Submitted by roshanbudhathoki on Sun, 07/09/2017 - 07:21
I had my server running previously. After I got updated to Virtualmin 5.99 letsencrypt stopped working shows following error when requesting new certificate either old domain ( renew) or new fresh domain.
Parsing account key...
Parsing CSR...
Registering account...
Already registered!
Verifying autodiscover.hamrochords.com...
Traceback (most recent call last):
File "/usr/share/webmin/webmin/acme_tiny.py", line 235, in <module>
main(sys.argv[1:])
File "/usr/share/webmin/webmin/acme_tiny.py", line 231, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, args.dns_hook, args.cleanup_hook, log=LOGGER, CA=args.ca)
File "/usr/share/webmin/webmin/acme_tiny.py", line 171, in get_crt
raise ValueError("Gave up waiting for valiation")
ValueError: Gave up waiting for valiation
I have checked for any redirection code etc all seems blank.
Status:
Active
Comments
That usually indicates the validation server can't reach your site. It tries to load .well-known/acme-challenge/SOMEHASH
If it can't find it, either because the domain isn't resolving, or the server doesn't respond, it'll fail like this. Create a file in that path (/home/domain/public_html/.well-known/acme-challenge) and check to be sure it can be reached from the internet.
Submitted by roshanbudhathoki on Sun, 07/09/2017 - 22:36 Comment #2
Thank you but I browsed through the /home/hamrochords/public_html/.well-known/acme-challenge I found only .htaccess file with following content in it. When we request ssl certificate shouldn't it create a file under that directory. Also, checked for the permissions and both user and group permissions seems okay as being hamrochords:hamrochords with 0755 permission.
AuthType None
Require all granted
Satisfy any
Also, checked i don't have any .htaccess in my public_html folder.
Submitted by roshanbudhathoki on Sun, 07/09/2017 - 22:46 Comment #3
Also, when I try to renew the certficate for another domain it says following error
Requesting a certificate for pathivara.crystalsoft.com.np, www.pathivara.crystalsoft.com.np, autoconfig.pathivara.crystalsoft.com.np, autodiscover.pathivara.crystalsoft.com.np from Let's Encrypt ..
.. request failed : DNS zone www.pathivara.crystalsoft.com.np does not exist on this system
I checked for dns records and www.pathivara.crystalsoft.com.np is resolving correctly. Also, there is following entry in apache
<VirtualHost *:80>
ServerName pathivara.crystalsoft.com.np
ServerAlias www.pathivara.crystalsoft.com.np
ServerAlias webmail.pathivara.crystalsoft.com.np
ServerAlias admin.pathivara.crystalsoft.com.np
ServerAlias autoconfig.pathivara.crystalsoft.com.np
ServerAlias autodiscover.pathivara.crystalsoft.com.np
DocumentRoot /home/crystal/domains/pathivara.crystalsoft.com.np/public_html
ErrorLog /var/log/virtualmin/pathivara.crystalsoft.com.np_error_log
CustomLog /var/log/virtualmin/pathivara.crystalsoft.com.np_access_log combined
ScriptAlias /cgi-bin/ /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin/
ScriptAlias /AutoDiscover/AutoDiscover.xml /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin/autoconfig.cgi
ScriptAlias /Autodiscover/Autodiscover.xml /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin/autoconfig.cgi
ScriptAlias /autodiscover/autodiscover.xml /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin/autoconfig.cgi
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /home/crystal/domains/pathivara.crystalsoft.com.np/public_html>
Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
</Directory>
<Directory /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin>
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
</Directory>
RewriteEngine on
RewriteCond %{HTTP_HOST} =webmail.pathivara.crystalsoft.com.np
RewriteRule ^(.*) https://server.crystalsoft.com.np:20000 [R]
RewriteCond %{HTTP_HOST} =admin.pathivara.crystalsoft.com.np
RewriteRule ^(.*) https://server.crystalsoft.com.np:10000 [R]
ProxyPassMatch ^/(.*.php(/.*)?)$ fcgi://localhost:8011/home/crystal/domains/pathivara.crystalsoft.com.np/public_html/$1
RemoveHandler .php
RemoveHandler .php7.0
php_admin_value engine Off
Redirect /mail/config-v1.1.xml /cgi-bin/autoconfig.cgi
Redirect /.well-known/autoconfig/mail/config-v1.1.xml /cgi-bin/autoconfig.cgi
</VirtualHost>
<VirtualHost 45.76.144.138:443>
ServerName pathivara.crystalsoft.com.np
ServerAlias www.pathivara.crystalsoft.com.np
ServerAlias webmail.pathivara.crystalsoft.com.np
