So, I've been creating wordpress sites (.com / .net) etc. on a digitalocean vps and have been using easyengine. This is an install script that installes a web environment and has a command to add SSL through letsencrypt as well....
So, this worked perfectly untill now.
I have registered a .NL domain name and installed a second wordpress blog on a VPS that already has a wordpress installation (including SSL through letsencrypt) ..
However, if I try to add SSL to the second domain name (.NL) .. I get this output from EE :
Unable to setup, Let's Encrypt
Please make sure that your site is pointed to
same server on which you are running Let's Encrypt Client
to allow it to verify the site automatically.
Ofcourse, the domain name is on the same servers as the command client I am using ... this is obvious ..
That's correct. I used the EE command sudo ee update site.NL --letsencrypt (always worked perfectly). But it seems my many failed attempts to get the certificate leadsd now to a too many attempts problem as well ...
The output of the EE log is:
2018-02-28 07:53:49,461 (WARNING) ee : Please Wait while we fetch SSL Certificate for your site.
It may take time depending upon network.
2018-02-28 07:53:49,461 (DEBUG) ee : Running command: ./letsencrypt-auto certonly --webroot -w /var/www/lexg.nl/htdocs/ -d lexg.nl -d www.lexg.nl --email MYEMAIL@gmail.com --text --agree-tos
2018-02-28 07:53:51,556 (DEBUG) ee : Command Output: ,
Command Error: Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
An unexpected error occurred:
There were too many requests of a given type :: Error creating new authz :: too many failed authorizations recently: see Rate Limits - Let's Encrypt
Please see the logfiles in /var/log/letsencrypt for more details.
2018-02-28 07:53:51,557 (ERROR) ee : Unable to setup, Let's Encrypt
2018-02-28 07:53:51,557 (ERROR) ee : Please make sure that your site is pointed to
same server on which you are running Let's Encrypt Client
to allow it to verify the site automatically.
So in the meantime you will want to figure out why the webroot that EE is passing to Let's Encrypt (/var/www/lexg.nl/htdocs/) doesn't seem to correlate with what document root is used when actually visiting the domain.
yes it does ... It seems like no files are written to the acme-challenge folder while trying to fetch the certificate .. (at least that's what my logic tells me ... and that might be off) ...
Maybe I should wait and try when the rate limit is reset ...
$ curl -6 -i http://lexg.nl/.well-known/acme-challenge/test.txt
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 28 Feb 2018 09:14:57 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Vary: Accept-Encoding
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx</center>
</body>
</html>
Your nginx virtualhost for that domain looks like it's only bound to IPv4. You need to tell nginx to also respond on IPv6 for that virtualhost, or withdraw the AAAA record for the domain.
Let's Encrypt will always prefer the AAAA record for a domain, if it exists.
For simplicity … I will just use Ipv4 … we’ll see what happens in a few years … many thanks for your help again … it would have taken me a few days to figure that one out (as simple as it was) … You saved me alot of time here …thanks !