Hello! I’ve got a brand spanking new VirtualMin instance setup. liewrws02.bofhllc.net.
I created the first virtual server and called it liewrws02.bofhllc.net. It’s got a nice SSL certificate from Let’s Encrypt, and everything so far looks good.
But when I created a second virtual server and called it ellenburg.io as a test, when VirtualMin went to request an SSL certificate from Let’s Encrypt, it failed the validation piece.
Trying to troubleshoot that and when I attempt to go to http://ellenburg.io/ I end up seeing the default website for http://liewrws02.bofhllc.net instead. Which also explains why the Let’s Encrypt validation failed if the wrong website is being served.
Does anyone have any thoughts or ideas? Frankly I’m a bit baffled. I’ve never seen this with VirtualMin before.
Edit:
I found the problem thanks to Gomez_adams.
I have IPV6 AAAA records providioned for the domain but the server (while it has an ipv6 address) wasn’t setup and configured to use ipv6 completely so some traffic was hitting ipv4 (and working) but other traffic was hitting ipv6 (like mine) and wasn’t working.
Once I removed the AAAA records from the domain everything now is working as it should.
It’s not because there’s a different index.html file in that directory.
This is what I see when I request an SSL certificate:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for ellenburg.io
Using the webroot path /home/66a30bf0/public_html for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. ellenburg.io (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://ellenburg.io/.well-known/acme-challenge/AfufCq5ozv8Mc-fR89iMHx0dozFyLoKUvaxN9fu201Y [2600:3c03::f03c:92ff:fea0:7cf8]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: ellenburg.io
Type: unauthorized
Detail: Invalid response from
http://ellenburg.io/.well-known/acme-challenge/AfufCq5ozv8Mc-fR89iMHx0dozFyLoKUvaxN9fu201Y
[2600:3c03::f03c:92ff:fea0:7cf8]: "<!DOCTYPE HTML PUBLIC
\"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.