Tried to install Lets Encrypt Skript on my web site sozialepfalz.de

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

sozialepfalz.de

I ran this command:

It produced this output:

503 Service and Web Sites not available.

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

Shared server

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

DirectAdmin Web Control Panel

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

My websire www.sozialepfalz.de and all of my sub domains are not available anymore.

Error Not safe, no valid scipt.

Could you please help to restore my web site www.sozialepfalz.de, please,

Kind regards,

Andreas

Welcome to the Let's Encrypt Community, Andreas

Looking at the certificate history for sozialepfalz.de...

the first certificate that you requested today...

covers these domain names:

X509v3 Subject Alternative Name:
DNS:andreasklamm.sozialepfalz.de
DNS:andreaspklamm.sozialepfalz.de
DNS:andrewpharrod.sozialepfalz.de
DNS:ftp.sozialepfalz.de
DNS:interaktiv.sozialepfalz.de
DNS:leute.sozialepfalz.de
DNS:lovepeacepeople.sozialepfalz.de
DNS:mail.sozialepfalz.de
DNS:mailone.sozialepfalz.de
DNS:officelu.sozialepfalz.de
DNS:pop.sozialepfalz.de
DNS:radio.sozialepfalz.de
DNS:regionalhilfe.sozialepfalz.de
DNS:smtp.sozialepfalz.de
DNS:sozial.sozialepfalz.de
DNS:sozialaktiv.sozialepfalz.de
DNS:sozialepfalz.de
DNS:sozialepfalz.sozialepfalz.de
DNS:video.sozialepfalz.de
DNS:videotv.sozialepfalz.de
DNS:www.andreasklamm.sozialepfalz.de
DNS:www.andreaspklamm.sozialepfalz.de
DNS:www.andrewpharrod.sozialepfalz.de
DNS:www.interaktiv.sozialepfalz.de
DNS:www.leute.sozialepfalz.de
DNS:www.lovepeacepeople.sozialepfalz.de
DNS:www.mailone.sozialepfalz.de
DNS:www.officelu.sozialepfalz.de
DNS:www.radio.sozialepfalz.de
DNS:www.regionalhilfe.sozialepfalz.de
DNS:www.sozial.sozialepfalz.de
DNS:www.sozialaktiv.sozialepfalz.de
DNS:www.sozialepfalz.de
DNS:www.sozialepfalz.sozialepfalz.de
DNS:www.video.sozialepfalz.de
DNS:www.videotv.sozialepfalz.de

while the second certificate you requested today...

covers these domain names:

X509v3 Subject Alternative Name:
DNS:lovepeacepeople.sozialepfalz.de
DNS:mail.sozialepfalz.de
DNS:mailone.sozialepfalz.de
DNS:officelu.sozialepfalz.de
DNS:pop.sozialepfalz.de
DNS:radio.sozialepfalz.de
DNS:regionalhilfe.sozialepfalz.de
DNS:smtp.sozialepfalz.de
DNS:sozial.sozialepfalz.de
DNS:sozialaktiv.sozialepfalz.de
DNS:sozialepfalz.de
DNS:www.radio.sozialepfalz.de
DNS:www.regionalhilfe.sozialepfalz.de

Note that www.sozialepfalz.de is not included in the second certificate.

Currently, sozialepfalz.de and www.sozialepfalz.de are serving a default, self-signed (snake oil) certificate, so your Let's Encrypt certificate is either not installed or your Apache webserver needs to be reloaded.

Both sozialepfalz.de and www.sozialepfalz.de are currently returning a 301 Moved Permanently response for http then a 200 OK response for https with this content:

Apache is functioning normally

Thank you! The first certificate has been removed after the 503 Error Message appeared, that the website sozialepfalz.de and all the subdomain are not available. I have tried the second one. However it was not working, too. After this I have tried to disable the certificates because without certificate the website and the subdomains have been available.

First off, the following might help enormously. You can safely change the 4096 at the end of the command to 2048 to have your websites load faster.

