Godaddy - ssh certification for subdomain - help

show:
lsb_release -a
uname -a

I Linux p3plcpnl0887.prod.phx3.secureserver.net 2.6.32-673.26.1.lve1.4.30.el6.x86_64 #1 SMP Wed Jun 21 19:37:37 EDT 2017 x86_64 x86_64 x86_64 GNU/Linux

is DNS not configured properly for 99anchors.com?

currently I have the following settings in the zone file

The two FQDNs return different IPs:

Name: 99anchors.com
Address: 160.153.71.135

Name: 99anchors.dev.new.citykites.com
Address: 160.153.71.135

Which IP should it be?

show results of
when you login type
pwd
ls -l public_html/

/bin/ls: cannot access public_html/: No such file or directory

99anchors.com is the addon domain
and 99anchors.dev.new.citykites.com is the subdomain of dev.new.citykites.com

Where did you verify the 'public_html/99anchors' ?

have verified the domain 99anchors.com with that folder.
The full path as I see from my file manager is
/home/sm/public_html/99anchors
i used this path as well but didnt get any results

You still have a redirection logic flaw:

wget http://99anchors.com/ --no-check-certificate
–2017-10-14 18:24:45-- http://99anchors.com/
Resolving 99anchors.com (99anchors.com)… 160.153.71.135
Connecting to 99anchors.com (99anchors.com)|160.153.71.135|:80… connected.
HTTP request sent, awaiting response… 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
–2017-10-14 18:24:45-- https://www.99anchors.com/
Resolving www.99anchors.com (www.99anchors.com)… 160.153.71.135
Connecting to www.99anchors.com (www.99anchors.com)|160.153.71.135|:443… connected.
WARNING: no certificate subject alternative name matches
requested host name ‘www.99anchors.com’.
HTTP request sent, awaiting response… 301 Moved Permanently
Location: https://www.www.99anchors.com/ [following]
–2017-10-14 18:24:45-- https://www.www.99anchors.com/
Resolving www.www.99anchors.com (www.www.99anchors.com)… failed: Name or service not known.
wget: unable to resolve host address ‘www.www.99anchors.com

Do you see the problem?:
http://99anchors.com/
redirects to:
http://www.99anchors.com/
redirects to:
http://www.www.99anchors.com/

I think thats because I made some changes in the .htaccess file just a while ago. I will change it back

wget http://99anchors.com/ --no-check-certificate
--2017-10-14 15:30:50--  http://99anchors.com/
Resolving 99anchors.com... 160.153.71.135
Connecting to 99anchors.com|160.153.71.135|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: http://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  http://www.99anchors.com/
Resolving www.99anchors.com... 160.153.71.135
Reusing existing connection to 99anchors.com:80.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Connecting to www.99anchors.com|160.153.71.135|:443... connected.
WARNING: no certificate subject alternative name matches
	requested host name `www.99anchors.com'.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50--  https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
20 redirections exceeded.

Your vhost file doesn’t have an alias for www.99anchors.com

OK… so I have to edit the zone file?What shall I do?

