Certificate renewal fail

Hello Community,

I’ve several domains, hosting on my own server at home.

It’s strange, because updating the domain https://www.unique-project.de/ works fine. Another domain (https://www.groom-it.com/) fail instead. Initially both domains work fine. The certification become created. But the update on of it fail.

Both domains were hosted on the same server (Debian && Virtualmin). Webserver = Apache2

If I ran the following command, the update fail:
cd /root/letsencrypt/ && ./letsencrypt-auto certonly --email postmaster@groom-it.com --agree-tos --webroot --renew-by-default -w /home/groom-it/public_html/ -d www.groom-it.com -d groom-it.com --authenticator webroot && cp /etc/letsencrypt/live/www.groom-it.com/cert.pem /home/groom-it/ssl_certificates/cert.pem && cp -f /etc/letsencrypt/live/www.groom-it.com/chain.pem /home/groom-it/ssl_certificates/chain.pem && cp -f /etc/letsencrypt/live/www.groom-it.com/fullchain.pem /home/groom-it/ssl_certificates/fullchain.pem && cp -f /etc/letsencrypt/live/www.groom-it.com/privkey.pem /home/groom-it/ssl_certificates/privkey.pem

I the case of fail I produce this output:
erebos - root - /root/letsencrypt - (/bin/bash)
12$ cd /root/letsencrypt/ && ./letsencrypt-auto certonly --email postmaster@groom-it.com --agree-tos --webroot --renew-by-default -w /home/groom-it/public_html/ -d www.groom-it.com -d groom-it.com --authenticator webroot && cp /etc/letsencrypt/live/www.groom-it.com/cert.pem /home/groom-it/ssl_certificates/cert.pem && cp -f /etc/letsencrypt/live/www.groom-it.com/chain.pem /home/groom-it/ssl_certificates/chain.pem && cp -f /etc/letsencrypt/live/www.groom-it.com/fullchain.pem /home/groom-it/ssl_certificates/fullchain.pem && cp -f /etc/letsencrypt/live/www.groom-it.com/privkey.pem /home/groom-it/ssl_certificates/privkey.pem
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for www.groom-it.com
http-01 challenge for groom-it.com
Using the webroot path /home/groom-it/public_html for all unmatched domains.
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. groom-it.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://www.groom-it.com.well-known/acme-challenge/VBGDJIXkQxqiRygUihS2nWkSfNQ6f4ipBnXFD7vyqCU: Error getting validation data, www.groom-it.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://www.groom-it.com.well-known/acme-challenge/CQLEe-sTL8wb60sbPekWpUV_bq5nIrHrlVcQKA50-Wc: Error getting validation data

IMPORTANT NOTES:

The error seems to be plausible… Verification fails. But both domains are equal configured. Filesystem, rights, DNS, everything.

Do you guys have an hint?
What I’m doing wrong?

Thanks 4 Your help,
Axel

It looks as if you have an incorrect redirect ( possibly in your htaccess ? )

You are redirecting from
http://www.groom-it.com/.well-known/acme-challenge/xxx
to
https://www.groom-it.com.well-known/acme-challenge/xxx

notice the missing / after the domain name

2 Likes

You know what? You nailed it… Thanks so much for your help!

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.