This is an alternative:

https://raymii.org/s/articles/Lets_Encrypt_Directadmin_Now_Built_In.html

Neither Let's Encrypt certificate was ever doing anything because neither Let's Encrypt certificate was ever actually installed. Your websites are serving a default certificate:

Screenshot_20210709-230124_Samsung Internet1440×2722 479 KB

Screenshot_20210709-230210_Samsung Internet1295×2468 184 KB

I think you only disabled the http to https redirects. The https addresses are still working. I see the subdomains as available, just with default content.

Is this the correct content for all of them?

Apache is functioning normally

Web Site are not available

July 11, 2021

Dear Griffin!

Thank you for your information. The web site www.sozialepfalz.de und Subdomains are NOT available.

The error message 503 Service not available does occur for not know reason since Saturday about 20.00 Uhr.

Kind regards,

Andreas Klamm (Andreas Klamm Sabaot), Senator h. c. of Conch Republic, Fürst von Liechtenstein-Kastelkorn, Graf von Wolf zu Wolfsthal, Journalist, Rundfunk-Journalist, Reporter, Autor, staatl. geprft. Gesundheits- und Krankenpfleger, Musik- und Medienproduzent, oterapro Radio Fernsehen Nachrichten Medien und Informationen, Kommunikations- und Nachrichten-Dienste, Radio TV IBS Liberty, Regionalhilfe.de, ISMOT International Social And Medical Outreach Team.

Journalisten-Bureau Andreas Klamm-Sabaot, Andreas Klamm Journalist, Schillerstr. 31, D 67141 Neuhofen in der Pfalz, Verbandsgemeinde Rheinauen, Rhein-Pfalz-Kreis, Rheinland-Pfalz, Deutschland, Tel. 0621 4909 650 117, Tel. 0621 5867 8054, Tel. 030 57 700 592, Mobil-Tel. 01579 232 0437, (Germany Telephone Country Code 0049, GER / DE). www.andreasklamm.de und www.andreaspklamm.de

I see that. While any 5xx response indicates a server error of some kind, a 503 Service Unavailable response is usually used to indicate a server is intentionally down for maintenance. Some hosting providers will configure their servers to return a 503 when there's a configuration issue in order to hide the problem from visitors of the website. For example, it's similar to a store putting a "closed for lunch" sign on the door to tell customers not to enter when what's really happening is the electricity isn't working.

I recommend contacting your hosting provider to check to see if there's an actual maintenance outage and, if not, what is likely causing a configuration error.

503 Error after Certificate from Let´s Encrypt

July 12, 2021

Dear Jonathan Griffin!

The issue seems to be script related. If you want to check I will be able to give you access to the server and you will be able to check yourself, please.

The Error Log file from July 12, 2021, sozialepfalz.de

• Copy -

[Mon Jul 12 01:45:20.571297 2021] [proxy:error] [pid 22944] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 01:45:20.571751 2021] [proxy_fcgi:error] [pid 22944] [client 47.91.128.217:44930] AH01079: failed to make connection to backend: httpd-UDS, referer: http://simplesite.com

[Mon Jul 12 02:14:07.365548 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 04:27:59.836943 2021] [proxy:error] [pid 28559] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 04:27:59.837703 2021] [proxy_fcgi:error] [pid 28559] [client 158.69.42.164:52536] AH01079: failed to make connection to backend: httpd-UDS, referer: http://simplesite.com

[Mon Jul 12 04:49:08.225961 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 04:53:03.614068 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 05:01:04.440385 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 05:06:55.205358 2021] [proxy:error] [pid 6496] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 05:06:55.205415 2021] [proxy_fcgi:error] [pid 6496] [client 34.254.164.69:57384] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 05:29:24.852201 2021] [proxy:error] [pid 7581] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 05:29:24.855711 2021] [proxy_fcgi:error] [pid 7581] [client 40.77.167.50:10880] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 05:29:30.400655 2021] [proxy:error] [pid 6566] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 05:29:30.400690 2021] [proxy_fcgi:error] [pid 6566] [client 40.77.167.99:57600] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 05:42:09.097383 2021] [proxy:error] [pid 7028] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 05:42:09.097440 2021] [proxy_fcgi:error] [pid 7028] [client 5.61.25.2:47814] AH01079: failed to make connection to backend: httpd-UDS, referer: http://simplesite.com

