Hi.
I install rocket chat on Ubuntu 18 and want to configure SSL.
sudo snap get rocketchat-server
Key Value
caddy enable
caddy-url https://rocket-chat.domain.com
https disable
port 3000
Hostnamectl settings dns name as rocket-chat.
In Active Directory DNS i create manual A record.
On public DNS I create manual A record for rocket-chat.domain.com with public IP.
Command “sudo snap set rocketchat-server https=enable” give error
sudo snap set rocketchat-server https=enable
error: cannot perform the following tasks:
Run configure hook of “rocketchat-server” snap (run hook “configure”: Error: Your public IP doesn’t match the one resolved for caddy-url, disabling https …)
What wrong?
In journal
Jan 23 10:32:21 rocket-chat systemd[1]: Started Service for snap application rocketchat-server.rocketchat-caddy.
Jan 23 10:32:21 rocket-chat systemd[1]: Stopped Service for snap application rocketchat-server.rocketchat-caddy.
Jan 23 10:32:21 rocket-chat systemd[1]: snap.rocketchat-server.rocketchat-caddy.service: Scheduled restart job, restart counter is at 4.
Jan 23 10:32:21 rocket-chat systemd[1]: snap.rocketchat-server.rocketchat-caddy.service: Service hold-off time over, scheduling restart.
Jan 23 10:32:21 rocket-chat systemd[1]: snap.rocketchat-server.rocketchat-caddy.service: Failed with result ‘exit-code’.
Jan 23 10:32:21 rocket-chat systemd[1]: snap.rocketchat-server.rocketchat-caddy.service: Main process exited, code=exited, status=1/FAILURE
Jan 23 10:32:21 rocket-chat rocketchat-server.rocketchat-caddy[1538]: Activating privacy features… 2019/01/23 10:32:21 [caddy-url] failed to obtain certificate: acme: Error 400 - urn:ietf:params:acme:error:malformed - Error creating new order :: Invalid character in DNS name
Hi, the error indicates that when performing a DNS query to the domain name configured: rocket-chat.domian.com, the public IP from the answer doesn’t match your public IP, I am guessing you don’t own that domian? domain.com looks like a domain registration website, not sure if you added that config in the question as example or is your actual configuration, if it is the actual config the traffic to the URL rocket-chat.domain.com will never arrive to your public IP, so is failing before allowing you to configure it.
In fact, the DNS name specified here does not match what is written in the actual configuration. I did not want to write a real DNS name on the forum. The request for the DNS address works fine, I created an entry in the domain management console. Perhaps an PTR record is required, or is A record enough? Maybe the problem is that the server itself is not assigned this external IP address? The server is behind NAT. On the router ports 80 and 443 are forwarded.
Now it’s work.
In internal network i use corporate DNS and dns names that resolve in internal network and internet are different.
I add in file /etc/hosts external ip address and dns name.
On rocket chat server dns name resolv to external ip address.
After that command
sudo snap set rocketchat-server https=enable
work fine.
I see i get certificate from letsencrypt for 3 months. How can I extend certification? or will it automatically renew when it expires? or will i have to do some sort of manipulation?
I understand your remark above. However, I cannot execute the second command to verify the address. I cannot suddenly launch the last order. I think I am in exactly the same situation as the person who had the problem. is the “domain name” part to be replaced by our server FQDN?
Here the error when i type the second command : "-bash: syntax error near unexpected token `|’
"
Bonjour Matthieu
j’ai suivi quelques tutos variés pour installer nginx (on je l’avais deja fait avec nextcloud …)
Quand à la desactivation de caddy et le paramétrage des fichiers de conf nginx pour Rocket.chat, je me suis servi de la doc de RC sur l’auto SSL : https://rocket.chat/docs/installation/manual-installation/ubuntu/snaps/autossl/
Je ne suis pas non plus un pro linux
Sorry to dredge up an old thread…but, Lucia, you mentioned that the two IPs should be equal… I’m getting localhost (127.0.1.1) from dig, and the correct external IP from curl… Any reason why that might be happening?
I have the most recent snap installation on Ubuntu 20.10
