I directed my A address to my ipv4 through my domain name's dns manager (godaddy) and opened port 80 and 443 on firewall to domain, private, and public, i did it to both inbound and outbounds. I still get this error, [image: Capture.PNG]
I am using Apache + Windows 10 + Certbot + Let's Encrypt. On Wednesday, March 9, 2022 at 11:19:25 PM UTC+8 alo...@gmail.com wrote: > On Wednesday, March 9, 2022 at 1:47:31 PM UTC+3 phillip...@gmail.com > wrote: > >> Yes, it asked for a path. I don't know what I should input into it. What >> path should I include here? thanks!! > > > httpd.conf path is what you suppose to write as a path there ( It needs to > fetch the ServerName value from the config file ) but it won't work because > the installation script will fail to reach your server from the outside to > verify you are the real owner of repository-uecal.com. Why? because from > what I see from here port 80 and 443 on repository-uecal.com is blocked > by a firewall. For this to work you have to have an A record in the > Authoritative DNS for repository-uecal.com pointing to the IP address of > your Windows 2019 server and also you have to have port 80 and 443 opened > in the firewall/firewalls and both ports are publicly accessible once these > are set you can proceed with the lengthy and messy tutorial you were > following or you can just install > https://dl.eff.org/certbot-beta-installer-win32.exe, stop the apache > server and execute this command ( certbot certonly -n --standalone -d > repository-uecal.com --agree-tos --email your-email-here ) to generate > the certificate and it's key and place them for you as you see them below. > > Successfully received certificate. > Certificate is saved at: C:\Certbot\live\repository-uecal.com > \fullchain.pem > Key is saved at: C:\Certbot\live\repository-uecal.com\privkey.pem > This certificate expires on 2022-06-07. > These files will be updated when the certificate renews. > Certbot has set up a scheduled task to automatically renew this > certificate in the background. > > What you need to add into the apache SSL config file after the certificate > and it's key is saved in your server: > SSLCertificateFile "C:\Certbot\live\repository-uecal.com\fullchain.pem" > SSLCertificateKeyFile "C:\Certbot\live\repository-uecal.com\privkey.pem" > > > Good luck > > > [image: path.PNG] >> >> On Wednesday, March 9, 2022 at 4:57:26 PM UTC+8 euler wrote: >> >>> Hi Phillip, >>> >>> For the verification, did you choose [http-01] Serve verification files >>> on (network) path? In your virtual host conf, create this rule: >>> >>> ProxyPass /.well-known ! >>> >>> right above the: >>> ProxyPass /server ajp://localhost:8009/server >>> ProxyPassReverse /server ajp://localhost:8009/server >>> >>> This is to ensure that when Let's Encrypt tries to access that URL, it >>> will not proxy to your dspace instance. Make sure to create this folder >>> first under the htdocs directory. Based on my experience when using Let's >>> Encrypt, it will try to upload a verification file to the path /.well-known >>> so it is important that this path is accessible to the public. >>> >>> Hope this helps, >>> euler >>> On Wednesday, March 9, 2022 at 10:33:18 AM UTC+8 phillip...@gmail.com >>> wrote: >>> >>>> Hello, Euler! >>>> >>>> Thank you for this, I am following the instructions and I seem to be in >>>> the right path. However, I got stuck on step 5: Issue certificate. I just >>>> don't know how to verify that I bought and own the domain name on godaddy. >>>> Do you have an idea as to how I could verify that I own this domain? >>>> Thanks. >>>> On Sunday, March 6, 2022 at 9:40:56 PM UTC+8 euler wrote: >>>> >>>>> Hi, >>>>> >>>>> I used this guide on how to setup Let's Encrypt SSL certificate on >>>>> Windows: >>>>> https://www.snel.com/support/install-lets-encrypt-with-apache-on-windows-server-2019/ >>>>> >>>>> Hope this helps. >>>>> euler >>>>> >>>>> On Sunday, March 6, 2022 at 7:13:13 PM UTC+8 phillip...@gmail.com >>>>> wrote: >>>>> >>>>>> Hello! Is there a tutorial on how to generate an SSL certificate on >>>>>> windows I am using apache httpd? I've done the virtual hosting and was >>>>>> able >>>>>> to proxy to apache tomcat. However, I do not know how to get an SSL >>>>>> certificate using let's encrypt for my domain name that I bought on >>>>>> GoDaddy. >>>>>> >>>>>> On Friday, March 4, 2022 at 6:39:10 PM UTC+8 Phillip jan wrote: >>>>>> >>>>>>> Now, I am back to this issue with HTTPS. I cannot seem to generate a >>>>>>> certificate with let's encrypt using certbot. It returns this, [image: >>>>>>> yes.PNG] >>>>>>> >>>>>>> On Friday, March 4, 2022 at 12:31:37 PM UTC+8 Phillip jan wrote: >>>>>>> >>>>>>>> It now works for me. thanks for this. apparently, I'm only >>>>>>>> accessing the URL "repository-uecal.com" instead of " >>>>>>>> repository-uecal.com/server". I