Lets encrypt with multiple subdomains

paksociety

Verified User
Joined
Jul 11, 2013
Messages
89
Hi
i am experiencing a strange problem, i added my sub domain as main domain because i want to use domain pointers, i was using lets encrypt previously with plesk in same way and it was good .

however in directadmin lets encrypt is not working,

If i install license for both domain and sub-domain via direct admin only one works while other gives error of insecure connection.

any one experience the same? or any idea how we can resolve this?

Best Regards
 
Just to add clarity , if you are using more than one domain on same client panel, only one will work with letsencrypt certificates, reason is still unknown to me. TO Directadmin Staff, Kindly create 2 to 3 domains under same user, and try to use letsencrypt on all of them, also i was using http to https redirection and i was not able to verify acme challenge as it was giving file not found error, Directadmin staff should investigate matter immediately,

Best Regards
 
however i enable http2 support in apache and nginx and openssl-1.0.2 was installed with them
 
Probably if you show your real domain names (with working and broken SSL certs) we could help you further. If for any reason you don't post your domains in public please feel free to send them via PM.
 
HI, i am also facing other problem, now ipad/iphones are not opening https website, but opening http without issue, that problem was never faced in Plesk panel, dont know what is wrong.

Also kindly check your PM
 
If any one got their domain working on IPHONE with lets encrypt kindly mention so that we can check what is difference if any.
 
Yes this is the real issue got A+ on www.ssllabs.com, compared my site with zerossl.com which is working fine on iphone and found nothing.
Iphone is not opening any domain with https does not show any warning either but it try to load it and throw error of "server is not handling requests," while if click on bar it shows certificate error.

It is strange, any way to resolve it?

Regards
 
Last edited:
HI, at this time i am using single domain so SSL is valid for all browsers except iphone/ipad. so now priority is to resolve issue with Apple.

Also i will setup main domain and sub-domain tomorrow to explain the problem i describe in First Post.
 
HI.

i am not able to load site with https in any apple device, from logs i can see following logs:-
httpd:-
333.255.8.96 - - [29/Jan/2017:19:24:53 +0500] "GET /wp-login.php HTTP/1.0" 200 1745 "-" "Mozilla/5.0 (iPad; CPU OS 10_2 like Mac OS X) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0 Mobile/14C92 Safari/602.1"
nginx:-
333.255.8.96 - - [29/Jan/2017:19:24:16 +0500] "GET /wp-login.php HTTP/2.0" 200 1381 "-" "Mozilla/5.0 (iPad; CPU OS 10_2 like Mac OS X) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/10.0 Mobile/14C92 Safari/602.1"

In both logs i found this line more than once, may be 10 times so it means ipad/any apple device tried to connect again and again but server is not allowing to connect. What can be wrong here???


Regards
 
yes https2
Server version: Apache/2.4.25 (Unix)
Server built: Jan 22 2017 22:41:15

using nginx as reverse proxy:-

nginx version: nginx/1.10.1
 
yes https2
Server version: Apache/2.4.25 (Unix)
Server built: Jan 22 2017 22:41:15

using nginx as reverse proxy:-

nginx version: nginx/1.10.1

Then read also here all follow links and also scroll up and so on

http://forum.directadmin.com/showthread.php?t=52590&page=3&p=278512#post278512

http://forum.directadmin.com/showthread.php?t=54240

http://forum.directadmin.com/showthread.php?t=54318&p=278488#post278488

http://forum.directadmin.com/showthread.php?t=54170

because a lot of probs with http2 and apache 2.4.25
https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/CHANGES
 
So it means problem is with http2?
an upgrade will solve issue?

Problem is only ipad/iphone shaving this issue, all other devices can open website without issue.


Regards
 
I dont''t know which probably problem in combi with http2 and apache 2.4.25 update.

But there are a lot so you can read, maybe your problem is also one of these, or something else with the openssl versions used and or settings/configs.

I only pointing out with that apache versions more http2 problems you could have. ;)
What? you should find out yourself, by asking posting your prob in the forums/ github for these Software so http2 and/or Apache and/or ningx and/or letsencrypt sorry.
 
The problem is not SSL as i tried using Comodo certificates too, result is same site is not opening with SSL. and only found above mentioned lines in logs, i have no clear direction as logs are not showing anything. i will try to downgrade to apache 2.4.23 on test server to check if it is apache related.
 
@ ikkeben
You are right, culprit is http2 , i disabled it on my test server from apache and nginx as well and now site is working is fine with apache 2.4.25,
@Direct admin support can you look into this matter , a patch can be help as it is confirmed that with http2 enabled and SSL on apache 2.4.25 sites will not open on iphone/ipad. kindly look into this matter urgently, i was able to find this out because my users are in contat with me constantly and if any change to server affects them they discussed it with me immediately.

@zEitEr Kindly read new replies.


Regards
 
HTTP2 support is not official in DA yet..
Should be in next version.

Still if possible to have some of the solutions (as in the apache v2.4.26 svn) as a kind of prefix/workarround should be kind if this is possible.

Also this Alpha from DA
https://www.directadmin.com/features.php?id=1884 should check with apache 2.4.25 and also the svn apache v2.4.26 svn version for problems with http2 . ;)
 
Back
Top