Hi,

I’m trying to install your certificate on my VPS using Virtualmin, but I keep getting the following error message:

HERE’S AN IMAGE OF THE ERROR MESSAGE THAT I KEEP GETTING.

image1760×717 108 KB

" Requesting a certificate for aaronestebancoaching.com from Let’s Encrypt …
… request failed : Web-based validation failed : Failed to request certificate :

Traceback (most recent call last): File “/usr/share/webmin/webmin/acme_tiny.py”, line 198, in main(sys.argv[1:]) File “/usr/share/webmin/webmin/acme_tiny.py”, line 194, in main signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca, disable_check=args.disable_check, directory_url=args.directory_url, contact=args.contact) File “/usr/share/webmin/webmin/acme_tiny.py”, line 143, in get_crt raise ValueError(“Wrote file to {0}, but couldn’t download {1}: {2}”.format(wellknown_path, wellknown_url, e)) ValueError: Wrote file to /home/aaronestebancoaching/public_html/.well-known/acme-challenge/MoG3aaTNE3M1-xqWYcGT4JuAuZW2Rf_u57CkDePECdQ, but couldn’t download http://aaronestebancoaching.com/.well-known/acme-challenge/MoG3aaTNE3M1-xqWYcGT4JuAuZW2Rf_u57CkDePECdQ: Error: Url: http://aaronestebancoaching.com/.well-known/acme-challenge/MoG3aaTNE3M1-xqWYcGT4JuAuZW2Rf_u57CkDePECdQ Data: None Response Code: 404 Response: 404 Not Found

Not Found

The requested URL was not found on this server.

DNS-based validation failed : Neither DNS zone aaronestebancoaching.com or any of its sub-domains exist on this system "

I keep getting this error message while trying to install Lets Encrypt in my Virtualmin.

Can you please tell me exactly what is most likely causing this issue? I’d greatly appreciate your support.

Regards,

Aaron E.

Using DNSChecker.org shows ***no AAAA record found, no CNAME found, no MX record found, no PTR record found, no SRV record found, no TXT record found and no CAA record found. It looks like you have to get these fixed before you can attempt to get a Lets Encrypt certificate. There’s nothing for Let Encrypt to use for validation because nothing appears to be set up for your domain (other than your A record). Trying to reach your domain name results in a time out.

Your domain doesn’t resolve at all - even without SSL.

First make sure it works on HTTP then add a cert to it…

Looks like DNS config as @JimPas pointed out…

Hi @JimPas

that's not a problem creating a certificate. MX/PTR/SRV are completely irrelevant. Missing AAAA (ipv6), CNAME are ok. There is a working A record, Letsencrypt sees the error message and is able to find the domain ip address.

But trying to go to the domain is just timing out. I tried typing in the domain in my address bar (timed out), and tried using MX tools (timed out) and the DNS Checker (timed out). His domain isn’t being reached.

Timeout is a different problem.

Checking the domain via https://check-your-website.server-daten.de/?q=aaronestebancoaching.com

That DNS entry (one A-record)

is enough to create a certificate via http validation. If dns validation is used, that A record isn't required.

There is no DNSSEC used and no CAA (see the #CAA part) defined, so the DNS isn't a problem. The domain name is public and the ip address isn't a private ip address.

Now the domain has a timeout. That may be a firewall or something else.

But there

the server has answered.

Did you get this working?
Is it maybe that your website path is wrong? Check that there is a .well-known folder in your root path of your website?

I got the same issue when i want to renew,
Last successful renewal| 11/08/2019
Last failed renewal| 02/14/2020 1:13:29 AM

Traceback (most recent call last):
  File "/usr/share/webmin/webmin/acme_tiny.py", line 198, in <module>
    main(sys.argv[1:])
  File "/usr/share/webmin/webmin/acme_tiny.py", line 194, in main
    signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca, disable_check=args.disable_check, directory_url=args.directory_url, contact=args.contact)
  File "/usr/share/webmin/webmin/acme_tiny.py", line 143, in get_crt
    raise ValueError("Wrote file to {0}, but couldn't download {1}: {2}".format(wellknown_path, wellknown_url, e))
ValueError: Wrote file to /home/nachtpost/public_html/www/.well-known/acme-challenge/QVTNl83Fj5qP2wSuPz3hXIo7P-uiIWS_xtJPe9btWZ4, but couldn't download http://nachtpost.be/.well-known/acme-challenge/QVTNl83Fj5qP2wSuPz3hXIo7P-uiIWS_xtJPe9btWZ4: Error:
Url: http://nachtpost.be/.well-known/acme-challenge/QVTNl83Fj5qP2wSuPz3hXIo7P-uiIWS_xtJPe9btWZ4
Data: None
Response Code: 404
Response: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL was not found on this server.</p>
</body></html>

You can reach the Url… still got this not working.
Someone with a solution?

I have the same error, funny thing the url works just fine

@kehyian you should double-check whether it works from outside of your local network, and also whether it works in both IPv4 and IPv6 if you have an AAAA record.

Thanks for the reply!
I followed your advice but unfortunately I can reach the url from every network I tried.
On the same vps (which runs virtualmin) I have another 4 domains and I don’t have any problem with their certificates.

Ok I have some good news.
It turns out it was a misconfiguration of “DNS Client Options”.

@kehyian what do you mean by “DNS Client Options”. Can you pls explain, I have the same issue.

It’s part of Network Configuration under Webmin.

Webmin - Networking - Network Configuration - Hostname and DNS Client

There in Resolution order you must put DNS in the first “box” (at least that worked in my case)

Ah, thanks, good to know.

So if there is "local" selected, it's possible to test a new server.

But it may be impossible to create a certificate.

Thanks for reporting back

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.