search

outroll / vesta

VESTA Control Panel
http://vestacp.com
GNU General Public License v3.0
2.95k stars 1.03k forks source link

Let's Encrypt nonce request status #1886

Open albasyir opened 5 years ago

albasyir commented 5 years ago

Operating System (OS/VERSION):

Ubuntu 18.04 LTS

VestaCP Version:

0.9.8

Installed Software (what you got with the installer):

--nginx yes --apache yes --phpfpm no --named yes --remi yes --vsftpd yes --proftpd no --iptables yes --fail2ban yes --quota no --exim yes --dovecot yes --spamassassin yes --clamav yes --softaculous no --mysql yes --postgresql yes

Steps to Reproduce:

Too many install Lets Encrypt on domain and I don't know to revoke certificate

Related Issues/Forum Threads:

i can't find same issues

Other Notes:

My Question Is

How to fix this problem, now i cant install Lets Encrypt and have error msg "Let's Encrypt nonce request status".

Thanks for advance!

alfiyansys commented 5 years ago

Just upgraded to Ubuntu 18.04, got same problem here,

alfiyansys commented 5 years ago

Just upgraded to Ubuntu 18.04, got same problem here,

This is result of libcurl3 & libcurl4 incompatibility, LE depended on curl, which is curl depended on libcurl4, but vestacp need libcurl3.

Found workaround, we need to keep old library, just little tinkering and init script hack.

Referenced from: https://dev.to/jake/using-libcurl3-and-libcurl4-on-ubuntu-1804-bionic-184g Just follow first step to install libcurl3, copy libcurl.so.3 library from libcurl3 package, 

# apt install libcurl3 -y #this removes curl and php-curl
# cd /usr/lib/x86_64-linux-gnu
# cp libcurl.so.4.5.0 libcurl.so.3

Then reinstall libcurl4 and curl # apt install curl libcurl4 libcurl4-openssl-dev php-curl -y --reinstall

Make vesta to run using old library: Edit /etc/init.d/vesta, add below line just below start_php: env LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libcurl.so.3

image

Restart vesta, and try to run letsencrypt, it should working fine:

# systemctl daemon-reload
# service vesta start
# v-add-letsencrypt-domain user domain.com
mr-yoshi commented 5 years ago

The above solution did not help

samqi commented 5 years ago

me too

LordMrcS commented 5 years ago

Found the problem!

It's in the file /usr/local/vesta/bin/v-add-letsencrypt-domain

Update the line 113 where reads: HTTP/1.1 For: HTTP/2

Since the API now runs on HTTP 2.0 the grep fails without this mod.

Edit: In fact gotta update it in all occurrences because all greps are failing after.

ScIT-Raphael commented 5 years ago

https://github.com/serghey-rodin/vesta/commit/ae328a0935168aa83e2768714bebfb6c2295aa7f

shahidirfan100 commented 5 years ago

Found the problem!

It's in the file /usr/local/vesta/bin/v-add-letsencrypt-domain

Update the line 113 where reads: HTTP/1.1 For: HTTP/2

Since the API now runs on HTTP 2.0 the grep fails without this mod.

Edit: In fact gotta update it in all occurrences because all greps are failing after.

It did not solve my problem. After changing to HTTP 2.0. Now it gives 400 error.

LordMrcS commented 5 years ago

In the commit linked above another change was made: Replace all 'grep Nonce' with grep -i nonce Edit: you basically do all the changes in that commit.

sicutdeux commented 5 years ago

I downloaded those 2 files and replaced them on my /bin folder on vesta, the error keeps poping up, so it's not a fix yet.

sicutdeux commented 5 years ago

Finally i replaced: HTTP/1.1 or HTTP/ (this last one if you used the commit above) with HTTP/2 in

v-add-letsencrypt-user v-add-letsencrypt-domain

and it worked, i'm leaving there the 2 files for easy fix.

fix.zip

kapkory commented 5 years ago

Finally i replaced: HTTP/1.1 or HTTP/ (this last one if you used the commit above) with HTTP/2 in

v-add-letsencrypt-user v-add-letsencrypt-domain

and it worked, i'm leaving there the 2 files for easy fix.

fix.zip

I have copied yours and am getting error code 1

shahidirfan100 commented 5 years ago

Now, it fixed my problem. Thanks

ScIT-Raphael commented 5 years ago

Just download the already patched files to your installation:

wget https://raw.githubusercontent.com/serghey-rodin/vesta/master/bin/v-add-letsencrypt-domain -O $VESTA/bin/v-add-letsencrypt-domain
wget https://raw.githubusercontent.com/serghey-rodin/vesta/master/bin/v-add-letsencrypt-user 1 -O $VESTA/bin/v-add-letsencrypt-user
chmod +x $VESTA/bin/v-add-letsencrypt-domain
chmod +x $VESTA/bin/v-add-letsencrypt-user
sicutdeux commented 5 years ago

That is what I did initially, it didn't work, changing the HTTP/ to HTTP/2 did the trick.

