Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My web server is (include version): nginx/1.14.0 (Ubuntu)
The operating system my web server runs on is (include version): Ubuntu 18.04
I can login to a root shell on my machine (yes or no, or I don’t know): YES!!!
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): nop but i installed iRedMail and in other servers before there was no problem
I am using --staging because otherwise i get :
_An unexpected error occurred:_
_ There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/_
because i was trying like 2 hours to solve this problem
(it's the same like your "Connection reset by peer").
There is an instance who checks the client. Is it possible that you remove that if the url starts with
/.well-known/acme-challenge/
Are there rewrite-rules or something else to do such things?
If this is not possible, you may use dns-01 - validation, not http-01 - validation. Then you have to create a dns text entry (in your domain nameserver settings)
_acme-challenge.mail.cimr-innovations.com
with a special value.
But: You have to change this value every 60 - 80 days, because Letsencrypt certificates are only 90 days valide. So your dns-provider should have a supported API to automate that.
@Moralitos28, @JuergenAuer doesn't mean to delete this directory, but rather to create an exception to whatever part of your web server configuration is serving this Javascript code.
There is something in your web server configuration that doesn't allow this file to be served without a redirection or first interpreting a script. It might be something advertised as a DDoS prevention or scraping prevention service, and it's not compatible with Let's Encrypt's validation.
# /etc/nglinx/sites-enable
# Note: This file must be loaded before other virtual host config files,
#
# HTTP
server {
# Listen on ipv4
listen 80;
# Listen on ipv6.
# Note: this setting listens on both ipv4 and ipv6 with Nginx release
# shipped in some Linux/BSD distributions.
#listen [::]:80;
location ^~ /.well-known/acme-challenge/ {
allow all;
default_type "text/plain";
}
server_name _;
return 301 https://$host$request_uri;
}
and
#./ssl.config
# Note: This file must be loaded before other virtual host config files,
#
# HTTPS
server {
listen 443;
server_name mail.cimr-innovations.com cimr-innovations.com;
root /var/www/html;
index index.php index.html;
location ^~ /.well-known/acme-challenge/ {
allow all;
default_type "text/plain";
}
include /etc/nginx/templates/misc.tmpl;
include /etc/nginx/templates/ssl.tmpl;
include /etc/nginx/templates/iredadmin.tmpl;
include /etc/nginx/templates/roundcube.tmpl;
include /etc/nginx/templates/sogo.tmpl;
include /etc/nginx/templates/netdata.tmpl;
include /etc/nginx/templates/php-catchall.tmpl;
}
where and what i have to change to make this work? I already treat everything!
I really think there’s something else like a firewall or reverse proxy in front of this server that’s dropping connections. Your nginx configuration above doesn’t do that, but something does!
OKY I RESOLVE IT! The Modem-Router BackPort of Service whas Listening in the 80 port bloking the conexion reseting it! Because of that @JuergenAuer get a Docsis_sytem.asp insted of a html or nglinx code or anything ! Thanks To @schoen !