Acme challenge 404 error

[antoniobenedetti]

I'm getting this error while running 'letsencrypt-vesta admin mydomain.com':

Failed authorization procedure. www mydomain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www mydomain.com/.well-known/acme-challenge/some gibberish Server IP: 404, mydomain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http:// mydomain.com/.well-known/acme-challenge/some gibberish Server IP: 404

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: www mydomain.com Type: urn:acme:error:unauthorized Detail: Invalid response from http://www mydomain.com/.well-known /acme-challenge/some gibberish

  Domain: mydomain.com Type: urn:acme:error:unauthorized Detail: Invalid response from http:// mydomain.com/.well-known/acme- challenge/some gibberish

The same exact setup while using CentOS 6 instead of CentOS 7 it works fine and it generates cert. Only when using CentOS 7 i get this issue. I turned off the server firewall just in case.

[antoniobenedetti]

I solved this by using 'letsencrypt-auto' and 'public_html' as webroot. 'letsencrypt-vesta' didn't work for me so i had to apply it via the control panel manually.

[Bechrissed]

I had the same problem but after checking my config it worked. You get this errors when your apache and/or nginx config isn't set correctly. The ACME client cannot reach your server and the authentication fails. Retry to config your setup from the readme and it should work.

[leisegang]

I cant get this to work either, you should probably fix something. I am running CentOS 7 with latest VestaCP How can this be fixed to work easy on centos 7?

[triasrahman]

I have the same problem on Ubuntu 14.04. How to solve this?

Thanks,

[core01]

This config works to me

[jpitoniak]

I will try spinning up a couple of test servers to try to recreate this as soon as I can. I'm primarilly using CentOS 6.x boxes right now. I did some testing on CentOS 7 and on Ubuntu before the last update was published, but I may not have hit all the right use cases.

In order to help me in testing, please update this ticket with the following:

• OS and version
• Whether you're using the standard Apache-Nginx config, or an Apache-only or Nginx-only configuration.
• If using both Apache and Nginx, which server did you configure the to handle acme-challenge requests?

Also, if using Nginx to handle the acme-challenge, be sure that you've properly configured all of your sites. Unlike Apache, Nginx doesn't have the concept of a "global configuration," so the alias to the acme-challenge directory needs to be added to each and every site's configuration. This is done by adding the configuration listed in the README file to any and all relevant Nginx templates in /usr/local/vesta/data/templates/web/nginx (and subdirectories thereof) AND running [[v-rebuild-web-domains USERNAME]] for every users AND restarting nginx to make it all take effect.

[dekyfin]

I'm also getting the same error. I'm using nginx only I did the following to troubleshoot the problem

• I checked the /etc/letsencrypt/webroot directory and it was empty.
• I created a file /etc/letsencrypt/webroot/test.html and visited mysite.com/.well-known/acme-challenge/test.html and it opens, but the acme challenge url always returns a 404.

So I suppose the challenge file is not being written to the /etc/letsencrypt/webroot/ directory

[ChadTaljaardt]

same issue

[mikhailnov]

i'm using the vesta default apache+nginx configuration and solved the issue by cd /home/admin/web/mydomain.tld/public_html and only after that I ran letsencrypt-vesta admin mydomain.tld

[integrateddigital]

@mikhailnov Sorry, I am having the same problem but I couldnt understand what you mean by "cd /home/admin/web/mydomain.tld/public_html" just by CD'ing into the path of your domain resolved it ?! or do you mean you created ( or removed ) a file ? ( index.html ? ) Thanks for any help !

[mikhailnov]

I meant that I first changed the terminal working directory to that one and ran the command from there. But i'm not sure whether it will work now. Try installing vim-common package

[mikhailnov]

Sorry, I meant that the last Vesta release has a built in capability to obtaain Letencrypt certificate and it has a command line interface. Install vim-common and use it (or the web GUI). Installing vim-common solves error 400.

[integrateddigital]

thank you @mikhailnov - it worked.

[mikhailnov]

What exactly worked?

15 декабря 2016 г. 16:56:49 GMT+03:00, integrateddigital notifications@github.com пишет:

@mikhailnov Sorry, I am having the problem but I couldnt understand what you mean by "cd /home/admin/web/mydomain.tld/public_html" just by CD'ing into the path of your domain resolved it ?! or do you mean you created ( or removed ) a file ? ( index.html ? ) Thanks for any help !

-- You are receiving this because you were mentioned. Reply to this email directly or view it on GitHub: https://github.com/interbrite/letsencrypt-vesta/issues/11#issuecomment-267333036

-- Простите за краткость, создано в K-9 Mail.

[glarkou]

I resolved this issue by removing:

include /home/impact/conf/web/(s)nginx.domain.com.conf*;

the s from snginx.conf when including the automatically created files by vesta.

Hope that helps.