Validation failed on Webmin

Pappaji · August 14, 2022, 1:26pm

I've been wrecking my brains out - the SSL did not renew - then the SSL was outdated - so I deleted all the SSL certificates from the server
I thought I'd get new fresh ones... but It won't renew
Please bear in mind I am not a coding person so please explain in laymans terms and I'll do my best to follow - Thanks in adavance.

My domain is: ahprinters.co.uk and ahprinters.com is parked in it, I also tried to get SSL for webmail.ahprinters.co.uk and .com for the first time (as I do need it for emails)

I ran this command: request certificate

======================================================
It produced this output:

Requesting a certificate for ahprinters.co.uk, www.ahprinters.co.uk, ahprinters.com, www.ahprinters.com, webmail.ahprinters.com, webmail.ahprinters.co.uk from Let's Encrypt ..
.. request failed : Web-based validation failed :
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Requesting a certificate for ahprinters.co.uk and 5 more domains
Performing the following challenges:
http-01 challenge for ahprinters.co.uk
http-01 challenge for ahprinters.com
http-01 challenge for webmail.ahprinters.co.uk
http-01 challenge for webmail.ahprinters.com
http-01 challenge for www.ahprinters.co.uk
http-01 challenge for www.ahprinters.com
Using the webroot path /home/ahprinte/public_html for all unmatched domains.
Waiting for verification...
Challenge failed for domain ahprinters.co.uk
Challenge failed for domain ahprinters.com
Challenge failed for domain webmail.ahprinters.co.uk
Challenge failed for domain webmail.ahprinters.com
Challenge failed for domain www.ahprinters.co.uk
Challenge failed for domain www.ahprinters.com
http-01 challenge for ahprinters.co.uk
http-01 challenge for ahprinters.com
http-01 challenge for webmail.ahprinters.co.uk
http-01 challenge for webmail.ahprinters.com
http-01 challenge for www.ahprinters.co.uk
http-01 challenge for www.ahprinters.com
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:

The following errors were reported by the server:

Domain: ahprinters.co.uk
Type: unauthorized
Detail: 5.189.166.189: Invalid response from
http://ahprinters.co.uk/.well-known/acme-challenge/l-xcfy2jhiCofGVbchrBkuyUgf8CR3m6OnwGMYHNYdg:
404

Domain: ahprinters.com
Type: unauthorized
Detail: 5.189.166.189: Invalid response from
http://ahprinters.com/.well-known/acme-challenge/Dv5dK6JunX-j9zKmyKCZCRktlq9pruxRZczWN66rgNY:
404

Domain: webmail.ahprinters.co.uk
Type: unauthorized
Detail: 5.189.166.189: Invalid response from
http://webmail.ahprinters.co.uk/.well-known/acme-challenge/6NqeLNukv-2FHU_i1tjq6PeUelVlrGsb9_Vq4FjBetY:
404

Domain: webmail.ahprinters.com
Type: unauthorized
Detail: 162.215.3.16: Invalid response from
http://webmail.ahprinters.com/.well-known/acme-challenge/MybkEaYDbKk4yiGHiwDKx_MM5iTzt8HFkCzcpKySKnQ:
403

Domain: www.ahprinters.co.uk
Type: unauthorized
Detail: 5.189.166.189: Invalid response from
http://www.ahprinters.co.uk/.well-known/acme-challenge/sDBqiUnYu6BPHDQTBu36ttI2DJEVTcTPf9hdcogXys4:
404

Domain: www.ahprinters.com
Type: unauthorized
Detail: 5.189.166.189: Invalid response from
http://www.ahprinters.com/.well-known/acme-challenge/2BkM5gGOBmiLUExnL8V4sdoL1Gjqas6VK8D6tus8aO8:
404

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
DNS-based validation failed :
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Requesting a certificate for ahprinters.co.uk and 5 more domains
Performing the following challenges:
dns-01 challenge for ahprinters.co.uk
dns-01 challenge for ahprinters.com
dns-01 challenge for webmail.ahprinters.co.uk
dns-01 challenge for webmail.ahprinters.com
dns-01 challenge for www.ahprinters.co.uk
dns-01 challenge for www.ahprinters.com
Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
Waiting for verification...
Challenge failed for domain ahprinters.co.uk
Challenge failed for domain ahprinters.com
Challenge failed for domain webmail.ahprinters.co.uk
Challenge failed for domain webmail.ahprinters.com
Challenge failed for domain www.ahprinters.co.uk
Challenge failed for domain www.ahprinters.com
dns-01 challenge for ahprinters.co.uk
dns-01 challenge for ahprinters.com
dns-01 challenge for webmail.ahprinters.co.uk
dns-01 challenge for webmail.ahprinters.com
dns-01 challenge for www.ahprinters.co.uk
dns-01 challenge for www.ahprinters.com
Cleaning up challenges
Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
Some challenges have failed.
IMPORTANT NOTES:
The following errors were reported by the server:

Domain: ahprinters.co.uk
Type: unauthorized
Detail: No TXT record found at _acme-challenge.ahprinters.co.uk

Domain: ahprinters.com
Type: unauthorized
Detail: No TXT record found at _acme-challenge.ahprinters.com

Domain: webmail.ahprinters.co.uk
Type: unauthorized
Detail: No TXT record found at
_acme-challenge.webmail.ahprinters.co.uk

Domain: www.ahprinters.co.uk
Type: unauthorized
Detail: No TXT record found at _acme-challenge.www.ahprinters.co.uk

Domain: www.ahprinters.com
Type: unauthorized
Detail: No TXT record found at _acme-challenge.www.ahprinters.com

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
The following errors were reported by the server:

Domain: webmail.ahprinters.com
Type: dns
Detail: DNS problem: NXDOMAIN looking up TXT for
_acme-challenge.webmail.ahprinters.com - check that a DNS record
exists for this domain

=========================================================

My web server is (include version):
IP: 5.189.166.189
Webmin version 1.998
Virtualmin version 7.1
Operating system
CentOS Linux 7.9.2009

I can login to a root shell on my machine: I don't know

I am using Virtual Server in Webmin to manage

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Don't see any Cretbot in my webmin or virtualmin

PLEASE HELP
Thanks
Regards
Pappaji

Bruce5051 · August 31, 2022, 4:32pm

Not sure if this applies but thought I would at least point it out Email feedback: TLS 1.0/1.1 deprecation and SHA-1 deprecation
and Rejecting SHA-1 CSRs and validation using TLS 1.0 / 1.1 URLs

Also a great place to start debugging Let's Encrypt certificates is Let's Debug

jsha · August 31, 2022, 5:41pm

I think something has changed since you last tried validation. In your post, it looks like Let's Encrypt tried to validate your site, connected, and got an HTTP 404. Now if I try to connect manually, I get a "connection refused." That means your site isn't running a web server at all. You'll need to have a webserver running to get a certificate.

$ curl ahprinters.com
curl: (7) Failed to connect to ahprinters.com port 80 after 279 ms: Connection refused

Bruce5051 · August 31, 2022, 6:06pm

However your site is pingable

$ ping ahprinters.co.uk
PING ahprinters.co.uk (5.189.166.189) 56(84) bytes of data.
64 bytes from vmi431722.contaboserver.net (5.189.166.189): icmp_seq=1 ttl=36 time=175 ms
64 bytes from vmi431722.contaboserver.net (5.189.166.189): icmp_seq=2 ttl=36 time=174 ms
64 bytes from vmi431722.contaboserver.net (5.189.166.189): icmp_seq=3 ttl=36 time=175 ms
64 bytes from vmi431722.contaboserver.net (5.189.166.189): icmp_seq=4 ttl=36 time=174 ms
64 bytes from vmi431722.contaboserver.net (5.189.166.189): icmp_seq=5 ttl=36 time=176 ms
^C
--- ahprinters.co.uk ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4001ms
rtt min/avg/max/mdev = 173.838/174.636/175.527/0.592 ms
$ ping ahprinters.com
PING ahprinters.com (5.189.166.189) 56(84) bytes of data.
64 bytes from vmi431722.contaboserver.net (5.189.166.189): icmp_seq=1 ttl=36 time=175 ms
64 bytes from vmi431722.contaboserver.net (5.189.166.189): icmp_seq=2 ttl=36 time=174 ms
64 bytes from vmi431722.contaboserver.net (5.189.166.189): icmp_seq=3 ttl=36 time=174 ms
64 bytes from vmi431722.contaboserver.net (5.189.166.189): icmp_seq=4 ttl=36 time=174 ms
64 bytes from vmi431722.contaboserver.net (5.189.166.189): icmp_seq=5 ttl=36 time=174 ms
^C
--- ahprinters.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4007ms
rtt min/avg/max/mdev = 173.803/174.249/175.145/0.491 ms

system · September 30, 2022, 6:07pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
SSL keeps failing both to renew and also to request certificate PLEASE HELP Help	4	547	October 8, 2023
Renew certificate with webmin Help	3	3072	January 17, 2021
Virtualmin Web-based validation failed : Failed to request certificate : Help	4	1324	July 8, 2020
Cannot renew SSL certificate after webmin 1.941 Help	6	4399	April 29, 2020
LE renewal suddenly returns 404 via Webmin/Virtualmin Help	7	3327	March 4, 2020

Validation failed on Webmin

Related topics