Hey guys ! I have been trying non stop since the past 24h to solve my problem : enable SSL for my domain. Letsdebug says everything is fine. I cannot find any .well-known folder on my VPS, but i don't know what to do.
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ran this command: v-add-letsencrypt-domain admin seylab.fr
It produced this output: Error: Let's Encrypt validation status 400 (seylab.fr). Details: 403:"xxx.xxx.xxx.xx: Invalid response from http://seylab.fr/ .well-known/acme-challenge/JhnoMpTtQ....
My web server is (include version): I don't really know, I am using Hestia if that helps
The operating system my web server runs on is (include version): Ubuntu 20.04.5 LTS (GNU/Linux 5.4.0-64-generic x86_64)
My hosting provider, if applicable, is: contabo for VPS and OVH for domain name
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): hestia latest version
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.40.0
Tried to install using certbot directly using this comand : certbot --apache and got this other error message, if that helps :
Requesting a certificate for www.seylab.fr
Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsen
No, that doesn't help We were looking to see what kind of web server like Apache, nginx, or similar.
But, I can see that an nginx server is currently responding to HTTP requests to your domain. And, you chose the --apache plugin when running Certbot so something is wrong.
You either need to use the nginx plugin (or --webroot option) or find out why Apache is not responding as expected. You might need to contact Hestia to work this out.
Request to: seylab.fr/173.212.249.68, Result: [Address=173.212.249.68,Address Type=IPv4,Server=nginx/1.23.3,HTTP Status=404], Issue:
Both nginx and apache are present on my VPS, and both are used by Hestia.
When using the ngingx certbot command (sudo certbot --nginx) i get this :
Which names would you like to activate HTTPS for?
We recommend selecting either all domains, or all domains in a VirtualHost/server block.
They may both be installed but you have to choose one to respond to requests sent to your domain name. Or, use one as the proxy for the other or something. That's not unique to Let's Encrypt. That is just how web servers work.
Right now you have nginx responding but from your latest post it shows you have not yet configured the necessary server block for your domain. You should do some further research on how web servers work and how they are configured.
Only the webserver listening on port 80 can satisfy the acme challenge.
This doesn't mean the other won't get certificates. You just have to use the other to authenticate. Like:
certbot --authenticator nginx --installer apache
But you're using a control panel. I would strongly advise to use your control panel features to get your certificates, as control panels tend to mess up whatever they're not controlling .
It actually does. This tells us that the edge webserver will be Nginx, but it also tells us that we should not be attempting to manipulate certbot directly and should instead use the either the Hestia Control Panel web interface or the the Hestia v- command line tools.
You may want to review the following topic and search results in the HestiaCP forum.
We were looking to see what kind of web server like Apache, nginx, or similar.