OR did you delete the test file?
[I also can't reach it]
To try this, I just deleted, But I added the test.txt file again, so you can see it
When I add the folder and add the file, I can't see the file.
I added the files: test.txt and test-file-1234 in the "acme-challenge" folder.
But I can see the "http://admin.stixex.io/.well-known/test.txt" file still.
You can check this file:http://admin.stixex.io/.well-known/test.txt and http://admin.stixex.io/.well-known/acme-challenge/test-file-1234 now
Strange I can't see this file now
Hello Schoen!
I just find the reason why you can't see.
Sorry for my fault.
I can't see the files also, as you.
http://admin.stixex.io/.well-known/test.txt
http://admin.stixex.io/.well-known/acme-challenge/test-file-1234
But When I change the http to https(only in the incognito), I can see the files:
https://admin.stixex.io/.well-known/test.txt
https://admin.stixex.io/.well-known/acme-challenge/test-file-1234
Then maybe /etc/nginx/acme
gets included in your HTTPS server block but not in your HTTP server block?
Not sure what you mean. :
This is my /etc/nginx/acme
# Webroot for Lets Encrypt
location /.well-known {
root /var/www/letsencrypt;
}
Where does /etc/nginx/acme
get included from?
Maybe try
grep -r /etc/nginx/acme /etc/nginx
I've done it, but nothing result
It was there by last developer, I didn't make it.
Should I change the content of the file?
I think there must be some other file that is somehow including this.
Maybe
grep -ir "include.*acme" /etc/nginx
Yes there is:
And the content of the stixex.io is like this:
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name stixex.io www.stixex.io;
include acme; # Letsencrypt webroot
access_log /var/log/nginx/stixex.io/nginx_access.log;
error_log /var/log/nginx/stixex.io/nginx_error.log;
ssl_certificate /etc/letsencrypt/live/stixex.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/stixex.io/privkey.pem;
include /etc/nginx/options-ssl-nginx.conf;
location / {
root /home/ubuntu/stixex/dist;
index index.html;
}
# location / {
# include proxy_params;
# proxy_pass http://127.0.0.1:3020;
# }
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name api.stixex.io;
include acme; # Letsencrypt webroot
access_log /var/log/nginx/api.stixex.io/nginx_access.log;
error_log /var/log/nginx/api.stixex.io/nginx_error.log;
ssl_certificate /etc/letsencrypt/live/api.stixex.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/api.stixex.io/privkey.pem;
include /etc/nginx/options-ssl-nginx.conf;
location / {
include proxy_params;
proxy_pass http://127.0.0.1:7000;
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name admin.stixex.io;
include acme; # Letsencrypt webroot
access_log /var/log/nginx/admin.stixex.io/nginx_access.log;
error_log /var/log/nginx/admin.stixex.io/nginx_error.log;
ssl_certificate /etc/letsencrypt/live/admin.stixex.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/admin.stixex.io/privkey.pem;
include /etc/nginx/options-ssl-nginx.conf;
location / {
root /home/ubuntu/admin_panel/dist;
index index.html;
}
}
server {
listen 80;
listen [::]:80;
server_name stixex.io www.stixex.io;
include acme; # Letsencrypt webroot
return 301 https://$host$request_uri;
}
The "admin" server_name is missing from the HTTP block.
Thanks for your help.
I've added the admin.stixex.io and api.stixex.io to the server_name, admin panel works fine now.
I am really happy with that.
But I have an issue for the api.stixex.io. very strange.
I've changed the server name like this
server {
listen 80;
listen [::]:80;
server_name stixex.io www.stixex.io admin.stixex.io api.stixex.io;
include acme; # Letsencrypt webroot
return 301 https://$host$request_uri;
}
When I try to renew, I have this issue:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Processing /etc/letsencrypt/renewal/admin.stixex.io.conf
Cert not yet due for renewal
Processing /etc/letsencrypt/renewal/api.stixex.io.conf
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for api.stixex.io
Using the webroot path /var/www/letsencrypt for all unmatched domains.
Waiting for verification...
