Letsencrypt Failed to request certificate

Hi there,

I’ve tried to apply letsencrypt on multiple domains from both the commandline and directly via webmin / virtualmin and I just get fails to request errors. At the moment I’m not sure where to look for logs that would give more information so as a starting place, where could I find those? Then I can hopefully provide some solid info and help getting SSL up and running.

Thank you

The times I’ve seen Let’s Encrypt fail it was because something in the web server configuration was preventing Let’s Encrypt from checking ownership of the domain; an LE request looks like this:

Your server says to LE, “I want a cert for this domain!”

LE says, “OK, prove you’re the owner of the domain.”

Your server says, “OK, here’s a link to a signed file on the web server that proves the same person who requested this cert has administrative capabilities for the domain in question.”

LE downloads that signed file, and if it is legit, it issues the certificate.

Your server installs the certificate.

So, you need to make sure of the following:

Your server can contact the web, and has working DNS resolution.

# wget http://letsencrypt.org

Is probably a sufficient test, though I think the cert process contacts some other URL.

And, you need to make sure the file generated during the process is accessible from the outside world. There’s a file generated in /home/domain/public_html/.well-know/acme-challenge, which needs to be accessible, so you want to browse to:

http://domain.com/.well-known/acme-challenge/some-filename

(Where domain is your domain, and “some-filename” is whatever the filename of the generated file is called.)

In cases I’ve seen that failed, the file was not accessible because .htaccess or other configuration was rewriting the path into a form expected by the application running on that domain, which would lead to an error from the application (Drupal or Joomla or WordPress or whatever).