Generate SSL certificate fails, SNI is enabled.

[saden]

Hi all,

I'm having some issue's with generating SSL-certificates on user level. It keeps giving me the same old error:

Cannot Execute Your Request

Details

You can only add a certificate if you own the ip you are using

Info for Admins: Assigning an owned IP

Things I've tried so far:
- Enabled SNI in the directadmin.conf (=1), restarted the directadmin as service. Heck I've even rebooted the whole VPS.
- Checked the 'rights' for each user (SSL = enabled; for reseller and end-user); according to another forum posts I've found here.
- Tried to add the reseller to the IP in IP-Management (admin level), but it failed. Status of the ip=server. It will not let me change anything, but it should not be needed since I use SNI.

Some technical info:

• Apache 2.4.23
• DirectAdmin 1.50.1
• Exim 4.87
• MySQL 5.6.29
• Named 9.8.2rc1
• ProFTPd 1.3.5b
• sshd
• dovecot 2.2.25 (7be1766)
• Php 5.6.24

No matter what domain or use I try to generate a SSL-certificate for, It keeps giving me the same error. Me and my friend (which has a lot of experience with servers / DA) are kinda desperate since we feel like everything is on place... what are we not seeing / missing?

Thanks in advance..

 

[ditto]

After enabling SNI I think you need to do ./build rewrite_confs - and also restart DirectAdmin after enabling SNI.

 

[saden]

After enabling SNI I think you need to do ./build rewrite_confs - and also restart DirectAdmin after enabling SNI.

No success.. still the same message while attempting to generate an SSL certificate. I've even tried to make a new user to see if it's works with a new setup.

 

[saden]

I've fixed it.... by adding a 'blank line' to the directadmin.conf file. I've seen somebody with the same issue on stackoverflow that was helped by doing this.

 

[ikkeben]

I've fixed it.... by adding a 'blank line' to the directadmin.conf file. I've seen somebody with the same issue on stackoverflow that was helped by doing this.

This blank line at the end?

 

[saden]

Yup, that did the trick. Another 4 hours wasted in life xD

 

[ikkeben]

Yup, that did the trick. Another 4 hours wasted in life xD

Worse the 4 hours almost at the end of 2016 so this year past faster for you

 

[Richard G]

Just a question to be sure.

Did you add this line to directadmin.conf too?
letsencrypt=1

 

[zEitEr]

Hello,

To avoid such an issue with no empty line at the very bottom you are highly advised to use echo command instead of editing a file in a text editor:

echo "enable_ssl_sni=1" >> /usr/local/directadmin/conf/directadmin.conf

and then restart directadmin.