Let Encrypt won't create cert with forced SSL setting

With https turned on can you reach .well-known with your domain?
 
@WholesaleDialup Is it a domain or a subdomain, what gives the error?

In my case it is a subdomain, but it seems that it hangs on it, and does not extend the underlying domains.
I can reach the .well-known also by http and https.
 
Well, if the cert expired or there's no cert to begin with and Letsencrypt is trying to contact the site under https (due to the redirect), surely it'll fail. If it hasn't expired or there's already a cert, then ignore my analogy.
 
What if you turn the proxy off, just to see.... It shouldn't matter, but will be interesting........

I also use cloudflare, but just for DNS.
 
That will probably a part of the solution somewhere.
Because after I changed the 'Always use SSL' setting to 'off' in the CF proxy / filtering, the renew-proces continued.
But I think this was also true when I set the 'Always use SSL' setting to 'off' at CF, and the 'Force SSL' setting in DA to 'on'.

So it won't be CF.

Perhaps it pays to test this with a test domain and manually adjust the time for renewal in DA. Difficult to debug if you have to wait up to 60 days. :p
 
You must log in or register to reply here.
Back
Top