SSL Renew Certificate Error = PLEASE HELP

ASM2 · September 13, 2023, 6:35pm

SYSTEM INFORMATION
OS type and version	CentOS Linux 7.9.2009
Webmin version	2.101
Usermin version	2.001
Virtualmin version	7.7
Theme version	21.04

I have tries the Lets Encrypt forum and was told to try get help on virtualmin for this
PLEASE HELP

I,m wrecking my brains out on this - just can’t seem to get a certificate even renewal is failing - I’ve tried both Please bear with me on this as I’m not very technical - Hope someone out there can help

My domain is: priyaexclusives.com

I ran this command: Lets Encrypt Request Certificate

It produced this output:
Requesting a certificate for priyaexclusives.com , www.priyaexclusives.com from Let’s Encrypt …
… request failed : Web-based validation failed :

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Renewing an existing certificate for priyaexclusives.com and www.priyaexclusives.com
Reusing existing private key from /etc/letsencrypt/live/priyaexclusives.com/privkey.pem.
Performing the following challenges:
http-01 challenge for priyaexclusives.com
http-01 challenge for www.priyaexclusives.com
Using the webroot path /home/priyaexc/public_html for all unmatched domains.
Waiting for verification…
Challenge failed for domain priyaexclusives.com
Challenge failed for domain www.priyaexclusives.com
http-01 challenge for priyaexclusives.com
http-01 challenge for www.priyaexclusives.com
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:

The following errors were reported by the server:Domain: priyaexclusives.com
Type: unauthorized
Detail: 5.189.166.189: Invalid response from
http://priyaexclusives.com/.well-known/acme-challenge/AEEIRe0S-uDIw-z9qNWEwJlK5zT9WfpwhQbBb-cPAGo:
404Domain: www.priyaexclusives.com
Type: unauthorized
Detail: 5.189.166.189: Invalid response from
http://www.priyaexclusives.com/.well-known/acme-challenge/4WHNTrvhG81DdCrfxGmroFO7AgiXka4MDDL1tnzzv9c:
404To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
====================================================

Is there a way to completley do a fresh new SSL request? delete all the certificates keys etc and start fresh? I have done this before but forgot how to do this
maybe that will help instad of trying to renew the old expired certificates

PLEASE HELP
Thanks
ASM2

Joe · September 13, 2023, 7:29pm

That won’t do anything useful.

You aren’t allowing access to the .well-known directory, so validation can’t work. You must allow access to .well-known. If you have any proxy rules or redirect rules setup for a web app, or whatever, they must exclude .well-known

ASM2 · September 13, 2023, 9:11pm

Thanks Joe
Had to find a way to allow access and it
Worked fine…
You’re the BEST!
Thanks again
Regards
ASM2

system · September 21, 2023, 9:11pm

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.