Issues requesting SSL from Let's Encrypt

justinromack · January 22, 2020, 12:07pm

Getting the following when I attempt to request certs from Let’s Encrypt:

Requesting a certificate for nbba.org, www.nbba.org from Let’s Encrypt …
… request failed : Web-based validation failed : Failed to request certificate :
Traceback (most recent call last):
File “/usr/share/webmin/webmin/acme_tiny.py”, line 198, in
main(sys.argv[1:])
File “/usr/share/webmin/webmin/acme_tiny.py”, line 194, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca, disable_check=args.disable_check, directory_url=args.directory_url, contact=args.contact)
File “/usr/share/webmin/webmin/acme_tiny.py”, line 143, in get_crt
raise ValueError(“Wrote file to {0}, but couldn’t download {1}: {2}”.format(wellknown_path, wellknown_url, e))
ValueError: Wrote file to /home/nbba/public_html/.well-known/acme-challenge/_i_O8nnMWNxVlBCNMyuuoJFUn1n0KR-QwMRKpiur8xY, but couldn’t download http://nbba.org/.well-known/acme-challenge/_i_O8nnMWNxVlBCNMyuuoJFUn1n0KR-QwMRKpiur8xY: Error:
Url: http://nbba.org/.well-known/acme-challenge/_i_O8nnMWNxVlBCNMyuuoJFUn1n0KR-QwMRKpiur8xY
Data: None
Response Code: 404
Response:

404 Not Found

Not Found

The requested URL was not found on this server.

Any thoughts?

Joe · January 22, 2020, 2:48pm

That means Let’s Encrypt couldn’t reach the validation file on your server. Assuming DNS is pointed to the right address and the host is responding to web requests, you likely have a redirect, a web app, or something else sucking up the request before it gets to the file.

So, put a test file in the public_html/.well-known/ directory and try to reach it. Then figure out what’s preventing you from reaching it (it’ll be either a redirect, a proxy rule, or something in your htaccess or web server config) and fix it so you can reach files in that directory. If it’s a redirect or a proxy rule, you can usually just exclude .well-known from whatever match you’re doing (Virtualmin automatically does that for rules it sets up, generally, but if you’ve got an htaccess for an application you installed yourself it probably needs tweaking).

jimdunn · January 22, 2020, 9:33pm

I also just had an issue with Let’s Encrypt… while creating a new Virtual Host:

Changing IP address of virtual website … … done

Creating SSL certificate and private key …
… done

Adding new SSL virtual website …
… done

Requesting a certificate for example.net, www.example.net from Let’s Encrypt …
… SSL website failed! : Failed to lock file /etc/apache2/mods-available/ssl.conf after 5 minutes. Last error was : Locked by PID 15707 at /usr/share/webmin/web-lib-funcs.pl line 1495.

Creating MySQL login …
… done

Creating Webmin user …
… done

Updating Webmin user …
… done

Saving server details …
… done

Applying web server configuration …
… done

Re-starting Webmin …
… done

Re-starting Usermin …
… done

Re-loading Webmin …
… done

Ilia · January 23, 2020, 9:36am

These kind of issues are usually easily solved by rebooting the server.

substandard · March 11, 2020, 9:26pm

Thanks, this was causing me a serious headache.

The Wordpress installed .htaccess files in the root of public_html was catching the request before LetsEncrypt could download the file.

system · April 13, 2020, 11:55am

This topic was automatically closed 14 hours after the last reply. New replies are no longer allowed.