In virtualmin when I request a new Cert it dose not use /home/nilandtrading/public_html/.well-known/acme-challenge. ,but creates /home/nilandtrading/home/nilandtrading/public_html/.well-known/acme-challenge owned by root:root, so this is a duplicate /home directory with the wrong owner. My sub-server chat.nilandtrading.com did not do this and I got the cert. So the continuing error is;

Obtaining a new certificate
Performing the following challenges:
http-01 challenge for nilandtrading.com
http-01 challenge for www.nilandtrading.com
Using the webroot path /home/nilandtrading/home/nilandtrading/public_html for all unmatched domains.
Waiting for verification…
Cleaning up challenges
Unable to clean up challenge directory /home/nilandtrading/home/nilandtrading/public_html/.well-known/acme-challenge
Failed authorization procedure. nilandtrading.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://nilandtrading.com/.well-known/acme-challenge/GtNOihoJHlx0gy9YBanDI4FSqZFiWE_Ghnb-1AadP6g: "

404 Not Found

404 Not Found

---

" IMPORTANT NOTES: - The following errors were reported by the server:

Domain: nilandtrading.com
Type: unauthorized
Detail: Invalid response from
http://nilandtrading.com/.well-known/acme-challenge/GtNOihoJHlx0gy9YBanDI4FSqZFiWE_Ghnb-1AadP6g:
"

404 Not Found

404 Not Found

---

"

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My server runs through No-IP DUC for the connection as TWC/Septrum even for a commercial account want’s my first born for a Static IP, but I can get to http//…/.well-known ok in a brawser. Checked all the Permissions?
the server is an HP X9400 with 8 cores and 32GB of RAM, Linux/apache2, Ubuntu-server 14.04.5
I do use a Ubutnu-Gnome GUI As I can do multiple things with it (don’t want to hear about server purity and command line only). My interface is Virtualmin/webmin latest version 6.00/1.852

Please use the prompts given when you created this topic to make sure you provide all information requested. Specifically in this case, please post the exact command you were using.

Ok not sure what “prompts” you are asking for, but I was not using Let’s Encrypt from comand line, but rater from the Virtualmin >> Server Configuration >> Manage SSL Certificate >> Let’s Encrypt Tab.
Where do I find these prompts?
Further from doing a text search (sagasu) for “/home/nilandtrading/home/nilandtrading/public_html” I discovered it is being done by Lets’ Encrypt RE: Let’s Encrypt Log Sept-20

2017-09-20 15:40:44,854:DEBUG:certbot.main:certbot version: 0.17.0
2017-09-20 15:40:44,854:DEBUG:certbot.main:Arguments: ['-a', 'webroot', '-d', 'nilandtrading.com', '-d', 'www.nilandtrading.com', '-d', 'autoconfig.nilandtrading.com', '-d', 'autodiscover.nilandtrading.com', '--webroot-path', '/home/nilandtrading/home/nilandtrading/public_html', '--duplicate', '--manual-public-ip-logging-ok', '--config', '/tmp/.webmin/590663_25148_1_letsencrypt.cgi', '--rsa-key-size', '2048']
2017-09-20 15:40:44,854:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2017-09-20 15:40:44,882:DEBUG:certbot.log:Root logging level set at 20

So I am assuming the COMMAND is something from Virtualmin, but i could not tell Why and Virtualmin support does not seem to know anything about it, but asked me to Validate the server with no further reply:

Beginning validation of selected virtual servers. Any problems found will be shown in red …
nilandtrading.com
Home directory : Sub-directory home/nilandtrading/public_html under home directory does not exist
Apache website : Missing Apache block for HTML directory /home/nilandtrading/home/nilandtrading/public_html
SSL website : No SSL certificate file specified in Apache virtual host
Git repositories : Missing Git Location from Apache configuration

There should not be any nilandtrading.com subdirectory. I have sub-server and not subdirectories. i.e.
nilandtrading.tld
chat.nilandtrading.com (sub-server)
forum.nilandtrading.com (sub-server)

By the way chat.nilandtrading.com installed once I removed the sites-enabled <VirtualHost *:443> section, That I was told by webmin support “this should not work”. but it would not install the Cert until I did this?
additional info Apache version 2.4.10, bind9 PHP5.5.9

Hi @nilands55s,

This looks likely to be some kind of Virtualmin bug to me (where Virtualmin is misinterpreting/misparsing your Apache configuration and then passing incorrect information to Certbot). You are welcome to keep discussing it here, but you might get better results over on

https://www.virtualmin.com/forum

Or if you prefer, you could try to use Certbot outside of Virtualmin—but I’m not sure what effects that would have for using Virtualmin to manage your site afterward.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.