Issue creating certificate using acme.sh DNS made


#1

I ran the following commands on EC2 RHEL instance.

  1. curl https://get.acme.sh | sh
    Successfully installed acme.sh.

  2. acme.sh --issue -d simpleplaytestdomain2.fun --dns --yes-I-know-dns-manual-mode-enough-go-ahead-please --debug
    Got the text value
    Then added TXT value and domain(_acme-challenge.) to the DNS records(Godaddy).

  3. acme.sh --renew -d simpleplaytestdomain2.fun --dns --yes-I-know-dns-manual-mode-enough-go-ahead-please --debug
    I got a call hook error, but I think the certificate is issued(correct me if I am wrong).

I then ran the same command and I it says the next renewal is after 3 months.

Now I am refreshing the page(simpleplaytestdomain2.fun) to check for the certificate but could not find it(Still shows not secure)

Please let me know if I missed a step. I am new to Letsencrypt and the topic of SSL. Thank you in Advance.

My domain is: simpleplaytestdomain2.fun


#2

Hi @Pradeep

your certificate is issued.

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:simpleplaytestdomain2.fun&lu=cert_search

Created today, Issuer is Letsencrypt, with your correct domain name.

But you have to install / use this certificate. So your webserver can use it.

Isn’t there an opinion to talk with your webserver?


#3

Hi @Pradeep,

In this configuration, acme.sh would obtain the certificate (as a file on disk whose location is mentioned in the acme.sh output) but not install it in your web server application. You’ll have to edit your web server configuration in order to tell it to make use of the new certificate.


#4

Hi,

Extending @JuergenAuer & @schoen’s response…

The call hook error will always display when you are using DNS Manual mode (and the author did mentioned this issue in Github)

Thank you


#5

That’s right and good to be aware of. (Independent of that, you would still need to do something to install the certificate in the web server application.)


#6

I am just messing around let’s encrypt. SO I created a test domain and simple ec2 instance to try it. I probably have to install apache in the instance to use the certificate. Anyways thank you @JuergenAuer @stevenzhu @schoen. You guys are awsome.


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.