search

interbrite / letsencrypt-vesta

Automate Let's Encrypt Certificate Installation for VestaCP
Other
217 stars 64 forks source link

Acme challenge error although file exist and is accesible. #56

Open vincurekf opened 7 years ago

vincurekf commented 7 years ago

I have been fighting with this for the past 2 days and it does not seem to have any solution. I've followed steps for installation one by one, then applied fixes:

And just to be sure, pasted this at the end of /etc/apache2/apache2.conf:

# Let's Encrypt Webroot Configuration for Apache
#
# In "webroot" mode, the Let's Encrypt client will attempt to write a
# temporary file to the /.well-known/acme-challenge directory within
# the website's root directory in order to perform the domain
# verification.  Since every Vesta site has a different
# web root directory, this directive creates an alias that will allow
# the Let's Encrypt Client to write these files to a central location
# that can be accessed from all sites.
Alias /.well-known/acme-challenge /etc/letsencrypt/webroot/.well-known/acme-challenge

# Ensure that the proper Content-type header is returned with
# challenge responses
<IfModule mod_headers.c>
  <LocationMatch "/.well-known/acme-challenge/*">
    Header set Content-Type "application/jose+json"
  </LocationMatch>
</IfModule>

When I run letsencrypt-vesta -a 60 admin mydomain.com I get following output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mydomain.com
http-01 challenge for www.mydomain.com
Using the webroot path /etc/letsencrypt/webroot for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. www.mydomain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.mydomain.com/.well-known/acme-challenge/qj4eqi5wWrTdwx5F8RZrtP5hMHjLoaBKUf8QVlVDYww: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p", mydomain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://mydomain.com/.well-known/acme-challenge/x8EFa63E7VPnzUEqrupriqFznW9ZM9eFlM_2m7lLHN4: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p"

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: www.mydomain.com
   Type:   unauthorized
   Detail: Invalid response from
   http://www.mydomain.com/.well-known/acme-challenge/qj4eqi5wWrTdwx5F8RZrtP5hMHjLoaBKUf8QVlVDYww:
   "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
   <html><head>
   <title>404 Not Found</title>
   </head><body>
   <h1>Not Found</h1>
   <p"

   Domain: mydomain.com
   Type:   unauthorized
   Detail: Invalid response from
   http://mydomain.com/.well-known/acme-challenge/x8EFa63E7VPnzUEqrupriqFznW9ZM9eFlM_2m7lLHN4:
   "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
   <html><head>
   <title>404 Not Found</title>
   </head><body>
   <h1>Not Found</h1>
   <p"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A record(s) for that domain
   contain(s) the right IP address.
Let's Encrypt returned an error status.  Aborting.

But if I try to curl http://mydomain.com/.well-known/acme-challenge/x8EFa63E7VPnzUEqrupriqFznW9ZM9eFlM_2m7lLHN4 i get valid response:

root@mydomain ~# curl http://www.mydomain.com/.well-known/acme-challenge/qj4eqi5wWrTdwx5F8RZrtP5hMHjLoaBKUf8QVlVDYww
qj4eqi5wWrTdwx5F8RZrtP5hMHjLoaBKUf8QVlVDYww.pOMFy-zgTXtZ6La32RDlZ_FXELZOpMNuh7X8VUeu9DM⏎

I have 755 permissions on /etc/letsencrypt/webroot and the folder is owned by root, I tried to chown it by admin with no difference.

joomlagate commented 6 years ago

Today I met the same issue.

How to solve this?

Did the author of this project stopped working on it?