Let's encrypt error

After I enabled the Let's encrypt (Under WAF) , I get this error:

Logging:

2018:09:24-12:14:12 mail letsencrypt[8563]: I Create account: creating new Let's Encrypt acccount
2018:09:24-12:14:12 mail letsencrypt[8563]: E Create account: TOS_UNAVAILABLE: Failed to retrieve current Terms of Service from remote server: 500 SSL_ca_path /etc/ssl/certs is not accessable
2018:09:24-12:14:12 mail letsencrypt[8563]: E Create account: failed to create account
Parents
  • twister5800 said:

    After I enabled the Let's encrypt (Under WAF) , I get this error: 

    Thanks for reporting this. Unfortunately the permissions of /etc/ssl/certs are no set properly by the Beta update.

    You can fix this on the command line:

    chmod 0755 /etc/ssl/certs

    Then try again to enable Let's Encrypt.

    We're tracking this as NUTM-10315.

  • I have set the permissions accordingly, but still get:

    2018:09:27-11:12:10 xxx letsencrypt[7644]: I Create account: creating new Let's Encrypt acccount
    2018:09:27-11:12:41 xxx letsencrypt[7644]: E Create account: TOS_UNAVAILABLE: Failed to retrieve current Terms of Service from remote server: 500 Can't connect to acme-v01.api.letsencrypt.org:443 (timeout)
    2018:09:27-11:12:41 xxx letsencrypt[7644]: E Create account: failed to create account
     
     
    What else can i do?

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
  • scorpionking said:

    I have set the permissions accordingly, but still get:

    That's a different error. Connecting to the Let's Encrypt server times out. Make sure that acme-v01.api.letsencrypt.org is reachable from your UTM.

Reply Children