SSL with private nameserver on shared hosting

Shared hosting on ipowerweb which DOES NOW USE LEST ENCRYPT!!! woohoooo!

Small business owner that uses my own private nameservers. I am trying to set up my SSL certificate using my own private name servers rather than ipowers name servers. Is this possible? I do not have access through SSH on I power web. I have installed Docker and I’m trying to install ssl manually using certbot from my MAC but I keep getting this error:

Domain: lanceellis.com
Type: unauthorized
Detail: Invalid response from the key…

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

I have nameservers and A records pointing to Ipowerweb’s IP address.

You don’t have SSH access, but you did install docker? But how? :thinking:

running from my computer. installing it manually. I dont have SSH access to iPower, should I say.

How are you providing the challenges to the Let’s Encrypt validation servers in that case? Please read https://letsencrypt.org/how-it-works/ if you don’t understand what I’m asking.

What kind of control do you have over the webserver? Even if you got your Let’s Encrypt certificate for your hostname, how would you install said certificate on ipowers webserver?

We can keep exchanging questions and answers, but I think it’s best if you’d answer to the best of your knowledge the following questionnaire, which should have been presented when you started a thread in the Help section:

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

1 Like

-My domain is: lanceellis.com
-My hosting provider is: ipower.com I have stated that I do not have SSH access to their service.
-Access to the control panel but I always use FTP to manage my site. domaincentral 3.0
-NEWBIE Limited info

-i used ftp to upload the acme challenge. its there but gives the errors that I posted below. That’s all the information that I have because I am new to this. This is what I have done so far from my computer step-by-step.

  1. docker pull certbot/certbot

  2. docker run -it --rm --name certbot \

--volume "/tmp/etc-letsencrypt:/etc/letsencrypt" \
--volume "/tmp/var-lib-letsencrypt:/var/lib/letsencrypt" \
certbot/certbot certonly \
--manual --manual-public-ip-logging-ok \
--email deva@lanceellis.com --agree-tos \
--domain lanceellis.com --rsa-key-size 2048
  1. it told me to:
    Create a file containing just this data:

And make it available on your web server at this URL:

http://lanceellis.com/.well-known/acme-challenge/T3f8NMjn0P1v6XoKCs1R3ZlHMCfnH9FCud0QG2D-15Q

  1. created and uploaded the file to the correct folder on my server following the directions with the key it created

  2. hit enter when asked and it ran the checks for the challenge and that’s where it said:

Waiting for verification…
Challenge failed for domain lanceellis.com
Domain: lanceellis.com
Type: unauthorized
Detail: Invalid response from
http://lanceellis.com/.well-known/acme-challenge/T3f8NMjn0P1v6XoKCs1R3ZlHMCfnH9FCud0QG2D-15Q
[66.96.130.110]:

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

***Why I am asking “if” it can be done on shared hosting with private name servers. Ipower users let’s encrypt and i can enable a certificate but I will have to use their name servers. I am trying to figure out if this can be done using my own private mean servers.

1 Like

Well, that file isn’t available for me either. I’m getting a “File not found” error.

Perhaps ipower only uses the dns-01 challenge which requires control over the domain name. In that case, if you run your own DNS server for your domain, ipower can’t use the dns-01 challenge.

You might be able to use the dns-01 challenge too. This can be done with the --manual plugin too, in combination with -preferred-challenges dns.

However, the step you did just now should work as well. Perhaps you didn’t name the file right by accident?

In any case, the following still applies:

2 Likes

Don’t forget you can use the Staging environment while you test. This will prevent you from running into rate limits.

3 Likes

aaahhhhhhhhh. yes. file name had error. i could kick myself. THANK YOU BOTH!!!

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.