Hi, I’m trying to use --webroot to authenticate a cert. I’m running ISPConfig 3.1 latest version but I dont host sites, just use it as an email server so I only have one webroot and want to just install the certs, then symlink to them from the ispc files. I tried running:
certbot certonly --webroot -w /var/www/html/ -d mail4.domain.com
and I can see the ./well-known directory and I can browse to it online (so dns works), but there is no acme-challenge subfolder, which i’m guessing is why the challenge fails. Should I make it manually or is it a temp thing that certbot makes?
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
Do you have an IPv6 AAAA record for your domain name?
It shouldn’t be a problem if .well-known/acme-challenge doesn’t exist at other times. But if you do create acme-challenge, and add a file /var/www/html/.well-known/acme-challenge/test.txt, can you see it in your browser at https://mail4.domain.com/.well-known/acme-challenge/test.txt?
I do not have ipv6 enabled on this server, just ip4. I can make the folder, and I can see it, but if I try and access the test.txt file, i get a forbidden error. Permissions issue or apache issue?
got it working, in the sites-available folder of apache, there is an ispconfig.conf file and somehow it had a line for an alias redirecting that .well-known folder to another usr folder, so I commented it out and it verified. Now I just need to link the certs to ones it uses and automate it.