Error create ssl cyberpanel

ikarus · October 2, 2021, 11:41am

that is the path where the files of that domain or vhost are hosted

rg305 · October 2, 2021, 11:46am

Not sure about LiteSpeed, but Apache tends to allow things even when they are rather messed up.
Is there any way to show the equivalent of:
sudo apachectl -t -D DUMP_VHOSTS
OR
sudo apachectl -S

Osiris · October 2, 2021, 11:56am

If that really is the case, please put a test file in the appropriate directory path:

mkdir -p /home/labodademismejoresamigos.info/public_html/.well-known/acme-challenge
echo "testing one two three" > /home/labodademismejoresamigos.info/public_html/.well-known/acme-challenge/testfile

With the test file in place it should be able to view it at http://labodademismejoresamigos.info/.well-known/acme-challenge/testfile

ikarus · October 2, 2021, 12:46pm

[root@centwebpanel201 public_html]# sudo apachectl -t -D DUMP_VHOSTS
sudo: apachectl: command not found
[root@centwebpanel201 public_html]# sudo apachectl -S
sudo: apachectl: command not found

ikarus · October 2, 2021, 12:51pm

You can check it yourself, load the file, it was necessary to assign permissions but that's it

Osiris · October 2, 2021, 3:55pm

What kind of permissions? Maybe Litespeed has some kind of permission behaviour not compatible with certbot too.

You can try to add --debug-challenges to the command line options of your certbot command. That will pause certbot when it has added the challenge token to your webroot path. During that pause, you can inspect the token files within the /acme-challenge/ directory (the same as where you put the test file earlier) with ls -l * or equivalent. Please cross-reference the token files permissions with the permissions required for proper serving of the files in Litespeed. Are the token permissions the same as the (incorrect) permissions of the test file before you changed those permissions? Can you issue a certificate if you manually correct the permissions of the token files?

ikarus · October 2, 2021, 7:36pm

mkdir -p /home/labodademismejoresamigos.info/public_html/.well-known/acme-challenge
echo "testing one two three" > /home/labodademismejoresamigos.info/public_html/.well-known/acme-challenge/testfile 177 / 5000 --> that when executing this command everything was created but from the outside I did not have permissions to access and it was not displayed, I had to add additional permissions by hand
Regarding the rest that you have told me ... excuse my ignorance but I do not understand you, I have taken the entire public_html folder and I have assigned 777 permissions, then I wanted to understand that you mean to execute the following command: sudo certbot certonly -d labodademismejoresamigos.info -d www.labodademismejoresamigos.info --debug-challenges / acme-challenge / ls -l *
which keeps giving me an error, please I am very new in this world, if you tell me command after command I will execute it, or I even give you root access in case you want to take a look and see it faster, since I am a bit stupid currently in this world

ikarus · October 2, 2021, 7:41pm

looking closely, I just saw that inside /home/labodademismejoresamigos.info/
There is a folder called ssl and a folder called certs and another called key

Osiris · October 2, 2021, 7:50pm

That was probably not a good idea.

I don't understand this part of your post.. I did not tell you to run those things as a single command?

ikarus · October 2, 2021, 7:56pm

when you were referring to this: -debug-challenges / acme-challenge / ls -l *
Can you tell me the complete command?

Osiris · October 2, 2021, 8:01pm

I'm not very fond of just handing out commands for people to run without them understanding what they're actually doing. I also think it's not that hard if you just chop up my post in the separate parts:

I assume you do know how to use the commands cd to get to a specific directory and use the command ls?

ikarus · October 2, 2021, 8:23pm

[root@centwebpanel201 ssl]# sudo certbot certonly -d labodademismejoresamigos.info -d www.labodademismejoresamigos.info --dry-run --debug-challenges
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?

1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)

Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
Simulating a certificate request for labodademismejoresamigos.info and www.labodademismejoresamigos.info
Performing the following challenges:
http-01 challenge for labodademismejoresamigos.info
http-01 challenge for www.labodademismejoresamigos.info
Input the webroot for labodademismejoresamigos.info: (Enter 'c' to cancel): /home/labodademismejoreamigos.info/public_html

/home/labodademismejoreamigos.info/public_html does not exist or is not a
directory

Input the webroot for labodademismejoresamigos.info: (Enter 'c' to cancel): /home/labodademismejoresamigos.info/public_html/

Select the webroot for www.labodademismejoresamigos.info:

1: Enter a new webroot
2: /home/labodademismejoresamigos.info/public_html

Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Waiting for verification...

Challenges loaded. Press continue to submit to CA. Pass "-v" for more info about
challenges.

Press Enter to Continue
Challenge failed for domain www.labodademismejoresamigos.info
Challenge failed for domain labodademismejoresamigos.info
http-01 challenge for www.labodademismejoresamigos.info
http-01 challenge for labodademismejoresamigos.info
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

The following errors were reported by the server:

Domain: www.labodademismejoresamigos.info
Type: unauthorized
Detail: Invalid response from
http://www.labodademismejoresamigos.info/.well-known/acme-challenge/YUwX571KJ7RG-jZUIbpvYZQcfn3lM-5fPSFG6bJageA
[176.56.119.157]: "\n<html
style="height:100%">\n\n<meta name="viewport"
content="width=device-width, initial-scale=1, shrink-to-"

Domain: labodademismejoresamigos.info
Type: unauthorized
Detail: Invalid response from
http://labodademismejoresamigos.info/.well-known/acme-challenge/E39KTBHXCsab7fJ4LFMUwALmaotfHid4ZfmHAYPFaEY
[176.56.119.157]: "\n<html
style="height:100%">\n\n<meta name="viewport"
content="width=device-width, initial-scale=1, shrink-to-"

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
[root@centwebpanel201 ssl]#

Osiris · October 2, 2021, 8:29pm

Did you immediately press "Enter" at that point or did you do what I asked you to do earlier?

ikarus · October 2, 2021, 8:38pm

I have verified that inside /home/labodademismejoresamigos.info/public_html/.well-known/acme-challenge creates 2 files with 0640 permissions both, but gives the error and the files disappear

Osiris · October 2, 2021, 8:40pm

Earlier, you said this about the test file (http://labodademismejoresamigos.info/.well-known/acme-challenge/testfile):

What specific permission change did you need to make before the test file worked?

Also, it could have been helpful to see the actual ls -l output of the challenge files. Maybe Litespeed needs specific permissions or specific ownership of the files.

ikarus · October 4, 2021, 7:22am

Good morning, Before I had 0660 permissions, and it could not be accessed before changing to 777 permissions, but without making that change it showed the 404 error screen, however if I put 0664 if it loads the web

rg305 · October 4, 2021, 7:30am

664 is better than 777
644 might be even better...

ikarus · October 4, 2021, 9:50am

I'm not saying no ... but with 0777 we know that it is not a permission failure

rg305 · October 4, 2021, 9:57am

Did 664 work like 777 ?
If so, try with 644.

ikarus · October 4, 2021, 10:08am

with 0664 it works fine, now we have to see why it doesn't work ...