Initial sign of certificate fails

Hello
After the registration & accept terms step I tried to get an initial certificate. I use the dehyrated script.
The first step, checking domain name, fails.

My domain is:
dev.green-coin-mining.com

I ran this command:

/usr/local/bin/dehydrated/dehydrated -c || echo " ErrorCode $?"

It produced this output:

Processing dev.green-coin-mining.com
+ Checking domain name(s) of existing cert... ErrorCode 1

My web server is (include version):

  • apache2

The operating system my web server runs on is (include version):

  • ubuntu 16.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

  • yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

  • no

Did I miss a step, or did something wrong?

Hi @vizcaia

I don't use dehydrated, so I don't know, what dehydrated checks. But checking your domain direct, there is an error (via https://check-your-website.server-daten.de/?q=dev.green-coin-mining.com ):


Domainname Http-Status redirect Sec. G
http://dev.green-coin-mining.com/
95.216.184.50 200 0.414 H
https://dev.green-coin-mining.com/
95.216.184.50 -4 0.157 W
SendFailure - The underlying connection was closed: An unexpected error occurred on a send. The handshake failed due to an unexpected packet format.
http://dev.green-coin-mining.com:443/
95.216.184.50 200 0.194 Q

Your server produces a "special error" sending https ("unexpected packet format"). So the tool checks if http content is sent via port 443. And yep, that works, a "normal" http status 200 is found.

So dehydrated checks your current ssl settings - and can't find a https connection.

  • remove the port 443 complete or
  • add a self signed or expired certificate
1 Like

@lukas2511, based on this it might be useful if dehydrated detected when the user’s existing configuration is serving HTTP on port 443 instead of HTTPS.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.