All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
VestaCP Let's Encrypt Broken
Hi,
I can't seem to get Vesta's built in Let's Encrypt to work on a new install I did earlier.
My server runs CentOS 7, I only installed Apache, MySQL, FTP and IPtables / Fail2Ban on the Vesta install script.
The specific error I get in the control panel when I try to deploy a certificate is
"Error: Invalid response from http://domain.com/.well-known/acme-challenge/randomtext: \"
I tried to use Vesta's CLI to add the SSL certificate and got a different error.
[root@dedi local]# v-add-letsencrypt-domain admin domain.com
/usr/local/vesta/bin/v-check-letsencrypt-domain: line 100: /home/admin/web/domain.com/public_html/.well-known/acme-challenge/randomtext: No such file or directory
chown: cannot access ‘/home/admin/web/domain.com/public_html/.well-known’: No such file or directory
Error: Invalid response from http://domain.com/.well-known/acme-challenge/randomtexxt: \
So I tried creating the well known folder manually (where it was trying to be found) and got this error instead.
Error: Invalid response from http://domain.com/.well-known/acme-challenge/randomtexxt: \
I'm not really sure what to try next, I didn't have this issue with my other server (although that one runs NGINX instead of Apache), since it's a fresh install I thought it would work from the get go.
Any ideas?
Comments
I'd report i their forums, I got several VestaCP installations and have had to fix every single installation due to bugs, mainly with letsencrypt...
Nowadays I simply issue a free wildcard from assl.loov.it or whatever it's called.
Try to see if it's creating the file in the directory at least, check permissions as well.
My experiences with CentOS + VestaCP weren't great, but Debian (both jessie and wheezy) and Ubuntu (16.04) + VestaCP work without issues. If this is a fresh install and you can't figure out a solution for the problem, try Debian/Ubuntu.
I have a few servers with VestaCP and haven't had any issues with LE, just setup one a few days ago. CentOS 7 too, so that's odd.
I had a problem recently. Removed the domain and added it back, worked fine. Can't recall if that was the specific error though.
You can try using https://www.checkdomain.de/ssl/free/
It was creating the file, I couldn't view it though as I got a 404.
I tried multiple domains, removed them and added new ones but couldn't get them to work.
I've set the server to reinstall and I'll try again with NGINX and Apache, I saw on the forums that SSL breaks sometimes if you use Apache on it's own.
In the other hand, it used to happen to me when I used Nginx... Go figure. :P
Did you select the option to add an FTP account by chance? It fails for me when I do that, and only works again if I delete the domain and add again. Rather odd.
This is a know bug, i think is solved in The Next version, reinstall with nginx support until new release.
Regards!
I've been having the same issue for months. My solution was always to remove and re add the domain. This was with vesta running on 14.04 with varying components on a range of servers.
Perhaps running it on 16.04 might fix things?
Failing that, I'll just go back to using the github script someone made for vesta+LE.
I didn't add the FTP account, I normally do that after the SSL + domain is setup :P
I tried re-adding and removing the domain but it still wouldn't work. My other server runs the same OS but had no issue with LE, the only difference being that it used Nginx only instead of Apache.
After I reinstalled I selected the Apache and Nginx option when installing Vesta, LE and SSL now work exactly as they should.
This exactly, hopefully they get it fixed soon but I'll be fine with Nginx and Apache for now :P
Your setup includes apache or its with nginx?
I had the same issue with nginx. First domain went fine, later can not add SSL.
Installed VestaCP for the first time with just Apache and i'm having the same issue. (and no, on this server I can't install nginx).
Any solution to install Let's Encrypt on VestaCP running just Apache?
I just installed fresh vestacp with default settings. Let's encrypt doing fine.
@yokowasis : It seems vesta's updates were not done right?
I couldn't get it working at all so I installed NGINX and Apache, I think you can turn NGINX off as it's only used as a reverse proxy (I'll double check when I get home).
Seems everything is working for me. But again, I haven't used vesta that long.
you can't turn nginx off totally, because in the setup nginx+apache the nginx is listening on port 80 and relaying everything internaly to apache whether you use the proxy settings or not.
In fact if you deactivate proxy it will then simply proxy everything, but if you use one of those proxy options it will serve part of the (static) files directly. so it more likely does the opposite to what one might assume - maybe that's why it's called reverse proxy (in this case ;-) ;-))
PS: letsencrypt is working fine on vestacp over here at least for nginx+apache and also for nginx only... need to have a closer look, if I somewhere have a apache only setup running to check again for that.
Thanks! Keep me posted when you have the time to check at home.
Thanks! Will also make more tests soon.
@Falzo is right, there isn't anyway to disable NGINX :P
Yeah I got it working fine on NGINX+Apache and just NGINX but was completely broken on just Apache.
Never got a chance to renew the certs cause I couldn't get them deployed lol.
This has been a known issue for a while unfortunately: https://github.com/serghey-rodin/vesta/issues/966
It won't fix the bug.