ServerAlias admin.pathivara.crystalsoft.com.np
ServerAlias autoconfig.pathivara.crystalsoft.com.np
ServerAlias autodiscover.pathivara.crystalsoft.com.np
DocumentRoot /home/crystal/domains/pathivara.crystalsoft.com.np/public_html
ErrorLog /var/log/virtualmin/pathivara.crystalsoft.com.np_error_log
CustomLog /var/log/virtualmin/pathivara.crystalsoft.com.np_access_log combined
ScriptAlias /cgi-bin/ /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin/
ScriptAlias /AutoDiscover/AutoDiscover.xml /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin/autoconfig.cgi
ScriptAlias /Autodiscover/Autodiscover.xml /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin/autoconfig.cgi
ScriptAlias /autodiscover/autodiscover.xml /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin/autoconfig.cgi
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /home/crystal/domains/pathivara.crystalsoft.com.np/public_html>
Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
</Directory>
<Directory /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin>
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
</Directory>
RewriteEngine on
RewriteCond %{HTTP_HOST} =webmail.pathivara.crystalsoft.com.np
RewriteRule ^(.*) https://server.crystalsoft.com.np:20000 [R]
RewriteCond %{HTTP_HOST} =admin.pathivara.crystalsoft.com.np
RewriteRule ^(.*) https://server.crystalsoft.com.np:10000 [R]
ProxyPassMatch ^/(.*.php(/.*)?)$ fcgi://localhost:8011/home/crystal/domains/pathivara.crystalsoft.com.np/public_html/$1
RemoveHandler .php
RemoveHandler .php7.0
php_admin_value engine Off
SSLEngine on
SSLCertificateFile /home/crystal/domains/pathivara.crystalsoft.com.np/ssl.cert
SSLCertificateKeyFile /home/crystal/domains/pathivara.crystalsoft.com.np/ssl.key
SSLProtocol all -SSLv2 -SSLv3
SSLCACertificateFile /home/crystal/domains/pathivara.crystalsoft.com.np/ssl.ca
Redirect /mail/config-v1.1.xml /cgi-bin/autoconfig.cgi
Redirect /.well-known/autoconfig/mail/config-v1.1.xml /cgi-bin/autoconfig.cgi
</VirtualHost>
Can't figure out what exactly is the problem.
Submitted by JamieCameron on Tue, 07/11/2017 - 00:22 Comment #4
roshanbudhathoki - are you fully updated to the latest Webmin and Virtualmin versions?
Submitted by roshanbudhathoki on Tue, 07/11/2017 - 00:31 Comment #5
Yeap Jamie, I am using webmin 1.850 and usermin 1.720 and virtualmin 5.99. Just checked once again. Also, checked for dns records which are fine and resolving from all places (checked from this site https://www.whatsmydns.net/ ) . Also, checked for any .htaccess records, found no .htaccess in public_html.
I don't know what else is going wrong?
Submitted by fuzzbawl on Wed, 07/12/2017 - 00:01 Pro Licensee Comment #6
We are seeing the exact same error with the same versions as above. I created a test file here that loads fine: http://fuzzydice.net/.well-known/acme-challenge/test.html
Submitted by JamieCameron on Wed, 07/12/2017 - 01:22 Comment #7
Any chance we could get access to your system to see what's going wrong here?
A few other users have reported this "gave up" error, but it's hard to debug as it doesn't happen on our test systems!
Submitted by metal696heart on Wed, 07/12/2017 - 01:31 Comment #8
This is what i was trying to fix then This happened. (also, the log viewer is broken on 1.850). I can give you the root for that vps.
Submitted by roshanbudhathoki on Wed, 07/12/2017 - 01:36 Comment #9
I can provide you root access to my vps. Can you email me at developer.roshan@gmail.com.
Submitted by JamieCameron on Wed, 07/12/2017 - 23:41 Comment #10
You can email me login details at jcameron@virtualmin.com
Submitted by cyrus on Thu, 07/13/2017 - 04:25 Pro Licensee Comment #11
Can confirm the same error shown in the first post of this thread
Submitted by JamieCameron on Sat, 07/15/2017 - 17:58 Comment #12
Try installing the 1.851 development version of Webmin from http://download.webmin.com/devel/deb/ , which should fix this Let's Encrypt issue (which is triggered by an update to
openssl
).Submitted by roshanbudhathoki on Sat, 07/15/2017 - 22:20 Comment #13
Thank you Jamie, update 1.8.51 worked well.
Submitted by roshanbudhathoki on Sun, 07/16/2017 - 02:56 Comment #14
It worked but only on main domains. When I request certificate for subdomains it has another issue for which I have created another issue in the issue list. Here's the link https://www.virtualmin.com/node/52841
I haven't changed credentials of the server yet, if you have to check my system please go ahead and check the system. :)