Let's Encrypt: validation error and web interface issue Topic is solved

Questions regarding the Web Interface
GUI
snakehill
Posts: 9
Joined: Sat Feb 14, 2015 1:00 am

Let's Encrypt: validation error and web interface issue

Postby snakehill » Sun Nov 27, 2016 9:52 pm

I have just switched from using interbrite's letsencrypt-vesta to the newly integrated Let's Encrypt system.

Quite a tedious process, going through all domains manually, deselecting SSL Support, saving it (required to not get a "not found" error), then selecting SSL Support and Lets Encrypt support and saving it again. However, all SSLs have been converted and are working fine.. except for one single domain which upon saving gives the following error: "Error: LE x.y.com validation" (where x.y is subdomain.domain). It is running just fine with the DNS set just like any other domain, and it used to work well with Let's Encrypt via interbrite's letencrypt-vesta so something must be wrong here:

Image


Also, default.domain, which contains a self-signed SSL (basically just a catch-all in case someone connects through https to the server's IP address or a wrong subdomain), shows SSL Support: Lets Encrypt, without Lets Encrypt Support even being checked (this wouldn't even be possible given I don't own the actual domain). I even tried to reset the SSL, deleting it and putting it back in, but the mistake persists:

Image

Image

Spheerys
Posts: 125
Joined: Tue Dec 29, 2015 12:36 pm

Re: Let's Encrypt: validation error and web interface issue

Postby Spheerys » Mon Nov 28, 2016 8:45 pm

I have this error too for a lot of web domain.
As I have generated several certificates the same day (maybe 30), I have supposed it was a limit from Let's Encrypt.
But I have tested again today and I still have this error.

Is it a limit or is it a bug ?

Spheerys
Posts: 125
Joined: Tue Dec 29, 2015 12:36 pm

Re: Let's Encrypt: validation error and web interface issue

Postby Spheerys » Mon Nov 28, 2016 9:05 pm

ohoh... on some other domains, I get this error : "Error code: 2"

What's wrong ?

snakehill
Posts: 9
Joined: Sat Feb 14, 2015 1:00 am

Re: Let's Encrypt: validation error and web interface issue

Postby snakehill » Mon Nov 28, 2016 9:46 pm

It might actually be a rate limit, given Let's Encrypt allows 20 certificates per domain (that is per main domain, so including all subdomains). It would be really nice if we could group domains and request a certificate for multiple ones. Let's Encrypt allows 100 names per certificate for that exact reason. https://letsencrypt.org/docs/rate-limits/

delebash
Posts: 22
Joined: Mon Aug 24, 2015 5:28 pm

Re: Let's Encrypt: validation error and web interface issue

Postby delebash » Thu Dec 08, 2016 7:04 pm

Ubuntu 16.04 x32

Similar problem as OP. Mine only fails on www alias of a particular domain.

This also used to work via the interbrite/letsencrypt-vesta script. The main domain as well as any other aliases such as test.domain.com work fine, just not www for that domain.

Vesta's error.log
2016-12-08 13:36:47 v-sign-letsencrypt-csr 'user' 'domain.com' '/tmp/tmp.ETgRqfa4Wc' [Error 8]
2016-12-08 13:36:47 v-add-letsencrypt-domain 'user' 'domain.com' 'www.domain.com' 'no' [Error 2]

Note:
I can also do a --dry-run via Let's Encrypt standard procedure and the certificate with alias works fine. Below is Let's Encrypt command.

Code: Select all

./certbot-auto certonly --dry-run --webroot -w /home/user/web/domain.com/public_html -d domain.com -d www.domain.com

Spheerys
Posts: 125
Joined: Tue Dec 29, 2015 12:36 pm

Re: Let's Encrypt: validation error and web interface issue

Postby Spheerys » Thu Dec 08, 2016 7:43 pm

I have posted two messages on the suject on another topic : viewtopic.php?f=11&t=13203#p53900

Myself5
Posts: 3
Joined: Mon Dec 12, 2016 8:37 pm

Re: Let's Encrypt: validation error and web interface issue

Postby Myself5 » Mon Dec 12, 2016 8:40 pm

I am getting the same error. However for me it seems to be a bit different.
I only get the validation error on any subdomain of a specific domain (already having 9 subdomains and the main domain running on SSL). So, every entry >10 for the domain is getting the LE validation error.
I then went on and created a .tk domain. That is working fine too. I can flawlessly create further SSL certificates for it.

Gonna see now of the 10+ issue is appearing on the tk domain too, then we'd ad least have a hint about what could be wrong.

I also tried reinstalling the whole server before, even swapping from CentOS 7 to Debian 8 (both 64bit). The Error still persists.

Spheerys
Posts: 125
Joined: Tue Dec 29, 2015 12:36 pm

Re: Let's Encrypt: validation error and web interface issue

Postby Spheerys » Tue Dec 13, 2016 10:34 pm

I thing a have the beginning of an issue : viewtopic.php?f=11&t=13203&p=54368#p54368

Myself5
Posts: 3
Joined: Mon Dec 12, 2016 8:37 pm

Re: Let's Encrypt: validation error and web interface issue

Postby Myself5 » Fri Dec 16, 2016 11:27 am

Spheerys wrote:I thing a have the beginning of an issue : viewtopic.php?f=11&t=13203&p=54368#p54368


That would make sense. I later on tried registering a subdomain of the domain that fails on a different VestaCP Server, and it failed for the same reason.

Though, I just tried again and its still failing for the same reason.
Guess I should wait some longer and see if the issues solves on its "own", like it did for you.

DESSAR_SEGA
Posts: 6
Joined: Sun Oct 02, 2016 10:48 am

Re: Let's Encrypt: validation error and web interface issue  Topic is solved

Postby DESSAR_SEGA » Fri Dec 16, 2016 7:32 pm

на 17 версии при создании домена, не удалять Алиасы. подождать 5 минут. обновляем страницу. редактировать домен - наличие заполенных полей сертификата. сохраняем. профит.

по крайней мере у меня так работает.

еще редактировал. /usr/local/vesta/bin/v-add-letsencrypt-domain
70 строку

Code: Select all

check_result $E_INVALID "LE domain validation" >/dev/null

на

Code: Select all

check_result "$E_INVALID" "LE domain validation" >/dev/null

хотя не уверен что в этом причина.


Return to “Web Interface”



Who is online

Users browsing this forum: No registered users and 3 guests

cron