I have used virtualmin to add Letsencrypt to one of the virtualdomains I host, however I didn't pay attention during the setup and auto-renewal was not activated. 3 months later, I am unable to either (a) renew the certificate or (b) install a new certificate
I am quite puzzled and no googling helped (I searched a lot, though). Please, would someone have an idea? I would be most grateful if you could help!!
Technical details follow now
This is a typical debian LAMP server, webmin+virtualmin.
The error messages are:
Requesting a certificate for www.[domain that I hide].net, [domain that I hide].net from Let's Encrypt ..
.. request failed : Web-based validation failed : Failed to request certificate :
www.[domain that I hide].net challenge did not pass: Invalid response from http://www.[domain that I hide].net/.well-known/acme-challenge/XQWJ4iDJFmyIdhK-X4E6PFFmk21oj-LD2zE-3jqPdGE: "<!DOCTYPE html>\n<!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->\n<!--[if IE 7]> <html class="no-js "
DNS-based validation failed : Failed to request certificate :
www.[domain that I hide].net challenge did not pass: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.www.[domain that I hide].net
I once had a similar issue, caused by the fact I had tried in the past with the standalone commandline letsencrypt client, that required of me to delete /etc/letsencrypt/ , but there is no more /etc/letsencrypt/ directory to remove (I checked, it didn't come back).
The website is using Cloudflare, but I have every reason to believe cloudflare doesn't pose a problem here. Other websites that I host are similarly with a Letsencrypt provided by virtualmin, and also behind Cloudflare, and Cloudflare is properly configured in the same way for all those websites, set to "full (strict)", meaning they only check the certificate is valid and relay it to the internet, they don't mess with it. If it works for the other websites, then it can't be cloudflare's fault, it's got to be something on the server end.
Please, would someone know how to fix it, or what workaround could be found? Really, if you can help, thank you very much!!