show:
lsb_release -a
uname -a
I Linux p3plcpnl0887.prod.phx3.secureserver.net 2.6.32-673.26.1.lve1.4.30.el6.x86_64 #1 SMP Wed Jun 21 19:37:37 EDT 2017 x86_64 x86_64 x86_64 GNU/Linux
is DNS not configured properly for 99anchors.com?
currently I have the following settings in the zone file
The two FQDNs return different IPs:
Name: 99anchors.com
Address: 160.153.71.135
Name: 99anchors.dev.new.citykites.com
Address: 160.153.71.135
Which IP should it be?
show results of
when you login type
pwd
ls -l public_html/
/bin/ls: cannot access public_html/: No such file or directory
99anchors.com is the addon domain
and 99anchors.dev.new.citykites.com is the subdomain of dev.new.citykites.com
Where did you verify the 'public_html/99anchors' ?
have verified the domain 99anchors.com with that folder.
The full path as I see from my file manager is
/home/sm/public_html/99anchors
i used this path as well but didnt get any results
You still have a redirection logic flaw:
wget http://99anchors.com/ --no-check-certificate
–2017-10-14 18:24:45-- http://99anchors.com/
Resolving 99anchors.com (99anchors.com)… 160.153.71.135
Connecting to 99anchors.com (99anchors.com)|160.153.71.135|:80… connected.
HTTP request sent, awaiting response… 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
–2017-10-14 18:24:45-- https://www.99anchors.com/
Resolving www.99anchors.com (www.99anchors.com)… 160.153.71.135
Connecting to www.99anchors.com (www.99anchors.com)|160.153.71.135|:443… connected.
WARNING: no certificate subject alternative name matches
requested host name ‘www.99anchors.com’.
HTTP request sent, awaiting response… 301 Moved Permanently
Location: https://www.www.99anchors.com/ [following]
–2017-10-14 18:24:45-- https://www.www.99anchors.com/
Resolving www.www.99anchors.com (www.www.99anchors.com)… failed: Name or service not known.
wget: unable to resolve host address ‘www.www.99anchors.com’
Do you see the problem?:
http://99anchors.com/
redirects to:
http://www.99anchors.com/
redirects to:
http://www.www.99anchors.com/
I think thats because I made some changes in the .htaccess
file just a while ago. I will change it back
wget http://99anchors.com/ --no-check-certificate
--2017-10-14 15:30:50-- http://99anchors.com/
Resolving 99anchors.com... 160.153.71.135
Connecting to 99anchors.com|160.153.71.135|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: http://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- http://www.99anchors.com/
Resolving www.99anchors.com... 160.153.71.135
Reusing existing connection to 99anchors.com:80.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Connecting to www.99anchors.com|160.153.71.135|:443... connected.
WARNING: no certificate subject alternative name matches
requested host name `www.99anchors.com'.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
--2017-10-14 15:30:50-- https://www.99anchors.com/
Reusing existing connection to www.99anchors.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.99anchors.com/ [following]
20 redirections exceeded.
OK… so I have to edit the zone file?What shall I do?
acme.sh --issue -d www.99anchors.com -d 99anchors.com -w /home/sachinmandalia/public_html/99anchors --debug
[Sat Oct 14 15:40:02 MST 2017] Lets find script dir.
[Sat Oct 14 15:40:02 MST 2017] _SCRIPT_='/home/sachinmandalia/.acme.sh/acme.sh'
[Sat Oct 14 15:40:02 MST 2017] _script='/home/sachinmandalia/.acme.sh/acme.sh'
[Sat Oct 14 15:40:02 MST 2017] _script_home='/home/sachinmandalia/.acme.sh'
[Sat Oct 14 15:40:02 MST 2017] Using config home:/home/sachinmandalia/.acme.sh
https://github.com/Neilpang/acme.sh
v2.7.4
[Sat Oct 14 15:40:02 MST 2017] Using config home:/home/sachinmandalia/.acme.sh
[Sat Oct 14 15:40:02 MST 2017] DOMAIN_PATH='/home/sachinmandalia/.acme.sh/www.99anchors.com'
[Sat Oct 14 15:40:02 MST 2017] Using ACME_DIRECTORY: https://acme-v01.api.letsencrypt.org/directory
[Sat Oct 14 15:40:02 MST 2017] _init api for server: https://acme-v01.api.letsencrypt.org/directory
[Sat Oct 14 15:40:02 MST 2017] ACME_KEY_CHANGE='https://acme-v01.api.letsencrypt.org/acme/key-change'
[Sat Oct 14 15:40:02 MST 2017] ACME_NEW_AUTHZ='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Sat Oct 14 15:40:02 MST 2017] ACME_NEW_ORDER='https://acme-v01.api.letsencrypt.org/acme/new-cert'
[Sat Oct 14 15:40:02 MST 2017] ACME_NEW_ACCOUNT='https://acme-v01.api.letsencrypt.org/acme/new-reg'
[Sat Oct 14 15:40:02 MST 2017] ACME_REVOKE_CERT='https://acme-v01.api.letsencrypt.org/acme/revoke-cert'
[Sat Oct 14 15:40:02 MST 2017] Le_NextRenewTime
[Sat Oct 14 15:40:02 MST 2017] _on_before_issue
[Sat Oct 14 15:40:02 MST 2017] Le_LocalAddress
[Sat Oct 14 15:40:02 MST 2017] Check for domain='www.99anchors.com'
[Sat Oct 14 15:40:02 MST 2017] _currentRoot='/home/sachinmandalia/public_html/99anchors'
[Sat Oct 14 15:40:02 MST 2017] Check for domain='99anchors.com'
[Sat Oct 14 15:40:02 MST 2017] _currentRoot='/home/sachinmandalia/public_html/99anchors'
[Sat Oct 14 15:40:02 MST 2017] _saved_account_key_hash is not changed, skip register account.
