Problem with LetsEncrypt - Renew Topic is solved

Having issues with your DietPi installation or found a bug? Post it here.
User avatar
MichaIng
Site Admin
Posts: 3023
Joined: Sat Nov 18, 2017 6:21 pm

Re: Problem with LetsEncrypt - Renew

Post by MichaIng »

Note that HSTS, of enabled, forces clients to keep accessing with HTTPS when accessed the server once. So disabling HTTPS when HSTS was enabled may break access competely for used clients and it world explain the "redirect" which is not sent from the server but done by the client directly.

But before trying with a different system, check if the HSTS config is actually enabled and disable it first in case:

Code: Select all

ls -l /etc/lighttpd/conf-enabled/
User avatar
MichaIng
Site Admin
Posts: 3023
Joined: Sat Nov 18, 2017 6:21 pm

Re: Problem with LetsEncrypt - Renew

Post by MichaIng »

Lol concurrent post: lighty-disable-mod dietpi-hsts
GreenGentleman
Posts: 47
Joined: Mon Nov 09, 2020 4:10 pm

Re: Problem with LetsEncrypt - Renew

Post by GreenGentleman »

Code: Select all

root@DietPi:~# lighty-disable-mod dietpi-hsts
Disabling dietpi-hsts
Run "service lighttpd force-reload" to enable changes
root@DietPi:~# service lighttpd force-reload
root@DietPi:~# systemctl restart lighttpd.service

Code: Select all

root@DietPi:~# ls -l /etc/lighttpd/conf-enabled/
total 0
lrwxrwxrwx 1 root root 33 Oct 29  2020 10-fastcgi.conf -> ../conf-available/10-fastcgi.conf
lrwxrwxrwx 1 root root 33 Oct 29  2020 10-rewrite.conf -> ../conf-available/10-rewrite.conf
lrwxrwxrwx 1 root root 37 Oct 29  2020 15-fastcgi-php.conf -> ../conf-available/15-fastcgi-php.conf
lrwxrwxrwx 1 root root 45 Oct 29  2020 99-dietpi-dav_redirect.conf -> ../conf-available/99-dietpi-dav_redirect.conf
lrwxrwxrwx 1 root root 41 Oct 29  2020 99-dietpi-owncloud.conf -> ../conf-available/99-dietpi-owncloud.conf
lrwxrwxrwx 1 root root 58 Oct 29  2020 99-dietpi-pihole-block_public_admin.conf -> ../conf-available/99-dietpi-pihole-block_public_admin.conf
lrwxrwxrwx 1 root root 39 Oct 29  2020 99-dietpi-pihole.conf -> ../conf-available/99-dietpi-pihole.conf
lrwxrwxrwx 1 root root 38 Oct 29  2020 99-unconfigured.conf -> ../conf-available/99-unconfigured.conf
It still says "https" in the url field, but firefox warns me that it's an unsafe connection, so it seems that https is turned off? Or does that always happen if no connection can be established? Anyway - it's still not loading anything if I access my domain via url. It's the same on other devices.

Getting a new certificate is still not working (same error as before).
GreenGentleman
Posts: 47
Joined: Mon Nov 09, 2020 4:10 pm

Re: Problem with LetsEncrypt - Renew

Post by GreenGentleman »

I'm a huge idiot and port forwarded to the wrong IP (:215 instead of :125). Thank you very much for your help, everything's working now again.
User avatar
Joulinar
Posts: 4823
Joined: Sat Nov 16, 2019 12:49 am

Re: Problem with LetsEncrypt - Renew

Post by Joulinar »

yeah something I would thinking as well. Good you found it now :)
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
Post Reply