Certbot - Error getting validation data on Nextcloud 21 new install

fab · March 10, 2021, 12:24pm

Hello

I need help to over come an issue with certbot on a new nextcloud 21 install. I get the following error

Waiting for verification...
Challenge failed for domain example.com
http-01 challenge for example.com
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: example.com
   Type:   connection
   Detail: Fetching
   http://example.com/.well-known/acme-challenge/0YFSsUA6blj5XHv_nQmtMqKT5_V1Bs0PgPLRGi0QpP8:
   Error getting validation data

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.

I noticed that certbot is not creating the challenges and looks like its either a permission issue or that the challenges are not being created in the right folder /var/www/nextcloud

My nextcloud.conf reads as follows:

<VirtualHost *:80>
        DocumentRoot "/var/www/nextcloud"
        ServerName example.com

        ErrorLog ${APACHE_LOG_DIR}/nextcloud.error
        CustomLog ${APACHE_LOG_DIR}/nextcloud.access combined
	Alias / "/var/www/nextcloud/"
        <Directory /var/www/nextcloud/>
            Require all granted
            Options FollowSymlinks MultiViews
            AllowOverride All

           <IfModule mod_dav.c>
               Dav off
           </IfModule>

        SetEnv HOME /var/www/nextcloud
        SetEnv HTTP_HOME /var/www/nextcloud
        Satisfy Any

       </Directory>

</VirtualHost>

Appreciate your guidance

Regards to all

Fab

rakekniven · March 10, 2021, 3:40pm

Hello @fab,

you started a topic in support category.
Unfortunately you ignored the template and a lot of information to help you is missing.

Please add all necessary information like Nextcloud version, webserver type and version, os version, related log file content.

Without additional information the community members cannot help you.

btw. this is not directly related to NC. Any search engine will help regarding certbot and your apache webserver.

KarlF12 · March 10, 2021, 8:44pm

Something to consider: you don’t actually need a NC vhost on port 80. My port 80 vhost does literally nothing except rewrite to HTTPS. The rest of the vhost config isn’t necessary, and both NC and certbot work like that.

If you think your vhost config on port 80 is messing with certbot, you could actually do away with it. You don’t want to allow unencrypted access to NC anyway.