[Mon Jul 12 05:42:13.490148 2021] [proxy:error] [pid 7207] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 05:42:13.490202 2021] [proxy_fcgi:error] [pid 7207] [client 5.61.25.2:48324] AH01079: failed to make connection to backend: httpd-UDS, referer: http://simplesite.com

[Mon Jul 12 05:42:47.790150 2021] [proxy:error] [pid 7122] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 05:42:47.790202 2021] [proxy_fcgi:error] [pid 7122] [client 209.126.30.101:54743] AH01079: failed to make connection to backend: httpd-UDS, referer: http://simplesite.com

[Mon Jul 12 06:57:28.651763 2021] [proxy:error] [pid 10042] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 06:57:28.652402 2021] [proxy_fcgi:error] [pid 10042] [client 13.233.94.89:54595] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 07:16:42.007165 2021] [proxy:error] [pid 11657] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 07:16:42.007573 2021] [proxy_fcgi:error] [pid 11657] [client 114.119.167.129:47714] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 07:32:06.568194 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 07:33:03.932477 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 07:38:03.140817 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 07:39:03.565763 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 07:40:03.708677 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 08:03:33.897236 2021] [proxy:error] [pid 15471] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 08:03:33.897310 2021] [proxy_fcgi:error] [pid 15471] [client 202.39.38.247:51098] AH01079: failed to make connection to backend: httpd-UDS, referer: http://simplesite.com

[Mon Jul 12 08:09:26.494604 2021] [proxy:error] [pid 15450] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 08:09:26.494651 2021] [proxy_fcgi:error] [pid 15450] [client 157.55.39.19:14528] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 08:09:27.097735 2021] [proxy:error] [pid 15813] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 08:09:27.097777 2021] [proxy_fcgi:error] [pid 15813] [client 157.55.39.19:14529] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 08:09:50.504398 2021] [proxy:error] [pid 15416] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 08:09:50.504443 2021] [proxy_fcgi:error] [pid 15416] [client 207.46.13.77:34176] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 09:28:06.921237 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 09:42:04.009389 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 09:43:04.071052 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 09:49:03.325566 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 10:05:04.943567 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 10:08:03.331922 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 10:15:34.331395 2021] [proxy:error] [pid 23229] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 10:15:34.331716 2021] [proxy_fcgi:error] [pid 23229] [client 114.119.152.8:13930] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 10:27:13.372788 2021] [proxy:error] [pid 23979] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 10:27:13.372877 2021] [proxy_fcgi:error] [pid 23979] [client 151.106.117.82:39512] AH01079: failed to make connection to backend: httpd-UDS, referer: http://simplesite.com

[Mon Jul 12 10:30:38.276734 2021] [proxy:error] [pid 23229] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 10:30:38.276781 2021] [proxy_fcgi:error] [pid 23229] [client 199.16.157.181:45692] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 10:30:38.496506 2021] [proxy:error] [pid 23972] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 10:30:38.496558 2021] [proxy_fcgi:error] [pid 23972] [client 199.16.157.181:45716] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 10:30:38.718605 2021] [proxy:error] [pid 23261] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 10:30:38.718648 2021] [proxy_fcgi:error] [pid 23261] [client 199.16.157.181:64042] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 10:30:38.953925 2021] [proxy:error] [pid 23909] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 10:30:38.953957 2021] [proxy_fcgi:error] [pid 23909] [client 199.16.157.181:41619] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 10:30:39.219459 2021] [proxy:error] [pid 23248] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 10:30:39.219516 2021] [proxy_fcgi:error] [pid 23248] [client 199.16.157.181:55554] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 10:45:07.475266 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 10:56:03.871287 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 10:57:03.864335 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 11:07:04.724240 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 11:14:05.552565 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 11:20:48.593409 2021] [proxy:error] [pid 31197] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 11:20:48.593455 2021] [proxy_fcgi:error] [pid 31197] [client 91.66.170.243:63623] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 11:20:48.969086 2021] [proxy:error] [pid 31044] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 11:20:48.969135 2021] [proxy_fcgi:error] [pid 31044] [client 91.66.170.243:55164] AH01079: failed to make connection to backend: httpd-UDS, referer: http://sozialepfalz.de/

