My domain is: rainbowcosmetics.info
Hello all
I use Let’s Encrypt quite a lot but I’m helping out a former employer with one now but the server has WHM/cPanel and it’s getting on my goat.
So I try to issue the certificate with the plugin (which I’ve just purchased a licence for) and I get the following error
I’ve checked to see if I can view a test file in the acme-challenge folder which workshttp://rainbowcosmetics.info/.well-known/acme-challenge/test.txt
I’ve a sneaky suspicion it’s something to do with DNS but I can’t figure out what. The DNS uses another too, which I don’t have access to at the moment, but both the A records for with and without www. are pointing at the correct server.
Can somebody point me in the right direction.
I have full SSH and WHM/cPanel access to the server.
curl -vvv -H "Authorization: whm root:$(cat /etc/.letsencrypt-cpanel-api-token)" \
-i -k https://$(hostname):2087/json-api/version
This returns 200 and looks ok
All passes fine
Thanks
Osiris
February 3, 2019, 6:42pm
2
You have an IPv6 address configured on your server which is giving different results from the IPv4 address:
osiris@desktop ~ $ curl -Lvk http://rainbowcosmetics.info/.well-known/acme-challenge/PyZjy64d3oqH01mVyy2tom2bQCZ3xOA06qpCUpufvvM
* Trying 2001:8d8:1000:10b4:f07e:561:4d88:2839...
* Connected to rainbowcosmetics.info (2001:8d8:1000:10b4:f07e:561:4d88:2839) port 80 (#0)
> GET /.well-known/acme-challenge/PyZjy64d3oqH01mVyy2tom2bQCZ3xOA06qpCUpufvvM HTTP/1.1
> Host: rainbowcosmetics.info
>
< HTTP/1.1 204 No Content
< Content-Length: 0
< Connection: keep-alive
< Keep-Alive: timeout=15
< Date: Sun, 03 Feb 2019 18:39:33 GMT
< Server: Apache
osiris@client ~ $ curl -Lvk4 http://rainbowcosmetics.info/.well-known/acme-challenge/PyZjy64d3oqH01mVyy2tom2bQCZ3xOA06qpCUpufvvM
* Trying 82.196.238.200...
* Connected to rainbowcosmetics.info (82.196.238.200) port 80 (#0)
> GET /.well-known/acme-challenge/PyZjy64d3oqH01mVyy2tom2bQCZ3xOA06qpCUpufvvM HTTP/1.1
> Host: rainbowcosmetics.info
>
< HTTP/1.1 404 Not Found
< Date: Sun, 03 Feb 2019 18:39:42 GMT
< Server: Apache
< Content-Type: text/html; charset=UTF-8
<
<!doctype html>
(...)
* Connection #0 to host rainbowcosmetics.info left intact
osiris@desktop ~ $
Thanks … any idea what I can do about that? I hate working with WHM/cPanel
Osiris
February 3, 2019, 6:45pm
4
Talk to your hosting provider and ask why they have set up an IPv6 address which doesn't show your site in the first place.
I don't have any experience with WHM/cPanel, sorry.
1 Like
Hi @johnedwarddoyle
do you have access to your nameserver settings? If yes, remove your ipv6 entries.
This is the AAAA entry.
Ah I see. I don’t at the moment, I’m trying to get the details which is proving difficult for a Sunday evening. I’ll get them in time. Thanks for the help.
_az
February 3, 2019, 8:04pm
7
It looks like the errant IPv6 record for your domain has been successfully removed now.
It was pointing to a completely different server to your cPanel server - which would have shown a different website to visitors who were IPv6-enabled.
You should be able to issue a certificate now.
1 Like
Yes you are correct. I eventually got access to the DNS. Thanks all
1 Like
system
March 5, 2019, 8:23pm
9
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.