SSL Certbot errors

Help
21

Oh yeah it worked.

And this is the vhconf.conf
docRoot $VH_ROOT/html/
enableGzip 1

errorlog $VH_ROOT/logs/error.log {
useServer 1
logLevel DEBUG
rollingSize 10M
}

accesslog $VH_ROOT/logs/access.log {
useServer 0
rollingSize 10M
keepDays 30
compressArchive 0
}

index {
useServer 0
indexFiles index.html, index.php
autoIndex 0
autoIndexURI /_autoindex/default.php
}

errorpage 404 {
url /error404.html
}

expires {
enableExpires 1
}

accessControl {
allow *
}

realm SampleProtectedArea {

userDB {
location conf/vhosts/Example/htpasswd
maxCacheSize 200
cacheTimeout 60
}

groupDB {
location conf/vhosts/Example/htgroup
maxCacheSize 200
cacheTimeout 60
}
}

context /.well-known/ {
location /usr/local/lsws/Example/html/
allowBrowse 1
addDefaultCharset off
}

context / {
type appserver
location /usr/local/lsws/Example/html/demo/
binPath /usr/local/lsws/fcgi-bin/lswsgi
appType wsgi
startupFile demo/wsgi.py
env PYTHONHOME=/usr/local/lsws/Example/html/
addDefaultCharset off
}

rewrite {
enable 1
autoLoadHtaccess 1
logLevel 0
}

vhssl {
keyFile /usr/local/lsws/conf/example.key
certFile /usr/local/lsws/conf/example.crt
certChain 1
}

1 Like
22

Ah, I think I (finally) see what is happening.

The URL is being doubled up due to the way the configuration is written:

$ curl -X GET -i jeffwebsite.dev/.well-known/.well-known/acme-challenge/acme-test-2
HTTP/1.1 200 OK

Could you take this:

and change:

to:

location /usr/local/lsws/Example/html/.well-known/

Then do a graceful restart of Litespeed.

Then try again:

sudo certbot certonly --webroot -w /usr/local/lsws/Example/html/ -d jeffwebsite.dev -d www.jeffwebsite.dev --dry-run
1 Like
23

omg it worked!

root@mywebsite:/usr/local/lsws/Example/html/demo# sudo certbot certonly --webroot -w /usr/local/lsws/Example/html/ -d jeffwebsite.dev -d www.jeffwebsite.dev
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for jeffwebsite.dev
http-01 challenge for www.jeffwebsite.dev
Using the webroot path /usr/local/lsws/Example/html for all unmatched domains.
Waiting for verification…
Cleaning up challenges

IMPORTANT NOTES:

  • Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/jeffwebsite.dev/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/jeffwebsite.dev/privkey.pem
    Your cert will expire on 2020-11-23. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot
    again. To non-interactively renew all of your certificates, run
    “certbot renew”

  • If you like Certbot, please consider supporting our work by:

    Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate
    Donating to EFF: https://eff.org/donate-le

Thank you so much!

1 Like
24

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.