Enable Letsencrypt to a domain fail - /.well-known alias need to setup in WWW server.

tomwin

Verified User
Joined
Apr 23, 2020
Messages
52
Hi, sorry for many questions but there is lots of new things for me. When I trying to enable lestencrypt to my added domain it failed and give this error below.

Cannot execute your request
Error: http://mydomain.com/.well-known/acme-challenge/letsencrypt_1587637366 is not reachable. Aborting the script.
dig output for mydomain.com:
2606:4700:3035::681b:b8ba
2606:4700:3034::681b:b9ba
Please make sure /.well-known alias is setup in WWW server.

I have tried to locate this www map in my server so I can add these .well-known map I guess they want me to add there but I can’t find the location for it?

Please, anyone can help me out on this difficult problem?
 

tomwin

Verified User
Joined
Apr 23, 2020
Messages
52
Hi, they want me to check to ensure that you have letsencrypt=1 in your directadmin.conf.
The directadmin.conf lives here:
/usr/local/directadmin/conf/directadmin.conf
But when I look in my files in ROOT I can find that location. Do I need to use SSH to open this file? It that so, not sure how to. Are there a command to open that file?
 

tomwin

Verified User
Joined
Apr 23, 2020
Messages
52
It looks I have added it


[root@server-test ~]# cd /usr/local/directadmin
[root@server-test directadmin]# ./directadmin c | grep ^letsencrypt=
letsencrypt=1
[root@server-test directadmin]#
 

tomwin

Verified User
Joined
Apr 23, 2020
Messages
52
Hi, I’m hoping for some help.
when I open up
/usr/local/directadmin/conf/directadmin.conf
i can see that
letsencrypt=1
are in this file. Look at the picture please.
Next, we'll want to confirm the Alias /.well-known has been added to the file
/etc/httpd/conf/extra/httpd-alias.conf
so I run this command
cd /usr/local/directadmin/custombuild
./build update
./build rewrite_confs

But after when I check the same file
/etc/httpd/conf/extra/httpd-alias.conf

There is no Alias /.well-known has not been added to the file
Please look at the picture.

What am I doing wrong? Please help me!
 

Attachments

tomwin

Verified User
Joined
Apr 23, 2020
Messages
52
it looks like Directadmin is way to complicated. I tried to install letsencrypt but I get this error when I run this command
cd /usr/local/directadmin/scripts
./letsencrypt.sh request_single your.hostname.com 4096

[root@server-test ~]# cd /usr/local/directadmin/scripts
[root@server-test scripts]# ./letsencrypt.sh request_single server-test.com 4096
Setting up certificate for a hostname: server-test.com
Error: http://server-test.com/.well-known/acme-challenge/letsencrypt_1587644324 is not reachable. Aborting the script.
dig output for server-test.com:
Please make sure /.well-known alias is setup in WWW server.
[root@server-test scripts]#
 

tomwin

Verified User
Joined
Apr 23, 2020
Messages
52
Unbelievable, now my directadmin won’t work. I think the system had enough of me.

[root@server-test ~]# service directadmin restart
Redirecting to /bin/systemctl restart directadmin.service
Job for directadmin.service failed because a configured resource limit was exceeded. See "systemctl status directadmin.service" and "journalctl -xe" for details.
[root@server-test ~]#
 

Zhenyapan

Verified User
Joined
Feb 23, 2018
Messages
403
Location
UA
I think You set DA to use hostname based on non existing domain, that's why all broken now.
Domain must be registered/delegated and pointed by DNS to server where You run LetsEncrypt script
 

tomwin

Verified User
Joined
Apr 23, 2020
Messages
52
If I was the creator of directadmin, I had these setting installed by default. Why make it like these?
 

tomwin

Verified User
Joined
Apr 23, 2020
Messages
52
I think You set DA to use hostname based on non existing domain, that's why all broken now.
Domain must be registered/delegated and pointed by DNS to server where You run LetsEncrypt script
Ok, is there a way to start directadmin again? Or do I need to reinstall everything?
 
Top