J’ai TeamViewer d’installer sur mes différents ordinateurs. Tu crois que c’est ça ?
Tu as ouvert le port 80, pour autre chose sur ta box ?
non.
Il me faut que je trouve une commande qui me permet de voir les Ports 80 utilisées sur mon réseau
Hello
Les ports 443 et 80 sont actuellement utilises pour l’accès à ta box.
Comme montré par @WarC0zes dans la Doc BBox, tu cliques sur régler au niveau accès à distance et tu changes les ports par 8080 et 8443 par exemple
@+
Pour preuve, Tu vois bien sur firefox que c’est ta box qui répond actuellement : mabbox bytel.fr
1 « J'aime »
Tu remplace le port d’écoute 443 par 8443 .
T’as pas la même chose pour le port 80 ?
ok fait
non pas de port 80
Tu peux déjà essayer de nouveau comme ça.
Ça donne quoi maintenant le renouvellement du certificat en lançant let’s encrypt ?
Il aurais pas un soucis d’ip non full stack chez bouygues ?
Après redéménager de la machine virtuelle et du module
cont-init: info: running /etc/cont-init.d/file-structure.sh
cont-init: info: /etc/cont-init.d/file-structure.sh exited 0
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun lets-encrypt (no readiness notification)
s6-rc: info: service legacy-services successfully started
[12:49:29] INFO: Selected http verification
[12:49:29] INFO: Detecting existing certificate type for homeassistant.xxxxxxxxx.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
[12:49:30] INFO: No certificate found - using 'ecdsa' key type.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for homeassistant.xxxxxxxxx.com
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: homeassistant.xxxxxxxxx.com
Type: unauthorized
Detail: The key authorization file from the server did not match this challenge. Expected "C-4YL_roVPcY4tnZT9ZB9KHzAtSDGfHJMB3I1b2gkSs.DtYtklcMRwSgadmYzYkhJQbL2ahs1F2nYUHD3rBmpUM" (got "C-4YL_roVPcY4tnZT9ZB9KHzAtSDGfHJMB3I1b2gkSs.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8")
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
cont-init: info: running /etc/cont-init.d/file-structure.sh
cont-init: info: /etc/cont-init.d/file-structure.sh exited 0
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun lets-encrypt (no readiness notification)
s6-rc: info: service legacy-services successfully started
[12:50:08] INFO: Selected http verification
[12:50:08] INFO: Detecting existing certificate type for homeassistant.xxxxxxxxx.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
[12:50:09] INFO: No certificate found - using 'ecdsa' key type.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for homeassistant.xxxxxxxxx.com
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: homeassistant.xxxxxxxxx.com
Type: unauthorized
Detail: The key authorization file from the server did not match this challenge. Expected "co0uuSp3FXz3_EgEoT1o_SGrvzgPkPX-5H0MvEmfdQg.DtYtklcMRwSgadmYzYkhJQbL2ahs1F2nYUHD3rBmpUM" (got "co0uuSp3FXz3_EgEoT1o_SGrvzgPkPX-5H0MvEmfdQg.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8")
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
cont-init: info: running /etc/cont-init.d/file-structure.sh
cont-init: info: /etc/cont-init.d/file-structure.sh exited 0
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun lets-encrypt (no readiness notification)
s6-rc: info: service legacy-services successfully started
[12:57:30] INFO: Selected http verification
[12:57:30] INFO: Detecting existing certificate type for homeassistant.xxxxxxxxx.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
[12:57:31] INFO: No certificate found - using 'ecdsa' key type.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for homeassistant.xxxxxxxxx.com
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: homeassistant.xxxxxxxxx.com
Type: unauthorized
Detail: The key authorization file from the server did not match this challenge. Expected "WZdkBTXCa-EwGQSvr_PaHRuM6Zd5tIuJQOjCPzi-mgo.DtYtklcMRwSgadmYzYkhJQbL2ahs1F2nYUHD3rBmpUM" (got "WZdkBTXCa-EwGQSvr_PaHRuM6Zd5tIuJQOjCPzi-mgo.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8")
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
s6-rc: info: service legacy-services: stopping
s6-rc: info: service legacy-services successfully stopped
s6-rc: info: service legacy-cont-init: stopping
s6-rc: info: service legacy-cont-init successfully stopped
s6-rc: info: service fix-attrs: stopping
s6-rc: info: service fix-attrs successfully stopped
s6-rc: info: service s6rc-oneshot-runner: stopping
s6-rc: info: service s6rc-oneshot-runner successfully stopped
Tu as aussi redémarré ta box après changement du port d’accès à distance ?
Tu aurais pas un autre Addon qui pourrait s’accaparer genre duckdns (mais ça planterai nginx reverse proxy)
Pourquoi passes-tu par un Challenge DNS? Le plus simple n’est-il pas de passer par le Challenge HTTP ?
Pour le Challenge HTTP il faut ouvrir le port 80 sur le routeur qui redirige vers la machine qui héberge let’s encrypt ou NPM.
Il est passé en challenge http
1 « J'aime »
Autant pour moi.
Il a ouvert et routé le port 80 correctement ?
Je récapitule :
• Redémarré la box buygue
• Redémarré Let’s Encrypt
• Redémarré NGINX Home Assistant SSL proxy
• Testé mon port 80 À partir de mon Terminal
Dans mon fichier configuration.yaml
http:
use_x_forwarded_for: true
trusted_proxies:
- 172.30.33.0/24
ip_ban_enabled: true
login_attempts_threshold: 4
Malgré cela, rien dans mon fichier SSL
Encore une fois la ce n’est pas le port de HA que tu test mais ton routeur
Il faudrait qu’avec un téléphone en 4g tu ailles sur le port 80 de ton ip publique
1 « J'aime »
