Menu
▾
▴
Re: [webmin-l] Another server failing to get let's encrypt certificate
|
From: Jamie C. <jca...@we...> - 2018-02-04 22:25:35
|
Do you have the certbot-auto or certbot command installed on your system? It looks like Webmin is using that for the Let's Encrypt cert renewal, rather than it's own built-in client. And that's what constructs the validation URL. On 04/Feb/2018 10:33 Kimberly <kim...@gm...> wrote .. > Any thoughts on this? If this is an issue with Virtualmin's Let's > Encrypt, then as each certificate comes up for renewal, the renewal will > fail. > > > On 01/29/2018 11:52 AM, Kimberly wrote: > > Looking back through the error message I noticed that the url is not > > correct; I think this was an earlier issue with Let's Encrypt. > > > > https://domain.com.well-known/acme-challenge/ > > > > The url is not properly formed; it is missing the / after .com > > > > > > > > > > > > On 01/24/2018 01:31 PM, Kimberly wrote: > >> Anyone any ideas on why Let's Encrypt is failing? I have now seen > >> this on two completely different servers; so it is not related to the > >> server but both servers are running webmin/Viurtualmin and both are > >> updated. > >> > >> I would have to go back and see the failure message from the first I > >> posted but I think this new failure is the same. > >> > >> > >> On 01/18/2018 11:05 PM, Kimberly wrote: > >>> The server was just upgraded including the python, webmin, etc. This > >>> is on a server where the certificate originally worked but is now > >>> failing. > >>> > >>> Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org > >>> Obtaining a new certificate > >>> Performing the following challenges: > >>> http-01 challenge for mywebsite.com > >>> http-01 challenge for www.mywebsite.com > >>> Using the webroot path /home/mywebsite/public_html for all unmatched > >>> domains. > >>> Waiting for verification... > >>> Cleaning up challenges > >>> Unable to clean up challenge directory > >>> /home/mywebsite/public_html/.well-known/acme-challenge > >>> Failed authorization procedure. mywebsite.com (http-01): > >>> urn:acme:error:connection :: The server could not connect to the > >>> client to verify the domain :: Fetching > >>> https://mywebsite.com.well-known/acme-challenge/IhHaCIPWON3uBI6XqcI5SNPYqifvu1d7lVaDUn3yXoE: > >>> Error getting validation data, www.mywebsite.com (http-01): > >>> urn:acme:error:connection :: The server could not connect to the > >>> client to verify the domain :: Fetching > >>> https://mywebsite.com.well-known/acme-challenge/XPq-emPKAZWOR19hreiiruVktFdRuy-d-kAEaKhGM1s: > >>> Error getting validation data > >>> IMPORTANT NOTES: > >>> - The following errors were reported by the server: > >>> > >>> Domain: mywebsite.com > >>> Type: connection > >>> Detail: Fetching > >>> https://mywebsite.com.well-known/acme-challenge/IhHaCIPWON3uBI6XqcI5SNPYqifvu1d7lVaDUn3yXoE: > >>> > >>> Error getting validation data > >>> > >>> Domain: www.mywebsite.com > >>> Type: connection > >>> Detail: Fetching > >>> https://mywebsite.com.well-known/acme-challenge/XPq-emPKAZWOR19hreiiruVktFdRuy-d-kAEaKhGM1s: > >>> > >>> Error getting validation data > >>> > >>> To fix these errors, please make sure that your domain name was > >>> entered correctly and the DNS A/AAAA record(s) for that domain > >>> contain(s) the right IP address. Additionally, please check that > >>> your computer has a publicly routable IP address and that no > >>> firewalls are preventing the server from communicating with the > >>> client. If you're using the webroot plugin, you should also verify > >>> that you are serving files from the webroot path you provided. > >>> > >>> Plugins selected: Authenticator manual, Installer None > >>> Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org > >>> Obtaining a new certificate > >>> Performing the following challenges: > >>> dns-01 challenge for mywebsite.com > >>> dns-01 challenge for www.mywebsite.com > >>> Waiting for verification... > >>> Cleaning up challenges > >>> Failed authorization procedure. mywebsite.com (dns-01): > >>> urn:acme:error:unauthorized :: The client lacks sufficient > >>> authorization :: No TXT record found at > >>> _acme-challenge.mywebsite.com, www.mywebsite.com (dns-01): > >>> urn:acme:error:unauthorized :: The client lacks sufficient > >>> authorization :: No TXT record found at > >>> _acme-challenge.www.mywebsite.com > >>> IMPORTANT NOTES: > >>> - The following errors were reported by the server: > >>> > >>> Domain: mywebsite.com > >>> Type: unauthorized > >>> Detail: No TXT record found at _acme-challenge.mywebsite.com > >>> > >>> Domain: www.mywebsite.com > >>> Type: unauthorized > >>> Detail: No TXT record found at _acme-challenge.www.mywebsite.com > >>> > >>> To fix these errors, please make sure that your domain name was > >>> entered correctly and the DNS A/AAAA record(s) for that domain > >>> contain(s) the right IP address. |