Challenge failed for domain api.stixex.io
http-01 challenge for api.stixex.io
Cleaning up challenges
Attempting to renew cert (api.stixex.io) from /etc/letsencrypt/renewal/api.stixex.io.conf produced an unexpected error: Some challenges have failed.. Skipping.
Processing /etc/letsencrypt/renewal/stixex.io.conf
Cert not yet due for renewal
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/api.stixex.io/fullchain.pem (failure)
The following certs are not due for renewal yet:
/etc/letsencrypt/live/admin.stixex.io/fullchain.pem expires on 2021-09-07 (skipped)
/etc/letsencrypt/live/stixex.io/fullchain.pem expires on 2021-08-05 (skipped)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/api.stixex.io/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: api.stixex.io
Type: unauthorized
Detail: Invalid response from
http://api.stixex.io/.well-known/acme-challenge/KAAhR9MId4o8_Fiqt7B4NovTTRHp_WttW4lllNQ1Ep8
[135.181.144.36]: "\r\n404 Not
Found\r\n\r\n404 Not
\r\n
Found
nginx/1.18.0 (Ub"To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
Try placing a test text file in the expected challenge location and see if it can be reached from the Internet.
Actually...
Reading the error:
shows that HTTP hasn't been redirected to HTTPS and that prompted me to test the redirection with:
curl -Iki api.stixex.io
Which shows NO REDIRECTION:
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 10 Jun 2021 00:17:17 GMT
Content-Type: text/html
Content-Length: 1637
Last-Modified: Tue, 08 Jun 2021 12:04:50 GMT
Connection: keep-alive
ETag: "60bf5ce2-665"
Accept-Ranges: bytes
So......
That means the server is NOT using that block for that server_name.
So......
We need to find where else that name exists in your config.
YES.
root@ubuntu-2gb-hel1-3:/home/ubuntu/admin_panel# grep -ir "api.stixex" /etc
/etc/letsencrypt/renewal/api.stixex.io.conf:archive_dir = /etc/letsencrypt/archive/api.stixex.io
/etc/letsencrypt/renewal/api.stixex.io.conf:cert = /etc/letsencrypt/live/api.stixex.io/cert.pem
/etc/letsencrypt/renewal/api.stixex.io.conf:privkey = /etc/letsencrypt/live/api.stixex.io/privkey.pem
/etc/letsencrypt/renewal/api.stixex.io.conf:chain = /etc/letsencrypt/live/api.stixex.io/chain.pem
/etc/letsencrypt/renewal/api.stixex.io.conf:fullchain = /etc/letsencrypt/live/api.stixex.io/fullchain.pem
/etc/letsencrypt/renewal/api.stixex.io.conf:api.stixex.io = /var/www/letsencrypt
/etc/letsencrypt/configs/api.stixex.io:domains = api.stixex.io
/etc/nginx/sites-enabled/stixex.io: server_name api.stixex.io;
/etc/nginx/sites-enabled/stixex.io: access_log /var/log/nginx/api.stixex.io/nginx_access.log;
/etc/nginx/sites-enabled/stixex.io: error_log /var/log/nginx/api.stixex.io/nginx_error.log;
/etc/nginx/sites-enabled/stixex.io: ssl_certificate /etc/letsencrypt/live/api.stixex.io/fullchain.pem;
/etc/nginx/sites-enabled/stixex.io: ssl_certificate_key /etc/letsencrypt/live/api.stixex.io/privkey.pem;
/etc/nginx/sites-enabled/stixex.io: server_name stixex.io www.stixex.io admin.stixex.io api.stixex.io;
Shall I find it in the other directory also?
Please show:
nginx -T | grep api.stixex.io
root@ubuntu-2gb-hel1-3:/home/ubuntu/admin_panel# nginx -T | grep api.stixex.io
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
server_name api.stixex.io;
access_log /var/log/nginx/api.stixex.io/nginx_access.log;
error_log /var/log/nginx/api.stixex.io/nginx_error.log;
ssl_certificate /etc/letsencrypt/live/api.stixex.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/api.stixex.io/privkey.pem;
server_name stixex.io www.stixex.io admin.stixex.io api.stixex.io;
So it does exist in more than one place!