/ Register

Welcome to Centmin Mod Community
Register Now

Error Adding Text Record to Domain

Discussion in 'Install & Upgrades or Pre-Install Questions' started by cloud9, Feb 25, 2025.

Tags:
Previous Thread Next Thread
Loading...
  1. Feb 25, 2025 #1
    cloud9

    cloud9 Premium Member Premium Member

    435
    118
    43
    Oct 6, 2015
    England
    Ratings:
    +218
    Local Time:
    8:42 AM
    1.25.3
    10.6.x
    Please fill in any relevant information that applies to you:
    • CentOS Version: AlmaLinux 8
    • Centmin Mod Version Installed: Latest Beta
    • Nginx Version Installed: 1.27.1
    • PHP Version Installed:8.1.31
    • MariaDB MySQL Version Installed: 10.6.21
    • When was last time updated Centmin Mod code base ? today
    • Persistent Config:

    Installing new WP option 22

    cant see anything wrong with domain setup

    Code:
    -----------------------------------------------------------
reissue & install letsencrypt ssl certificate for MYWWWSITE.com
-----------------------------------------------------------
/root/.acme.sh/acme.sh --force --createDomainKey -d MYWWWSITE.com -d www.MYWWWSITE.com -k 2048 --useragent centminmod-el8-acmesh-webroot
[Tue Feb 25 12:41:05 UTC 2025] Creating domain key
[Tue Feb 25 12:41:05 UTC 2025] The domain key is here: /root/.acme.sh/MYWWWSITE.com/MYWWWSITE.com.key
testcert value = lived
/root/.acme.sh/acme.sh --force --dns dns_cf --issue -d MYWWWSITE.com -d www.MYWWWSITE.com --days 60 --pre-hook "/usr/local/src/centminmod/tools/pre-acme-hooks.sh all-check MYWWWSITE.com" -k "2048" --useragent "centminmod-el8-acmesh-webroot" --log /root/centminlogs/acmetool.sh-debug-log-250225-124100.log --log-level 2 --preferred-chain "ISRG"
[Tue Feb 25 12:41:06 UTC 2025] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Tue Feb 25 12:41:06 UTC 2025] Runing pre hook:'/usr/local/src/centminmod/tools/pre-acme-hooks.sh all-check MYWWWSITE.com'
Nginx root path: /home/nginx/domains/MYWWWSITE.com/public
Le_Webroot: dns_cf
The root paths match. Proceeding with the acme.sh operation.
[Tue Feb 25 12:41:07 UTC 2025] Multi domain='DNS:MYWWWSITE.com,DNS:www.MYWWWSITE.com'
[Tue Feb 25 12:41:10 UTC 2025] Getting webroot for domain='MYWWWSITE.com'
[Tue Feb 25 12:41:10 UTC 2025] Getting webroot for domain='www.MYWWWSITE.com'
[Tue Feb 25 12:41:10 UTC 2025] Adding TXT value: m6CO2moO9Ab3Y2ryjBla7P0grDzIoP2Dry2XfzWR1OQ for domain: _acme-challenge.MYWWWSITE.com
[Tue Feb 25 12:41:13 UTC 2025] invalid domain
[Tue Feb 25 12:41:13 UTC 2025] Error adding TXT record to domain: _acme-challenge.MYWWWSITE.com
[Tue Feb 25 12:41:13 UTC 2025] Please check log file for more details: /root/centminlogs/acmetool.sh-debug-log-250225-124100.log
LECHECK = 1

log files saved at /root/centminlogs
-rw-r--r--  1 root root  40K Feb 25 12:41 acmetool.sh-debug-log-250225-124100.log
-rw-r--r--  1 root root 4.9K Feb 25 12:41 acmesh-reissue_250225-124100.log

    LetsDebug http-01 test on the domain - reports and all ok

    Using Option 22 i installed with 4 for full https

    In the log file i have this

    Code:
    [Tue Feb 25 12:41:12 UTC 2025] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
[Tue Feb 25 12:41:13 UTC 2025] ret='0'
[Tue Feb 25 12:41:13 UTC 2025] response='{"success":false,"errors":[{"code":6003,"message":"Invalid request headers","error_chain":[{"code":6111,"message":"Invalid format for Authorization header"}]}],"messages":[],"result":null}'
[Tue Feb 25 12:41:13 UTC 2025] h
[Tue Feb 25 12:41:13 UTC 2025] invalid domain
[Tue Feb 25 12:41:13 UTC 2025] Error adding TXT record to domain:
     
