Can´t get SSL Cert after Install NGINX

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: revisionesdegas.com.co

I ran this command: I use Directadmin + custombuild 2.0

It produced this output:
Cannot Execute Your Request

Details

Challenge pre-checks for http://revisionesdegas.com.co/.well-known/acme-challenge/letsencrypt_1608146581 failed... Command:
/usr/local/bin/curl --connect-timeout 40 -k --silent --resolve revisionesdegas.com.co:80:46.166.173.175 --resolve revisionesdegas.com.co:443:46.166.173.175 -I -L -X GET http://revisionesdegas.com.co/.well-known/acme-challenge/letsencrypt_1608146581
Exiting.

My web server is (include version): Centos 7 + Directadmin + Nginx as Proxy Reversew

The operating system my web server runs on is (include version): Centos 7

My hosting provider, if applicable, is: Cherry Server

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): DirectAdmin

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot) certbot 1.9.0

1 Like

Hi @EnekoLaiz

there is no answer. A working port 80 is required if you want to use http validation.

Read

1 Like

Hi Juergen, thanks , Im behind a proxy reverse nginx .. is there any way to set this to get it work ?

1 Like

Does your nginx reverse proxy forward requests from the Internet on port 80 of 46.166.173.175 to your server?

1 Like

Thanks Schoen, I guess so Yes, The Normal Request works, How Can I check that ?

1 Like

Not exactly relevant... But amusing to see the results of:
openssl s_client -connect revisionesdegas.com.co:443

---
Certificate chain
 0 s:/C=US/ST=Someprovince/L=Sometown/O=none/OU=none/CN=localhost/emailAddress=webmaster@localhost
   i:/C=US/ST=Someprovince/L=Sometown/O=none/OU=none/CN=localhost/emailAddress=webmaster@localhost
 1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO High-Assurance Secure Server CA
   i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
 2 s:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
   i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
 3 s:/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA
   i:/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA
 4 s:/C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2006 thawte, Inc. - For authorized use only/CN=thawte Primary Root CA
   i:/C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2006 thawte, Inc. - For authorized use only/CN=thawte Primary Root CA
 5 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3
   i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
 6 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
   i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
---

I've never seen a localhost cert chained to anything - much less to that many things!

1 Like

Are there any other servers in addition to your server behind the same reverse proxy?

Is the reverse proxy usable from your server (to connect to itself)? This is apparently what your Directadmin software is trying to do.

1 Like

Thanks to All, i going to uninstall Totally the Let´sEncrypt.

Have some recommendations to proceed with it.?

uninstall totally / Clean the House and Reinstall With Actual Parameters,

3 Likes