Jitsi/Docker on OpenSuse 15.1 / Tumbleweed in LAN -- Letsencrypt doesn't provide the certificate / no https

Dear all,

I have tried to install Jitsi via Docker on OpenSuse 15.1 and on OpenSuse Tumbleweed in my LAN, behind the rooter’s firewall, so the meeting is intended to be an internal conference tool.
In both cases the “normal” installation worked (without audio and video, but I was told that this is due to the missing https).

In order to change to https via LetsEncrypt, following changes in the .env-file were made:

HTTP_PORT=80
HTTPS_PORT=443
DOCKER_HOST_ADDRESS=IP_ADDRESS_OF_MY_SERVER
ENABLE_LETSENCRYPT=1
LETSENCRYPT_DOMAIN=A_DOMAIN
LETSENCRYPT_EMAIL=A_VALID_EMAIL_ADRESS
ENABLE_HTTP_REDIRECT=1

The result is, that no connection can be made any more.

Starting

docker-compose up

leads to

jvb_1 | May 07, 2020 8:54:04 PM org.jitsi.utils.logging2.LoggerImpl log
jvb_1 | INFO: create_conf, id=117a07b5471a1da gid=null logging=false
jvb_1 | May 07, 2020 8:54:04 PM org.jitsi.utils.logging2.LoggerImpl log
jvb_1 | INFO: Performed a successful health check in PT0.019S. Sticky failure: false
jvb_1 | May 07, 2020 8:54:12 PM org.jitsi.utils.logging2.LoggerImpl log
jvb_1 | INFO: Running expire()
jvb_1 | May 07, 2020 8:54:14 PM org.jitsi.utils.logging2.LoggerImpl log
jvb_1 | INFO: create_conf, id=c25499183c9cc5ce gid=null logging=false
jvb_1 | May 07, 2020 8:54:14 PM org.jitsi.utils.logging2.LoggerImpl log
jvb_1 | INFO: Performed a successful health check in PT0.021S. Sticky failure: false
web_1 | Saving debug log to /var/log/letsencrypt/letsencrypt.log
web_1 | Plugins selected: Authenticator standalone, Installer None
web_1 | Obtaining a new certificate
web_1 | An unexpected error occurred:
web_1 | There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-lim
its/
web_1 | Please see the logfiles in /var/log/letsencrypt for more details.
web_1 | Failed to obtain a certificate from the Let’s Encrypt CA.

My problems are

  • /var/log/letsencrypt/letsencrypt.log does not exist
  • There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-lim: I have started the process today once, so I do not know why there should be too many requests.

Setting the changes in the .env back to the origin, the system runs as before.

I do not know what to do.
So I would be happy about any suggestion, how to solve this issue and to get the audio and video running.

Thanks a lot in advance

Best regards

Jörg

What do you mean exactly by “internal” ?
No client access from the internet? All the clients and your jitsi server are only within your internal network?

Hi Franky1

yes, exactly. The reason is, that is should be more or less a test installation at the moment.

Thanks & Best regards

Jörg

Then you can’t obtain a letsencrypt certificate, because you don’t have a domain/public ip for this machine!? Use self-signed certificate instead. Browsers will still complain, but they work.

Did you follow the Jitsi Meet on Docker instructions from GitHub?
Do not use ENABLE_LETSENCRYPT - then a self-signed certificate will be generated instead.

Thanks Franky1,

Ok I guess I understood the problem;-).
Yes I tried to follow the JitsiMeet On Docker Instruction but obviously I did not understand them fully.
I will try your porposal tomorrow.

So thanks a lot & have a good night!

Jörg

I had a similar test docker setup running two weeks ago in virtualbox on my laptop in my home network.
The only parameter i changed from the provided env.example file was the DOCKER_HOST_ADDRESS pointing to the internal ip address of my jitsi server.
It worked. Tested it with 3 Laptops in my internal network.
Browsers complained, because there is no valid certificate chain, but after accepting they worked.

Another hint: Make sure that there is no firewall on your server blocking the necessary ports for jitsi.

Hi Franky1,

thanks a lot; it works now;
I just commented the variable
# ENABLE_LETSENCRYPT=1
(or better undid my changes in the .env-file concerning this variable…)

And thanks a lot for this fast and really helpfull support!

Best Regards

Jörg