Control Web Panel
WebPanel => SSL => Topic started by: nme on September 08, 2018, 01:13:03 AM
-
Hi,
i am pretty new to CWP and are trying to get SSL to work. However, something is not working. I get the error message DNS of your domain doesn't point to this server or you have htaccess restrictions
- i dont have any htaccess file installed on public_html
- Here is the DNS configuration:
https://imgur.com/a/f1HXqrQ
- This is the DNS configuration on the CWP side
https://imgur.com/a/IxHpkiQ
- The a-record is pointing to the server
https://www.whatsmydns.net/#A/ruimtereizen.net
- But still i cant get auto ssl to work
https://imgur.com/a/Xr5UzXq
update 1:
after deleting the whole account i created a new account. Enabling AutoSSL gives the following
AutoSSL Issue Failed![Sat Sep 8 01:17:19 UTC 2018] Single domain='ruimtereizen.net'
[Sat Sep 8 01:17:19 UTC 2018] Getting domain auth token for each domain
[Sat Sep 8 01:17:19 UTC 2018] Getting webroot for domain='ruimtereizen.net'
[Sat Sep 8 01:17:19 UTC 2018] Getting new-authz for domain='ruimtereizen.net'
[Sat Sep 8 01:17:20 UTC 2018] The new-authz request is ok.
[Sat Sep 8 01:17:20 UTC 2018] Verifying:ruimtereizen.net
[Sat Sep 8 01:17:23 UTC 2018] ruimtereizen.net:Verify error:Invalid response from http://ruimtereizen.net/.well-known/acme-challenge/1TD1F0gjN_6_AtetI_OTiA61jKio9GFh0meIdU5Q93c:
[Sat Sep 8 01:17:23 UTC 2018] Please check log file for more details: /root/.acme.sh/acme.sh.log
Update 3 Added log file ( last 20 lines )
[Sat Sep 8 01:17:23 UTC 2018] url='https://acme-v01.api.letsencrypt.org/acme/challenge/qTI9zjrTJ-rDcX5Ij5hJKfXvrzfhP97ucabLhia4a5A/7153854755'
[Sat Sep 8 01:17:23 UTC 2018] timeout=
[Sat Sep 8 01:17:23 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g '
[Sat Sep 8 01:17:23 UTC 2018] ret='0'
[Sat Sep 8 01:17:23 UTC 2018] ruimtereizen.net:Verify error:Invalid response from http://ruimtereizen.net/.well-known/acme-challenge/1TD1F0gjN_6_AtetI_OTiA61jKio9GFh0meIdU5Q93c:
[Sat Sep 8 01:17:23 UTC 2018] pid
[Sat Sep 8 01:17:23 UTC 2018] No need to restore nginx, skip.
[Sat Sep 8 01:17:23 UTC 2018] _clearupdns
[Sat Sep 8 01:17:23 UTC 2018] skip dns.
[Sat Sep 8 01:17:23 UTC 2018] _on_issue_err
[Sat Sep 8 01:17:23 UTC 2018] Please check log file for more details: /root/.acme.sh/acme.sh.log
[Sat Sep 8 01:17:23 UTC 2018] url='https://acme-v01.api.letsencrypt.org/acme/challenge/qTI9zjrTJ-rDcX5Ij5hJKfXvrzfhP97ucabLhia4a5A/7153854755'
[Sat Sep 8 01:17:23 UTC 2018] payload='{"resource": "challenge", "keyAuthorization": "1TD1F0gjN_6_AtetI_OTiA61jKio9GFh0meIdU5Q93c.X3u0s504PaG8KagYPEDKk-vjOgth4theAXWD5muR5qo"}'
[Sat Sep 8 01:17:23 UTC 2018] POST
[Sat Sep 8 01:17:23 UTC 2018] _post_url='https://acme-v01.api.letsencrypt.org/acme/challenge/qTI9zjrTJ-rDcX5Ij5hJKfXvrzfhP97ucabLhia4a5A/7153854755'
[Sat Sep 8 01:17:23 UTC 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g '
[Sat Sep 8 01:17:24 UTC 2018] _ret='0'
[Sat Sep 8 01:17:24 UTC 2018] code='400'
What other things can i do to make it work?
regards jerome
-
try nginx webserver and issue the certs.
