LE cert does not get created

[Thys]

Hi,

I've added a settings tab to the WebServer procedure, for an older app. For some reason the CRT file does not get created. Attached are screenshots showing the setup and the logs.

Any ideas, please?

Thys

[Alberto]

Is your server running listening to your URl site? thys.xx.xxx.co.... on port 80?

[DonRidley]

The "crt does not exist" is normal behavior.

Looks like you're listening to port 80.

If I had to guess, your DNS settings are incorrect and LetsEncrypt cannot resolve your domain to the correct IP address.

So, double check that your domain is pointed at the correct IP address.

See ya,

Don

[Bruce]

there is no DNS record for
thys.incasudev.co.za

Cheers
Bruce

[Thys]

Hi Bruce.

Correct - when I started with this, I actually wanted to devise a way to have all development being done with SSL - so that when it's deployed we won't have to struggle by adding SSL. After the replies above I realised that the IncauDev domain doesn't exist and therefore LE won't work for dev workstations.

I know there is a method whereby you can firstly create a CA and then issue your own certificates. Then a dev workstation can issue its own certificate, do the development and deploy to a public web server by just changing the certificate information.

Thys

[Bruce]

Hi Thys,

>> I actually wanted to devise a way to have all development being done with SSL - so that when it's deployed we won't have to struggle by adding SSL.

It's a good idea to test with SSL - because some web features (like webcams etc) only work on SSL.
But you're making it over complicated by setting the domain to thys.incasudev.co.za

If you just set the domain to be the local server name [1] then it'll do what you want. [2]

[1] For example, my development machine name here is hulk. So if I set the domain to hulk then a local, self-signed, certificate will be created. This machine, or other machines on the LAN, can then access the server by going to
https://hulk

[2] The certificate is self-signed so you will get a warning in your browser. If you would prefer not to get the warning then you can install your CA certificate as a root certificate in your certificate store. I've plans to automate that in the future, but you can manually install it yourself. It's in the \certificates folder.

Cheers
Bruce

[Thys]

Thanks Bruce.

In the webinar you did have "hulk" below the CapeSoft URL but did not explain the meaning of it. It seams to be what I need - I'll try it.

Thys