[BlueOnyx:19917] Re: Let's encrypt not renewing

Felix Kaegi f.kaegi at fairtalk.com
Tue Aug 2 02:15:20 -05 2016 

Thanks Michael, removing the web server aliases for the Vsite, saving and
putting them back in again and saving yet again worked.

But now when I access the site I get the error message: This server could
not prove that it is www.site2.com; its security certificate is from
www.site1.com. This may be caused by a misconfiguration or an attacker
intercepting your connection.

Best regards
Felix

-----Original Message-----
From: Blueonyx [mailto:blueonyx-bounces at mail.blueonyx.it] On Behalf Of
Michael Stauber
Sent: Monday, August 1, 2016 08:11
To: BlueOnyx General Mailing List <blueonyx at mail.blueonyx.it>
Subject: [BlueOnyx:19912] Re: Let's encrypt not renewing

Hi Felix,

> For one of my sites I forgot to activate automatic renewal. Now after 
> the certificate had expired I tried to renew it using the GUI, but got 
> the error
> message: The following error occured during the SSL certificate 
> request: The installation path for the certificates could not be
determined.

Remove the web server aliases for the Vsite, save and put them back in again
and save yet again. That might fix it.

Let's Encrypt needs to do an online verification to make sure you own the
domain for which the cert is requested. It does so by placing a file into
the Vsite's /web directory, which is called during the verification process.

The error message seems to indicate that either the client couldn't place
the file, or their server couldn't access it from the outside.

There are also cases where a .htaccess file with extensive rewrite rules
might prevent the access. Also: If the Vsite has PHP-FPM activated, the
verification might fail as PHP-FPM doesn't like files that start with a dot.

You might want to check /var/log/messages and the Apache access and error
logs during and after a cert request to get some more ideas what's going on
and if it triggered 404 error messages or other notable problems.

--
With best regards

Michael Stauber
_______________________________________________
Blueonyx mailing list
Blueonyx at mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx

More information about the Blueonyx mailing list