it would be possible for letsencrypt to use something like http://phantomjs.org/. This would allow the verification part to render the page via the javascript and thus find the contents of the file.
The other way to avoid the problem is for the hosting service to allow access to .well-known/acme-challenge without javascript checks.
So I either have to wait for a future version of letsencrypt, or find a hosting service that supports letsencrypt, or switch on my own server!
gethttpsforfree.com is basically just another client for Letās Encrypt. The verification is happening on the CA server, so switching clients wonāt have any effect.
I donāt think thereās any chance that Letās Encrypt would ever start executing JavaScript for this purpose. Thatās a huge security risk, very error-prone and absolutely not how HTTP is supposed to work. This is something the hosting service would have to fix on their end.
Iām not sure i understand. I have completed everything up until i need to create the new directory. Since iām also using shared server, iām unable to create a new director within SSH. Can you help where you edited the htaaccess file as well as how you created the new .well-known-ā¦ directory ? Appreciate any assistance one can give.
michael
I am a dummy - and I have no clue where to begin with thisā¦
I am using Arvixe (as rohit1290 said he did), and I can log into CPanel and generate a private key - but how do I create the public keyā¦
I followed the how do I generate this? info, and created a public key (via SSH) and when I copied the information in, it wouldnāt validate saying it was the wrong formatā¦
Also - how would I handle my addon domains? The same way??
How do I create the private key in a file? On Arvixe/CPanel I went in to the SSL/TLS section and clicked on the generate private key - which gave me the key to copyā¦
Can I just past that in a text file named private.pem on my site (via SSH)?
Sorry, I donāt know much about the context of what youāre trying to do with CPanel. Does your CPanel have Letās Encrypt integration of some sort? Is there a particular set of instructions that youāre trying to follow?
@CMKiraly, the original poster @rohit1290 used https://gethttpsforfree.com/ which helps interact with the CA for you (it's a third-party assistant tool and isn't created or operated by the Let's Encrypt CA). That apparently works fine with Arvixe (or at least did recently), but assumes you "know how to generate certificate requests"; if you don't, it might be a lot of effort for you because there are several steps you'll have to do with the openssl command line. Note @riking's caution
Did you ever write up your tutorial - I got to the same point you did (Error: Certificate signature failed. Please start back at Step 1. {ātypeā:āurn:acme:error:malformedā,ādetailā:āError creating new cert :: Certificate public key must be different than account keyā,āstatusā:400}) and was hoping to see where Iām going wrong atā¦
At this point - I got through to the point where it gets to step 5 and gives me
Error: Certificate signature failed. Please start back at Step 1. {ātypeā:āurn:acme:error:malformedā,ādetailā:āError creating new cert :: Certificate public key must be different than account keyā,āstatusā:400}
Iām not sure what I did wrong or where I go from hereā¦
If youāre using the gethttpsforfree service, you need to create two different keypairs (the account key and the domain key). In the āhow do I generate this?ā links on that site, these are referred to as account.key and domain.key.
Im using a shared host with a wordpress main site and a subdomain with a Flarum forum. I installed letsencrypt using phpacme and also got the certificates. I am not able to get my site HTTPS. its at goaitpro.org
please advise. HTTPS redirects to cgi default page.