The new gTLDs and the permissions error


#1

I’m a first time user of Let’s Encrypt today. I wanted to create a certificate for one of the new TLDs - it’s a .domains. The site hosting the domain is on a VPS running CentOS 7 and WHM/cPanel.

I ran into the Error: The client lacks sufficient authorization problem that a number of people seem to be having. It seems to present itself as a folder permissions/user problem. But after a considerable time mankling with permissions etc. I wondered if it was the TLD somehow causing the problem (I’ve had some funny looks from software in the past when presented with such outlandish TLDs).

So exactly the same set up on the same server, etc. etc. I tried creating a certificate for a regular .net domain on an adjacent WHM account. LE did its stuff on that without complaint. The .domains one though is still causing the same problem. I’ve got LE logs if any staff member wants to see them.


#2

It got added to the public suffix list over a year ago, might be worth to file a bug against boulder.


#3

I’ve just done that. Thanks a lot.


#6

Something that had me stumped for a while. I had installed a few certs without issue following the instructions in this thread. Then, upon another attempt I was getting the insufficient authorization error. The .well-known and acme-challenge directories were created but nothing could be put in them.

The “forest for the trees” answer was Options -Indexes in the .htaccess file for the account. Comment that out and then it worked without issue.

Hope that helps someone. :slight_smile: