Non-HTTPS Sites Labeled "Not Secure" by Chrome

colak · 2017-08-26 10:40:11

Hi jp

I started by checking the WF forum post that you linked to but WF support directed me to another method which I find confusing.

Thanks for the 3 easy steps reminder. I’ll look into it.

colak · 2017-08-27 06:34:10

Could somebody please shed some light re my question here?

jakob · 2017-08-28 06:13:17

colak wrote #306731:

Could somebody please shed some light re my question here?

I’m not expert enough on ruby, but presumably for the System Ruby method, you can use uninstall in place of install, but use the entire command as given on the GitHub page to ensure you’re working with the relevant ruby installation locations:

GEM_HOME=$HOME/.letsencrypt_webfaction/gems RUBYLIB=$GEM_HOME/lib gem2.2 uninstall letsencrypt_webfaction

I can’t comment on the RBenv way, but if you had already done the System Ruby method, you don’t need the RBenv as well. As I understand it, the instructions are either/or.

Before you do that, try updating you existing letsencrypt_webfaction installation. The command is identical to running the install command a second time.

Did you try running the command under Testing and then looking in the webfaction admin area at SSL certificates? Running the command showed no output in the terminal (= success) and the test certificate appeared in the webfaction admin area (after revisiting the page). If you get that far, you should be ready to go with the rest.

One thing that was mentioned in one of the other tutorials is that the letsencrypt_account_email you use should be associated with your webfaction account.

EDIT: here and here are some notes about uninstalling rbenv if you used that method.

bici · 2017-08-28 06:33:21

colak wrote #306731:

Could somebody please shed some light re my question here?

PS the latest from Webfaction:
“Our development team are working on implementing Let’s Encrypt to WebFaction control panel, but there is no ETA for this yet”.

jpdupont · 2017-10-01 16:26:43

Yannis,
Have you been able to install your certificates? I just tried the method recommended by Webfaction successfully, after a bug fixed by the author of the script.

github.com/will-in-wi/letsencrypt-webfaction

If you need it, can I provide you with a step-by-step tutorial.

Last edited by jpdupont (2017-10-01 16:27:06)

bici · 2017-10-02 01:27:54

jpdupont wrote #307269:

Yannis,
Have you been able to install your certificates? I just tried the method recommended by Webfaction successfully, after a bug fixed by the author of the script.

github.com/will-in-wi/letsencrypt-webfaction

If you need it, can I provide you with a step-by-step tutorial.

i would like to install it. i am on Webfaction

jpdupont · 2017-10-02 15:34:18

Here is my tutorial : Installation of Let’s Encrypt certificates on Webfaction
Method recommended by Webfaction …

Last edited by jpdupont (2017-10-04 21:52:41)

jpdupont · 2017-10-04 21:49:59

I just installed a certificate on a new site, and a new Webfaction server by following my step-by-step tutorial successfully.

Small modification in the tutorial regarding the creation of the site safe and the site not secure. Updated file.

Destry · 2018-02-20 12:38:07

JP,

Your instruction has the following note:

Note : Check that the .well-known hidden folder is present in your application folder !

My app folder on WebFaction does NOT have .well-known in it. At least not according to using ls -a via command-line. Does that get added in course of following these instructions, or is that something every app folder is supposed to have?

Destry · 2018-02-20 12:59:07

For the record, I’ve been using Neil Pang’s wonderful acme.sh script on WebFaction, and it has always worked fine, until today. I’m adding a new subdomain and wanted to include that on an existing cert for that root domain. In other words, one cert for all of these:

domain.tld
www.domain.tld
sub.domain.tld
www.sub.domain.tld

I’ve ditched the old cert that was originally mounted for the first two, and I’m redoing it to work on all four.

But I’m getting these errors on tests:

domain.tld:Verify error:Invalid response from http://domain.tld/.well-known/acme-challenge/[long string here]

It seems that folder, .well-known, is missing each time and causing verification issues.

I wonder if this is why WebFaction is suggesting people use the “will-in-wi” approach instead? They’ve made changes somewhere that favors it?

One obvious advantage is the cron job automation for updates, which I didnt’ have with the acme.sh approach.

Destry · 2018-02-20 15:55:50

JP,

More Qs…

Step 2

For this command:

letsencrypt_webfaction --config ~/le_config/config.monsite.yml

I’m guessing that is for a real cert. What if I just want to test? Is it as easy as this…

letsencrypt_webfaction --test --config ~/le_config/config.monsite.yml

And there’s a line that says (referring to the CL output)…

Add the --quiet parameter in your cron task to remove this message.

Do you mean that could be used in the command above, or is that supposed to go in the crontab line in step 3?

Step 3

The crontab line, it begins with:

0 0 1 1-11/2 * ...

But then your example lines show:

0 1 2 */2 * ...

What’s the difference? How does one decipher the values there?

Also, at the end of the line, there is nothing like this:

... >> $HOME/logs/user/cron.log 2>&1

But then you include them in the example lines. What is going on there, exactly? Do we add them for each line exactly as shown?

Finally, is it safe to add a blank line between crontab lines? I’ve not worked in a file like that before, but it would be good for me to discern lines easier with a blank if possible.

Destry · 2018-02-20 16:56:22

For convenience, I’ve made a web doc for JP’s instructions and tried to clear some things up for myself, though it’s very beta at the moment and still needs the questions above answered for my own benefit and a second round of revisions.

If anyone wants to test and chime in with suggestions, please do.

I have also not actually used the doc yet, which I’ll get to tomorrow-ish. So, still needs fool-proofed.

=================

Update: The above link no longer exists (sorry). The tute now describes a new process using acme.sh and a cron job, not Ruby gems as JP’s tutorial describes. See the new instruction file.

Textpattern CMS

Textpattern CMS support forum

#25 2017-08-26 10:40:11

Re: Non-HTTPS Sites Labeled "Not Secure" by Chrome

#26 2017-08-27 06:34:10

Re: Non-HTTPS Sites Labeled "Not Secure" by Chrome

#27 2017-08-28 06:13:17

Re: Non-HTTPS Sites Labeled "Not Secure" by Chrome

colak wrote #306731:

#28 2017-08-28 06:33:21

Re: Non-HTTPS Sites Labeled "Not Secure" by Chrome

colak wrote #306731:

#29 2017-10-01 16:26:43

Re: Non-HTTPS Sites Labeled "Not Secure" by Chrome

#30 2017-10-02 01:27:54

Re: Non-HTTPS Sites Labeled "Not Secure" by Chrome

jpdupont wrote #307269:

#31 2017-10-02 15:34:18

Re: Non-HTTPS Sites Labeled "Not Secure" by Chrome

#32 2017-10-04 21:49:59

Re: Non-HTTPS Sites Labeled "Not Secure" by Chrome

#33 2018-02-20 12:38:07

Re: Non-HTTPS Sites Labeled "Not Secure" by Chrome

#34 2018-02-20 12:59:07

Re: Non-HTTPS Sites Labeled "Not Secure" by Chrome

#35 2018-02-20 15:55:50

Re: Non-HTTPS Sites Labeled "Not Secure" by Chrome

Step 2

Step 3

#36 2018-02-20 16:56:22

Re: Non-HTTPS Sites Labeled "Not Secure" by Chrome

Board footer