[Mon Jul 12 11:21:05.668266 2021] [proxy:error] [pid 31207] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 11:21:05.668344 2021] [proxy_fcgi:error] [pid 31207] [client 91.66.170.243:62441] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 11:21:06.113864 2021] [proxy:error] [pid 31034] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 11:21:06.113917 2021] [proxy_fcgi:error] [pid 31034] [client 91.66.170.243:61815] AH01079: failed to make connection to backend: httpd-UDS, referer: http://sozialepfalz.de/

[Mon Jul 12 11:27:04.237412 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 11:28:03.321606 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 11:30:03.642524 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 11:31:04.111093 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 11:36:03.349165 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 11:44:03.910120 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 11:47:12.000293 2021] [proxy:error] [pid 2534] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 11:47:12.000360 2021] [proxy_fcgi:error] [pid 2534] [client 114.119.135.64:46446] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 12:08:59.228700 2021] [proxy:error] [pid 3639] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 12:08:59.228787 2021] [proxy_fcgi:error] [pid 3639] [client 103.148.245.19:53603] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 12:16:04.977098 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 12:37:04.099557 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 13:07:02.057091 2021] [proxy:error] [pid 7072] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 13:07:02.057164 2021] [proxy_fcgi:error] [pid 7072] [client 34.254.202.59:40972] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 13:11:19.855750 2021] [proxy:error] [pid 7815] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 13:11:19.856086 2021] [proxy_fcgi:error] [pid 7815] [client 103.148.245.19:55474] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 13:17:06.708306 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 13:20:04.277642 2021] [ssl:warn] [pid 28634] AH01909: www.sozialepfalz.de:443:0 server certificate does NOT include an ID which matches the server name

[Mon Jul 12 13:24:15.275831 2021] [proxy:error] [pid 9467] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 13:24:15.275869 2021] [proxy_fcgi:error] [pid 9467] [client 148.70.125.137:52132] AH01079: failed to make connection to backend: httpd-UDS, referer: http://simplesite.com

[Mon Jul 12 13:33:00.388160 2021] [proxy:error] [pid 9446] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 13:33:00.388235 2021] [proxy_fcgi:error] [pid 9446] [client 114.119.149.159:38202] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 13:51:06.582871 2021] [proxy:error] [pid 10533] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 13:51:06.582922 2021] [proxy_fcgi:error] [pid 10533] [client 91.66.170.243:52406] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 13:51:06.756543 2021] [proxy:error] [pid 9610] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 13:51:06.756609 2021] [proxy_fcgi:error] [pid 9610] [client 91.66.170.243:60853] AH01079: failed to make connection to backend: httpd-UDS, referer: http://sozialepfalz.de/

[Mon Jul 12 14:07:16.268022 2021] [proxy:error] [pid 11217] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 14:07:16.268114 2021] [proxy_fcgi:error] [pid 11217] [client 91.66.170.243:52769] AH01079: failed to make connection to backend: httpd-UDS

[Mon Jul 12 14:07:16.412199 2021] [proxy:error] [pid 9603] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /usr/local/php74/sockets/andreasd.sock (*) failed

[Mon Jul 12 14:07:16.412245 2021] [proxy_fcgi:error] [pid 9603] [client 91.66.170.243:50192] AH01079: failed to make connection to backend: httpd-UDS, referer: http://sozialepfalz.de/

Thank you in advance.

Kind regards,

Andreas Klamm (Andreas Klamm Sabaot), Senator h. c. of Conch Republic, Fürst von Liechtenstein-Kastelkorn, Graf von Wolf zu Wolfsthal, Journalist, Rundfunk-Journalist, Reporter, Autor, staatl. geprft. Gesundheits- und Krankenpfleger, Musik- und Medienproduzent, oterapro Radio Fernsehen Nachrichten Medien und Informationen, Kommunikations- und Nachrichten-Dienste, Radio TV IBS Liberty, Regionalhilfe.de, ISMOT International Social And Medical Outreach Team.

