Failed to load certificate

jagjeet · May 24, 2020, 6:15pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:officeapp.host

I ran this command: i clicked on request certificate on virtualmin

It produced this output:request failed : Web-based validation failed : Failed to request certificate :
Traceback (most recent call last):
File “/usr/share/webmin/webmin/acme_tiny.py”, line 198, in
main(sys.argv[1:])
File “/usr/share/webmin/webmin/acme_tiny.py”, line 194, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca, disable_check=args.disable_check, directory_url=args.directory_url, contact=args.contact)
File “/usr/share/webmin/webmin/acme_tiny.py”, line 143, in get_crt
raise ValueError(“Wrote file to {0}, but couldn’t download {1}: {2}”.format(wellknown_path, wellknown_url, e))
ValueError: Wrote file to /home/officeapp/public_html/.well-known/acme-challenge/EbwBusWPJ1M1jw8Ao8bgdO1GPFx45WS5ZZZiY5-vZLc, but couldn’t download http://mail.officeapp.host/.well-known/acme-challenge/EbwBusWPJ1M1jw8Ao8bgdO1GPFx45WS5ZZZiY5-vZLc: Error:
Url: http://mail.officeapp.host/.well-known/acme-challenge/EbwBusWPJ1M1jw8Ao8bgdO1GPFx45WS5ZZZiY5-vZLc
Data: None
Response Code: 404
Response:

404 Not Found

Not Found

The requested URL was not found on this server.

, DNS-based validation failed : Failed to request certificate :
usage: acme_tiny.py [-h] --account-key ACCOUNT_KEY --csr CSR --acme-dir
ACME_DIR [–quiet] [–disable-check]
[–directory-url DIRECTORY_URL] [–ca CA]
[–contact [CONTACT [CONTACT …]]]
acme_tiny.py: error: argument --acme-dir is required

My web server is (include version):ubuntu

The operating system my web server runs on is (include version): Ubuntu Linux 16.04.6

My hosting provider, if applicable, is: digital ocean

I can login to a root shell on my machine (yes or no, or I don’t know):i dont know

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
virtualmin 6.09
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):i dont know

rg305 · May 24, 2020, 6:26pm

So, who knows?
[this is not a shared system - it is a dedicated server]

rg305 · May 24, 2020, 6:31pm

Is there a system administrator?
Who can review the Apache configs, and LE logs?
[and make changes, if needed]

jagjeet · May 24, 2020, 6:33pm

i am sorry i am new to this thing. By root shell do you mean (putty)
Kernel and CPU Linux 4.4.0-169-generic on x86_64
Webmin version 1.942
Usermin version 1.791
operating system Ubuntu Linux 16.04.6

Operating system	Ubuntu Linux 16.04.6
Perl version	5.022001
Path to Perl	/usr/bin/perl
BIND version	9.10
Postfix version	3.1.0
Mail injection command	/usr/lib/sendmail -t
Apache version	2.4.18
PHP versions	7.0.33
Webalizer version	2.23-08
Logrotate version	3.8.7
MySQL version	5.7.30-0ubuntu0.16.04.1
ProFTPD version	1.35
SpamAssassin version	3.4.2
ClamAV version	0.102.3

i guess issue is clearly mentioned in the response i pasted prior to this, i dont understand it but may be you guys do. So kindly help me out if you can…

rg305 · May 24, 2020, 6:33pm

Yes.

jagjeet · May 24, 2020, 6:35pm

yes i can log in to shell on my machine

rg305 · May 24, 2020, 6:37pm

I won’t bother to go over your qualifications.
Please show the output of this command:
apachectl -S
[everything above “ServerRoot:”]

jagjeet · May 24, 2020, 6:38pm

VirtualHost configuration:
139.59.60.150:80 officeapp.host (/etc/apache2/sites-enabled/officeapp.host.conf:1)
139.59.60.150:443 officeapp.host (/etc/apache2/sites-enabled/officeapp.host.conf:58)

rg305 · May 24, 2020, 6:39pm

Well…
There is no vhost config for “mail.officeapp.host”
[problem #1]

jagjeet · May 24, 2020, 6:40pm

could you give me the solution please. I’ll follow the instructions. Its been 7 hours i am stuck on this… I’ll be grateful for any help.

rg305 · May 24, 2020, 6:43pm

If I was your system admin I probably could.
But since I'm not, and seeing that you don't really have one...
My only advice is for you to review all the settings in VirtualMin.
You are asking that system to get a cert for a name that doesn't really exist on that system.
[That can only be fixed by the system administrator - someone who understands how VirtaulMin works]

Best of luck to you.

jagjeet · May 24, 2020, 6:45pm

i followed a tutorial from udemy and did everything as its mentioned in the video. I’ll try and create again see if it works. Thanks for your help. I’ll try and create again see if it works.

rg305 · May 24, 2020, 6:47pm

Pay close attention to any fields where you used “officeapp.host” and should have been “mail.officeapp.host”

Again, best of luck to you.
And cheers from Miami

jagjeet · May 24, 2020, 6:48pm

Thank you, love from india…Namaste

system · June 23, 2020, 6:48pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.