[froxlor - letsencrypt error question]

Thanks @d00p it is working now 😀👍

[froxlor - letsencrypt error question]

6 hours ago, d00p said:

Then your settings are messed up. The let's encrypt challenge path should NOT be /root/.acme.sh/ - it's default value is the path where Froxlor is installed. It must be web accessable so this is the recommended setting

again changed back to

Alias "/.well-known/acme-challenge" "/var/www/froxlor/.well-known/acme-challenge"
<Directory "/var/www/froxlor/.well-known/acme-challenge">
	Require all granted
</Directory>

and still i got the error

[debug] https://github.com/acmesh-official/acme.sh
v2.8.6
[Fri Apr 17 22:15:17 +03 2020] Creating domain key
[Fri Apr 17 22:15:17 +03 2020] The domain key is here: /root/.acme.sh/xxxx.net/xxxx.net.key
[Fri Apr 17 22:15:17 +03 2020] Multi domain='DNS:xxxx.net,DNS:www.xxxx.net'
[Fri Apr 17 22:15:17 +03 2020] Getting domain auth token for each domain
[Fri Apr 17 22:15:20 +03 2020] Getting webroot for domain='xxxx.net'
[Fri Apr 17 22:15:20 +03 2020] Getting webroot for domain='www.xxxx.net'
[Fri Apr 17 22:15:20 +03 2020] Verifying: xxxx.net
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL was not found on this server.</p>
<hr>
<address>Apache/2.4.25 (Debian) Server at xxxx.net Port 80</address>
</body></html>
[error] Could not get Let's Encrypt certificate for xxxx.net:
https://github.com/acmesh-official/acme.sh
v2.8.6
[Fri Apr 17 22:15:17 +03 2020] Creating domain key
[Fri Apr 17 22:15:17 +03 2020] The domain key is here: /root/.acme.sh/xxxx.net/xxxx.net.key
[Fri Apr 17 22:15:17 +03 2020] Multi domain='DNS:xxxx.net,DNS:www.xxxx.net'
[Fri Apr 17 22:15:17 +03 2020] Getting domain auth token for each domain
[Fri Apr 17 22:15:20 +03 2020] Getting webroot for domain='xxxx.net'
[Fri Apr 17 22:15:20 +03 2020] Getting webroot for domain='xxxx.net'
[Fri Apr 17 22:15:20 +03 2020] Verifying: xxxx.net
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL was not found on this server.</p>
<hr>
<address>Apache/2.4.25 (Debian) Server at xxxx.net Port 80</address>
</body></html>

As i understand acme script is creating key files under /root/.acme.sh/ and it cause error. As you wrote above, it should be create key files under /var/www/froxlor/.well-known , i copied them manually but still the same

so where can i find acme.sh actual installation for froxlor with proper folder destination?

thanks

[froxlor - letsencrypt error question]

3 minutes ago, d00p said:

That is wrong. It should be /var/www/froxlor/.well-known/acme-challenge/ - in no way generates froxlor that with /root/.acme.sh/....

So i should change it to below again?

Alias "/.well-known/acme-challenge" "/var/www/froxlor/.well-known/acme-challenge"
<Directory "/var/www/froxlor/.well-known/acme-challenge">
Require all granted
</Directory>

Btw please see attached configuration example from froxlor panel page

[froxlor - letsencrypt error question]

44 minutes ago, d00p said:

1) the token is created temporarily, means it will always result in 404 if you try to open it manually. 

2) validate that you have configured the acme.conf in /etc/apache2/conf-enabled/ according to the froxlor configuration templates

Thanks

i changed acme.conf

previously it was

Alias "/.well-known/acme-challenge" "/var/www/froxlor/.well-known/acme-challenge"
<Directory "/var/www/froxlor/.well-known/acme-challenge">
Require all granted
</Directory>

and overwrite with the new version according to froxlor panel configurations, restarted apache;

Alias "/.well-known/acme-challenge" "/root/.acme.sh//.well-known/acme-challenge"
<Directory "/root/.acme.sh//.well-known/acme-challenge">
	Require all granted
</Directory>

But when i execute below command, i got 403 forbidden error

php /var/www/froxlor/scripts/froxlor_master_cronjob.php --force --debug

[debug] https://github.com/acmesh-official/acme.sh
v2.8.6
[Fri Apr 17 15:00:59 +03 2020] Creating domain key
[Fri Apr 17 15:01:00 +03 2020] The domain key is here: /root/.acme.sh/xxxx.net/xxxx.net.key
[Fri Apr 17 15:01:00 +03 2020] Multi domain='DNS:xxxx.net,DNS:www.xxxx.net'
[Fri Apr 17 15:01:00 +03 2020] Getting domain auth token for each domain
[Fri Apr 17 15:01:03 +03 2020] Getting webroot for domain='xxxx.net'
[Fri Apr 17 15:01:03 +03 2020] Getting webroot for domain='www.xxxx.net'
[Fri Apr 17 15:01:03 +03 2020] Verifying: xxxx.net
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access this resource.</p>
<hr>
<address>Apache/2.4.25 (Debian) Server at xxxx.net Port 80</address>
</body></html>
[error] Could not get Let's Encrypt certificate for xxxx.net:
https://github.com/acmesh-official/acme.sh
v2.8.6

 

[froxlor - letsencrypt error question]

Hello all,

I already configured my root server for ssl. I have also paid ssl certificates for my two domains and working properly. But i would like to use lets encrypt for my other domains.

my question is, how can i fix below error?

Lets encrypt cronjobs working properly but when i checked my log files it says 404 Not found error in https://domain.com/.well-known/acme-challenge/alaOcXG2qqHJKiMj26IXNA-IkSdtSgt3rnjgJnYDv8I . I assume it couldnt able to create required certificates. But under /root/.well-known/acme-challenge i can see the key files for domain, there is no any other .well-known folder under /var/customers/webs/

Thanks in advance for your help!