I posted about this issue the other week but my post must have slipped through the cracks because my post is still not here.
My system:
Operating system Ubuntu Linux 16.04.1
Webmin version 1.860
Usermin version 1.720
Virtualmin version 6.01
All packages up to date
I’m having trouble requesting new certificates from Let’s Encrypt on 2 virtual servers, I think after adding new aliases to them.
- Two virtual servers with multiple aliases are giving trouble. Other virtual servers, and subservers can still request certificates just fine
- It used to work before on these virtual servers (although it was always really slow)
- The .well-known folder and files on every domain and alias are reachable over http and https, ipv4 and ipv6 and return code 200
- The .well-known files can be reached locally on the server over their URL with wget
- Taking out the newly added sample7.nl alias domain from the virtual server below results in a succesful (and quick) request (but no LetsEncrypt bot in the access log)
- Apache access logs show no signs of the Lets Encrypt validation bot accessing the offending virtual servers, there's only a request from a local IP
- Adding a new subserver with a new domain and requesting a certificate works (Lets Encrypt bot now appears in the logs)
- Adding the offending domain from code below as a subserver and requesting a certificate works, but takes a really long time, no LetsEncrypt bot in the access log
Parsing account key...
Parsing CSR...
Registering account...
Already registered!
Verifying sample1.nl...
sample1.nl verified!
Verifying sample2.nl...
sample2.nl verified!
Verifying sample3.nl...
sample3.nl verified!
Verifying www.sample4.com...
www.sample4.com verified!
Verifying www.sample5.nl...
www.sample5.nl verified!
Verifying sample6.nl...
sample6.nl verified!
Verifying sample7.nl...
Traceback (most recent call last):
File "/usr/share/webmin/webmin/acme_tiny.py", line 235, in
main(sys.argv[1:])
File "/usr/share/webmin/webmin/acme_tiny.py", line 231, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, args.dns_hook, args.cleanup_hook, log=LOGGER, CA=args.ca)
File "/usr/share/webmin/webmin/acme_tiny.py", line 171, in get_crt
raise ValueError("Gave up waiting for validation")
ValueError: Gave up waiting for validation
Parsing account key...
Parsing CSR...
Registering account...
Already registered!
Verifying sample1.nl...
Undefined subroutine &main::get_bind_zone_for_domain called at /usr/share/webmin/webmin/letsencrypt-dns.pl line 21.
Traceback (most recent call last):
File "/usr/share/webmin/webmin/acme_tiny.py", line 235, in
main(sys.argv[1:])
File "/usr/share/webmin/webmin/acme_tiny.py", line 231, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, args.dns_hook, args.cleanup_hook, log=LOGGER, CA=args.ca)
File "/usr/share/webmin/webmin/acme_tiny.py", line 171, in get_crt
raise ValueError("Gave up waiting for validation")
ValueError: Gave up waiting for validation
xxxx:xxx:xxxx:xx::x = placeholder for a local ip address
xxxx:xxx:xxxx:xx::x - - [24/Oct/2017:15:19:57 +0200] “GET /.well-known/acme-challenge/the-validation-file1 HTTP/1.1” 200 294 “-” “Python-urllib/2.7”
xxxx:xxx:xxxx:xx::x - - [24/Oct/2017:15:19:58 +0200] “GET /.well-known/acme-challenge/the-validation-file2 HTTP/1.1” 200 294 “-” “Python-urllib/2.7”
xxxx:xxx:xxxx:xx::x - - [24/Oct/2017:15:19:59 +0200] “GET /.well-known/acme-challenge/the-validation-file3 HTTP/1.1” 200 294 “-” “Python-urllib/2.7”
xxxx:xxx:xxxx:xx::x - - [24/Oct/2017:15:20:01 +0200] “GET /.well-known/acme-challenge/the-validation-file4 HTTP/1.1” 200 294 “-” “Python-urllib/2.7”
xxxx:xxx:xxxx:xx::x - - [24/Oct/2017:15:20:02 +0200] “GET /.well-known/acme-challenge/the-validation-file5 HTTP/1.1” 200 294 “-” “Python-urllib/2.7”
xxxx:xxx:xxxx:xx::x - - [24/Oct/2017:15:20:04 +0200] “GET /.well-known/acme-challenge/the-validation-file6 HTTP/1.1” 200 294 “-” “Python-urllib/2.7”
xxxx:xxx:xxxx:xx::x - - [24/Oct/2017:15:20:06 +0200] “GET /.well-known/acme-challenge/the-validation-file7 HTTP/1.1” 200 294 “-” “Python-urllib/2.7”
I have no idea what the problem could be or what else i can check, and hope someone can help me out… thanks in advance