Journalisten-Bureau Andreas Klamm-Sabaot, Andreas Klamm Journalist, Schillerstr. 31, D 67141 Neuhofen in der Pfalz, Verbandsgemeinde Rheinauen, Rhein-Pfalz-Kreis, Rheinland-Pfalz, Deutschland, Tel. 0621 4909 650 117, Tel. 0621 5867 8054, Tel. 030 57 700 592, Mobil-Tel. 01579 232 0437, (Germany Telephone Country Code 0049, GER / DE). www.andreasklamm.de und www.andreaspklamm.de

Several attempts to Install the free Let´s Encript ssl certificate failed on sozialepfalz.de

for NOT KNOWN reason

Dear Jonathan Griffin!

As you do know the Let´s Encrypt very well perhaps you will see the problem ?

Here is the error log file after trying to install the Let´s Encrypt SSL certificate.

Found wildcard domain name and http challenge type, switching to dns-01 validation.
2021/07/12 14:45:08 [INFO] [sozialepfalz.de, *.sozialepfalz.de] acme: Obtaining SAN certificate
2021/07/12 14:45:09 [INFO] [*.sozialepfalz.de] AuthURL: [https://acme-v02.api.letsencrypt.org/acme/authz-v3/14671439141](https://acme-v02.api.letsencrypt.org/acme/authz-v3/14671439141)
2021/07/12 14:45:09 [INFO] [sozialepfalz.de] AuthURL: [https://acme-v02.api.letsencrypt.org/acme/authz-v3/14750084409](https://acme-v02.api.letsencrypt.org/acme/authz-v3/14750084409)
2021/07/12 14:45:09 [INFO] [sozialepfalz.de] acme: authorization already valid; skipping challenge
2021/07/12 14:45:09 [INFO] [*.sozialepfalz.de] acme: use dns-01 solver
2021/07/12 14:45:09 [INFO] [*.sozialepfalz.de] acme: Preparing to solve DNS-01
2021/07/12 14:45:10 [INFO] [*.sozialepfalz.de] acme: Trying to solve DNS-01
2021/07/12 14:45:10 [INFO] [*.sozialepfalz.de] acme: Checking DNS record propagation using [8.8.8.8:53]
2021/07/12 14:45:40 [INFO] Wait for propagation [timeout: 5m0s, interval: 30s]
2021/07/12 14:45:41 [INFO] [*.sozialepfalz.de] acme: Waiting for DNS record propagation.
2021/07/12 14:46:11 [INFO] [*.sozialepfalz.de] acme: Waiting for DNS record propagation.
2021/07/12 14:46:41 [INFO] [*.sozialepfalz.de] acme: Waiting for DNS record propagation.
2021/07/12 14:47:11 [INFO] [*.sozialepfalz.de] acme: Waiting for DNS record propagation.
2021/07/12 14:47:41 [INFO] [*.sozialepfalz.de] acme: Waiting for DNS record propagation.
2021/07/12 14:48:11 [INFO] [*.sozialepfalz.de] acme: Waiting for DNS record propagation.
2021/07/12 14:48:41 [INFO] [*.sozialepfalz.de] acme: Waiting for DNS record propagation.
2021/07/12 14:49:11 [INFO] [*.sozialepfalz.de] acme: Waiting for DNS record propagation.
2021/07/12 14:49:41 [INFO] [*.sozialepfalz.de] acme: Waiting for DNS record propagation.
2021/07/12 14:50:11 [INFO] [*.sozialepfalz.de] acme: Waiting for DNS record propagation.
2021/07/12 14:50:41 [INFO] [*.sozialepfalz.de] acme: Cleaning DNS-01 challenge
2021/07/12 14:50:42 [INFO] retry due to: acme: error: 400 :: POST :: [https://acme-v02.api.letsencrypt.org/acme/authz-v3/14671439141](https://acme-v02.api.letsencrypt.org/acme/authz-v3/14671439141) :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: "0102HIi8skNGl43CXyW-g_fdTQWHaPf-CW4N85Lr9JIrynE", url: 
2021/07/12 14:50:42 [INFO] Skipping deactivating of valid auth: [https://acme-v02.api.letsencrypt.org/acme/authz-v3/14671439141](https://acme-v02.api.letsencrypt.org/acme/authz-v3/14671439141)
2021/07/12 14:50:42 [INFO] Deactivating auth: [https://acme-v02.api.letsencrypt.org/acme/authz-v3/14750084409](https://acme-v02.api.letsencrypt.org/acme/authz-v3/14750084409)
2021/07/12 14:50:43 Could not obtain certificates:
	error: one or more domains had a problem:
[*.sozialepfalz.de] time limit exceeded: last error: NS ns3.contabo.net. did not return the expected TXT record [fqdn: _acme-challenge.sozialepfalz.de., value: AT2MrWf08-wCv5NMZKrIVyL9VBK1Xf2zrbzaUxTTGqk]: 
Certificate generation failed.

