[BlueOnyx:24682] Re: 6109R SSL renewal problem
Michael Stauber
mstauber at blueonyx.it
Mon Dec 28 10:58:17 -05 2020
Hi Michael,
> I have an Aventurine 6109R which has been failing to renew the server
> SSL certificate. The error email says to check the error log but I do
> not understand what is failing. I have attached the log. I hope someone
> might be able to point me in the right direction.
>
> I changed the server address in the attached log file but I have checked
> the DNS and the a record is working properly.
When LE tried to connect to
http://<server-hostname>/.well-known/acme-challenge/kHI7WKLQjLGjv8NFe9daUXxJ2mGNOiTT8pOtqj8
for verification it got a 404 error from Apache and logged this:
"Invalid response from
http://<server-hostname>/.well-known/acme-challenge/kHI7WKLQjLGjv8NFe9daUXxJ2mGNOiTT8pOtqj8_-r8
[<IP>]: \"<HTML>\\n<HEAD>\\n<META NAME=\\\"Copyright\\\"
VALUE=\\\"Copyright (C) 2000, Cobalt Networks, Inc. All rights
reserved.\\\">\\n<!-- locale-sensit\""
Please check if that node has the /home/.acme/.well-known directory and
if that has a symlink in it, pointing to /home/.acme/ like this:
~]# ls -la /home/.acme/.well-known/
total 8
drwxr-xr-x 2 root root 4096 May 28 2019 .
drwxr-xr-x 3 root root 4096 Nov 15 03:47 ..
lrwxrwxrwx 1 root root 12 May 28 2019 acme-challenge -> /home/.acme/
Also check if /etc/httpd/conf.d/acme_sh.conf is present and looks like this:
~]# cat /etc/httpd/conf.d/acme_sh.conf
Alias /.well-known/acme-challenge/ /home/.acme/
<Directory "/home/.acme/">
Options FollowSymLinks
AllowOverride None
ForceType text/plain
RedirectMatch 404 "^(?!/\.well-known/acme-challenge/[\w-]{43}$)"
Require all granted
</Directory>
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list