/.well-known/acme-challenge/ PLESK

femais.com için bir SSL/TLS sertifikası verilemedi
Ayrıntılar

femais.com için bir Let's Encrypt SSL/TLS sertifikası verilemedi.

http://femais.com/.well-known/acme-challenge/NxzOGiVRcoJNFgmN7qJ5mBexAduvah6kHOx5XeJLoLo üzerinde yetkilendirme belirteci yok.
Sorunu çözmek için, belirteç dosyasının yukarıdaki URL'den indirilebildiğinden emin olun.
Ayrıntılar için ilgili Bilgi Tabanı makalesine bakın.
Detaylar

Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/8308364040.

Details:

Type: urn:ietf:params:acme:error:unauthorized

Status: 403

Detail: Invalid response from http://femais.com/.well-known/acme-challenge/NxzOGiVRcoJNFgmN7qJ5mBexAduvah6kHOx5XeJLoLo [95.173.179.170]: "\n<meta http-equiv="refresh" content="1" /><meta http-equiv="cache-control" content="max-age=0" /><meta http-equiv="c"

1 Like

Hi and welcome!

Please show the entire command that you ran.

1 Like

I'm doing it via plesk panel.

1 Like

Do you have root user access?

1 Like

Do you have root user access?

Yes there is.

1 Like

That is good.
Can you show the nginx vhost config file for that domain?

1 Like
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
proxy_cache_path /var/cache/nginx/femais.com_proxy levels=1:2 keys_zone=femais.com_proxy:5m max_size=67108864;

fastcgi_cache_path /var/cache/nginx/femais.com_fastcgi levels=1:2 keys_zone=femais.com_fastcgi:5m max_size=67108864;
server {
	listen 95.173.179.170:443 ssl;

	ssl_certificate             /usr/local/psa/var/certificates/scfKSm5sf;
	ssl_certificate_key         /usr/local/psa/var/certificates/scfKSm5sf;

	server_name www.femais.com;

	location / {
		return 301 https://femais.com$request_uri;
	}

}

server {
	listen 95.173.179.170:443 ssl http2;

	server_name femais.com;
	server_name ipv4.femais.com;

	ssl_certificate             /usr/local/psa/var/certificates/scfKSm5sf;
	ssl_certificate_key         /usr/local/psa/var/certificates/scfKSm5sf;

	client_max_body_size 128m;

	root "/var/www/vhosts/femais.com/httpdocs";
	access_log "/var/www/vhosts/system/femais.com/logs/proxy_access_ssl_log";
	error_log "/var/www/vhosts/system/femais.com/logs/proxy_error_log";

	add_header X-Cache-Status $upstream_cache_status;
	set $no_cache "";

	set $cache_cookie $http_cookie;

	if ($cache_cookie !~ "^\s*$") {
		set $no_cache 1;
	}

	#extension sslit begin

	#extension sslit end

	#extension letsencrypt begin
	location ^~ /.well-known/acme-challenge/ {
		root /var/www/vhosts/default/htdocs;

		types { }
		default_type text/plain;

		satisfy any;
		auth_basic off;
		allow all;

		location ~ ^/\.well-known/acme-challenge.*/\. {
			deny all;
		}
	}
	#extension letsencrypt end

	location / {
		proxy_pass https://95.173.179.170:7081;
		proxy_set_header Host             $host;
		proxy_set_header X-Real-IP        $remote_addr;
		proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
		access_log off;

		proxy_cache_key "$scheme$request_method$host$request_uri";

		proxy_no_cache $no_cache $http_pragma $http_authorization $arg_nocache;
		proxy_cache_bypass $no_cache $http_pragma $http_authorization $arg_nocache;

		proxy_cache femais.com_proxy;
		proxy_cache_valid "5";
		proxy_cache_use_stale http_500 http_502 http_503 http_504 updating;
		proxy_cache_background_update on;
	}

	location ~ ^/(plesk-stat|awstats-icon|webstat|webstat-ssl|ftpstat|anon_ftpstat) {
		proxy_pass https://95.173.179.170:7081;
		proxy_set_header Host             $host;
		proxy_set_header X-Real-IP        $remote_addr;
		proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
		access_log off;

