Issue with transfering sites with SSL from host to host

imdyakov · July 21, 2022, 6:03am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: megasport.center

I ran this command: sudo certbot certonly --webroot -w /var/www/megasport.center/public_html/ -d megasport.center -d www.megasport.center --dry-run

It produced this output: Saving debug log to /var/log/letsencrypt/letsencrypt.log
Simulating renewal of an existing certificate for megasport.center and www.megasport.center

Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: megasport.center
Type: unauthorized
Detail: 62.217.176.151: Invalid response from https://megasport.center/.well-known/acme-challenge/VW2v-29l_5_Ws1IZzn07xwz3nLahUAs0YlAf4S-UunM: 404

Domain: www.megasport.center
Type: unauthorized
Detail: 62.217.176.151: Invalid response from https://megasport.center/.well-known/acme-challenge/9lv0ztCuR6O4XE8wEXHwkXKknILXQRrBSrzI6-GJXVo: 404

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
mgs@xjruagabot:~ $

My web server is (include version): NGINX 1.20.1, PHP 8.1.8

The operating system my web server runs on is (include version): CentOS8 update to AlmaLinux Tiger

My hosting provider, if applicable, is: beget.com

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.22.0

rg305 · July 21, 2022, 1:42pm

The HTTP authentication requests are being redirected to HTTPS.
But the HTTPS requests find:

curl -Ii https://megasport.center/.well-known/acme-challenge/Test_file-1234
curl: (51) SSL: no alternative certificate subject name matches target host name 'megasport.center'

I would handle the HTTP authentication requests in HTTP [don't redirect them]

imdyakov · July 21, 2022, 2:33pm

I have changed 'return 301' statement inside the site config file so it would return http instead of https and now I get "Redirect loop detected" instead.

rg305 · July 21, 2022, 3:16pm

You created the loop.

imdyakov · July 21, 2022, 3:44pm

I have discovered the issue in the site config file. Thanks and sorry to bother.

system · August 20, 2022, 3:44pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.