acme.sh --issue -d www.99anchors.com -d 99anchors.com  -w /home/sachinmandalia/public_html/99anchors --debug
[Sat Oct 14 15:40:02 MST 2017] Lets find script dir.
[Sat Oct 14 15:40:02 MST 2017] _SCRIPT_='/home/sachinmandalia/.acme.sh/acme.sh'
[Sat Oct 14 15:40:02 MST 2017] _script='/home/sachinmandalia/.acme.sh/acme.sh'
[Sat Oct 14 15:40:02 MST 2017] _script_home='/home/sachinmandalia/.acme.sh'
[Sat Oct 14 15:40:02 MST 2017] Using config home:/home/sachinmandalia/.acme.sh
https://github.com/Neilpang/acme.sh
v2.7.4
[Sat Oct 14 15:40:02 MST 2017] Using config home:/home/sachinmandalia/.acme.sh
[Sat Oct 14 15:40:02 MST 2017] DOMAIN_PATH='/home/sachinmandalia/.acme.sh/www.99anchors.com'
[Sat Oct 14 15:40:02 MST 2017] Using ACME_DIRECTORY: https://acme-v01.api.letsencrypt.org/directory
[Sat Oct 14 15:40:02 MST 2017] _init api for server: https://acme-v01.api.letsencrypt.org/directory
[Sat Oct 14 15:40:02 MST 2017] ACME_KEY_CHANGE='https://acme-v01.api.letsencrypt.org/acme/key-change'
[Sat Oct 14 15:40:02 MST 2017] ACME_NEW_AUTHZ='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Sat Oct 14 15:40:02 MST 2017] ACME_NEW_ORDER='https://acme-v01.api.letsencrypt.org/acme/new-cert'
[Sat Oct 14 15:40:02 MST 2017] ACME_NEW_ACCOUNT='https://acme-v01.api.letsencrypt.org/acme/new-reg'
[Sat Oct 14 15:40:02 MST 2017] ACME_REVOKE_CERT='https://acme-v01.api.letsencrypt.org/acme/revoke-cert'
[Sat Oct 14 15:40:02 MST 2017] Le_NextRenewTime
[Sat Oct 14 15:40:02 MST 2017] _on_before_issue
[Sat Oct 14 15:40:02 MST 2017] Le_LocalAddress
[Sat Oct 14 15:40:02 MST 2017] Check for domain='www.99anchors.com'
[Sat Oct 14 15:40:02 MST 2017] _currentRoot='/home/sachinmandalia/public_html/99anchors'
[Sat Oct 14 15:40:02 MST 2017] Check for domain='99anchors.com'
[Sat Oct 14 15:40:02 MST 2017] _currentRoot='/home/sachinmandalia/public_html/99anchors'
[Sat Oct 14 15:40:02 MST 2017] _saved_account_key_hash is not changed, skip register account.
[Sat Oct 14 15:40:02 MST 2017] Read key length:
[Sat Oct 14 15:40:02 MST 2017] _createcsr
[Sat Oct 14 15:40:02 MST 2017] Multi domain='DNS:99anchors.com'
[Sat Oct 14 15:40:02 MST 2017] Getting domain auth token for each domain
[Sat Oct 14 15:40:02 MST 2017] Getting webroot for domain='www.99anchors.com'
[Sat Oct 14 15:40:02 MST 2017] _w='/home/sachinmandalia/public_html/99anchors'
[Sat Oct 14 15:40:02 MST 2017] _currentRoot='/home/sachinmandalia/public_html/99anchors'
[Sat Oct 14 15:40:02 MST 2017] Getting new-authz for domain='www.99anchors.com'
[Sat Oct 14 15:40:02 MST 2017] _init api for server: https://acme-v01.api.letsencrypt.org/directory
[Sat Oct 14 15:40:02 MST 2017] ACME_KEY_CHANGE='https://acme-v01.api.letsencrypt.org/acme/key-change'
[Sat Oct 14 15:40:02 MST 2017] ACME_NEW_AUTHZ='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Sat Oct 14 15:40:02 MST 2017] ACME_NEW_ORDER='https://acme-v01.api.letsencrypt.org/acme/new-cert'
[Sat Oct 14 15:40:02 MST 2017] ACME_NEW_ACCOUNT='https://acme-v01.api.letsencrypt.org/acme/new-reg'
[Sat Oct 14 15:40:02 MST 2017] ACME_REVOKE_CERT='https://acme-v01.api.letsencrypt.org/acme/revoke-cert'
[Sat Oct 14 15:40:02 MST 2017] Try new-authz for the 0 time.
[Sat Oct 14 15:40:02 MST 2017] url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Sat Oct 14 15:40:02 MST 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "www.99anchors.com"}}'
[Sat Oct 14 15:40:02 MST 2017] RSA key
[Sat Oct 14 15:40:03 MST 2017] GET
[Sat Oct 14 15:40:03 MST 2017] url='https://acme-v01.api.letsencrypt.org/directory'
[Sat Oct 14 15:40:03 MST 2017] timeout
[Sat Oct 14 15:40:03 MST 2017] _CURL='curl -L --silent --dump-header /home/sachinmandalia/.acme.sh/http.header '
[Sat Oct 14 15:40:03 MST 2017] ret='0'
[Sat Oct 14 15:40:03 MST 2017] POST
[Sat Oct 14 15:40:03 MST 2017] url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Sat Oct 14 15:40:03 MST 2017] _CURL='curl -L --silent --dump-header /home/sachinmandalia/.acme.sh/http.header '
[Sat Oct 14 15:40:04 MST 2017] _ret='0'
[Sat Oct 14 15:40:04 MST 2017] code='429'
[Sat Oct 14 15:40:04 MST 2017] The new-authz request is ok.
[Sat Oct 14 15:40:04 MST 2017] new-authz error: {"type":"urn:acme:error:rateLimited","detail":"Error creating new authz :: Too many invalid authorizations recently.","status": 429}
[Sat Oct 14 15:40:04 MST 2017] pid
[Sat Oct 14 15:40:04 MST 2017] No need to restore nginx, skip.
[Sat Oct 14 15:40:04 MST 2017] _clearupdns
[Sat Oct 14 15:40:04 MST 2017] skip dns.
[Sat Oct 14 15:40:04 MST 2017] _on_issue_err
[Sat Oct 14 15:40:04 MST 2017] Please add '--debug' or '--log' to check more details.
[Sat Oct 14 15:40:04 MST 2017] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
[Sat Oct 14 15:40:04 MST 2017] socat doesn't exists.
[Sat Oct 14 15:40:04 MST 2017] Diagnosis versions: 
openssl:openssl
OpenSSL 1.0.1e-fips 11 Feb 2013
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
socat:

add a “serveralias” for “www.99achors.com” to the file

ok
that means you are asking me to add a CNAME?

I am a little newbie here
so I am not sure if I have to add here something?

Finally found the solution.
I had the CNAME as 99anchors.dev.new.citykites.com
changed it to dev.new.citykites.com
Wierd but it worked
THANKS !!!

1 Like

not a CNAME DNS entry, an entry in the vhost config file.
just after "servername 99anchors.com"
add “serverallias www.99anchors.com

SSL Labs results show
this one is ok:
www.99anchors.com

but this one fails:
99anchors.com

Because the cert only has the www name in it.