	}

	location @fallback {
		proxy_pass https://95.173.179.170:7081;
		proxy_set_header Host             $host;
		proxy_set_header X-Real-IP        $remote_addr;
		proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
		access_log off;

		proxy_cache_key "$scheme$request_method$host$request_uri";

		proxy_no_cache $no_cache $http_pragma $http_authorization $arg_nocache;
		proxy_cache_bypass $no_cache $http_pragma $http_authorization $arg_nocache;

		proxy_cache femais.com_proxy;
		proxy_cache_valid "5";
		proxy_cache_use_stale http_500 http_502 http_503 http_504 updating;
		proxy_cache_background_update on;
	}

	location ~ ^/(.*\.(ac3|avi|bmp|bz2|css|cue|dat|doc|docx|dts|eot|exe|flv|gif|gz|htm|html|ico|img|iso|jpeg|jpg|js|mkv|mp3|mp4|mpeg|mpg|ogg|pdf|png|ppt|pptx|qt|rar|rm|svg|swf|tar|tgz|ttf|txt|wav|woff|woff2|xls|xlsx|zip|webp))$ {
		try_files $uri @fallback;
	}

	location ~ ^/~(.+?)(/.*?\.php)(/.*)?$ {
		alias /var/www/vhosts/femais.com/web_users/$1/$2;
		fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
		fastcgi_param PATH_INFO $fastcgi_path_info;
		fastcgi_pass "unix:///var/www/vhosts/system/femais.com/php-fpm.sock";
		include /etc/nginx/fastcgi.conf;

		fastcgi_cache_key "$scheme$request_method$host$request_uri";

		fastcgi_no_cache $no_cache $http_pragma $http_authorization $arg_nocache;
		fastcgi_cache_bypass $no_cache $http_pragma $http_authorization $arg_nocache;

		fastcgi_cache femais.com_fastcgi;
		fastcgi_cache_valid "5";
		fastcgi_cache_use_stale http_500 http_503 updating;
		fastcgi_cache_background_update on;
	}

	location ~ ^/~(.+?)(/.*)?$ {
		proxy_pass https://95.173.179.170:7081;
		proxy_set_header Host             $host;
		proxy_set_header X-Real-IP        $remote_addr;
		proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
		access_log off;

		proxy_cache_key "$scheme$request_method$host$request_uri";

		proxy_no_cache $no_cache $http_pragma $http_authorization $arg_nocache;
		proxy_cache_bypass $no_cache $http_pragma $http_authorization $arg_nocache;

		proxy_cache femais.com_proxy;
		proxy_cache_valid "5";
		proxy_cache_use_stale http_500 http_502 http_503 http_504 updating;
		proxy_cache_background_update on;
	}

	location ~ \.php(/.*)?$ {
		fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
		fastcgi_param PATH_INFO $fastcgi_path_info;
		fastcgi_pass "unix:///var/www/vhosts/system/femais.com/php-fpm.sock";
		include /etc/nginx/fastcgi.conf;

		fastcgi_cache_key "$scheme$request_method$host$request_uri";

		fastcgi_no_cache $no_cache $http_pragma $http_authorization $arg_nocache;
		fastcgi_cache_bypass $no_cache $http_pragma $http_authorization $arg_nocache;

		fastcgi_cache femais.com_fastcgi;
		fastcgi_cache_valid "5";
		fastcgi_cache_use_stale http_500 http_503 updating;
		fastcgi_cache_background_update on;
	}

	disable_symlinks if_not_owner "from=/var/www/vhosts/femais.com";

	add_header X-Powered-By PleskLin;

	include "/var/www/vhosts/system/femais.com/conf/vhost_nginx.conf";
}
server {
	listen 95.173.179.170:80;

	server_name www.femais.com;

	location / {
		return 301 https://femais.com$request_uri;
	}

}

server {
	listen 95.173.179.170:80;

	server_name femais.com;
	server_name ipv4.femais.com;

	client_max_body_size 128m;

	location / {
		return 301 https://$host$request_uri;
	}
}
1 Like

Something is preventing this from executing:

I don't get the redirection.
LE didn't get the redirection either.