Thank you in advance.

Perhaps this could be important:

The domain has been bought with another domain provider which is a different one than the contabo server.

The server is on contabo but the domain is bought with do.de

Could this lead to the problem or technical unknown conflict?

Thank you in advance.

Kind regards,

Andreas Klamm (Andreas Klamm Sabaot), Senator h. c. of Conch Republic, Fürst von Liechtenstein-Kastelkorn, Graf von Wolf zu Wolfsthal, Journalist, Rundfunk-Journalist, Reporter, Autor, staatl. geprft. Gesundheits- und Krankenpfleger, Musik- und Medienproduzent, oterapro Radio Fernsehen Nachrichten Medien und Informationen, Kommunikations- und Nachrichten-Dienste, Radio TV IBS Liberty, Regionalhilfe.de, ISMOT International Social And Medical Outreach Team.

Journalisten-Bureau Andreas Klamm-Sabaot, Andreas Klamm Journalist, Schillerstr. 31, D 67141 Neuhofen in der Pfalz, Verbandsgemeinde Rheinauen, Rhein-Pfalz-Kreis, Rheinland-Pfalz, Deutschland, Tel. 0621 4909 650 117, Tel. 0621 5867 8054, Tel. 030 57 700 592, Mobil-Tel. 01579 232 0437, (Germany Telephone Country Code 0049, GER / DE). www.andreasklamm.de und www.andreaspklamm.de

So, there are two types of things happening here.

Those errors are connected to a bug in the script that's actually causing the 503. The following seems like a good resource to begin addressing the bug:

That warning is an indication that the installed leaf certificate for www.sozialepfalz.de does not list www.sozialepfalz.de as a subject alternative name (SAN). Upon inspection, I see that the installed leaf certificate is self-signed. While it is a more detailed self-signed certificate than the previous one I inspected, it will still never be globally trusted by web browsers due to not being issued by a trusted certificate authority (CA) (like Let's Encrypt). Interestingly, the intermediate certificates being served with the self-signed leaf certificate would actually be correct if the leaf certificate were a Let's Encrypt certificate instead of a self-signed certificate. It's alright to use a self-signed certificate for testing purposes, but the domain name for which the certificate is installed must still be listed on the certificate.

Obtaining a wildcard certificate (*.) from Let's Encrypt requires completion of a dns-01 challenge, which involves creation of a TXT record in the DNS for the domain name in question. The DNS is with contabo in this case, so the registrar (domain offensive) is not of concern. Automating the creation and removal of such TXT records is usually the greatest obstacle in this process. If the script trying to acquire the certificate does not have some way to access the DNS to perform the necessary actions, it will fail. I usually encourage people not to use wildcard certificates if possible due to this obstacle. Previously, your script was using an http-01 challenge, which only involves creation of a file on the server that responds for the domain name in question. This is far easier to automate.

There does not seem to be a problem with acquiring Let's Encrypt certificates:

There seems to be a problem with installing Let's Encrypt certificates.

This has me wondering though:
Why is your server using this script instead of just using a standard ACME client like certbot?

I noticed that you are replying by email. Sometimes I edit my posts to supplement the information or correct things. I'm not sure if you're seeing those edits in your email box. You might want to log directly into the Let's Encrypt Community forums to see if what's in your email box matches what I've posted.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.