (no readiness notification)
s6-rc: info: service legacy-services successfully started
[10:50:37] INFO: Selected http verification
[10:50:37] INFO: Detecting existing certificate type for XXXXXX.freeboxos.fr
Saving debug log to /var/log/letsencrypt/letsencrypt.log
[10:50:38] INFO: No certificate found - using 'ecdsa' key type.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Account registered.
Requesting a certificate for XXXXXX0.freeboxos.fr
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: XXXXXX.freeboxos.fr
Type: connection
Detail: 91.XXXXXX.195: Fetching http://XXXXXX.freeboxos.fr/.well-known/acme-challenge/UZXQX-n-znM3X0mxhn3P4WXm_udl0KIlAlCiKJtEjLE: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
cont-init: info: running /etc/cont-init.d/file-structure.sh
cont-init: info: /etc/cont-init.d/file-structure.sh exited 0
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun lets-encrypt (no readiness notification)
s6-rc: info: service legacy-services successfully started
[11:47:26] INFO: Selected http verification
[11:47:26] INFO: Detecting existing certificate type for XXXXXX.freeboxos.fr
Saving debug log to /var/log/letsencrypt/letsencrypt.log
[11:47:27] INFO: No certificate found - using 'ecdsa' key type.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for XXXXXX.freeboxos.fr
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: XXXXXX.freeboxos.fr
Type: connection
Detail: 91.XXXXXX.195: Fetching http://XXXXXX.freeboxos.fr/.well-known/acme-challenge/BpOTCbGLn0jbpsewYPO-jUXXXXXXy8NJQRplPSg: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
cont-init: info: running /etc/cont-init.d/file-structure.sh
cont-init: info: /etc/cont-init.d/file-structure.sh exited 0
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun lets-encrypt (no readiness notification)
s6-rc: info: service legacy-services successfully started
[15:50:33] INFO: Selected http verification
[15:50:33] INFO: Detecting existing certificate type for XXXXXX.freeboxos.fr
Saving debug log to /var/log/letsencrypt/letsencrypt.log
[15:50:34] INFO: No certificate found - using 'ecdsa' key type.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate forXXXXXX.freeboxos.fr
il manque la fin fait actualiser
?
(font suer a pas horodater les logs !)
cont-init: info: running /etc/cont-init.d/file-structure.sh
cont-init: info: /etc/cont-init.d/file-structure.sh exited 0
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun lets-encrypt (no readiness notification)
s6-rc: info: service legacy-services successfully started
[10:50:37] INFO: Selected http verification
[10:50:37] INFO: Detecting existing certificate type for XXXXX.freeboxos.fr
Saving debug log to /var/log/letsencrypt/letsencrypt.log
[10:50:38] INFO: No certificate found - using 'ecdsa' key type.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Account registered.
Requesting a certificate for XXXXX.freeboxos.fr
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: XXXXXX0.freeboxos.fr
Type: connection
Detail: 91.1XXXXXX195: Fetching http:/XXXXXX.freeboxos.fr/.well-known/acme-challenge/UZXQX-n-znM3X0mXXXXXm_udl0KIlAlCiKJtEjLE: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
cont-init: info: running /etc/cont-init.d/file-structure.sh
cont-init: info: /etc/cont-init.d/file-structure.sh exited 0
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun lets-encrypt (no readiness notification)
s6-rc: info: service legacy-services successfully started
[11:47:26] INFO: Selected http verification
[11:47:26] INFO: Detecting existing certificate type forXXXXX.freeboxos.fr
Saving debug log to /var/log/letsencrypt/letsencrypt.log
[11:47:27] INFO: No certificate found - using 'ecdsa' key type.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for XXXXXX.freeboxos.fr
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: XXXXXXfreeboxos.fr
Type: connection
Detail: 91.XXXXXX.195: Fetching http://XXXXXX.freeboxos.fr/.well-known/acme-challenge/BpOTCbGLn0jbpsewYPO-jU1XXXXXX6y8NJQRplPSg: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
cont-init: info: running /etc/cont-init.d/file-structure.sh
cont-init: info: /etc/cont-init.d/file-structure.sh exited 0
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun lets-encrypt (no readiness notification)
s6-rc: info: service legacy-services successfully started
[15:50:33] INFO: Selected http verification
[15:50:33] INFO: Detecting existing certificate type for XXXXX.freeboxos.fr
Saving debug log to /var/log/letsencrypt/letsencrypt.log
[15:50:34] INFO: No certificate found - using 'ecdsa' key type.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for XXXXXX.freeboxos.fr
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: XXXXXX.freeboxos.fr
Type: connection
Detail: 91.XXXXXX.195: Fetching http://XXXXXX.freeboxos.fr/.well-known/acme-challenge/C9TschHzFDGe_TYXXXXXqtD7RmMqajdGtvY88U4: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
bin ça sent free qui a pas remis a jour le domaine avec la bonne ip (attention ton ip et domaine est en clair )
est ce que si tu vas sur https://monip.org ça correspond a l’ip quon voit dans les logs ? 91.xxx.xxx.x5
c’est bien ça ton domaine est pas a jour il pointe sur l’ancienne ip
je pense faut aller dans le freebox et supprimer le domaine et le refaire je pense
1 « J'aime »
j’ai remis le même , j’aurais peut-être dû changer ?
.
.
