Hi, on a newly created virtual server, I tried creating a Let’s Encrypt SSL certificate, and got this error:
Traceback (most recent call last): File "/usr/share/webmin/webmin/acme_tiny.py", line 198, in <module> main(sys.argv[1:]) File "/usr/share/webmin/webmin/acme_tiny.py", line 194, in main signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca, disable_check=args.disable_check, directory_url=args.directory_url, contact=args.contact) File "/usr/share/webmin/webmin/acme_tiny.py", line 143, in get_crt raise ValueError("Wrote file to {0}, but couldn't download {1}: {2}".format(wellknown_path, wellknown_url, e)) ValueError: Wrote file to /home/domain/public_html/.well-known/acme-challenge/..., but couldn't download http://domain.com/.well-known/acme-challenge/...: Error: Url: http://domain.com/.well-known/acme-challenge/... Data: None Response Code: None Response: [Errno 104] Connection reset by peer
I’m on the LEMP stack running Ubuntu 18.04
| Webmin version |
1.941 |
Usermin version |
1.791 |
| Virtualmin version |
6.08 |
|
|
I tried overwriting the acme_tiny.pi file from this github repository as in the past this helped, however it did not help. Restarting the server after changing the file didn’t either help.
Any ideas?
Thanks!
http://domain.com/.well-known/acme-challenge/
If you put some kind of file in that directory, can you retrieve it with your browser? Note the “http” not “https”.
I logged in to the forums to see if a solution to my very similar problem exists.
My certs would simply fail to auto-new.
I was getting a very similar message but at the end it was NOT saying “Connection reset by peer”. It was timing out.
I was almost certain that it was a network problem but after hours of troubleshooting I had the “idea” to see if the certbot application was installed. It wasn’t.
As soon as I installed it the renewals worked!
I don’t know if certbot was meant to be installed. I have another server (newer install) that does NOT have certbot but the renewals don’t fail.
Maybe the above can help someone answer what the problem was?
That directory doesn’t exist.
Not sure if I should be installing certbot or not.
It’s interesting, that this issue only started happening after I created a virtual server for my virtualmin domain and added a certificate to that domain, so virtualmin is secure. Not sure if it is related.
My case is a bit different:
- I had already the “service domain” from before and it was working.
- The SSL was (and still is) used by: Webmin, Dovecot and Postfix
The fact that installing certbot “fixed” while it was getting “a network timeout” it probably means that the previous mechanism could not get though. This is in theory of course.