Question

install certbot on debian 11 using snap and ionos DNS

Posted December 25, 2021 353 views
Debian 11

Get as far as Step 4 — Obtaining an SSL Certificate then it doesn’t work. Doesn’t find the plugin ? Not a lot of help from then on, if you can’t use one of the certbot plugins how do you configure it. I’m running debian 11 using the snap package and ionos dns. Can’t find a lot of help on google at all.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

Hello,

Could you share the full error that you are getting here?

Also, which tutorial exactly have you been following? And is it this plugin that you are referring to:

https://github.com/helgeerbe/certbot-dns-ionos

Best,
Bobby

  • Hi

    Step 4 at https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-debian-10 - I presume the instructions are the same for Debian 11

    sudo certbot –apache -d yourdomain -d www.yourdomain

    this gives and error

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address.

    Presumably this is because the apache plugin doesn’t recognise the ionos name server.

    https://github.com/helgeerbe/certbot-dns-ionos
    I downloaded the file as suggested. Extracted the file and ran pip install certbot-dns-ionos

    Requirement already satisfied: certbot-dns-ionos in ./.local/lib/python3.9/site-packages (2021.9.20.post1)
    Requirement already satisfied: certbot>=0.31.0 in /usr/lib/python3/dist-packages (from certbot-dns-ionos) (1.12.0)
    Requirement already satisfied: requests in /usr/lib/python3/dist-packages (from certbot-dns-ionos) (2.25.1)
    Requirement already satisfied: acme>=1.8.0 in /usr/lib/python3/dist-packages (from certbot-dns-ionos) (1.12.0)
    Requirement already satisfied: mock in ./.local/lib/python3.9/site-packages (from certbot-dns-ionos) (4.0.3)
    Requirement already satisfied: setuptools in /usr/lib/python3/dist-packages (from certbot-dns-ionos) (52.0.0)
    Requirement already satisfied: requests-mock in ./.local/lib/python3.9/site-packages (from certbot-dns-ionos) (1.9.3)
    Requirement already satisfied: six in /usr/lib/python3/dist-packages (from requests-mock->certbot-dns-ionos) (1.16.0)

    Tried entering sudo certbot –authenticator dns-ionos

    the result was

    The requested dns-ionos plugin does not appear to be installed

    2021-12-27 20:18:46,938:DEBUG:certbot.internal.plugins.selection:No candidate plugin
    2021-12-27 20:18:46,938:DEBUG:certbot.
    internal.plugins.selection:Selected authenticator None and installer <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7fc4510c07f0>

    So how do I install the plugin and get it working

    by Kathleen Juell
    by Mark Drake
    by Erika Heidi
    Let's Encrypt is a Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. In this tutorial, you will use Certbot to obtain a free SSL certificate for Apache on Debian 10 and set up your certificate to renew automatically.
    • Hello,

      I am not 100% sure if you can combine the -apache flag and the ionos plugin.

      Does it work if you try to only obtain the certificate using the ionos command provided by the official Ionos GitHub repository:

      certbot certonly \
        --authenticator dns-ionos \
        --dns-ionos-credentials /etc/letsencrypt/.secrets/domain.tld.ini \
        --dns-ionos-propagation-seconds 900 \
        --server https://acme-v02.api.letsencrypt.org/directory \
        --agree-tos \
        --rsa-key-size 4096 \
        -d 'example.com' \
        -d '*.example.com'
      

      Best,
      Bobby

      • sudo certbot certonly   --authenticator dns-ionos   --dns-ionos-credentials /etc/letsencrypt/.secrets/domain.tld.ini   --dns-ionos-propagation-seconds 900   --server https://acme-v02.api.letsencrypt.org/directory   --agree-tos   --rsa-key-size 4096   -d '***.co.uk'   -d '*.***.co.uk'
        usage: 
          certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...
        
        Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
        it will attempt to use a webserver both for obtaining and installing the
        certificate. 
        certbot: error: unrecognized arguments: --dns-ionos-credentials /etc/letsencrypt/.secrets/domain.tld.ini --dns-ionos-propagation-seconds 900
        

        Regards
        Alan

        edited by bobbyiliev
        • Hi there Alan,

          This seems like that the certbot version might be outdated. I could suggest removing the current certbot installation and installing the latest one.

          Let me know how it goes!
          Best,
          Bobby