Error OpenLightSpeed + Let's encrypt certificate : is inaccessible, please verify!

Helem · December 8, 2020, 4:07pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: imoveiscomluxo.com

I ran this command: it asked my domain name

It produced this output:

Enter the root domain only, then the system will add both the root domain and th e www domain for you.
Your domain: imoveiscomluxo.com
The domain you put is: imoveiscomluxo.com
Please verify it is correct. [y/N] y

Domain has been added into OpenLiteSpeed listener.

Do you wish to issue a Let's encrypt certificate for this domain? [y/N] y
imoveiscomluxo.com.com is inaccessible, please verify!

My web server is (include version): https://marketplace.digitalocean.com/apps/openlitespeed-wordpress

The operating system my web server runs on is (include version): OpenLiteSpeed WordPress 5.5 on Ubuntu 20.04

My hosting provider, if applicable, is: DigitalOcean

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): idk

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): https://marketplace.digitalocean.com/apps/openlitespeed-wordpress

I wanna use cerbot but i got an error and idk how to acess lets encript again to check and fix my domain name

JuergenAuer · December 8, 2020, 4:14pm

Hi @Helem

com.com isn't a valid domain suffix.

Helem · December 8, 2020, 5:52pm

the issue is how i fix that since i put the corret domain ?

JuergenAuer · December 8, 2020, 5:57pm

If you use that idk (no idea, how that works), ask your hoster.

Looks like that control panel has an own client - and that client is buggy.

I don't know why the error message shows com.com, but that can't work.

Helem · December 9, 2020, 5:48am

Check this img, i just tryed again

Osiris · December 8, 2020, 6:27pm

Sounds like a great thing to ask your hosting provider to me indeed.

JuergenAuer · December 8, 2020, 6:31pm

Why is there a Cloudflare certificate and a redirect http -> https?

If the client checks http, the error is expected.

And why is there a public visible WordPress installation?

Do you want that I install your WordPress?

Helem · December 9, 2020, 6:23am

Im trying to set up the best solution for wordpress but i dont have experience with backend and linux language.Looks like the optimal best solution for a wordpress static or dynamic website is OpenLightSpeed + CyberPanel + Redih + Cloudflare
Here is my Cloudflare Config:

I also trying to learn about server caching and any kind of caching that exist as solution so i can be good at optimizing my website.
My website gonna be a simple on just 1 video and some text maybe 1-2 imagens and a form to send number, email and name. my client is a real state agent so i gonna make 1-3 landing pages like that to sell houses.

I wonder if https://marketplace.digitalocean.com/apps/cyberpanel is better than the https://marketplace.digitalocean.com/apps/openlitespeed-wordpress that im using atm
Idk if the version im using use cyberpanel or not and if the solution above is better to me.

EDIT: i tryed turn off the following setting on cloudflare and still got the same erros:

Your SSL/TLS encryption mode is Off (not secure) off

HTTP Strict Transport Security (HSTS) off

Enforce web security policy for your website.

TLS 1.3 off

Enable the latest version of the TLS protocol for improved security and performance.

Automatic HTTPS Rewrites off

Automatic HTTPS Rewrites helps fix mixed content by changing “http” to “https” for all resources or links on your web site that can be served with HTTPS.

JuergenAuer · December 9, 2020, 9:33am

If you use one of these clients and if one of these clients is buggy / doesn't work, you have to ask digitalocean.

It's their client and their configuration, so only that company can fix it.

Helem · December 9, 2020, 12:19pm

Got their answer a few hours ago and it was really bad support, im fucked because i dont know how to fix it, i guess i will delete the droplet and try again. or get into another plataform like linode or google could.

Hello there,

Thank you for reaching out to DigitalOcean. I appreciate your patience in providing the detailed information about the issues you are facing. Sorry for the inconvenience caused and I'd like to provide more insights on this issue.

Firstly, here at DigitalOcean, we offer self-managed infrastructure-as-a-service. This means that DigitalOcean doesn't have access to your Droplets at the command-line or application level for maintenance, troubleshooting, or any other actions.

DigitalOcean's responsibility is maintaining the physical hardware and network that Droplets run on. This gives you a lot of flexibility to customize your Droplets and applications exactly how you want them, but it also carries some additional responsibility in terms of getting things up and running/fixing them if something goes wrong.

We're certainly happy to share advice and try to point you in the right direction, however, we will not be able to fix problems or install applications for you. Being that said, I am pasting below a wonderful tutorial which details about Wordpress installation on your Droplet:
https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-openlitespeed-ubuntu-1804

WordPress is known for having a robust support community. You may consider reaching out to the source for more assistance on this application: https://wordpress.org/support/

Depending on the webserver you are running the following guides will help you get your SSLs installed using Letsencrypt as well as set up automatic renewal.

Nginx: https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04

Apache: https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-16-04

Since you are having challenges in configuring your website, it is not a bad idea to hire a third party for more assistance. Consider a third-party admin-by-the-hour service like BobCares:

https://bobcares.com/remote-infrastructure-management/managed-services/server-administration/pricing/

Through BobCares you can hire a Linux systems administrator to work with you or even resolve problems for you. You can buy several hours at once and use them as you need them, or just buy one and see how you like it.

I hope this clarifies things a bit and offers you some additional options. If you have further questions, please let us know. We're here to help!

Swimmingly,
Pradeep
Developer Support Engineer
DigitalOcean

Don't forget to check out our fantastic community articles!
https://www.digitalocean.com/community

Never share your account password with anyone!
https://www.digitalocean.com/docs/accounts/teams/

Did you remember to take a Snapshot?
https://www.digitalocean.com/docs/images/snapshots/

ref:_00Df218t5m._5004P1LnBzT:ref

JuergenAuer · December 9, 2020, 12:52pm

You should read the link you have shared:

Getting started after deploying OpenLiteSpeed WordPress

First step: Install WordPress
Second step: Create the certificate

If there is a redirect to the WordPress installation, that may not work.

Helem · December 9, 2020, 1:41pm

that means i have to follow this entire step by step before do any configuration on cloudflare ?
i mean i should not even create 2 A record from my cloudflare dns before finish the let encript configuration ?

thanks for all the help

JuergenAuer · December 9, 2020, 4:20pm

You need a working A-record yourdomain -> yourip.

But the Cloudflare proxy configuration is the last step.

Helem · December 9, 2020, 5:00pm

i thinkj the cloudflare might be the issue because i did a follow tutorial before give a shot on lets encript, i just make a second droplet and i got the same issue, i tryed even remove all configs from cloudflare that could cause any issue but i dont work, i even remove DNSSEC, also put both A recods pointing to the server instead of cname.

I gonna w8 a bit and try again after the DNSSEC get removed from my google domain but if dint work i will create or delete my cloudflare account and try again without any configuration on cloudflare.

Cloudflare do proxied by defaut after you make a A-record should i put DNS only ?
EDIT: i got it fixed, the issue was cloudflare after you create an A-Record it put Proxied by default and you has to change to DNS only

I got the certificate should i not put full strickt on cloudflare ? Thanks alot for the support

system · January 8, 2021, 4:41pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.