Remote on MDM, Certbot Error.

Question

Hi,

I followed your instructions and somehow I get to the end with:

PLAY RECAP **

localhost: ok=19 changed=2 unreachable=0 failed=0 skipped=10 rescued=0 ignored=0

But I get "404 error" accessing  https://my-mdm-domain.com/web-admin/ .

I do however get "fatal Error" at Task [run certbot]. Debug log:

/var/log/letsencrypt/letsencrypt.log

2022-10-16 01:47:07,204:DEBUG:certbot.main:certbot version: 0.40.0

2022-10-16 01:47:07,205:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2022-10-16 01:47:07,216:DEBUG:certbot.log:Root logging level set at 30
2022-10-16 01:47:07,216:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2022-10-16 01:47:07,226:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7fdbf7e3ee20> and installer <certbot.cli._Default object at 0x7fdbf7e3ee20>
2022-10-16 01:47:07,241:INFO:certbot.renewal:Cert not yet due for renewal
2022-10-16 01:47:07,241:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer None
2022-10-16 01:47:07,242:DEBUG:certbot.renewal:no renewal failures

Which one could expect as I already have a certificate from MDM for the same domain.

Any help or pointing out where the look for the problem would be much appreciated.

Answer 1

Pay attention to the server indication (is it Tomcat?) on the 404 error message. 

If you are upgrading the existing Headwind MDM instance, make sure you've removed the iptables rule redirecting 443 port to 8443 (Tomcat):

/sbin/iptables -D PREROUTING -t nat -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443

/sbin/iptables -D OUTPUT -t nat -o lo -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443

You can check the iptables rules by running the command

iptables -t nat --list