-
I had a similar problem. I looked at my vhost config file and saw that I had a 301 redirect for my domain. I deleted that redirect and was able to get a new cert.
-
01. A) From Domains -> List Domains. Delete the Affected Domain.
B) Only if, List Domains is empty then- Go to User Accounts -> List Accounts. Delete the user account with the Affected Domain.
02. Go To Server Settings -> Change Hostname. Click change Hostname (Keep all settings same).
03. If you followed option A before. From Domains -> Add Domain. Add the Affected Domain name now.
Only if, you followed option B before. User Accounts -> List Account. Add new user account with the Affected Domain name.
04. Go To DNS Functions -> List DNS Zones -> (Affected Domain) Click Rebuild Zone.
05. Again Go To DNS Functions -> List DNS Zones -> (Affected Domain) -> Edit Files. Now- Firstly, Delete line start with- www (it has a cname record). Secondly, Paste these three lines below in the middle of the file-
ns1 14400 IN A (Public IP)
ns2 14400 IN A (Public IP)
www 14400 IN A (Public IP)
06. Go to Webserver Settings -> SSL Certificates -> Auto SSL. Install SSL for the Domain.
-
01. A) From Domains -> List Domains. Delete the Affected Domain.
B) Only if, List Domains is empty then- Go to User Accounts -> List Accounts. Delete the user account with the Affected Domain.
02. Go To Server Settings -> Change Hostname. Click change Hostname (Keep all settings same).
03. Adjust the file from /etc/hosts:
nano /etc/hosts
**Make the values like this[Change here]:
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
[your server local ip] example1.example.com example1
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
04. If you followed option A before. From Domains -> Add Domain. Add the Affected Domain name now.
Only if, you followed option B before. User Accounts -> List Account. Add a new user account with the Affected Domain name.
05. Go To DNS Functions -> List DNS Zones -> (Affected Domain) Click Rebuild Zone.
06. Again Go To DNS Functions -> List DNS Zones -> (Affected Domain) -> Edit Files. Now- Firstly, Delete line start with- www (it has a cname record). Secondly, Paste these three lines below in the middle of the file-
ns1 14400 IN A (Public IP)
ns2 14400 IN A (Public IP)
www 14400 IN A (Public IP)
07. Go to Webserver Settings -> SSL Certificates -> Auto SSL. Install SSL for the Domain.
-
Disable csf firewall and try it again. thats what worked for me.
-
Facing Same Issue,
Have 4 CWP VPS facing same issue with all of them, I think it may be issue with lets encrypt...
-
If you are using force-https, the 301 redirect is causing the issue as pixel said before. Remove the 301 temporarily, or switch to the default template and rebuild the domains.
-
I am also facing the same issue. I have 3 test servers running on Digital Ocean with Centos 7.8 and CWP7.
I've disable the CSF firewall and the SSL cert is still not working.
-
01. A) From Domains -> List Domains. Delete the Affected Domain.
How can one simply delete a domain and loose data?
I was troubled by same problem since 1 day.
here is what worked for me
https://forum.centos-webpanel.com/index.php?topic=8892.msg31059#msg31059
Note: I am not an linux expert. Very new to this
-
Recently I forced my site (cashbytes.org (http://cashbytes.org)) to https, for a day, I was getting a warning message in the browser, later, it was resolved automatically. If anyone faces, kindly wait at least 24 hours
-
Everything to work must have the right settings, in the world of programming everything follows a logical thought and works when it is set to work properly.
-
(Solution)- worked for me
I dont know anything about linux. I search and try every solution to see if its working or not.
Last year, I used my own computer to host CWP webserver. Now, I just bought a VPS server and same old auto SSL problem hunted me- DNS not pointing to your server...
This time I tried everything I learned last year but noting worked. Then..
I found the solution. This time- My hosting company using some kind of proxy. So even though my DNS setting was right and name-server was pointing to correct public IP, I was not getting the auto SSL. So, I activated NAT-ed mode using my private IP from CWP settings. Man that was it, main domain got the SSL.
For hostname SSL, I then went to Server Settings -> Change Hostname. Then Hit Enter (my host-name was correct so didn't change anything). After, I cleared my browser cache and logged in my hosting server via SSL url.
-
Thanks for the thread and advice.
Disabling CSF firewall solved my issue.