Problems renewing my certificate ssl

uaitracking · August 12, 2019, 10:56pm

I have problems renewing my certificate, it does not validate my DNS and the
response in the renewal logs is index.html page of my website, follow the command I am using and the log:

le64.exe le.pl --key account.key --csr mydomain.csr --csr-key mydomain.key --crt mydomain.crt --domains "www.uaitracking.com,uaitracking.com" --path C:/folder/.well-known/acme-challenge/ --generate-missing --unlink --renew 10 --issue-code 100 --live

2019/08/12 16:49:21 [ ZeroSSL Crypt::LE client v0.32 started. ]
2019/08/12 16:49:21 Loading an account key from account.key
2019/08/12 16:49:21 Loading a CSR from mydomain.csr
2019/08/12 16:49:21 Checking certificate for expiration (local file).
2019/08/12 16:49:21 Expiration threshold set at 10 days, the certificate expires in 7 days - will be renewing.
2019/08/12 16:49:23 Registering the account key
2019/08/12 16:49:23 The key is already registered. ID: 51959967
2019/08/12 16:49:24 Successfully saved a challenge file 'C:/folder/.well-known/acme-challenge//S-WsIvuS3MXi-Q1LkKIF47aKa6rHNyq8W5NI4il8Pik' for domain 'www.uaitrac
king.com'
2019/08/12 16:49:24 Successfully saved a challenge file 'C:/folder/.well-known/acme-challenge//kFs5D4IgqnBovDgLbRtXci0XrqH8Al2fjQsibj9FC_Y' for domain 'uaitracking
.com'
2019/08/12 16:49:27 Domain verification results for 'www.uaitracking.com': error. Invalid response from https://uaitracking.com [18.228.227.239]: "<!DOCTYPE html>\r\n<html lang=\"en\">\r\n\r\n
<head>\r\n  <!-- Required meta tags -->\r\n  <meta charset=\"utf-8\">\r\n  <meta name=\"viewport\" co"
2019/08/12 16:49:27 Challenge file 'C:/folder/.well-known/acme-challenge//S-WsIvuS3MXi-Q1LkKIF47aKa6rHNyq8W5NI4il8Pik' has been deleted.
2019/08/12 16:49:29 Domain verification results for 'uaitracking.com': error. Invalid response from https://uaitracking.com [18.228.227.239]: "<!DOCTYPE html>\r\n<html lang=\"en\">\r\n\r\n<hea
d>\r\n  <!-- Required meta tags -->\r\n  <meta charset=\"utf-8\">\r\n  <meta name=\"viewport\" co"
2019/08/12 16:49:29 Challenge file 'C:/folder/.well-known/acme-challenge//kFs5D4IgqnBovDgLbRtXci0XrqH8Al2fjQsibj9FC_Y' has been deleted.
2019/08/12 16:49:29 All verifications failed

_az · August 12, 2019, 11:07pm

You’ve created an HTTP to HTTPS redirect on your domain, but the problem is that you always redirect to the home page (/) rather than redirecting to the HTTPS version of requested URL.

So when I request http://uaitracking.com/css/main.css, I get redirected to https://uaitracking.com/ rather than https://uaitracking.com/css/main.css.

This loss of the path in the redirect is also what it causing your Let’s Encrypt validation to fail.

Fix the redirect so that it includes the requested path in the redirect URL.

uaitracking · August 12, 2019, 11:27pm

Wow, I got my apache setup right and it really worked, just that I needed to comment my redirect from http to https how can i do that in apache so next time this problem won’t happen again?

Here’s the code I had to comment:

#RewriteCond %{HTTP_USER_AGENT} !(NT\ 5) [NC]
#RewriteRule ^(.*) https://uaitracking.com [R]
#Redirect /test https://uaitracking.com/test/

_az · August 12, 2019, 11:29pm

Something like this instead:

RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

uaitracking · August 12, 2019, 11:38pm

Great solution, thanks so much for the help !!!

system · September 11, 2019, 11:38pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.