SYSTEM INFORMATION
OS type and version: CentOS Linux 7.9.2009
Webmin version: 1.994
Virtualmin version: 7.1
Related products version: Apache 2.4.6
Related products version: BIND 9.11
Hello all.
I was trying to configure an email from the vps to work via GMail, unsuccessfully, after a couple adjustments the Email Server was able to pass the diagnostics of: MXToolBox and intoDNS . Then I realized that the first time I requested the Let’s encrypt certificate, I missed the mail.mydomain.com. So I requested via Virtualmin, the Certificate again including mail.mydomain.com but it failed with this error:
Requesting a certificate for mydomain.com *.mydomain.com from Let’s Encrypt …
… request failed : DNS-based validation failed
Following several post on the topic I:
1.- added A register for server host
2.- added in .htaccess:
RewriteCond %{HTTP_HOST} =www.mydomain.com
RewriteRule ^(.*) https://mydomain.com/ [R=301,L]
But I still get:
Requesting a certificate for mydomain.com *.mydomain.com from Let’s Encrypt …
… request failed : DNS-based validation failed
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
dns-01 challenge for mydomain.com
Cleaning up challenges
Encountered exception during recovery:
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/certbot/_internal/error_handler.py", line 125, in _call_registered
self.funcs[-1]()
File "/usr/lib/python2.7/site-packages/certbot/_internal/auth_handler.py", line 243, in _cleanup_challenges
self.auth.cleanup(achalls)
File "/usr/lib/python2.7/site-packages/certbot/_internal/plugins/manual.py", line 182, in cleanup
env = self.env.pop(achall)
KeyError: KeyAuthorizationAnnotatedChallenge(challb=ChallengeBody(chall=DNS01(token=';\xc1o\x02\x7f\x17@\n$\x95sM\x93w\xbaW\xf3\xea\x1d\xa7\xa4z\x829\xc2\x07\xad{\x1bz\xdeI'), status=Status(pending), uri=u'https://acme-v02.api.letsencrypt.org/acme/chall-v3/167233517872/f_8zqQ', validated=None, _url=u'https://acme-v02.api.letsencrypt.org/acme/chall-v3/167233517872/f_8zqQ', error=None), domain=u'mydomain.com', account_key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPrivateKey object at 0x7fa19b7caad0>)>))
Missing command line flag or config entry for this setting:
NOTE: The IP of this machine will be publicly logged as having requested this certificate. If you're running certbot in manual mode on a machine that is not your server, please ensure you're okay with that.
Are you OK with your IP being logged?
(You can set this with the --manual-public-ip-logging-ok flag
Any Idea to find a solution?
Thanks and regards
joejac