Script check http, not https


#1

My domain is: koliber.org

I ran this command:

PATH=$PATH:$GEM_HOME/bin GEM_HOME=$HOME/.letsencrypt_webfaction/gems RUBYLIB=$GEM_HOME/lib /usr/local/bin/ruby2.2 $HOME/.letsencrypt_webfaction/gems/bin/letsencrypt_webfaction --domains koliber.org,www.koliber.org, (and many other) --public /home/koliber/webapps/main_wordpress/ --config /home/koliber/letsencrypt-config.yml --endpoint https://acme-staging.api.letsencrypt.org/director

It produced this output:

Failed to verify statuses.
koliber.org: Invalid response from http://koliber.org/.well-known/acme-challenge/SSr42DIxIVtZeJsK6nqTH_PZPxtYjBDNMwFdAPz-zhE: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
Make sure that you can access http://koliber.org/.well-known/acme-challenge/SSr42DIxIVtZeJsK6nqTH_PZPxtYjBDNMwFdAPz-zhE

(in all subdomains)

I can login to a root shell on my machine: yes

I must renew my ssl, because i get problems. As you see, i tried to make a test-certificated, but i get a errors. Script check http, is not tranfsered to https.


#2

That’s because your server doesn’t transfer it, but instead returns 404 for the challenge.


#3

Yes, i know, but do you know what the problem could be?
Everything was good, but one day it broke.

For an explanation:
https://koliber.org/.well-known/acme-challenge/SSr42DIxIVtZeJsK6nqTH_PZPxtYjBDNMwFdAPz-zhE exist, http not


#4

Hi @Iamnotamaster

your https works, your http has a 404. Is there a reverse proxy or something else?

Please share your configuration file with your redirects.


#5

Maybe i said it badly.
HTTP work and automaticly transfering to https, but not when i made a request in post.

RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-SSL} !on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]


#6

Your RewriteCond is unusual. What happens if the client doesn’t send this header?

Change this to

RewriteCond %{SERVER_PORT} 80

But in your port 80 - configuration this is always true, so you can redirect the complete traffic. In your 443 - configuration this would be always wrong.


#7

I changed it, nothing work.
Is very weird, because when i went to website http://koliber.org i was transfered to https://
but when i go to http://koliber.org/.well-known/* i was not transfered


#8

Please share your webserver - configuration. You have wrong or missing redirects.


#9

Where i can find it? “IAmNotAMaster” at that. :confused:


#10

You have a nginx, so please read

http://nginx.org/en/docs/beginners_guide.html

By default, the configuration file is named nginx.conf and placed in the directory /usr/local/nginx/conf , /etc/nginx , or /usr/local/etc/nginx .


#11

It is a problem, i have not permisson to chech it (funny, beacuse i have full access)
Any other tips? :confused:


#12

Perhaps you should ask in the webfaction - forum.

https://community.webfaction.com/questions/19988/using-letsencrypt

You have this webfaction and WordPress. Perhaps you are using tools which blocks some configuration files.