hi,
I’m struggling with certificates and could need some help pls.
1.) snap install nextcloud works fine. letsencrypt keys were also provided during the snap install routine. I was able to access my nextcloud instance via internet for quite some time. now https is refused due to expired keys. http works fine (I blocked portforwarding to port 80, only turn on during certificate debugging)
2.) these are my current keys
Certificate Name: diepollys.duckdns.org
Serial Number: 479d5ba668e832fd3f2039a58785c62cb84
Key Type: RSA
Domains: diepollys.duckdns.org
Expiry Date: 2021-07-07 18:30:47+00:00 (INVALID: EXPIRED)
Certificate Path: /etc/letsencrypt/live/diepollys.duckdns.org/fullchain.pem
Private Key Path: /etc/letsencrypt/live/diepollys.duckdns.org/privkey.pem
3.) trying to renew the certificate (sudo nextcloud.enable-https lets-encrypt
) results in a failure:
Attempting to obtain certificates... error running certbot:
Saving debug log to /var/snap/nextcloud/current/certs/certbot/logs/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for diepollys.duckdns.org
Using the webroot path /var/snap/nextcloud/current/certs/certbot for all unmatched domains.
Waiting for verification...
Challenge failed for domain diepollys.duckdns.org
http-01 challenge for diepollys.duckdns.org
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: diepollys.duckdns.org
Type: None
Detail: no valid A records found for diepollys.duckdns.org; no
valid AAAA records found for diepollys.duckdns.org
I was playing around some time, even reinstalled several new nextcloud instances and it’s possible that I mixed up some things now. for example I see a TXT record for my domain with “mUaljNJG7YRRqIp__QQiWCoIfAcH0xfy9-1dcuGtMLA”
as I use duckdns I assume they’re registering A and TXT records. I can clear and set new ones. but how do I get new TXT key when the command for key renewal does not run till the end?
I searched thousands of pages already, maybe someone can give me the golden hint?! thanks!