am just a newbie at setting up >>>>>>>> apache. >>>>>>>> >>>>>>>> On Friday, March 4, 2022 at 10:00:47 AM UTC+8 Eric Montague wrote: >>>>>>>> >>>>>>>>> I am running on Windows 19 Server. >>>>>>>>> Using the mod_proxy instead of ajp, works for me. >>>>>>>>> I also do not use ProxyPreserveHost >>>>>>>>> >>>>>>>>> Something like this might work for you. >>>>>>>>> >>>>>>>>> <VirtualHost *:80> >>>>>>>>> >>>>>>>>> ServerName myserver.com >>>>>>>>> ServerAlias www.myserver.com >>>>>>>>> >>>>>>>>> ProxyPass /server http://localhost:8080/server >>>>>>>>> ProxyPassReverse /server http://localhost:8080/server >>>>>>>>> >>>>>>>>> </VirtualHost> >>>>>>>>> >>>>>>>>> This should redirect myserver.com/server to >>>>>>>>> http://localhost:8080/server. >>>>>>>>> >>>>>>>>> If you want to redirect myserver.com to >>>>>>>>> http://localhost:8080/server. >>>>>>>>> I think you would have to use >>>>>>>>> >>>>>>>>> ProxyPass / http://localhost:8080/server >>>>>>>>> ProxyPassReverse / http://localhost:8080/server >>>>>>>>> >>>>>>>>> But I'm not sure what you are trying to accomplish. >>>>>>>>> The subject line says 'how to add https support'. >>>>>>>>> But later in the thread you say you just want to 'proxy requests >>>>>>>>> to tomcat via reverse proxying' >>>>>>>>> >>>>>>>>> - eric >>>>>>>>> On 2/7/2022 5:58 AM, Phillip jan wrote: >>>>>>>>> >>>>>>>>> Hi! I am running on windows 10. >>>>>>>>> On Monday, February 7, 2022 at 9:38:25 PM UTC+8 Mark H. Wood wrote: >>>>>>>>> >>>>>>>>>> On Sun, Feb 06, 2022 at 08:48:07AM -0800, Phillip jan wrote: >>>>>>>>>> > Hi! I am having issues with the backend installation, >>>>>>>>>> particularly step 16. >>>>>>>>>> > I don't know how to setup a virtualhost using https/port443 >>>>>>>>>> proxy to proxy >>>>>>>>>> > all requests to apache and how to create an ssl certificate. I >>>>>>>>>> am new to >>>>>>>>>> > deploying a website in production environment. Can someone help >>>>>>>>>> me? thanks >>>>>>>>>> > in advance. >>>>>>>>>> >>>>>>>>>> The details will depend on your operating system. Is this on >>>>>>>>>> Linux or >>>>>>>>>> Windows? If Linux, what distribution (Ubuntu, Red Hat, etc.) and >>>>>>>>>> version? >>>>>>>>>> >>>>>>>>>> Some general notes: >>>>>>>>>> >>>>>>>>>> o Virtual hosting and proxying are two separate issues. The proxy >>>>>>>>>> connection will run within the virtual host. >>>>>>>>>> >>>>>>>>>> o Proxying between Tomcat and HTTPD can be done using HTTP or >>>>>>>>>> AJP. >>>>>>>>>> You need to choose one. The two services must both be configured >>>>>>>>>> to agree on the details of their connection. >>>>>>>>>> >>>>>>>>>> o Do you want to create a self-signed certificate, or obtain a >>>>>>>>>> certificate from a certificate authority? Self-signed >>>>>>>>>> certificates >>>>>>>>>> are easier and quicker to create, but will not be trusted by >>>>>>>>>> browsers. They are useful for testing, or in closed environments. >>>>>>>>>> A commercial or corporate certificate should be automatically >>>>>>>>>> trusted within the scope of the authority which signed it. To >>>>>>>>>> make >>>>>>>>>> your repository generally available, you will most likely want a >>>>>>>>>> commercial certificate. >>>>>>>>>> >>>>>>>>>> o It may be best to get these things working one at a time. >>>>>>>>>> That is: first set up the virtual host and test that you can get >>>>>>>>>> service from it with a simple static page. Then set up the proxy >>>>>>>>>> connection and test that you can get service from DSpace. Then >>>>>>>>>> add >>>>>>>>>> the certificate and set up HTTPS. >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> Mark H. Wood >>>>>>>>>> Lead Technology Analyst >>>>>>>>>> >>>>>>>>>> University Library >>>>>>>>>> Indiana University - Purdue University Indianapolis >>>>>>>>>> 755 W. Michigan Street >>>>>>>>>> Indianapolis, IN 46202 >>>>>>>>>> 317-274-0749 <(317)%20274-0749> >>>>>>>>>> www.ulib.iupui.edu >>>>>>>>>> >>>>>>>>> -- >>>>>>>>> All messages to this mailing list should adhere to the Code of >>>>>>>>> Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx >>>>>>>>> --- >>>>>>>>> You received this message because you are subscribed to the Google >>>>>>>>> Groups "DSpace Technical Support" group. >>>>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>>>> send an email to dspace-tech...@googlegroups.com. >>>>>>>>> To view this discussion on the web visit >>>>>>>>> https://groups.google.com/d/msgid/dspace-tech/1a34d9dd-311d-4378-b0cb-447a9fbc10edn%40googlegroups.com >>>>>>>>> >>>>>>>>> <https://groups.google.com/d/msgid/dspace-tech/1a34d9dd-311d-4378-b0cb-447a9fbc10edn%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>>>>>> . >>>>>>>>> >>>>>>>>> -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to dspace-tech+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/b8780a48-3abf-4f53-a7e6-26f6735feb48n%40googlegroups.com.
