We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
LetsEncrypt suddenly stopped working
LetsEncrypt suddenly stopped working
Hi,
This seems to be quite a common issue, but nothing I've tried thus far sorts it. This is the closest I've found:
viewtopic.php?f=10&t=13979
The pipe exists and seems to work fine for new sites. However, the "admin.mydomain.com" sub-domain seems to be failing:
Error: Invalid response from http://admin.mydomain.com/.well-known/a ... fK5AwNf5E8: \
I'm baffled as to why though, as it's worked fine up until now. Any ideas on what to try? I created a test /.well-known/acme-challenge/foo file, and that access file when called manually (and comes back as text/plain)
Thanks
Andy
This seems to be quite a common issue, but nothing I've tried thus far sorts it. This is the closest I've found:
viewtopic.php?f=10&t=13979
The pipe exists and seems to work fine for new sites. However, the "admin.mydomain.com" sub-domain seems to be failing:
Error: Invalid response from http://admin.mydomain.com/.well-known/a ... fK5AwNf5E8: \
I'm baffled as to why though, as it's worked fine up until now. Any ideas on what to try? I created a test /.well-known/acme-challenge/foo file, and that access file when called manually (and comes back as text/plain)
Thanks
Andy
-
- Collaborator
- Posts: 783
- Joined: Mon May 11, 2015 8:43 am
- Contact:
- Os: CentOS 6x
- Web: apache + nginx
Re: LetsEncrypt suddenly stopped working
Can you delete the .well-known again?
Check DNS settings.
Check DNS settings.
Re: LetsEncrypt suddenly stopped working
Hi,
Thanks tjebbeke. Unfortunatly that doesn't do it. It appears to be some weird IPv6 issue. If I remove the IPv6 AAAA records from my DNS (on linode, not locally), then it works fine. The only reason it seems to have manifested itself now, is that LetsEncrypt have (for some reason) decided to prioritise the use of the IPv6 records when looking up a site - and for whatever reason, this isn't returning the correct value :/ If worst comes to worst (and the certificate is almost about to expire), I guess I'm going to just have to delete my IPv6 DNS records, and hope that fixes it. Surely other people are also having this issue as well??
Cheers
Andy
Thanks tjebbeke. Unfortunatly that doesn't do it. It appears to be some weird IPv6 issue. If I remove the IPv6 AAAA records from my DNS (on linode, not locally), then it works fine. The only reason it seems to have manifested itself now, is that LetsEncrypt have (for some reason) decided to prioritise the use of the IPv6 records when looking up a site - and for whatever reason, this isn't returning the correct value :/ If worst comes to worst (and the certificate is almost about to expire), I guess I'm going to just have to delete my IPv6 DNS records, and hope that fixes it. Surely other people are also having this issue as well??
Cheers
Andy
-
- Collaborator
- Posts: 783
- Joined: Mon May 11, 2015 8:43 am
- Contact:
- Os: CentOS 6x
- Web: apache + nginx
Re: LetsEncrypt suddenly stopped working
If it is an IPV6 problem, you can change your nginx configs to allow ipv6, that should work.
Re: LetsEncrypt suddenly stopped working
Ah man, I can't believe how dumb I've been! The issue is that I created the admin. sub-domain when setting up the server, and then I updated the template to use:
instead of just:
So what that meant, was that I only had:
instead of:
I did a rebuild of the admin username, and it works fine now! DOH!
Cheers
Andy
Code: Select all
listen %ip%:%web_port%;
listen [::]:%web_port%;
Code: Select all
listen %ip%:%web_port%;
Code: Select all
listen 45.79.97.48:80;
Code: Select all
listen 45.79.97.48:80;
listen [::]:80;
Cheers
Andy
Re: LetsEncrypt suddenly stopped working
Mmm actually, that fixed it on one server - but I'm still having the problem on 2 others :( The nginx.conf files look fine:
Yet I get:
Mmm :(
Code: Select all
server {
listen 109.74.193.98:80;
listen [::]:80;
server_name chambresdhotesfrance.com www.chambresdhotesfrance.com;
...and:
server {
listen 109.74.193.98:80;
listen [::]:80;
server_name admin.chambresdhotesfrance.com ;
I also have the same message on another server (with another domain).root@admin:~# sudo /usr/local/vesta/bin/v-update-letsencrypt-ssl
Error: Invalid response from http://admin.chambresdhotesfrance.com/. ... _xAJQIxnqQ: \
Error: Invalid response from http://chambresdhotesfrance.com/.well-k ... jAbSF-aXnc: \
Mmm :(
-
- Collaborator
- Posts: 783
- Joined: Mon May 11, 2015 8:43 am
- Contact:
- Os: CentOS 6x
- Web: apache + nginx
Re: LetsEncrypt suddenly stopped working
And what happens if you change [::] to the exact IPv6 address?
Re: LetsEncrypt suddenly stopped working
Same thing I'm afraid :(