SSL Lets Encrypt (another Q)

portfox · October 7, 2021, 1:21am

Hey guys, seem a few post about this error and have tried 90% of them with no success. I have another spanner to toss in, I have a Kemp reverse proxy in the mix as well, but all seems to be fine. I can point my browser to the URL (apache(dot)portfoxdevelopment(dot)com) and it resolves.
I’m on Webmin, not sure if that is a different issue than on Virtuamin?
sorry about the (dot)'s cant put more than 2 links in a new post

Thanks in advance

Here is the error;

Traceback (most recent call last):
File “/usr/share/webmin/webmin/acme_tiny.py”, line 198, in
main(sys.argv[1:])
File “/usr/share/webmin/webmin/acme_tiny.py”, line 194, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca, disable_check=args.disable_check, directory_url=args.directory_url, contact=args.contact)
File “/usr/share/webmin/webmin/acme_tiny.py”, line 149, in get_crt
raise ValueError(“Challenge did not pass for {0}: {1}”.format(domain, authorization))
ValueError: Challenge did not pass for apache(dot)portfoxdevelopment(dot)com: {‘identifier’: {‘type’: ‘dns’, ‘value’: ‘apache.portfoxdevelopment.com’}, ‘status’: ‘invalid’, ‘expires’: ‘2021-10-14T01:08:42Z’, ‘challenges’: [{‘type’: ‘http-01’, ‘status’: ‘invalid’, ‘error’: {‘type’: ‘urn:ietf:params:acme:error:unauthorized’, ‘detail’: ‘Invalid response from apache(dot)portfoxdevelopment(dot)com/.well-known/acme-challenge/aEzXKJ25TLaiBwyQafRCfnCL1cSEentesOdSPEH0-pE [180.150.106.138]: “\n\n404 Not Found\n\n

Not Found

\n<p”’, ‘status’: 403}, ‘url’: ‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/37689106600/Aa9_vQ’, ‘token’: ‘aEzXKJ25TLaiBwyQafRCfnCL1cSEentesOdSPEH0-pE’, ‘validationRecord’: [{‘url’: ‘apache(dot)portfoxdevelopment(dot)com/.well-known/acme-challenge/aEzXKJ25TLaiBwyQafRCfnCL1cSEentesOdSPEH0-pE’, ‘hostname’: ‘apache(dot)portfoxdevelopment(dot)com’, ‘port’: ‘80’, ‘addressesResolved’: [‘180.150.106.138’], ‘addressUsed’: ‘180.150.106.138’}], ‘validated’: ‘2021-10-07T01:08:46Z’}]}

Virtual server running on ESXi 7

OS type and version:	Ubuntu 20.04
Webmin version:	1.981
Virtualmin version:	REQUIRED
Related products version:	RECOMMENDED

chriswoods · October 7, 2021, 2:09am

Webmin is just the ‘global’ server scope config section, Virtualmin is the per-server configuration section.

You’re attempting to request a cert through Webmin Configuration > SSL Encryption, or for a virtual domain through the Virtualmin tab? You might be hitting the wrong virtualhost - or Webmin’s backend server may be creating the ACME response file but it’s not being served due to a quirk of your reverse proxy.

Is apache.portfoxdevelopment.com a virtual domain or the primary hostname for the server?

portfox · October 7, 2021, 2:47am

All good, i’ll re-do the image with virtuamin and see how it goes

system · December 6, 2021, 2:47am

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.