  2. Feb 26, 2025 #2
    eva2000

    eva2000 Administrator Staff Member

    54,935
    12,240
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,812
    Local Time:
    6:42 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Strange. The easiest thing to confirm first is if you created your Cloudflare API Token with an expiry date. I did that once and couldn't figure out why some of scripts stopped working after a few months. It was because I set an expiry date on my API token :)

    Other is check persistent config file API token reference in /etc/centminmod/custom_config.inc, a stray single or double quote for variable value could break how Centmin Mod reads the variable values.
     
  3. Feb 26, 2025 #3
    cloud9

    cloud9 Premium Member Premium Member

    435
    118
    43
    Oct 6, 2015
    England
    Ratings:
    +218
    Local Time:
    8:42 AM
    1.25.3
    10.6.x
    Im not behind cloudflare on this website (yet) the dns at namecheap all points to the server rather than namecheap

    Just looked at custom config and all looks fine in there

    Code:
    # Add CLOUDFLARE July 2024 added - see - https://centminmod.com/letsencrypt-freessl.html#dns
CF_DNSAPI_GLOBAL='y'
CF_Token="6be7d901XXXXXXXXXXXXXXXe583f658cc95"
CF_Account_ID="a042XXXXXXXXXXXXXXXfa1241332"
    Will check my cloudflare account now - But would this not break my other websites ssl's ?? As they are all fine
     
  4. Feb 26, 2025 #4
    cloud9

    cloud9 Premium Member Premium Member

    435
    118
    43
    Oct 6, 2015
    England
    Ratings:
    +218
    Local Time:
    8:42 AM
    1.25.3
    10.6.x
    In Cloudflare - In global API Key - there is no date that i can see

    In the Zone.Zone for the read and edit things - no date set either
     
    Last edited: Feb 26, 2025
  5. Feb 27, 2025 #5
    eva2000

    eva2000 Administrator Staff Member

    54,935
    12,240
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,812
    Local Time:
    6:42 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    That's the issue then. You would of needed to set CF_DNSAPI_GLOBAL='n' prior to that new Centmin Mod Nginx vhost creation to skip using Cloudflare DNS API for let's encrypt domain validation. Then set it back to CF_DNSAPI_GLOBAL='y' after Centmin Mod Nginx vhost is created. This will record the Nginx vhost domain profile in /root/.acme.sh domain name directory based Letsencrypt profiles to use the method at time of Centmin Mod Nginx HTTPS creation. You can try deleting those profiles for the domain , then set CF_DNSAPI_GLOBAL='n' temporarily, then either delete the existing Wordpress nginx vhost if there is no data via uninstall skip it generated or run acmetool.sh reissue-only command.

    With CF_DNSAPI_GLOBAL='n' set temporarily try acmetool.sh add reissue-only option for existing nginx HTTPS SSL vhosts with domain.com.ssl.conf vhost config files that exist. This only does reissue of letsencrypt SSL cert without touching the nginx vhost. Ideal for use when you tried creating a Nginx HTTPS SSL default vhost site but letsencrypt SSL issuance failed the first time. When it fails, Centmin Mod usually falls back to self-signed SSL as a place holder for the domain.com.ssl.conf vhost config. When you run:
    Code (Text):
    cd /usr/local/src/centminmod/addons
./acmetool.sh reissue-only domain.com live

    It will only try reissuing the letsencrypt SSL certificate for the domain = domain.com for live production SSL certificate without touching any of the existing nginx vhost at domain.com.ssl.conf
     
  6. Feb 27, 2025 #6
    cloud9

    cloud9 Premium Member Premium Member

    435
    118
    43
    Oct 6, 2015
    England
    Ratings:
    +218
    Local Time:
    8:42 AM
    1.25.3
    10.6.x
    Thankyou @eva2000

    That was the problem - have made a note in the config file for the fuuture - so i dont make the same mistake again

    Again Thanks

    And is it ok if I pm you re a problem on another server that i would like you to fix and pay you for (no rush)
     
  7. Mar 1, 2025 #7
    eva2000

    eva2000 Administrator Staff Member

    54,935
    12,240
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,812
    Local Time:
    6:42 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Yeah private message me :)
     
Previous Thread Next Thread
Loading...

.