Moving from Godaddy to lets encrypt


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

certbot --apache
It produced this output:

IMPORTANT NOTES:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):


#2

Please assist, i convinced my company we don’t need to buy certificates and now i am struggling!
lol
the site is currently with go daddy cert, not sure if i need to remove it first?


#3

Hi,

If you don’t provide all information on the list… I’m afriad (personally) I can’t help you. Since I won’t even know what is the actual issue.

Thank you


#4

can i know first if i need to remove the go daddy certificate or if lets encrypt takes care of that?


#5

I’m not sure… it depend on the server & hosting configs.

If you are on shared hosting w/ cPanel, you would need to config those manually.
If you are on VPS or dedicated hosting, you might need to remove those by yourself, since certbot could took care of it, but it might messed up your config.


#6

certbot --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org

Which names would you like to activate HTTPS for?

1: hotspot.wifinow.co.za

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel):
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for hotspot.wifinow.co.za
Enabled Apache rewrite module
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. hotspot.wifinow.co.za (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://hotspot.wifinow.co.za/.well-known/acme-challenge/kXIvlRTPf3JArX83iq34WEKuoBahjXFgAwq5MUUbOHQ: "

404 Not Found

Not Found

<p"

IMPORTANT NOTES:

cat /etc/issue
Ubuntu 16.04.3 LTS \n \l


#7

The issue is that, for whatever reason, your web server is failing to serve the challenge file from ./well-known/acme-challenge. Can you place a test text file here and verify that you can successfully retrieve it?


#8

https://hotspot.wifinow.co.za/.well-known/acme-challenge/test

working…


#9

Yes, it works. But if Certbot fails again: Perhaps you have a special apache configuration, so Certbot doesn’t find the right place.


#10

I see the certificates are specified on,
not sure if i need to change anything there?

SSLCertificateFile /etc/apache2/ssl/wifinow.crt
SSLCertificateKeyFile /etc/apache2/ssl/wifinow.key


#11

This is your Godaddy - certificate. Actually, there is no Letsencrypt-certificate

https://crt.sh/?q=hotspot.wifinow.co.za


#12

yes…what do i need to do lol


#13

I believe the best path forward would be to try manually specifying your webroot directory to Certbot, as it appears to not be placing the challenge files in the right place. Try this:

certbot -a webroot -i apache -w /path/to/webroot -d hotspot.wifinow.co.za

Note that /path/to/webroot in this case is the root of your web directory, not .well-known/acme-challenge itself. So, by default, /var/www/html or something like it.


#14

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.