Configuring certbot for discourse https


#1

I have been stuck at configuring certbot to accept my discourse installation. What is the webroot for discourse? I have been pointing it to use /var/discourse/shared/standalone but im not too sure if thats it.

After i run the tool, I get the following:

Input the webroot for filewaveadmins.com: (Enter 'c' to cancel):/var/discourse/shared/standalone
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. filewaveadmins.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://filewaveadmins.com/.well-known/acme-challenge/0Ftw1GTea1eM0TUppPzxE3mysq5pJ6ZRT9tkcldm7Gs: "<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="utf-8">
  <title>Discourse</title>
  <meta name="description" content="", www.filewaveadmins.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.filewaveadmins.com/.well-known/acme-challenge/8t0afWazSx-ABo5j0KhZJFAwv_lxav2jQp6sGLVenJc: "<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="utf-8">
  <title>Discourse</title>
  <meta name="description" content=""

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: filewaveadmins.com
   Type:   unauthorized
   Detail: Invalid response from
   http://filewaveadmins.com/.well-known/acme-challenge/0Ftw1GTea1eM0TUppPzxE3mysq5pJ6ZRT9tkcldm7Gs:
   "<!DOCTYPE html>
   <html lang="en">
   <head>
     <meta charset="utf-8">
     <title>Discourse</title>
     <meta name="description" content=""

   Domain: www.filewaveadmins.com
   Type:   unauthorized
   Detail: Invalid response from
   http://www.filewaveadmins.com/.well-known/acme-challenge/8t0afWazSx-ABo5j0KhZJFAwv_lxav2jQp6sGLVenJc:
   "<!DOCTYPE html>
   <html lang="en">
   <head>
     <meta charset="utf-8">
     <title>Discourse</title>
     <meta name="description" content=""

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A record(s) for that domain
   contain(s) the right IP address.

The domain is working, so I don’t know why the error is insisting the domain is not functioning…


(Kai Liu) #2

Looks like you are trying to setup LE manually? Unless you have special requirement such as multi-site co-existance with Discourse, you can just follow this guide.


(Olivier Lambert) #3

I do have a wordpress running on the same domain as my Discourse forum and I need to renew my SSL. However, following the guide leads to an error when rebuilding my app so I’m trying to set it up manually.

When I try to run the command

sudo certbot certonly --webroot --webroot-path=/var/discourse/shared/standalone -d forum.latranchee.com

I get this message:


(Kokmok) #4

I have done this easily.
What I have done :

  1. Add a location in my nginx configuration file for the certbot challenge with a root on the host machine (I had to create the directory myself).
    location /.well-known {
    root /var/www/html/discourse;
    }
  2. /etc/init.d/nginx reload
  3. launch the certbot command and give the root of our new location

aaand it’s done.