Problem with step 3 using gethttpsforfree


#1

I purchased a domain and hosting through hostgator and I’m trying to get SSL for it. I went into the SSH and ran all the commands it said to on the website (gethttpsforfree.com), but when I get to step three, I run the commands and copy over all four hex codes, however when I hit validate it just say errors and tells me to go back to step one.

I tried using certbot previously but couldn’t figure out how to get that to work either. I can generate the public key and CSR no problem. I also checked to see where it was putting account.key, and it is right in the main directory with all the other main folders (so ./account.key should be correct). Any ideas?


#2

If you are having troubles with the process of getting SSL cert, you could try SSL Certificate Wizard on https://ZeroSSL.com - it might work for you.

However, before getting your certificate, make sure that you can install it or that you are aware of the fees hostagtor may impose. See http://support.hostgator.com/articles/how-do-i-use-the-third-party-ssl-certificate-i-purchased

(Basically you will have to pay Hostgator $10 for the initial installation and then $10 every 3 months for renewals. At least with the shared hosting.)


#3

Thanks for the answer! I want to ZeroSSL on step three it asks me to put the files in the “webroot/.well-known/acme-challenge/” directory. I can’t seem to find that on the web server. Do I need to just make it?

Also, I need to just make two text files and put them in that? What do I call them?


#4

It is actually a 2nd step (Verification) that does indeed ask for verification files to be created (if HTTP verification method was selected). The name and the content of the file are actually given on the page (see values for the “File” and “Text”). For example, you might see something like:

Domain             File
example.com     gd03MVyGNocNAlh3Wa2M
Text: gd03MVyGNocNAlh3Wa2M.BxH4BWTQgqZwPGYxi7DX

That means the file named “gd03MVyGNocNAlh3Wa2M” with the content of “gd03MVyGNocNAlh3Wa2M.BxH4BWTQgqZwPGYxi7DX” (without quotes) should be put in directory .well-known/acme-challenge under “webroot”. As page mentions, “webroot” is basically the main directory with your website pages.

Creating the directory is as simple as running

mkdir -p ./.well-known/acme-challenge/

while being in that “webroot”. And then, creating a required file could be done similar to:

echo “gd03MVyGNocNAlh3Wa2M.BxH4BWTQgqZwPGYxi7DX” > ./.well-known/acme-challenge/gd03MVyGNocNAlh3Wa2M

So the hardest part in HTTP verification for you is to know where your “webroot” really is. You could probably use your FTP client as well to create those files and folders. Alternatively, you can try DNS verification (which does not require working with files, but requires creating a TXT record in your DNS).


#5

Alright I’ll give that a go, but on the page it gives me two sets of file names and text strings. Do I put both files in the same place?


#6

Yes. If you have any further troubles, you can use the on-site contact form - that could be more effective in resolving them :slight_smile:


#7

I have a similar problem when using ZeroSSL. I created folder “.well-known/acme-challenge/” and put the suggested text file in it. However, since I am not allowed to altered the settings on the web hosting server, the access to the file is denied. I guess it is because the “.well-known” folder is hidden under Linux environment. What would you suggest? I do not have a full control over the server. I can only FTP and manage it via web browsers. I wish the folder was not hidden.


#8

The fact that folders starting with a period are hidden by default in linux won’t make any difference

have you got any .htaccess redirects or other redirects preventing access ?


#9

Thanks for the reply. I know about the period making it hidden. I tried adding .htaccess in both directories with

Order allow,deny
Allow from all

I’m not sure whether that is how it should be done or not and has something to do with the master access control or something. Anyway, it still gave me the 404 error.

As I said, I don’t have the full control over the server since it is a web hosting service. T__T


#10

I’d start by just checking the .well-known directory,

What are the permissions on this directory ? ( 755 ? ) and if you place a plain text file in that directory, with permissions 755, can you access it from the web ?


#11

Yes, they are both 755. I tried creating an index.html, too. Still, 404. Any suggestions?

I created the HTML file for testing. I know the verifying files must be text.

I can’t write any more replies, due to the new member restriction.

When I tried accessing .well-known/index.html, here is what the log file says

[02/Aug/2016:16:22:09 +0700] "GET /.well-known HTTP/1.1" 404 8745 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"

#12

I’d check the log files for more information (it does need to be a plain text file though - not a .html )


#13

@kaptanteo Since you said that you have even created am index.html and still getting 404 (Not found, rather than 403 - forbidden), the issue might be that .well-known is not created in the right place. As I mentioned above, you need to be in your “webroot” folder (basically the top folder of where your pages are) and use “mkdir -p ./.well-known/acme-challenge/” to create a proper directory. Then a file should be put into it. Please make sure that you have created the folders correctly. If it still doesn’t work, you can use a contact form on ZeroSSL, and I could try helping you directly.


#14

@leader Of course, the folder is in the webroot. I tried renaming hidden .well-known to visible well-known and could access the test index.html just fine. I will try to contact you via the ZeroSSL. Thanks a lot.


#15

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.