AlmaLinux Server Release 8.9, DirectAdmin 1.700, OpenLiteSpeed
We have a problem renewing free Let's Encrypt certificates for at least 3 domains:
domain.it was skipped due to unreachable http://domain.it/.well-known/acme-challenge/letsencrypt_2c33e1e015043ea836ed19cbea6c84bd file.
http://www.domain.it was skipped due to unreachable http://www.domain.it/.well-known/acme-challenge/letsencrypt_73c6041f5c23cccf9cc9318198529632 file.
No domains pointing to this server to generate the certificate for.
The domains have been around for a long time, they are visible and point to the server, they already have free Let's Encrypt certificates, they have not made any changes in the applications in recent months.
The .htaccess file doesn't block the display of folders/files if I create them manually in the webroot:
/.well-known/acme-challenge/letsencrypt_73c6041f5c23cccf9cc9318198529632.txt
the file is visible correctly.
Two out of three domains do not have the IPV6 record in the zone.
I did dozens of tests to see if there were any communication problems between my server and let's encrypt or something else but everything came back negative.
I regenerated the server certificate, on the domain that supports the server without errors but I can't renew/regenerate the certificates of the individual hosts.
Thank you
Gabriella
We have a problem renewing free Let's Encrypt certificates for at least 3 domains:
domain.it was skipped due to unreachable http://domain.it/.well-known/acme-challenge/letsencrypt_2c33e1e015043ea836ed19cbea6c84bd file.
http://www.domain.it was skipped due to unreachable http://www.domain.it/.well-known/acme-challenge/letsencrypt_73c6041f5c23cccf9cc9318198529632 file.
No domains pointing to this server to generate the certificate for.
The domains have been around for a long time, they are visible and point to the server, they already have free Let's Encrypt certificates, they have not made any changes in the applications in recent months.
The .htaccess file doesn't block the display of folders/files if I create them manually in the webroot:
/.well-known/acme-challenge/letsencrypt_73c6041f5c23cccf9cc9318198529632.txt
the file is visible correctly.
Two out of three domains do not have the IPV6 record in the zone.
I did dozens of tests to see if there were any communication problems between my server and let's encrypt or something else but everything came back negative.
I regenerated the server certificate, on the domain that supports the server without errors but I can't renew/regenerate the certificates of the individual hosts.
Thank you
Gabriella
Hello,
That's the error you should address
No domains pointing to this server to generate the certificate for.
That's the error you should address
Hello,
No domains pointing to this server to generate the certificate for.
That's the error you should address
Thanks for the reply.
As I mentioned, all 3 domains point to the server correctly, are visible, and already have a Let's Encrypt certificate created in February.
All domains have external nameserves from 3 different providers (Aruba, Register.it and Cloudflare)
We also tried disabling the firewall
If directadmin reports the error, then domains are not accessible over public DNS resolvers (unless your ISP or government blocks Google's and/or CloudFlare's DNS resolvers). If you need any further assistance you will need to show your real domain names either publicly or privately.
All domains have external nameserves from 3 different providers (Aruba, Register.it and Cloudflare)
CloudFlare blocks Let's Encrypt bots. That's a known issue.
All domains have external nameserves from 3 different providers (Aruba, Register.it and Cloudflare)
CloudFlare blocks Let's Encrypt bots. That's a known issue.
I assumed so but only 1 domain has cloudflare... I sent the names privately. Thanks
If you're on CF it's best to use CF's Origin Certificate SSL/TLS ->Origin Server under the Origin Certificates section, hit "Create Certificate" it will give you a certificate valid for 15 years. Then add this certificate to that domain from DirectAdmin. These certificates are wildcard so valid for subdomains as well.
Then you can even set Strict SSL since CF accepts its own certificates
Then you can even set Strict SSL since CF accepts its own certificates
May you create the file:
- /var/www/html/.well-known/acme-challenge/test.html
with content:
HTML:
Hi
Done and it is visible from main server domain
Is that full SSL or Flexible ?
I have the site working well with cloudflare full strict SSL using let's encrypt.
thanks but only one domain on this server has cloudflare ns, the other domain have differente ns and provider
- Page :
- 1
- 2
There are no replies made for this post yet.