.
on verifi où que c’est ok ? en relançant lets’encrypt
pour savoir si c’est ok tu fais touche windows+r tu tapes cmd
puis dans la fenetre tu tapes juste nslookup ****.freeboxos.fr avec ton nom de domaine bien sur et ça doit te renvoyer ta nouvelle ip publique
edit: j’ai vérifier c’est bon
edit2: tu peux relancer let’s encrypt
j’ai pas le temps de voir que la fenêtre se ferme de suite !! … ca fais un flash …
c’est parce que avant faut taper cmd pour appelr la fenetre 
mais c’est bon tu peux repasser a let’s encrypt
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun lets-encrypt (no readiness notification)
s6-rc: info: service legacy-services successfully started
[16:20:54] INFO: Selected http verification
[16:20:54] INFO: Detecting existing certificate type for XXXXXX.freeboxos.fr
Saving debug log to /var/log/letsencrypt/letsencrypt.log
[16:20:55] INFO: No certificate found - using 'ecdsa' key type.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for XXXXXX.freeboxos.fr
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: hd2050.freeboxos.fr
Type: connection
Detail: 91.XX.195: Fetching http:/XXXXXX.freeboxos.fr/.well-known/acme-challenge/zfFRMHk-NGIqJpFsACptIl7ffKZXeq-AwCYvOSyTOf4: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
cont-init: info: running /etc/cont-init.d/file-structure.sh
cont-init: info: /etc/cont-init.d/file-structure.sh exited 0
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun lets-encrypt (no readiness notification)
s6-rc: info: service legacy-services successfully started
[16:24:29] INFO: Selected http verification
[16:24:30] INFO: Detecting existing certificate type for XXXXXX.freeboxos.fr
Saving debug log to /var/log/letsencrypt/letsencrypt.log
[16:24:31] INFO: No certificate found - using 'ecdsa' key type.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for XXXXXX.freeboxos.fr
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: hd2050.freeboxos.fr
Type: connection
Detail: During secondary validation: 91.XXXXXX.195: Fetching http://XXXXXX.freeboxos.fr/.well-known/acme-challenge/y1y3EIssa2UDesq6qCtR2gHRh_THLvTlx3hAriByD1A: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
cont-init: info: running /etc/cont-init.d/file-structure.sh
cont-init: info: /etc/cont-init.d/file-structure.sh exited 0
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun lets-encrypt (no readiness notification)
s6-rc: info: service legacy-services successfully started
[16:26:17] INFO: Selected http verification
[16:26:17] INFO: Detecting existing certificate type for hd2050.freeboxos.fr
Saving debug log to /var/log/letsencrypt/letsencrypt.log
[16:26:19] INFO: No certificate found - using 'ecdsa' key type.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for hd2050.freeboxos.fr
Successfully received certificate.
Certificate is saved at: /data/letsencrypt/liveXXXXXX.freeboxos.fr/fullchain.pem
Key is saved at: /data/letsencrypt/liveXXXXXX.freeboxos.fr/privkey.pem
This certificate expires on 2024-09-19.
These files will be updated when the certificate renews.
NEXT STEPS:
- The certificate will need to be renewed before it expires. Certbot can automatically renew the certificate in the background, but you may need to take steps to enable that functionality. See https://certbot.org/renewal-setup for instructions.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
.
il rouspete moins on dirait … mais il y a toujour l’adresse : 91.XX.195
1 « J'aime »
.
cool …
1 « J'aime »
Aaaah enfin
c’est les lignes du dessus c’est l’antériorité, c’est pour ça que je ralais il n’y a pas d’horodatage donc tu sais pas quand est que les logs correspondent
bon maintenant on passe a NGINX Home Assistant SSL proxy
tu peux le redémarrer et envoyer le log stp
1 « J'aime »
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service nginx: starting
s6-rc: info: service nginx successfully started
s6-rc: info: service crond: starting
s6-rc: info: service crond successfully started
s6-rc: info: service legacy-services: starting
s6-rc: info: service legacy-services successfully started
[15:47:25] INFO: Generating dhparams (this will take some time)...
Generating DSA parameters, 4096 bit long prime
...+...+.......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*
................................+..........+.................+.........+..........................................+............+...+.+.............+...................+............+.+...................+.....+...+............+................+........+.........+.+...+.....+.................+...+.............+.+...............+.....+.............+.....+....+.......+....................................+..+....+.+........+...+.+.............+.+.+.....+.............+...+....+..........+...........+.............+..................+......+..+........+...+..+....+......+.........+................+.........+....+.....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*
[15:47:30] INFO: Running nginx...
stat: can't stat '/ssl/fullchain.pem': No such file or directory
[15:47:30] INFO: Service nginx exited with code 1 (by signal 0)
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service crond: stopping
[15:47:30] INFO: Service crond exited with code 256 (by signal 15)
s6-rc: info: service crond successfully stopped
s6-rc: info: service nginx: stopping
s6-rc: info: service nginx successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service nginx: starting
s6-rc: info: service nginx successfully started
s6-rc: info: service crond: starting
s6-rc: info: service crond successfully started
s6-rc: info: service legacy-services: starting
s6-rc: info: service legacy-services successfully started
[16:33:18] INFO: Running nginx...
.
il est demarré …
tu peux me faire une capture de la page entière en cachant ton domaine de la page de configuration stp ? de NGINX Home Assistant SSL proxy
il doit manquer le port en bas dans réseau comme là
Faut pas oublier de configurer le http comme telle, avec nginx ssl:
http:
use_x_forwarded_for: true
trusted_proxies:
- 172.30.33.0/24
ip_ban_enabled: true
login_attempts_threshold: 4
faut plus ce code:
http:
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem
1 « J'aime »
c’etait la prochaine étape 
super 
comme la dit @warcozes maintenant il faut aller modifier configuration.yaml et ajouter
http:
use_x_forwarded_for: true
trusted_proxies:
- 172.30.33.0/24
ip_ban_enabled: true
login_attempts_threshold: 4
et aussi supprimer
http:
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem
et redemarrer HA
1 « J'aime »