MeshCentral: Can't get Letsencrypt Certificate

Hello, I’ve been trying to get my server SSL setup with let’s encrypt, but it’s not downloading any certificates, nor is it creating the letsencrypt folder. I’ve tried troubleshooting on my own, but I’ve also been unable to locate the error log files. I’m using Windows Server 2012 with Nodejs, and I’ve also tested with letsdebug, which says everything is fine.

Here’s my config:

{
  "settings": {
    "RedirPort": 80,
    "syslog": "meshcentral",
    "syslogjson": "meshcentral-json",
    "syslog": true,
    "syslogjson": true,
    "letsencrypt": {
      "email": "myemail@myserver.com",
      "names": "mydomain.com",
      "rsaKeySize": 3072,
      "production": false
    },
    "plugins": {
      "enabled": true
    }
  }
}

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Comments: 32 (13 by maintainers)

Most upvoted comments

Ylian you’re a gentleman and a scholar!! This works perfectly, and I can now see all my agents. Thanks So much for your assistance!

+1
trentdavis on May 4, 2020

No problem, in the future (or for others who come across this), you can typically just open services.msc and stop/disable the IIS services rather than uninstalling them (assuming you want to replace the only HTTP/S server with MeshCentral vs proxy it).

+1
ryanblenis on Apr 30, 2020

I think I’ve got it! After uninstalling several windows services which were using port 80, I discovered that I now needed to manually open port 80 in the firewall as well. I was able to successfully receive the staging certificates, but of course once I changed the production line to “true”, I received the certificate limits error. I think I will leave it at that because from my calculations the limits should begin lifting in a couple of days. I will let you know how it goes.

To answer your question, the only server I want running on this machine is Meshcentral. Windows just wouldn’t co-operate and release the ports. And when it finally did release them, it blocked them with the firewall. Thanks so much for your assistance!!!

+1
trentdavis on Apr 30, 2020

If you’re getting “not found” on port 80 instead of the MeshCentral page, DO NOT run letsencrypt or letsdebug- you’ll just be wasting your attempts.

If you cannot navigate to http://mydomain.com from a public computer and see your MeshCentral site (or be redirected to your MeshCentral site with a self-signed cert) DO NOT run letsencrypt or letsdebug.

First things first, you should be able to navigate to your domain (http://mydomain.com) from a public computer outside of your network and either see MeshCentral or be redirected to a self-signed SSL version of MeshCentral.

What is your setup goal here? Is MeshCentral going to be the only web site on this Server 2012 instance? Or are you going to be hosting multiple sites? Is MeshCentral going to be accessible via the public internet at https://mydomain.com?

+1
ryanblenis on Apr 30, 2020
Read more comments on GitHub
← MeshCentral: Bug - MeshAgent fails to open url on ZorinOS 15.3 but reports "Successful"
MeshCentral: crashing after upgrade from 0.7.93 to 0.8.5 →