I don't get any Letsencrypt certificates anymore (challenge did not pass)

3 posts / 0 new
Last post
#1 Sat, 12/22/2018 - 18:25
F4ll_ouT

I don't get any Letsencrypt certificates anymore (challenge did not pass)

Hi all, Webmin, apache and Letsencrypt worked fine a year ago and now I reactivated everything and I just don't get any certificates anymore. I followed tutorials, forum advices but whatever I do I have not any success. Please! Can someone guide me through this?

So I have the domain rootshape.com. And I have a subdomain cloud.rootshape.com on the same server with the same ip. The cloud.rootshape.com root folder is inside the rootshape.com root folder. Right now I disabled the port 80 virtual hosts so I have only port 443 for rootshape.com and cloud.rootshape.com but I cannot access them without certificate (SSL record too long error) After I went to webmin config -> SSL -> Letsencrypt, I tried all options in all combinations (DNS, apache matching hostname, etc.) Once I succeeded in getting a certificate for rootshape.com only, but I don't know what I have changed because it didn't work a second time. (I lost the certificate for rootshape.com right after I tried to get one for cloud.rootshape.com in a seperate process)

So, in my last try to get a certificate, I tried to get a certificate by folder for rootshape.com, cloud.rootshape.com and I got the error: cloud.rootshape.com challenge did not pass: Invalid response from http://cloud.rootshape.com/.well-known/acme-challenge/_9y9oRX8ZGhXSW3E87...

I have updated webmin to the most recent version (1.900) and I updated and upgraded and dist-updated everything else, too. I have Raspbian Linux 9 running. I hope so much that someone can help me because I have totally no idea what I could do.

Sun, 12/23/2018 - 08:32
applejack

Check your httpd conf file and make sure you have a ServerAlias set up for you domains i.e.

ServerAlias www.rootshape.com
ServerAlias cloud.rootshape.com (depending on how your server is configured)
Tue, 12/25/2018 - 09:45 (Reply to #2)
F4ll_ouT

Hi, thanks for your answer and Merry Christmas. Depending on how my server is configured? I have a ServerAlias written into the conf file, of course (webmin created these conf files by default, am I right?) Anyway, I installed certbot and got my keys pretty easy by that using the command: sudo certbot certonly --webroot -w /var/www/ -d rootshape.com -w /var/www/cloud/ -d cloud.rootshape.com I will add the key to my virtual hosts after christmas and add a cronjob running the command "certbot renew" every two months. I hope that will work

Topic locked