Error issuing certificate

Hello,

My domain is: https://zenlife.bg

Today I decided to move my wordpress site to a new domain. Some of the customization wasn’t there after the transfer so I thought it was because of the missing https of the new domain. So, I hoped on cpanel and ran Let’s Encrypt SSL and tried issuing a certificate.

This is what happened:

There was a problem processing your request

• Error issuing certificate
• Failed to issue certificate
• The Let’s Encrypt HTTP challenge failed: acme error ‘urn:acme:error:unauthorized’: Invalid response from http://zenlife.bg/.well-known/acme-challenge/-NexebQThCz9ZuILk56RTg6EYARnKr3KJ1yPJM7mcF8: q%!(EXTRA string=<html> <head><title>404 Not Found</title></head> <body bgcolor=“white”> <center><h1>404 Not Found</h1></center> <hr><center>)

Will grealy appreciate your help.

Regards
Georgi

Hi,

How did you request the certificate?
Did you use the plugin? (Let’s Encrypt SSL) or (SSL/TLS Status)?

Thank you

Hi,

Thank you for responding.

I used the plugin Let’'s Encrypt SSL found in cPanel.

Hi,

It seems that there are a part of the token file name missing…

Are you the owner of the server? (cPanel / WHM installation root user)?

Thank you

I don’t seem to understand your question. The hosting is mine if this is what you mean.

Hi @stevenzhu

Len('-NexebQThCz9ZuILk56RTg6EYARnKr3KJ1yPJM7mcF8') = 43 chars - this is the length of a token. So it looks good.

Hi @georgik

did you use cPanel with your older server? Or did you use another client (like certbot).

Perhaps there is a wrong redirect, so

/.well-known/acme-challenge/1234

is redirected. If you use the same redirect in your new environment, that may not work.

To test, create a file (file name 1234) in /.well-known/acme-challenge/ and test, if you can fetch this file via

http://zenlife.bg/.well-known/acme-challenge/1234

This strangeness is due to a bug in Boulder that was fixed two days ago. However, it would not have affected the outcome of your issuance request, so it can be disregarded.

Manually creating this file and seeing whether you can access it in a browser is definitely a good idea, it will help determine what the issue is.

At the moment the challenge is being placed in the domain's document root but it isn't accessible in a browser. You might need to ask your host about it as they appear to have a few extra customizations in their cPanel that could potentially be interfering.

Uploaded a text file with that name. Cannot be fetched...

Earlier I had a really bad headache as moving the site didn't go as planned. Big part of the customization was omitted on the new domain. I was ready to give up after trying all night to make it work and got it to work just before bed.

Hopefully, tomorrow this issue will too be resolved...

Then please share your nginx - configuration. One thing is curious:

There is a http status 404:

http://zenlife.bg/.well-known/acme-challenge/1234

But checking direct:

download http://zenlife.bg/.well-known/acme-challenge/1234 -h
Error (1): Der Remoteserver hat einen Fehler zurückgegeben: (404) Nicht gefunden.
ProtocolError
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 27 Sep 2018 10:52:19 GMT
Server: ws-httpd

Status: 404 NotFound

there is a "ws-httpd" - server. Is there another webserver - software?

Checking your root:

download http://zenlife.bg/ -h
Connection: keep-alive
Vary: Accept-Encoding,Cookie,User-Agent
Referrer-Policy:
Pragma: public
Accept-Ranges: bytes
Content-Length: 121915
Cache-Control: max-age=0, public, public
Content-Type: text/html; charset=UTF-8
Date: Thu, 27 Sep 2018 10:54:15 GMT
Expires: Thu, 27 Sep 2018 10:54:15 GMT
ETag: "1dc3b-576d74e5fa74f"
Last-Modified: Thu, 27 Sep 2018 09:53:08 GMT
Server: ws-httpd
X-Powered-By: W3 Total Cache/0.9.7

Status: 200 OK

The same Server "ws-httpd". And a Vary - argument "User-Agent". Is this an additional program which blocks or redirects Letsencrypt?

Hi,

Tried installing Let’s Encrypt SSL again through cPanel today and it worked! Here’s how the sucess message looked like:

Screenshot_2.png1275×168 12.4 KB

I’ve no idea what does that mean

Yep, your https://zenlife.bg/ works. But you have mixed content warnings you should fix. Content is loaded via http, not https.

Use Chrome / Firefox, then Ctrl + Shift + I, that opens the console. There you see the files.

Sample:

http://zenlife.bg/wp-content/uploads/2018/05/NewAgeShopfooter-150x150.png

I don't understand that. zenlife.bg - there I can't find a CNAME. Same with zenlife.newageshop.bg.

But it works!

Because that's a addon domain for cPanel, it would create a not existed subdomain on your main (account) domain.

You could simply ignore it.
(Or try to remove it from your DNS)

Thank you

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.