letsencrypt AWS http challenge

I had the problem, that when renewing the Letsencrypt certificate via cronjob Amazon Linux 2

certbot renew --post-hook "systemctl reload httpd"  >> /var/log/certbot.log 2>&1

the SSL certificate was not renewed, but following error occurred:

Could not choose appropriate plugin: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.',)
Attempting to renew cert (foo.de) from /etc/letsencrypt/renewal/foo.conf produced an unexpected error: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.',). Skipping.

I then looked in configuration: /etc/letsencrypt/renewal/foo.conf and the Authentificator modified on Apache and the challenge of Authentificator on HTTP (through the Web server).

# Options used in the renewal process
account = xxx
server = https://acme-v02.api.letsencrypt.org/directory
authenticator = apache
installer = apache
pref_challs = http-01,

After that was the important Port 80 unlock the security group for authentication and another command

certbot renew

was the certificate was successfully renewed.

Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for foo.de
Waiting for verification...
Cleaning up challenges

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
new certificate deployed with reload of apache server; fullchain is

AWS: need to verify an email address in SES without access to the mailbox

To send Amazon SES email, need to verify only the email address. This is a problem, If one has access to the domain, but has set up a mail server.

To work around the problem, one only verifies the domain in SES and is then under Configure email receiving a to verifierende E-Mail address and connects them with a SNS topic. After that you can Subscription set up on the SNS topic via email and so the verification email can be forward on an existing mailbox.

Project: baby taschenrechner.de

The just completed project baby taschenrechner.de deals with the issues relating to the development of the own child:

  • How great my child be in x years
  • My child is like in x years
  • Is my child too hard or too thin
  • What dress size is wear it when?

The Web page is to help parents find out, When you need to buy what dress size, the approaching winter/summer home to have the appropriate.

Parents can thus einschätzne, If the child is too thin or too thick for your age/size/weight ratio.

The following technologies were used for the realization:

Symfony 3, Docker, MySQL, PHP, GIT, Google material design, Amazon AWS

Install ELK stack on Amazon EC2

To the ELK stack, consisting of:

  • Logstash
  • Elasticsearch
  • Kibana

Amazon AWS for testing on a single Amazon EC2 instance to install on, can you do the following:

It boosts an EC2 instance, that is not too small, with regard to the RAM, at least a m4.large with 8 GB RAM and 2 Processors, Elasticsearch is already demanding at the store and also Logstash is very resource hungry. As operating system I chose Ubuntu-16 (Ami-1e339e71).

Then you can Elastic IP create the instance, so that you can easily replace the instances and still continue keeping the IP.

Security groups more…

Project: Elasticsearch for XT commerce shop search

The last project was very exciting, It was an extension of the PHP shop system called XT-commerce or. of the derivative SEO-Commerce to search current standards for Zeedee Berlin.

Elasticsearch was on an own Amatzon MWS EC2 instance hosted with 1 GB RAM and 1 CPU (very inexpensive).

The following functionality can be turned off all over again in a central location, If there are problems with Elasticsearch and the old MySQL search back in force.

1. AutoComplete / Suggest function when filling the search

When typing the keyword already suggestions are given in the millisecond range. This way the customer can save much time and also helped with the spelling. suggest_zeedee


Analysis: Amazon EC2 as cheap root server alternative to developing

In search of a favorable root server for developing and running of my websites I'm about Amazon EC2 stumbled and wants to compute the following, whether the operation worthwhile financially in comparison to a normal root server.

The Amazon EC2 pricing table one finds here.


You are still cheaper Reserved instances, where is given for a period (1 or 3 Years) rent an instance at a fixed price.

So to bezhalt z.B. for a Linux Nano instance based in Frankfurt annually only 40$ or for 3 Year 79$. Unbeatable cheap.

It's now cheap, but Amazon is really expensive, When it comes to large systems with much traffic, It's cheaper to operate a data center.

Attention: EC2 Micro Instance ist one year free for new customers.

Amazon credited unlike normal root servers from vendors in hours, because it is an elastic cloud service. It should be in the account kept in mind, EC2 to scale the huge advantage simply, by including switching new instances if needed.

A sample calculation for a development server located EC2 Europe (Ireland):

Price variations for a Micro Instance, the particularly low, but not particularly efficient with 613 MB RAM, but perfectly adequate for the operation of smaller websites and as a development server:

1. On-Demand Instances: 0,020$ per hour

2. Reserved Instances with low utilization: 0,015$ per hour + $23*

3. Reserved Instances with medium workload: 0,01$ per hour + $54*

4. Reserved Instances with high utilization: 0,008$ per hour + $62*