Permissions error when using getssl

Hi @serverco
I followed exactly what you send in this. But finally I’m getting following error message. I’m using Hostgator shared hosting. Please help fixing this issue.

username@domain.com [~]# ~/getssl -a
Check all certificates
domain.com: no certificate obtained from host
creating account key /home1/username/.getssl/account.key
creating key - /home1/username/.getssl/account.key
Generating RSA private key, 4096 bit long modulus
...........................................................................................                                                                                                  ....................................++
...............++
e is 65537 (0x10001)
/home1/username/getssl: line 656: -4: substring expression < 0
creating key - /home1/username/.getssl/domain.com/domain.com.key
Generating RSA private key, 4096 bit long modulus
...........................................................................................                                                                                                  ..................................................................++
...........................................................................................                                                                                                  ....................................................................................++
e is 65537 (0x10001)
/home1/username/getssl: line 656: -4: substring expression < 0
creating domain csr - /home1/username/.getssl/domain.com/domain.com.csr
Registering account
Registered
Verify each domain
Verifying domain.com
copying challenge token to /var/www/domain.com/web/.well-known/acme-challenge/[token hidden]
mkdir: cannot create directory `/var/www': Read-only file system
getssl: cannot create ACL directory [token hidden]
username@domain.com [~]# ~/getssl -a
Check all certificates
domain.com: no certificate obtained from host
Registering account
Verify each domain
Verifying domain.com
copying challenge token to /var/www/domain.com/web/.well-known/acme-challenge/[token hidden]
mkdir: cannot create directory `/var/www': Read-only file system
getssl: cannot create ACL directory [token hidden]
username@domain.com [~]#

Do I need to make changes to var/www folder like mentioned in this thread’s best answer: https://askubuntu.com/questions/378351/permissions-and-ownership-of-var-www

Or please tell exact SSH command.

That is pretty alarming! This often happens when there is a physical hard drive error and the operating system remounts the filesystem as read-only to prevent data corruption.

Can you see if this is the case in terms of whether you can create files anywhere in /var/www/domain.com, even empty files created with touch? If the filesystem is really read-only, that would definitely account for the problem that getssl is having.

@schoen

I cannot able to create new file or folder exactly at /var/www/domain.com But I can able to create file in _/public_htm_l directory.

If getssl is not working any other Automated Certbot clients can help? Please suggest.

Attached screenshots:

Another Screenshot

Hi @albert,

I split this into a new topic thread because we like to have one topic on the forum per problem or issue.

What’s the complete directory path that contains your site content? Did getssl perhaps just use /var/www as a default? But is that not in fact where your web site’s files are located on your server?

@schoen Thanks. I entered pwd command and got following path.

/home1/username - is my home directory
/home1/username/www - www directory

Here is the list of directories/files in my shared hosting account:
dir-hg-1

In public_html and www both the folders I can able to see add domains list.

I’ve tried this command # sudo chown -R username:username /var/www but got following output.
sudo: effective uid is not 0, is sudo installed setuid root?

I guess, they are (H0st Gador) blocked Letsencrypt shell scripts.

Ok… I’m tired of doing this… there is no proper workaround… Is there anyway I can get following data (Host is asking following details to install a new certificate) from Browser method or any other possible method?

1. CA Bundle
2. Private Key
3. SSL certificate

Hi @albert,

If you look over the introductory documentation for getssl

I think you’ll see that the trouble is that you need to edit your configuration file to specify the ACME challenge location (which getssl refers to as ACL). It is defaulting to /var/www/something but that’s not correct for your system. Instead, from getssl’s point of view, it should probably be set to /home1/username/www/.well-known/acme-challenge and all of the errors about /var/www that you’ve seen have been due to this issue.

So far, there’s no reason to conclude that getssl won’t eventually work for you!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.