Messages

You must disable the HTTPS redirect as already noted. Then it will work. You can re-enable after you have your certificate. Forget about DNS-01 at the moment, you clearly need to do some reading on how the thing works.

I know I need to read a lot more about how it works because I don't know.
thank you for advice I will do

Is there a simple way to disable redirection to https?
If not I need to delete half of haproxy for 2 domains.


I also tried DNS-01 challenge but there is a list of DNS service, which one to use? Some require API or username and password.

You must disable the HTTPS redirect as already noted. Then it will work. You can re-enable after you have your certificate. Forget about DNS-01 at the moment, you clearly need to do some reading on how the thing works.

I know I need to read a lot more about how it works because I don't know.
thank you for advice I will do

I know that my ACME is not setup.
So what I need to do, change my ACME to use DNS-01 or there is another way to solve this.
If not than how I need to change my ACME to use DNS-01
I have 2 domains in and first one works OK, this second one doesn't and both are set the same.

Even if you have instructed your provider to delegate something for DNS-01 challenge, this sure does not work either:

Code Select Expand


#nslookup -query=any _acme-challenge.yourtop.news
;; Got SERVFAIL reply from 127.0.0.53
Server:         127.0.0.53
Address:        127.0.0.53#53

** server can't find _acme-challenge.yourtop.news: SERVFAIL


this is what I did

thank you for your answers.
I am now totally lost here. I didn't setup this firewall someone else did and I am trying now to solve this problem.
I really don't know what to setup and where to solve this.
Port 80 should redirect to port 443.

I have added in my DNS provider that _acme-challenge.<YOUR_DOMAIN>
probably that is not all what I need to do.
I tried to renew certificate many times but still doesn't work.

Thank you for notification.
So there is nothing to do to solve this but wait?
I can't wait and have my website not working.
I hope there is some solution for this
I already did this but didn't solve my problem
_acme-challenge.<YOUR_DOMAIN>

Today suddenly certificate doesn't work. I get unasigned certificate when visit website,
When I check logs I have this error in the link. What can be reason for certificate doesn't update, because other web site is updated and it works. And there was no change on server or opensense firewall or domain settings. After update it today nothing happens, still doesn't work.
https://privatebin.povej.net/?b269015f39990e05#4KCy88sxcFxAQ7aMDBe3RV1m7eixgV5q7YPw2dSrJ6GA

Name
OPNsense.localdomain
Versions
OPNsense 24.7.3_1-amd64
FreeBSD 14.1-RELEASE-p3
OpenSSL 3.0.14
Uptime
01:57:49
Load average
0.28, 0.30, 0.26
Current date/time
Fri Sep 6 10:18:15 CEST 2024
Last configuration change
Fri Sep 6 8:55:24 CEST 2024

I just can't fix this error. All worked until I update opensense.
when I try to access web page I get this error
503 Service Unavailable
No server is available to handle this request.
checked logs and nothing useful to me.
I found this but I still don't know what to do.
https://forum.opnsense.org/index.php?topic=25558.0


OPNsense 24.1.6-amd64
FreeBSD 13.2-RELEASE-p11
OpenSSL 3.0.13

    Type    opnsense    
   Version    22.7.11    
   Architecture    amd64    
   Flavour    LibreSSL    
   Commit    1111fc17d    
   Mirror    https://pkg.opnsense.org/FreeBSD:13:amd64/22.7    
   Repositories    OPNsense, SunnyValley    
   Updated on    Mon Jan 23 14:58:26 CET 2023    
   Checked on    Mon Jan 23 15:34:43 CET 2023

I have trouble with opensence it stuck everytime I reboot on netflow script.
Until I press enter.
Any idea how to solve this?

Type    opnsense    
   Version    22.7_4    
   Architecture    amd64    
   Flavour    LibreSSL    
   Commit    909dcabd2    
   Mirror    https://pkg.opnsense.org/FreeBSD:13:amd64/22.7    
   Repositories    OPNsense, SunnyValley    
   Updated on    Sat Jan 21 15:10:23 CET 2023    
   Checked on    N/A

Yesterday certificate expired and I have manually renewed it, but still web page finds old certificate.
Any idea what can be wrong, why it doesn't find new certificate?

Is it possible to check a file with monit.
I like to check if file exist in folder but can not specify name because it is also date and time related, so it can be only partial name.
But I tested that and doesn't work. Any idea how to do that?

  check file imagine_file with path /imagine/sync/MY_file*.7z
   if timestamp > 7 day then alert