SSL certification request with Let's Encrypt fails for mail.domain.tld although the mail feature is disabled on virtual server creation

Issue reproduction: 1. Create a new virtual server or sub-server with disabled mail feature (do not accept mails for this server), e.g. subdomain.domain.tld 2. SSL certification request fails 3. Go to "Server Configuration" > "SSL Certificate" > Select tab "Let's Encrypt" > see the default domains (a) subdomain.domain.tld, (b) www.subdomain.domain.tld and (c) mail.subdomain.domain.tld 4. When trying to manually request a new Let's Encrypt certificate it still fails 5. When enabling / disabling the "mail" feature for the virtual server it does not correct the SSL configuration for Let's Encrypt 6. Change the default domain requests to only (a) subdomain.domain.tld and (b) www.subdomain.domain.tld 7. Again, try to request the Let's Encrypt certificate --> Successful

10/10 times reproducible.

Status: 
Active

Comments

Ilia's picture
Submitted by Ilia on Tue, 04/21/2020 - 02:26

Hi,

What if you select Skip Tests option on SSL Certificate page, and repeat those steps again, would it fail for mail too?

If it still fails in the same way as you described above, what is the actual error message?

I believe you need to change your nginx configuration manually and add /.well-known in location of your domain containing mail.domain.tld and point it to domain.tld as a workaround for now.