I have a problem with generating ssl cert. but the problem is related only to a subdomain.
If I request a cert for gestione.societaoperaia.it i get this response:
Checking for new version... Requesting root privileges to run letsencrypt... /root/.local/share/letsencrypt/bin/letsencrypt certonly -a webroot -d gestione.societaoperaia.it --webroot-path /home/societao/domains/gestione.societaoperaia.it/public_html --duplicate --config /tmp/.webmin/211270_9708_1_letsencrypt.cgi Failed authorization procedure. gestione.societaoperaia.it (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://gestione.societaoperaia.it/.well-known/acme-challenge/CbhSzF0D74K... 149.202.103.2: 401 IMPORTANT NOTES: - The following errors were reported by the server:
Domain: gestione.societaoperaia.it Type: unauthorized Detail: Invalid response from http://gestione.societaoperaia.it /.well-known/acme- challenge/CbhSzF0D74K8aKWvePRsjyJO2z7-iWYIcI9ZjaQm9B4 If I request a cert for any domain with a virtualhost in the form of "domain.xx" it's works fine.
I have the same error if I run from the command prompt:
./letsencrypt/letsencrypt-auto certonly --webroot -w /home/societao/domains/gestione.societaoperaia.it/public_html/ -d gestione.societaoperaia.it
Comments
Submitted by JamieCameron on Wed, 03/09/2016 - 21:33 Comment #1
Are you trying to create a single Let's Encrypt cert that matches both the top-level and sub-domains? That isn't currently supported by Virtualmin .. instead you need to create a sub-domains separately (assuming this is sub-domain that exists as a domain in Virtualmin).
Submitted by rinobilla on Thu, 03/10/2016 - 05:18 Comment #2
No, I'm trying to create a cert. that matches only a subdomain. I'm trying to create it from subdomain admin. panel.
Thanks.
Submitted by rinobilla on Thu, 03/10/2016 - 19:03 Comment #3
update:
I have tested let's encrypt ssl cert. generation for subdomain on another virtualmin server (GPL) and it works fine. On the first server I have always the same error:
Checking for new version... Requesting root privileges to run letsencrypt... /root/.local/share/letsencrypt/bin/letsencrypt certonly -a webroot -d gestione.societaoperaia.it --webroot-path /home/societao/domains/gestione.societaoperaia.it/public_html --duplicate --config /tmp/.webmin/399857_20274_1_letsencrypt.cgi Failed authorization procedure. gestione.societaoperaia.it (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://gestione.societaoperaia.it/.well-known/acme-challenge/9u3HuAL2PW1... [149.202.103.2]: 401 IMPORTANT NOTES: - The following errors were reported by the server:
Domain: gestione.societaoperaia.it Type: unauthorized Detail: Invalid response from http://gestione.societaoperaia.it /.well-known/acme- challenge/9u3HuAL2PW1UZ8URSpQ0PmYW3N_4XRWkHA421lge1bw
But if I try to get a cert for any domain it works. The problem is only for subdomain and only on my virtualmin licensed server. I have tried to check permissions, but I can't find any reason for let's encrypt not working in subdomains.
Submitted by JamieCameron on Thu, 03/10/2016 - 21:54 Comment #4
Is the website for this subdomain working? You can test by putting a file like
test.htmlin it's public_html directory, and then trying accessing it at http://gestione.societaoperaia.it/test.htmlSubmitted by rinobilla on Fri, 03/11/2016 - 05:12 Comment #5
Sorry for waste your time, but the problem was a directory restriction on .htaccess .
Thanks!