Author Topic: I am facing multiple problem with CWP and SSL  (Read 3696 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
I am facing multiple problem with CWP and SSL
« on: December 18, 2023, 08:30:43 PM »
So, I am using CWP to test how it performs but I ran into several issues that I need help with.

So I installed CentOS 8 on a server and installed CWP using the installation instruction provided in the documents. I changed the webserver to NGINX+Varnish+Apache. I also changed my PHP version to 8.1.15. I created a cwp user added mydomain.com there. then I created a subdomain in the usercp called it panel.mydomain.com so that the DNS is setup properly. I also ensured that both the domain and subdomain are pointing to the server by using dnschecker.org

1. Whenever I reboot the server, The hostname changes back to default
2. When I generate an SSL under CWP>Change Hostname. It generates a self-signed certificate. and this is what I see in /var/log/cwp/autossl.log
2023-12-18 08:12:08 panel.mydomain.com Failed http validation for Hostname: panel.mydomain.com
2023-12-18 08:12:08 panel.mydomain.com Self-signed SSL installed for Hostname: panel.mydomain.com

3. from usercp when I try to generate an SSL for mydomain.com from Domain>AutoSSL this is the error I face
DNS of your domain doesn't point to this server or you have htaccess restrictions


How do I solve all these SSL issues? I've looked into the DNS editor and also tested that the domains are pointed to the server using nslookup both from the inside the server as well as other computers. I am truly baffled and out of ideas on what could be causing this.

Offline
****
Re: I am facing multiple problem with CWP and SSL
« Reply #1 on: December 18, 2023, 09:29:56 PM »
If you have https only set, Domain validation will fail because of the 403 redirect.
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: I am facing multiple problem with CWP and SSL
« Reply #2 on: December 18, 2023, 10:44:44 PM »
if you mean opened ports. Then I have both 80 and 443 open. I don't see any option for https only however...

Offline
****
Re: I am facing multiple problem with CWP and SSL
« Reply #3 on: December 19, 2023, 12:07:33 AM »
I mean if you have apache or nginx set to "force https", the all port 80 requests will be redirected to ssl.  This breaks letsencrypt for some reason.
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: I am facing multiple problem with CWP and SSL
« Reply #4 on: December 19, 2023, 12:51:17 AM »
will that be in the vhost configs? Or will it be in any GUI option? I looked through all the config files, nothing is forcing https from what I see. however, the proxy pass location is using the https protocol for reversing port 2083 and 2031

I am using Nginx+Varnish+Apache webserver configuration btw.

Offline
****
Re: I am facing multiple problem with CWP and SSL
« Reply #5 on: December 19, 2023, 01:02:05 AM »
if this line is there, it's redirecting.

return 301 https://$server_name$request_uri;
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: I am facing multiple problem with CWP and SSL
« Reply #6 on: December 19, 2023, 01:22:27 AM »
yup none of the conf contains those. I also didn't enable anything related to https forcing. so unless those rediects comes default with cwp confs it's unlikely there.

I can dm you the access to the server to check if you want. i don't mind since this is a demo server.

Offline
****
Re: I am facing multiple problem with CWP and SSL
« Reply #7 on: December 19, 2023, 01:36:35 AM »
You can check the log file /root/.acme.sh/acme.sh.log to see what is going on.
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: I am facing multiple problem with CWP and SSL
« Reply #8 on: December 19, 2023, 01:40:09 AM »
sudo tail /root/.acme.sh/acme.sh.log
tail: cannot open '/root/.acme.sh/acme.sh.log' for reading: No such file or directory

Offline
****
Re: I am facing multiple problem with CWP and SSL
« Reply #9 on: December 19, 2023, 02:41:21 AM »
is  /.well-known/acme-challenge/   and /.well-known/pki-validation   present the the panel. vhost file?
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: I am facing multiple problem with CWP and SSL
« Reply #10 on: December 19, 2023, 10:30:56 AM »
yes with a alias of "/usr/local/apache/autossl_tmp/.well-known/acme-challenge"

Offline
****
Re: I am facing multiple problem with CWP and SSL
« Reply #11 on: December 19, 2023, 07:32:50 PM »
Please visit https://letsdebug.net/  and post the results
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: I am facing multiple problem with CWP and SSL
« Reply #12 on: December 19, 2023, 10:33:53 PM »


server.domain.com is my hostname and I have port 80 open just to confirm.

Offline
****
Re: I am facing multiple problem with CWP and SSL
« Reply #13 on: December 20, 2023, 01:00:42 AM »
Without the actual domain name, it's kind of hard to actually help you. 
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: I am facing multiple problem with CWP and SSL
« Reply #14 on: December 20, 2023, 02:10:23 PM »