Trying to create certificate

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:lmimail.com

I ran this command:tellmail ssl_update

It produced this output:
Update domain mail.lmimail.com\

Existing cert check: mail.lmimail.com Self signed certificate /CN=mail.lmimail.com\

Account status: Account created ok https://acme-v02.api.letsencrypt.org/acme/acct/86062850
acme_authorize required for domain mail.lmimail.com\

Challenge http-01 pending
Created www/.well-known/acme-challenge/iD-7xdNevmgRdvxfd-BYrglLvV0kEFpkl5VBId-Cczk
Created /volumes/lmimail/Library/WebServer/Documents/acme-challenge/iD-7xdNevmgRdvxfd-BYrglLvV0kEFpkl5VBId-Cczk\

Challenge: error: Invalid response from http://mail.lmimail.com/.well-known/acme-challenge/iD-7xdNevmgRdvxfd-BYrglLvV0kEFpkl5VBId-Cczk [50.245.81.153]: “\n\n404 Not Found\n\n

Not Found

\n<p”\

HINT: Check your setting url_host points to your mail server for this domain!!\

acme_do_auth failed mail.lmimail.com\

My web server is (include version): Apache 2.4.16

The operating system my web server runs on is (include version):Mac os x 10.10.5

My hosting provider, if applicable, is:Comcast

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Please show the contents of the “surgemail.ini” file (or equivalent).
And also the output of:
apachectl -S

Thanks for your help. I’m and Windows guy not a Unix/Mac but I’m learning.

Hal

(Attachment surgemail.ini is missing)

apa.txt (453 Bytes)

try two

surgemailini.txt (17.4 KB)

apa.txt (453 Bytes)

As best I can tell, the document roots don’t line up:
Main DocumentRoot: "/Library/WebServer/Documents"
g_ssl_lets_path "/volumes/lmimail/Library/WebServer/Documents"
OR
Maybe they do?

There is one way to be sure:
echo "main-path" >> /Library/WebServer/Documents/file1
echo "long-path" >> /volumes/lmimail/Library/WebServer/Documents/file2
Then see which (if any) can be seen from the Internet:
http://mail.lmimail.com/file1
http://mail.lmimail.com/file2
http://mail.lmimail.com/.well-known/acme-challenge/file1
http://mail.lmimail.com/.well-known/acme-challenge/file2

I changed the paths so I think they now match, I think its the .well-known part thats missing. It doesn’t seem to be a mapped or created option.

Thanks,

1 Like

I didn’t ask you to change anything.
But did the change make any difference?
If so, what did you change? A did it make things any better?

Sorry, I only changed the path in SurgeMail to match the other path. And no it did not change anything.

After created a test file I can see it from both the root of mail.lmimail.com and

in the mail.lmimail.com/acme-challenge/ folder both visable from the internet.

However, there is no actual or virtual .well-known folder or path

That statement contradicts itself.

After the change/no change, does everything else still work?
[make sure that didn't break anything else FIRST before moving forward]

If the change did not fix the current situation, then please revert that back - we don’t know what else that may affect [later].

yes, it seems everything still works. I only removed /volumes/lmimail from the front of the path in SurgeMail. I believe that was assumed anyway, I’ve just had to inculde it in some server realted (non internet) paths in the past.

I think you would do better by leaving it the way it was.
And let’s move on to resolving your problem.

Path is changed back to what it was.

OK, did you create the two test files?

curl -Iki http://mail.lmimail.com/file1
HTTP/1.1 404 Not Found

curl -Iki http://mail.lmimail.com/file2
HTTP/1.1 404 Not Found

curl -Iki http://mail.lmimail.com/.well-known/acme-challenge/file1
HTTP/1.1 404 Not Found

curl -Iki http://mail.lmimail.com/.well-known/acme-challenge/file2
HTTP/1.1 404 Not Found

And just to be sure we are on the right system…
Please show the response of:
curl ifconfig.me

Files are created and both available at the root only.

curl output

50.245.81.153mail:Library lmimail$

OK, we ARE on the right system.
Ok I do see both files at the root - this is a good step.

OK now we determine where exactly are the challenge files being served from.
mkdir /volumes/lmimail/Library/WebServer/Documents/.well-known/
mkdir /volumes/lmimail/Library/WebServer/Documents/.well-known/acme-challenge/
mkdir /volumes/lmimail/Library/WebServer/Documents/acme-challenge/

echo "location-1" >> /volumes/lmimail/Library/WebServer/Documents/.well-known/where-file
echo "location-2" >> /volumes/lmimail/Library/WebServer/Documents/.well-known/acme-challenge/where-file
echo "location-3" >> /volumes/lmimail/Library/WebServer/Documents/acme-challenge/where-file

Then we see which location text is returned with:
http://mail.lmimail.com/.well-known/acme-challenge/where-file

Ok all those are complete.

curl http://mail.lmimail.com/.well-known/acme-challenge/where-file
location-2