[ERROR] Please make sure /.well-known alias is setup in WWW server. ??

R

rmws

Verified User
Joined
Aug 10, 2016
Messages
10
Hi All,

Running latest version of DA (1.51)

Im having probelms setting up letsencrypt. I works fine for the DA main certs, installed it and works flawless.

But when I go into my account, select and create a certficate i'm getting:

Please make sure /.well-known alias is setup in WWW server

I did follow the 'Manually debugging /.well-known/acme-challenge/letsencrypt_12345' FAQ
https://help.directadmin.com/item.php?id=646

But it doesn't work.

When i check /etc/httpd/conf/extra/httpd-alias.conf

i has no /.well-known alias, so i add this (save) and do :

Code: 
cd /usr/local/directadmin/custombuild
./build update
./build rewrite_confs

After this the .well-known alias is gone again. I ended up editing this file, that seemed to work:
Code:
/usr/local/directadmin/custombuild/custom/ap2/conf/extra/httpd-alias.conf

The well-known alias works now, if I put a test file there I can find it. But the
Code: 
http://domain/.well-known/acme-challenge/letsencrypt_1509270864
can not be found.


When I check the acme-challenge folder, the file is not there.

Code: 
ls -al /var/www/html/.well-known/acme-challenge/

// output
-rw-r--r-- 1 webapps webapps   88 Oct 29 10:54 Q7678ST9LGWdAM9F-WizOvDxXx8FLL6nThvyPvSvrOI
-rw-r--r-- 1 webapps webapps   88 Oct 25 14:46 r9A6SU2IDIEr2o3oAfq0_JbgjAkjR_BVTsVLGqA_baw
-rw-r--r-- 1 root    root       5 Oct 25 14:34 test.txt

What is going on and how do I solve this?


Thanks!
 
Does the domain resolve properly?
I'm having the same issue with a domain that has a ClientHold status and is waiting my email-confirmation for ICANN-registry.
 
BBM said:
Does the domain resolve properly?
I'm having the same issue with a domain that has a ClientHold status and is waiting my email-confirmation for ICANN-registry.
Click to expand...

Yes its fine. The problem is not in the domain, but in the DA config.

As I already stated, I can open the test file (via the domain). The problem is that the 'letsencrypt_12345' file is simply not there (while it claims it should be there).
 
The 'letsencrypt_12345' files are designed to be removed before the letsencrypt.sh script exits. Hence you don't find it there.
 
Are you sure your domain resolves? Sometimes people add an A-record to the IP, but forget to add a WWW record.

Code: 
type                                  name                             value
A                                     yourdomain.com.            111.111.11.11 (your ip)
A                                     [B]www[/B]                         111.111.11.11

for IPv6 you use the same
AAAA instead of A
 
You must log in or register to reply here.
Back
Top