[Sat Oct 14 15:40:02 MST 2017] Read key length:
[Sat Oct 14 15:40:02 MST 2017] _createcsr
[Sat Oct 14 15:40:02 MST 2017] Multi domain='DNS:99anchors.com'
[Sat Oct 14 15:40:02 MST 2017] Getting domain auth token for each domain
[Sat Oct 14 15:40:02 MST 2017] Getting webroot for domain='www.99anchors.com'
[Sat Oct 14 15:40:02 MST 2017] _w='/home/sachinmandalia/public_html/99anchors'
[Sat Oct 14 15:40:02 MST 2017] _currentRoot='/home/sachinmandalia/public_html/99anchors'
[Sat Oct 14 15:40:02 MST 2017] Getting new-authz for domain='www.99anchors.com'
[Sat Oct 14 15:40:02 MST 2017] _init api for server: https://acme-v01.api.letsencrypt.org/directory
[Sat Oct 14 15:40:02 MST 2017] ACME_KEY_CHANGE='https://acme-v01.api.letsencrypt.org/acme/key-change'
[Sat Oct 14 15:40:02 MST 2017] ACME_NEW_AUTHZ='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Sat Oct 14 15:40:02 MST 2017] ACME_NEW_ORDER='https://acme-v01.api.letsencrypt.org/acme/new-cert'
[Sat Oct 14 15:40:02 MST 2017] ACME_NEW_ACCOUNT='https://acme-v01.api.letsencrypt.org/acme/new-reg'
[Sat Oct 14 15:40:02 MST 2017] ACME_REVOKE_CERT='https://acme-v01.api.letsencrypt.org/acme/revoke-cert'
[Sat Oct 14 15:40:02 MST 2017] Try new-authz for the 0 time.
[Sat Oct 14 15:40:02 MST 2017] url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Sat Oct 14 15:40:02 MST 2017] payload='{"resource": "new-authz", "identifier": {"type": "dns", "value": "www.99anchors.com"}}'
[Sat Oct 14 15:40:02 MST 2017] RSA key
[Sat Oct 14 15:40:03 MST 2017] GET
[Sat Oct 14 15:40:03 MST 2017] url='https://acme-v01.api.letsencrypt.org/directory'
[Sat Oct 14 15:40:03 MST 2017] timeout
[Sat Oct 14 15:40:03 MST 2017] _CURL='curl -L --silent --dump-header /home/sachinmandalia/.acme.sh/http.header '
[Sat Oct 14 15:40:03 MST 2017] ret='0'
[Sat Oct 14 15:40:03 MST 2017] POST
[Sat Oct 14 15:40:03 MST 2017] url='https://acme-v01.api.letsencrypt.org/acme/new-authz'
[Sat Oct 14 15:40:03 MST 2017] _CURL='curl -L --silent --dump-header /home/sachinmandalia/.acme.sh/http.header '
[Sat Oct 14 15:40:04 MST 2017] _ret='0'
[Sat Oct 14 15:40:04 MST 2017] code='429'
[Sat Oct 14 15:40:04 MST 2017] The new-authz request is ok.
[Sat Oct 14 15:40:04 MST 2017] new-authz error: {"type":"urn:acme:error:rateLimited","detail":"Error creating new authz :: Too many invalid authorizations recently.","status": 429}
[Sat Oct 14 15:40:04 MST 2017] pid
[Sat Oct 14 15:40:04 MST 2017] No need to restore nginx, skip.
[Sat Oct 14 15:40:04 MST 2017] _clearupdns
[Sat Oct 14 15:40:04 MST 2017] skip dns.
[Sat Oct 14 15:40:04 MST 2017] _on_issue_err
[Sat Oct 14 15:40:04 MST 2017] Please add '--debug' or '--log' to check more details.
[Sat Oct 14 15:40:04 MST 2017] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
[Sat Oct 14 15:40:04 MST 2017] socat doesn't exists.
[Sat Oct 14 15:40:04 MST 2017] Diagnosis versions:
openssl:openssl
OpenSSL 1.0.1e-fips 11 Feb 2013
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
socat:
ok
that means you are asking me to add a CNAME?
Finally found the solution.
I had the CNAME as 99anchors.dev.new.citykites.com
changed it to dev.new.citykites.com
Wierd but it worked
THANKS !!!
not a CNAME DNS entry, an entry in the vhost config file.
just after "servername 99anchors.com"
add “serverallias www.99anchors.com”
SSL Labs results show
this one is ok:
www.99anchors.com
but this one fails:
99anchors.com
Because the cert only has the www name in it.