Please show:
grep -Ri femais.com /etc/nginx/

1 Like
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf:proxy_cache_path /var/cache/nginx                                                                                                             /femais.com_proxy levels=1:2 keys_zone=femais.com_proxy:5m max_size=67108864;
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf:fastcgi_cache_path /var/cache/ngi                                                                                                             nx/femais.com_fastcgi levels=1:2 keys_zone=femais.com_fastcgi:5m max_size=671088                                                                                                             64;
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf: server_name www.femais.com;
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf:         return 301 https://femai                                                                                                             s.com$request_uri;
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf: server_name femais.com;
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf: server_name ipv4.femais.com;
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf: root "/var/www/vhosts/femais.com                                                                                                             /httpdocs";
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf: access_log "/var/www/vhosts/syst                                                                                                             em/femais.com/logs/proxy_access_ssl_log";
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf: error_log "/var/www/vhosts/syste                                                                                                             m/femais.com/logs/proxy_error_log";
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf:         proxy_cache femais.com_p                                                                                                             roxy;
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf:         proxy_cache femais.com_p                                                                                                             roxy;
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf:         alias /var/www/vhosts/fe                                                                                                             mais.com/web_users/$1/$2;
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf:         fastcgi_pass "unix:///va                                                                                                             r/www/vhosts/system/femais.com/php-fpm.sock";
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf:         fastcgi_cache femais.com                                                                                                             _fastcgi;
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf:         proxy_cache femais.com_p                                                                                                             roxy;
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf:         fastcgi_pass "unix:///va                                                                                                             r/www/vhosts/system/femais.com/php-fpm.sock";
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf:         fastcgi_cache femais.com                                                                                                             _fastcgi;
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf: disable_symlinks if_not_owner "f                                                                                                             rom=/var/www/vhosts/femais.com";
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf: include "/var/www/vhosts/system/                                                                                                             femais.com/conf/vhost_nginx.conf";
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf: server_name www.femais.com;
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf:         return 301 https://femai                                                                                                             s.com$request_uri;
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf: server_name femais.com;
/etc/nginx/plesk.conf.d/vhosts/femais.com.conf: server_name ipv4.femais.com;
/etc/nginx/plesk.conf.d/webmails/femais.com_webmail.conf:       server_name "web                                                                                                             mail.femais.com";
/etc/nginx/plesk.conf.d/webmails/femais.com_webmail.conf:       server_name "web                                                                                                             mail.femais.com";
/etc/nginx/plesk.conf.d/webmails/femais.com_webmail.conf.bak:   server_name "web                                                                                                             mail.femais.com";
/etc/nginx/plesk.conf.d/webmails/femais.com_webmail.conf.bak:   server_name "web                                                                                                             mail.femais.com";

The given URL opens without any problems.
https://femais.com/.well-known/acme-challenge/LVCM2tgG1HQj8y6Q5T52L_aWFPGG37XTj0vAj5IHd_M

There is no firewall barrier.

1 Like

The problem is LE looks for HTTP and nginx isn't sending it to HTTPS.
Try that link without the "s".

1 Like

Please show this included file:
include "/var/www/vhosts/system/femais.com/conf/vhost_nginx.conf"

1 Like

Thank You bro <3
image

2 Likes

I'm happy to see that :slight_smile:
What was the fix?

1 Like

Canceling a 301 redirect.

2 Likes

Something is still not right.
But I guess you can use that as a way to get renewals.

  • turn off redirection
  • get cert
  • turn redirection back on
1 Like

If there is a problem again, I'll write it here.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.