Jump to content
Froxlor Forum
  • 0

Can't Get SSL Cert via Let's Encrypt on Root Domain


Go to solution Solved by d00p,

Question

I'm running Froxlor on Unbuntu 18.04 having installed the product via apt repository.

I've successfully changed settings and run the necessary configurations. I chose to secure the froxlor webhost itself using Let's Encrypt. This was successful.

I've also added a customer domain and secured that domain with SSL using a Let's Encrypt cert.

So, the hostname of my froxlor webserver is 'admin.orangekarat.com.' SSL is enabled and Let's Encrypt encryption is working as expected.

The customer domain is my personal domain, 'christopherdrew.com.' SSL is enabled and Let's Encrypt encryption is working as expected.

Now I want to add another domain using my 'orangekarat.com' main business domain for my own business website. I'm able to add the domain and send traffic to is on port 80 as expected. However, when I try to enable SSL using Let's Encrypt, and error is generated and the SSL cert is not issued.

For the domain, I have enabled SSL and checked the appropriate IP on port 443. I have also enabled SSL redirects and and checked "Use Let's Encrypt." When the "rebuild webserver-configuration job runs, the log throws the follow error"

26.02.20 15:55:01 warning Practice Skipping Let's Encrypt generation for orangekarat.com due to an enabled ssl_redirect
26.02.20 15:55:01 error system orangekarat.com :: empty certificate file! Cannot create ssl-directives

I let the next pending "rebuild webserver-configuration" job run, and then this error appears:

26.02.20 16:00:13 error system Could not get Let's Encrypt certificate for orangekarat.com: [Wed Feb 26 16:00:03 UTC 2020] Creating domain key [Wed Feb 26 16:00:05 UTC 2020] The domain key is here: /root/.acme.sh/orangekarat.com/orangekarat.com.key [Wed Feb 26 16:00:05 UTC 2020] Multi domain='DNS:orangekarat.com,DNS:www.orangekarat.com' [Wed Feb 26 16:00:05 UTC 2020] Getting domain auth token for each domain [Wed Feb 26 16:00:07 UTC 2020] Getting webroot for domain='orangekarat.com' [Wed Feb 26 16:00:07 UTC 2020] Getting webroot for domain='www.orangekarat.com' [Wed Feb 26 16:00:07 UTC 2020] orangekarat.com is already verified, skip http-01. [Wed Feb 26 16:00:07 UTC 2020] Verifying: www.orangekarat.com
26.02.20 16:00:13 error system orangekarat.com :: empty certificate file! Cannot create ssl-directives

I've confirmed that the 'orangekarat.com' domain is configured with a 'A' record in DNS. The 'admin' subdomain also has an 'A' record.

I think the reason this is happening is because I've already secured the 'admin' subdomain on orangekarat.com. Is there a way to properly secure the main 'orangekarat.com' domain in this case?

 

Link to post
Share on other sites

2 answers to this question

Recommended Posts

  • 0
  • Solution

Hey, you have done nothing wrong so far regarding froxlor. Your DNS for orangekarat.com is correct, but you've specified "www-Alias" which includes www.orangekarat.com in the certificate and that domain has no A record as far as I can test

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...