Vesta CP - Error getting validation data


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: enorugby.com

I ran this command: certbot --staging

It produced this output:
Congratulations! You have successfully enabled https://enorugby.com and
https://www.enorugby.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=enorugby.com
https://www.ssllabs.com/ssltest/analyze.html?d=www.enorugby.com

When I try to test at those sites, I get the following message: Assessment failed: No secure protocols supported

My web server is (include version): Apache2

The operating system my web server runs on is (include version): Ubuntu 18.04

My hosting provider, if applicable, is: Digital Ocean

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Vesta CP latest version 0.9.8-23

As noted above, both configuration tests fail. Also, when I try to enable SSL Support and Let’s Encrypt Support in Vesta CP, I get the following error: Error: Fetching https://enorugby.com/.well-known/acme-challenge/F-zPeeuLlOv5qFMYSPErdANphf7Yo7nMjMvQLaHYNfs: Error getting validation data

I am running the --staging command because I already tried this one and started getting 429 errors when attempting to enable this via the Vesta CP panel. I reset my server to a clean install, reinstalled VestaCP, reinstalled certbot, and tried to run it with the staging flag, hoping I could correct any connectivity errors before trying again in production. Please assist.


#2

https://letsdebug.net/enorugby.com/11075#WebserverMisconfiguration-Error

Your server seems to be listening on insecure HTTP on port 443, rather than HTTPS. e.g. http://enorugby.com:443/.well-known/acme-challenge/test

This would indicate something has gone wrong inside VestaCP’s management of your virtual hosts. If you get support from them, now might be the time!


#3

There was an issue with the HTTP > HTTPS redirect. For anyone else who has this issue, it looks like the lets encrypt install added the following lines to my enorugby.com.apache2.conf file:
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.enorugby.com [OR]
RewriteCond %{SERVER_NAME} =enorugby.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

I commented these lines out, restarted the apache2 service, and retried the letsdebug test. No issues this time. I went into VestaCP, edited my site, added SSL and Lets Encrypt support, and it worked! I removed the comments from the conf file, restarted apache2 again, and tested everything It is all working properly now, redirect and all.

Thank you!