Cloaked url forward domains, cert problem

Hello. I want to create SSL cert for all my doamains, containing these cloaked url forwards, but it won’t let me do it. i’m not professional porgrammer, just a typical person with some skills. Could someone explain me these errors? How to alow certbot to recognize these domains as url forwards?

Thats the error:

IMPORTANT NOTES:

My domain is:
treshcs.cf

I ran this command:
-d treshcs.cf -d www.treshcs.cf -d ftp.treshcs.cf -d poczta.treshcs.cf -d wk.treshcs.cf -d waflowakraina.treshcs.cf -d ts.treshcs.cf -d downloads.treshcs.cf -d pinkmod.treshcs.cf -d boty.treshcs.cf
It produced this output:

My web server is (include version):
Apache, newest version

The operating system my web server runs on is (include version):
Debian 9

My hosting provider, if applicable, is:
Google Cloud VPS

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.28.0

1 Like

Hi @tresh

your setup with

can't work.

Checking that domain

there is a frame - https://check-your-website.server-daten.de/?q=wk.treshcs.cf

http://wk.treshcs.cf/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

Content:

<html> <head> <title></title> <meta name="viewport" content="width=device-width,initial-scale=1"> </head> <!-- This site "wk.treshcs.cf" is using the free URL redirection service at http://freedns.afraid.org/ --> <!-- The real (cloaked URL) site can be found directly at https://treshcs.cf/wk/index.html/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de --> <!-- Please report any abuse of this free service --> 
<frameset frameborder="0" border="0" rows="*,100%" cols="100%" marginwidth="0" marginheight="0"> <frame target="random_name_not_taken1" name="random_name_not_taken1" marginwidth="0" marginheight="0" border="0" noresize scrolling="no"> <frame target="random_name_not_taken2" name="random_name_not_taken2" src="https://treshcs.cf/wk/index.html/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de" border="0" noresize> 
<noframes> 
<a href="https://treshcs.cf/wk/index.html/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de">NOFRAMES: Click here to visit the actual site</a>
 </noframes> </frameset> </html>

That setup can't work. Your wk.treshcs.cf must have an A-entry with the same ip address as your https://treshcs.cf/ has. Or a CNAME with that domain name.

So the Letsencrypt validator sees only frames, not the validation file.

And you must run Certbot on the treshcs.cf domain / ip address.

1 Like

So is there any way that my idea could work? I want wk.treshcs.cf to redirect to some directory on my server, I don’t want to show adress in url bar so it’s cloaked, but I’d like to have ssl for that. Is this possible somehow? I saw someehere on this forum threads with mail page and ssl for that, so I guess there’s a hope?

1 Like

As written: You need an A-record, not a wrong frame. So create one. Your main idea is wrong, your frame redirect is the problem.

1 Like

I don’t understand, I have already wk record with URL forwarding, I tried to create A record with the same name but I can’t.

So I guess there is no other way for cloaked url forwarding to be with ssl?

You would have to remove the URL forwarding, as well as adding a normal A record.

What’s the benefit of the URL forwarding? What does “cloaking” do?

1 Like

Wouldn’t a wildcard certificate for the main domain be sufficient to cover all of his third level domains (sub-domains)?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.