Hi,
I tried to look for a solution in forum but had no luck. And I’m stuck with that for some time, maybe someone will help me.
So. My environment/ setup:
- Home Assistant OS 5.12 + supervisor-2021.03.6 + core-2021.3.4
- Installed Let’s Encrypt (version: 4.11.0)
- Running everything on a Virtual Machine on Synology NAS. Installed HA OS from an official image.
- I have static local IP for my HomeAssistant (running on a default 8123 port) and static external IP for my house
- I forwarded ports in my router to be able to access my HA from outside:
** 8123 -> local home assistant IP : 8123 port
** 80 -> local home assistant IP : 8123 port
** 443 -> local home assistant IP : 8123 port - I added DNS at noip.com to be able to access my HomeAssistant via domain, not IP (it works)
- Before that I tried Synology, DuckDNS and other providers - I had same situation, so I presume it’s not about DNS provider
- I can use my HA installation from local network and external URL
But once I try to install SSL (i need that for several addons) - It fails. Here is my config:
email: [--HIDDEN--]
domains:
- [--HIDDEN--]
certfile: fullchain.pem
keyfile: privkey.pem
challenge: http
dns: {}
And this is what I see in my logs:
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] file-structure.sh: executing...
[cont-init.d] file-structure.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
[14:38:15] INFO: Selected http verification
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for [--HIDDEN--]
Waiting for verification...
Challenge failed for domain [--HIDDEN--]
http-01 challenge for [--HIDDEN--]
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: [--HIDDEN--]
Type: unauthorized
Detail: Invalid response from
http://[--HIDDEN--]/.well-known/acme-challenge/5Sae-6Weibxr2fhyTT--iqc_JY7gnmwoybgQoRYKgJA
[--HIDDEN--]: 404
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] waiting for services.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.
Question: what should I do and how should I proceed with that LetsEncrypt plugin so I would get certificate?
P.S. I presume something is wrong because even tho it’s written “Saving debug log to /var/log/letsencrypt/letsencrypt.log” - my “/var/log” is empty. No directories, no files.
Thanks!