Lets encrypt SSL setup ( Ubuntu / ERPNext-13 )

Most browsers now don’t accept HTTP traffic. The internet system moving away from unencrypted traffic.
We have documented here how to install and configure Letsenctypt for ERPNext-13 .
This should also work with CentOS and other distros.
Please read and comment.

2 Likes

Hi. I followed the steps outlined was able to get lets encrypt installed but dry run for renewal failed with the error:

Domain: www.mydomain.com
Type: unauthorized
Detail: Invalid response from
http://www.mydomain.com/.well-known/acme-challenge/7FJTV5tih86NttMQNkbCLde2ZoIyxJAiGM3yGsyY3nY
[my-public-ip-address]: “\n\n<html
lang=“en”>\n\n\t<meta charset=“utf-8”>\n\t<meta na”

Any reason why this could be happening?

Check whether you have an AAAA record on your domain DNS. Letsencrypt now looks for IPV6 first. If you have it, remove it as we normally use only IPV4

No AAAA record found in my DNS config. If I run certbot as if I am obtaining a fresh certificate the process is successful but if I run renew it fails.

Is this the command
sudo certbot -a nginx renew --dry-run

Ubuntu or Centos ?

Firewall open for 80 or not ?

Nginx running during dry-run or not ?

This command returns the error I posted.

Ubuntu

Firewall disabled

Nginx running