[Freedombox-discuss] Internet Widgits Pty Ltd?
James Valleroy
jvalleroy at mailbox.org
Fri Dec 23 14:54:11 UTC 2016
On 12/23/2016 05:21 AM, Olivier Mehani wrote:
> On Thu 22 Dec 2016 at 13:49:09 +0000, dgj+lists at systemli.org wrote:
>>>> I have not accepted the certificate. Is it unsafe?
>>> Kinda. This is generated from the default configuration of OpenSSL. It's
>>> definitely not your Let's Encrypt certificate, so something must have
>>> gone wrong there.
>>> Probably nothing to worry about, just your box using a dummy cert, but
>>> you'll need to fix it.
>> I tried to revoke the Let's Encrypt certificate to generate a new one and
>> got the following error:
>> Failed to revoke certificate for domain XXXXXX.freedombox.rocks: An
>> unexpected error occurred: Bug in pythondialog: expected an empty output
>> from u'infobox', but got: u'Error opening terminal: unknown.\n'Please see
>> the logfile 'certbot.log' for more details.
>> I looked for the logfil certbot.log in various places (e.g., /var/log/) but
>> couldn't find it. Would like to fix this. Any suggestions?
> Not sure about the log file (have you tried `locate certbot.log`?), but
> I don't think you'd need to revoke your LE cert. There's no indication
> that it is incorrect, just that your XMPP server is not using it.
>
> LE puts certs in /etc/letsencrypt. Default OpenSSL certs generaly land
> into /etc/ssl. I would wager your XMMP server has either
> 1. not been restarted
> 2. its configuration file pointing to /etc/ssl/server.crt, and not the
> LE-generated cert.
>
> This is from generic Debian-fu, I'm not sure how FreedomBox would do it,
> if different at all.
>
For ejabberd (installed and configured through Plinth) we don't
currently use the LetsEncrypt certificates. I have a pull request [1] to
add this feature, but it currently requires copying the certs into a
folder that ejabberd can read.
[1] https://github.com/freedombox/Plinth/pull/579
--
James
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20161223/9e1ea64f/attachment.sig>
More information about the Freedombox-discuss
mailing list