[BlueOnyx:21743] Re: let's encrypt renewal, 5209R
Carl Byington
carl at five-ten-sg.com
Tue Feb 13 18:07:10 -05 2018
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On Tue, 2018-02-13 at 13:58 -0500, Michael Stauber wrote:
> If it's past the 60 days, then it will have tried to renew it every
> day since that date and has failed for one reason or another.
> Take a look at /var/log/letsencrypt/letsencrypt.log, as it may shed
> some light on this.
Ah, errors. But that file is dated 2018-01-12 - it is not retrying?
Domain: services.mediasupply.com
Type: unauthorized
Detail: Invalid response from http://services.mediasupply.com/.well-
known/acme-challenge/g-.....
2018-01-12 21:59:52,829:DEBUG:certbot.plugins.webroot:All challenges
cleaned up, removing /home/.sites/148/site16/web/.well-known/acme-
challenge
2018-01-12 21:59:52,829:DEBUG:certbot.main:Exiting abnormally:
> Chances are you do have a .htaccess file which does use mod_rewrite to
> rewrite the URL
find /home/.sites/148/site16/web -name .htaccess
.. nothing there
> or there was something else that prevented certbot from accessing the
> verification URL on all domain names that the cert is supposed to be
> valid for.
/etc/httpd/conf/vhosts/site16.include is empty.
/etc/httpd/conf/vhosts/site16 seems to only have the stock BO config
which contains:
RewriteRule ^/(.*) https://services.mediasupply.com/$1 [L,R=301]
Does the /.well-known/ directory stick around? That is missing, but
might have been removed by the user via ftp if they did not understand
that was needed.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
iEYEAREKAAYFAlqDb10ACgkQL6j7milTFsGLEwCgi0/AoGchJE+WSznY3kDNT1CV
FFUAnR/2mZAo7/Ufj5aEj97qwg5aGYkK
=6BJF
-----END PGP SIGNATURE-----
More information about the Blueonyx
mailing list