El jue., 26 de sep. de 2019 2:35 a. m., Raphael Schneeberger < notifications@github.com> escribió:

Just download the already patched files to your installation:

wget https://raw.githubusercontent.com/serghey-rodin/vesta/master/bin/v-add-letsencrypt-domain -O $VESTA/bin/v-add-letsencrypt-domain wget https://raw.githubusercontent.com/serghey-rodin/vesta/master/bin/v-add-letsencrypt-user 1 -O $VESTA/bin/v-add-letsencrypt-user chmod +x $VESTA/bin/v-add-letsencrypt-domain chmod +x $VESTA/bin/v-add-letsencrypt-user

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/serghey-rodin/vesta/issues/1886?email_source=notifications&email_token=AB5ILVFMRU5DLVOAY3DZMFLQLRJ37A5CNFSM4HM767SKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD7UPK7A#issuecomment-535360892, or mute the thread https://github.com/notifications/unsubscribe-auth/AB5ILVCGDPSF7EMSZ2CXVFTQLRJ37ANCNFSM4HM767SA .

juanmaioli commented 5 years ago

Just download the already patched files to your installation:

wget https://raw.githubusercontent.com/serghey-rodin/vesta/master/bin/v-add-letsencrypt-domain -O $VESTA/bin/v-add-letsencrypt-domain
wget https://raw.githubusercontent.com/serghey-rodin/vesta/master/bin/v-add-letsencrypt-user 1 -O $VESTA/bin/v-add-letsencrypt-user
chmod +x $VESTA/bin/v-add-letsencrypt-domain
chmod +x $VESTA/bin/v-add-letsencrypt-user

Work fine in Debian 9 Thanks

alexandrepaiva-dev commented 5 years ago

Just download the already patched files to your installation:

wget https://raw.githubusercontent.com/serghey-rodin/vesta/master/bin/v-add-letsencrypt-domain -O $VESTA/bin/v-add-letsencrypt-domain
wget https://raw.githubusercontent.com/serghey-rodin/vesta/master/bin/v-add-letsencrypt-user 1 -O $VESTA/bin/v-add-letsencrypt-user
chmod +x $VESTA/bin/v-add-letsencrypt-domain
chmod +x $VESTA/bin/v-add-letsencrypt-user

It worked fine for an old domain I was having problem to renew the SSL certificate.

But for new domains I'm getting error "Let's Encrypt domain validation timeout" or "Let's Encrypt validation status 400".

Any idea why? (Ubuntu 18.04) Thanks!

LordMrcS commented 5 years ago

Just download the already patched files to your installation:

wget https://raw.githubusercontent.com/serghey-rodin/vesta/master/bin/v-add-letsencrypt-domain -O $VESTA/bin/v-add-letsencrypt-domain
wget https://raw.githubusercontent.com/serghey-rodin/vesta/master/bin/v-add-letsencrypt-user 1 -O $VESTA/bin/v-add-letsencrypt-user
chmod +x $VESTA/bin/v-add-letsencrypt-domain
chmod +x $VESTA/bin/v-add-letsencrypt-user

It worked fine for an old domain I was having problem to renew the SSL certificate.

But for new domains I'm getting error "Let's Encrypt domain validation timeout" or "Let's Encrypt validation status 400".

Any idea why? (Ubuntu 18.04) Thanks!

is your domain online and accessible? also verify the alias in those domains.. in any case I guess it's better to open another issue since it seems to be another problem..

ayyilmaz commented 5 years ago

I cant add ssl or renew expired certificate. The problem continues.

alexandrepaiva-dev commented 5 years ago

Just download the already patched files to your installation:

wget https://raw.githubusercontent.com/serghey-rodin/vesta/master/bin/v-add-letsencrypt-domain -O $VESTA/bin/v-add-letsencrypt-domain
wget https://raw.githubusercontent.com/serghey-rodin/vesta/master/bin/v-add-letsencrypt-user 1 -O $VESTA/bin/v-add-letsencrypt-user
chmod +x $VESTA/bin/v-add-letsencrypt-domain
chmod +x $VESTA/bin/v-add-letsencrypt-user

It worked fine for an old domain I was having problem to renew the SSL certificate. But for new domains I'm getting error "Let's Encrypt domain validation timeout" or "Let's Encrypt validation status 400". Any idea why? (Ubuntu 18.04) Thanks!

is your domain online and accessible? also verify the alias in those domains.. in any case I guess it's better to open another issue since it seems to be another problem..

It was my fault, sorry. Everything is working well. Thanks!

ram108 commented 5 years ago

Was the bug fixed in recent release 0.9.8-26?

ram108 commented 5 years ago

So, it is fixed in last release and the thred should be closed.

albasyir commented 5 years ago

Just download the already patched files to your installation:

wget https://raw.githubusercontent.com/serghey-rodin/vesta/master/bin/v-add-letsencrypt-domain -O $VESTA/bin/v-add-letsencrypt-domain
wget https://raw.githubusercontent.com/serghey-rodin/vesta/master/bin/v-add-letsencrypt-user 1 -O $VESTA/bin/v-add-letsencrypt-user
chmod +x $VESTA/bin/v-add-letsencrypt-domain
chmod +x $VESTA/bin/v-add-letsencrypt-user

work in ubuntu 18.04

ghost commented 4 years ago

I still get this error on Ubuntu 18.04, Vesta 0.9.8.

xvoland commented 4 years ago

@WonderingDane

I still get this error on Ubuntu 18.04, Vesta 0.9.8.

$ wget https://dl.eff.org/certbot-auto $ sudo mv certbot-auto /usr/local/bin/certbot-auto $ sudo chown root /usr/local/bin/certbot-auto $ sudo chmod 0755 /usr/local/bin/certbot-auto $ certbot-auto