Subdomain and HSTS issue


#1

I’m having a issue, since my main domain has HSTS I’m trying to make a subdomain run via the lets encrypt cert but it can’t connect to the subdomain since the http wont resolve. Is there any way I can manually make the certificate and install it on the server?

Processing dvr.yout.com
 + Signing domains...
 + Generating private key...
 + Generating signing request...
 + Requesting challenge for dvr.yout.com...
 + Responding to challenge for dvr.yout.com...
ERROR: Challenge is invalid! (returned: invalid) (result: {
  "type": "http-01",
  "status": "invalid",
  "error": {
    "type": "urn:acme:error:connection",
    "detail": "Could not connect to dvr.yout.com",
    "status": 400
  },
  "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/BVcN0fP_36GCYzyeT2sOlDabI6NpAtLE95ixmi6Ns1A/282345749",
  "token": "tudJLdIjTKUvjy-msakqzosIvo-b6JUZyjxfqrM3VEc",
  "keyAuthorization": "tudJLdIjTKUvjy-msakqzosIvo-b6JUZyjxfqrM3VEc.6n_ESM2Gsp-V04wn7bf9Umrb-Uh1U4_2OGREtVVhLto",
  "validationRecord": [
    {
      "url": "http://dvr.yout.com/.well-known/acme-challenge/tudJLdIjTKUvjy-msakqzosIvo-b6JUZyjxfqrM3VEc",
      "hostname": "dvr.yout.com",
      "port": "80",
      "addressesResolved": [
        "205.134.190.234"
      ],
      "addressUsed": "205.134.190.234"
    }
  ]
})

#2

I don’t think this problem is related to HSTS at all. The Let’s Encrypt CA validator shouldn’t be honoring HSTS for this purpose, and it seems like it successfully connected to the http://dvr.yout.com/ site but got an HTTP 400 error when it did. That is different from being unable to connect at all.

What kind of client software are you using and how is it related to the web listener that’s listening on http://dvr.yout.com/?


#3

hrmm, seems I had reloaded nginx but had not started it. It’s working now. Thank you


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.