We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Lets Encrypt STILL not working? Topic is solved
-
- Posts: 57
- Joined: Thu Apr 27, 2017 7:40 pm
- Os: Ubuntu 15x
- Web: apache + nginx
Lets Encrypt STILL not working?
Since the day 24 was released, lets encrypt has been failing. I have checked nearly every post on this forum about the topic.
On this post viewtopic.php?t=18593 users were asked to hand over root access of the server to get it fixed.
On this post viewtopic.php?f=11&t=18597 users are explaining that reinstalling may fix for some, but not for everyone - one person even expressing the problem on fresh installs.
On this post viewtopic.php?t=18347 we can see imperio said it was understood a fix is needed immediately and that it cannot wait until a sept. release.
Reports have been made from people using CentOS, Ubuntu 14.04 and Ubuntu 16.04. Reports have been made that it afftects setting up lets encrypo on new domains as well as on renewal of old domains.
Here we are 3 months after imperio said he understood a fix was need immediately - still with no fix.
I have tried reinstalling - doesn't solve anything.
I have tried using command line - same errors.
I have tried using web interface - same errors.
I have applied the fix changing $rdomain to $domain variable.
The errors I see are always either "Error: Let's Encrypt new auth status 400" or "Error: Let's Encrypt validation status".
I get that things are free and we get what we pay for... but at the same time, as one by one sites start failing without the ability to use letsencrypt, what are we suppose to do? One would think if a full release can come out in Sept. that equally a bug fix could come out in a LOT shorter time than 3+ months.
I am at a complete loss as to what to do on a MAJOR bug (lets face it not having SSL is now a MAJOR issue with browsers and user trust) so well reported, with no actual fixes.
I have NO idea how to manually install certbot and set it all up using "manual mode" which it seems to me is currently the only viable solution.
Has anyone come up with any sort of fix I have not yet found?
On this post viewtopic.php?t=18593 users were asked to hand over root access of the server to get it fixed.
On this post viewtopic.php?f=11&t=18597 users are explaining that reinstalling may fix for some, but not for everyone - one person even expressing the problem on fresh installs.
On this post viewtopic.php?t=18347 we can see imperio said it was understood a fix is needed immediately and that it cannot wait until a sept. release.
Reports have been made from people using CentOS, Ubuntu 14.04 and Ubuntu 16.04. Reports have been made that it afftects setting up lets encrypo on new domains as well as on renewal of old domains.
Here we are 3 months after imperio said he understood a fix was need immediately - still with no fix.
I have tried reinstalling - doesn't solve anything.
I have tried using command line - same errors.
I have tried using web interface - same errors.
I have applied the fix changing $rdomain to $domain variable.
The errors I see are always either "Error: Let's Encrypt new auth status 400" or "Error: Let's Encrypt validation status".
I get that things are free and we get what we pay for... but at the same time, as one by one sites start failing without the ability to use letsencrypt, what are we suppose to do? One would think if a full release can come out in Sept. that equally a bug fix could come out in a LOT shorter time than 3+ months.
I am at a complete loss as to what to do on a MAJOR bug (lets face it not having SSL is now a MAJOR issue with browsers and user trust) so well reported, with no actual fixes.
I have NO idea how to manually install certbot and set it all up using "manual mode" which it seems to me is currently the only viable solution.
Has anyone come up with any sort of fix I have not yet found?
-
- Posts: 57
- Joined: Thu Apr 27, 2017 7:40 pm
- Os: Ubuntu 15x
- Web: apache + nginx
Re: Lets Encrypt STILL not working? [ubuntu apache+nginx temp fix]
This ended up being my work around solution:
This solution is specifically for ubuntu running nginx + apache
First I manually installed certbot from lets encrypt:
Next I issued:
Next I opened
I copied the entire contents of the file and pasted it to SSL Certificate field in the vestacp admin >> WEB >> edit domain >> advanced >> ssl (leaving lets encrypt unchecked)
Next I opened
I copied the entire contents of the file and pasted it to the SSL Key field in the vestacp admin >> WEB >> edit domain >> advanced >> ssl (leaving lets encrypt unchecked)
Then I opened
I copied the entire contents of the file and pasted it to the SSL Certificate Authority / Intermediate (optional) field in the vestacp admin >> WEB >> edit domain >> advanced >> ssl (leaving lets encrypt unchecked). I also added at the top of that field an extra
So the SSL Certificate Authority / Intermediate (optional) field looks something like:
I saved the vestacp page.
SSL immediately started working.
Finally I opened:
I found the domain in question and changed the
to
*** NOTES ***
When following these instuctions note that "mydomain.com" is actually the domain of the site you are creating a certificate for. ALso not that "username" in the final steps is the actual name of the user account who's domain the name is under.
It's a BAND-AID fix. It works, but I make no promises to whether auto-renew will work.
This solution is specifically for ubuntu running nginx + apache
First I manually installed certbot from lets encrypt:
Code: Select all
sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository universe
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install certbot python-certbot-nginx
Code: Select all
sudo certbot --nginx certonly -d "mydomain.com"
Code: Select all
/etc/letsencrypt/live/mydomain.com/cert.pem
Next I opened
Code: Select all
/etc/letsencrypt/live/mydomain.com/privkey.pem
Then I opened
Code: Select all
/etc/letsencrypt/live/mydomain.com/chain.pem
Code: Select all
-----END CERTIFICATE-----
<blank space>
Code: Select all
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
THE KEY
-----END CERTIFICATE-----
SSL immediately started working.
Finally I opened:
Code: Select all
/usr/local/vesta/data/users/username/web.conf
Code: Select all
LETSENCRYPT='no'
Code: Select all
LETSENCRYPT='yes'
*** NOTES ***
When following these instuctions note that "mydomain.com" is actually the domain of the site you are creating a certificate for. ALso not that "username" in the final steps is the actual name of the user account who's domain the name is under.
It's a BAND-AID fix. It works, but I make no promises to whether auto-renew will work.
-
- Posts: 7
- Joined: Tue May 05, 2020 9:46 pm
- Contact:
- Os: Ubuntu 17x
- Web: apache + nginx
Re: Lets Encrypt STILL not working?
viraladmin solution worked like a charm!
The only solution on the entire www
The only solution on the entire www
-
- Posts: 2
- Joined: Thu Sep 24, 2020 9:10 am
- Os: Ubuntu 17x
- Web: apache + nginx
Re: Lets Encrypt STILL not working?
VERY AWESOME !!!
Thanks Viraladmin so much.
Viraladmin solution is working for me, with ubuntu 18.x
Thanks Viraladmin so much.
Viraladmin solution is working for me, with ubuntu 18.x