Hi All,
About two months ago I noticed that the Let's Encrypt certificates stopped renewing on my server's URL. Here's the error I'm seeing:
When I go to /var/www/html/.well-known/acme-challenge/ directory I don't see any files except for the test.txt file created running through the Troubleshooting Let's Encrypt Errors help doc.
Since the error seems to be related to permissions, here's the owner I see when I
And the same for /var/www/html/.well-known:
Should the owner be root and do the permissions look right?
I should note that the domain is sitting behind CloudFlare's WAF and I don't know if it's screwing things up but it used to work so something seems to have changed?
Any nudge in the right direction would be appreciated.
Cheers
About two months ago I noticed that the Let's Encrypt certificates stopped renewing on my server's URL. Here's the error I'm seeing:
2024/08/28 00:53:56 info executing task task=action=ssl&force=true&value=server_acme exec ["/usr/local/bin/lego" "--accept-tos" "[email protected]" "--key-type=ec256" "--server=https://acme-v02.api.letsencrypt.org/directory" "--path=/usr/local/directadmin/data/.lego" "--http" "--http.webroot=/var/www/html" "--domains=subdomain.mydomains.com" "run" "--no-bundle" "--preferred-chain=ISRG Root X1"]
2024/08/28 00:53:56 [INFO] [subdomain.mydomains.com] acme: Obtaining SAN certificate
2024/08/28 00:53:56 [INFO] [subdomain.mydomains.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/396135859856
2024/08/28 00:53:56 [INFO] [subdomain.mydomains.com] acme: Could not find solver for: tls-alpn-01
2024/08/28 00:53:56 [INFO] [subdomain.mydomains.com] acme: use http-01 solver
2024/08/28 00:53:56 [INFO] [subdomain.mydomains.com] acme: Trying to solve HTTP-01
2024/08/28 00:54:02 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/396135859856
2024/08/28 00:54:02 Could not obtain certificates:
error: one or more domains had a problem:
subdomain.mydomains.com] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: During secondary validation: 2606:4700:3032::ac43:8c67: Invalid response from http://subdomain.mydomains.com/.well-known/acme-challenge/juBXA111k_utFEwy3111z0d7802mgFv111JyIlnl111: 403
2024/08/28 00:54:02 info finished task duration=6.47753499s task=action=ssl&force=true&value=server_acme
exit status 1
Failed to issue new certificate
When I go to /var/www/html/.well-known/acme-challenge/ directory I don't see any files except for the test.txt file created running through the Troubleshooting Let's Encrypt Errors help doc.
Since the error seems to be related to permissions, here's the owner I see when I
ls -la
/var/www/html:drwxr-xr-x 3 root root 4096 Aug 28 01:12 .well-known
And the same for /var/www/html/.well-known:
drwxr-xr-x 2 root root 4096 Aug 28 00:54 acme-challenge
-rw-r--r-- 1 root root 163 Jan 18 2023 .htaccess
Should the owner be root and do the permissions look right?
I should note that the domain is sitting behind CloudFlare's WAF and I don't know if it's screwing things up but it used to work so something seems to have changed?
Any nudge in the right direction would be appreciated.
Cheers
Last edited: