I was getting a cert error with chrome trying to log into my EVE instance. It was working fine with Firefox but I wanted to get it going with chrome for whatever reason.
My deployment is Bare metal install of EVE-NG Pro. I ended up following this method which broke everything
https://www.eve-ng.net/index.php/docume ... self-sign/
After applying that I was unable to log in with any browser that had worked before.
I found the Pro Guide and tried that but started getting this error when attempting to create the standalone:
Trying to create a Cert with certbot and getting this error.
===================================================================================================================
root@eve-ng-pro:/lib/systemd/system# certbot certonly --standalone --preferred-challenges http -d eve-ng-pro.example.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for eve-ng-pro.example.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. eve-ng-pro.example.com (http-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for eve-ng-pro.example.com - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for eve-ng-pro.example.com - check that a DNS record exists for this domain
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: eve-ng-pro.example.com
Type: None
Detail: DNS problem: NXDOMAIN looking up A for
eve-ng-pro.example.com - check that a DNS record exists for this
domain; DNS problem: NXDOMAIN looking up AAAA for
eve-ng-pro.example.com - check that a DNS record exists for this
domain
following the guide on https://www.eve-ng.net/index.php/docume ... s-encrypt/
===================================================================================================================
When I try to connect o openssl from a different machine I just get connection refused
openssl s_client -connect 192.168.0.50:443 -showcerts
connect: Connection refused
connect:errno=61
I'm not a linux admin by any means so any help would be greatly appreciated!!
Broke OpenSSL Cant Log into GUI
Moderator: mike
-
Uldis (UD)
- Posts: 5180
- Joined: Wed Mar 15, 2017 4:44 pm
- Location: London
- Contact:
Re: Broke OpenSSL Cant Log into GUI
eve pro already had SSL self signed.
But for Letsencrypt your domain must be registered in public and with pub it
to revert back:
/etc/apache2/sites-enabled/eveng-ssl.conf
nano /etc/apache2/sites-enabled/eveng-ssl.conf
change:
SSLCertificateFile /etc/letsencrypt/live/eve.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/eve.example.com/privkey.pem
to
SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt
SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
Restart apache2
systemctl stop apache2
systemctl start apache2
But for Letsencrypt your domain must be registered in public and with pub it
to revert back:
/etc/apache2/sites-enabled/eveng-ssl.conf
nano /etc/apache2/sites-enabled/eveng-ssl.conf
change:
SSLCertificateFile /etc/letsencrypt/live/eve.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/eve.example.com/privkey.pem
to
SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt
SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
Restart apache2
systemctl stop apache2
systemctl start apache2