Get the most out of your Centmin Mod LEMP stack
Become a Member

Beta Branch LetsEncrypt issue

Discussion in 'Beta release code' started by Matt Williams, Dec 7, 2015.

  1. eva2000

    eva2000 Administrator Staff Member

    54,548
    12,221
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,790
    Local Time:
    11:53 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    yup Cloudflare DNS only should work :)

     
  2. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    8:53 AM
    latest
    10
    Same issue - tried a different domain this time with the development mode on for Cloudflare so im going to use namecheap DNS for one of my test domains and see if that works
     
  3. eva2000

    eva2000 Administrator Staff Member

    54,548
    12,221
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,790
    Local Time:
    11:53 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    same error exactly ?
     
  4. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    8:53 AM
    latest
    10
    yes
     
  5. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    8:53 AM
    latest
    10
    Still the same thing - took the domain off Cloudflare and used Vulr DNS

    Code:
    installing or updating letsencrypt client
    
    
    Cloning into 'letsencrypt'...
    Updating letsencrypt and virtual environment dependencies.......
    Running with virtualenv: /root/.local/share/letsencrypt/bin/letsencrypt --server https://acme-v01.api.letsencrypt.org/directory
    No installers are available on your OS yet; try running "letsencrypt-auto certonly" to get a cert you can install manually
    
    ----------------------------------------------------
    system memory profile: 587 MB available
    ----------------------------------------------------
                  total        used        free      shared  buff/cache   available
    Mem:            993         231         152          78         608         455
    Low:            993         840         152
    High:             0           0           0
    Swap:             0           0           0
    
    ----------------------------------------------------
    letsencrypt client is installed at:
    /root/.local/share/letsencrypt/bin/letsencrypt
    ----------------------------------------------------
    
    
    obtaining Letsencrypt SSL certificate via webroot authentication...
    
    /root/.local/share/letsencrypt/bin/letsencrypt -c /etc/letsencrypt/webroot.ini --user-agent centminmod-centos7-webroot --webroot-path /home/nginx/domains/wphstest4.xyz/public -d wphstest4.xyz -d www.wphstest4.xyz certonly
    Failed authorization procedure. www.wphstest4.xyz (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.wphstest4.xyz/.well-known/acme-challenge/W6PwR_Gkn3TomgxnXJG6xOs2q_xFYKWUNMVCtA0U [108.61.119.113]: 403, wphstest4.xyz (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://wphstest4.xyz/.well-known/acme-challenge/Xz2YczxBMMTEYiz1qRZ3-hbpurbT-1IXMSLmLIeg [108.61.119.113]: 403
    IMPORTANT NOTES:
    - The following 'urn:acme:error:unauthorized' errors were reported by
       the server:
    
       Domains: wphstest4.xyz, www.wphstest4.xyz
       Error: [B]The client lacks sufficient authorization[/B]
    
     
  6. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    8:53 AM
    latest
    10
    im going to start over with a fresh VPS and new IP and change to namecheap DNS
     
  7. eva2000

    eva2000 Administrator Staff Member

    54,548
    12,221
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,790
    Local Time:
    11:53 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  8. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    8:53 AM
    latest
    10
    im using wphstest4.xyz now :=)
     
  9. eva2000

    eva2000 Administrator Staff Member

    54,548
    12,221
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,790
    Local Time:
    11:53 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Code:
    dig -t NS wphstest4.xyz +short
    ns2.vultr.com.
    ns1.vultr.com.
    :)
     
  10. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    8:53 AM
    latest
    10
    i changed back to namecheap dns so im just waiting for everything to propagate - this process almost makes it not worth it lol! Free or no free - I could have purchased an SSL for $5, installed it in 10 minutes and called it a night lol!
     
  11. eva2000

    eva2000 Administrator Staff Member

    54,548
    12,221
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,790
    Local Time:
    11:53 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  12. eva2000

    eva2000 Administrator Staff Member

    54,548
    12,221
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,790
    Local Time:
    11:53 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  13. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    8:53 AM
    latest
    10
    I'm going to install the beta09le on a new customer install and see if it works on their domain, They are using cloudflare DNS so I told them ahead of time to completely bypass cloudflare cache by enabling the development mode prior to running the LE install on the VPS so we'll see if it works for them :=)

    When it asked me to "register for a lets encrypt account" can I use the same email address for all of them?
     
  14. eva2000

    eva2000 Administrator Staff Member

    54,548
    12,221
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,790
    Local Time:
    11:53 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    You only need to register email for letsencrypt account first time and it's used for all subsequent validations and LE ssl cert issuances on the server. So all future SSL cert expiry notifications also go to this email.
     
  15. eva2000

    eva2000 Administrator Staff Member

    54,548
    12,221
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,790
    Local Time:
    11:53 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Update: Apparently Letsencrypt domain validation works fine for webroot authentication method just not for other authentication methods. So Centmin Mod stack's webroot authentication should work fine !
     
  16. Shaiffulnizam Mohamad

    Shaiffulnizam Mohamad New Member

    29
    8
    3
    Jun 6, 2014
    Ratings:
    +9
    Local Time:
    9:53 PM
    1.7.0
    5.5
    Hi eva, sorry for interrupting this thread. But I've encounter a new problem today. My problem is
    Code:
    fatal: destination path 'letsencrypt' already exists and is not an empty directory.
    Updating letsencrypt and virtual environment dependencies......Command "/root/.local/share/letsencrypt/bin/python2.7 -c "import setuptools, tokenize;__file__='/tmp/pip-build-nmljjI/cryptography/setup.py';exec(compile(getattr(tokenize, 'open', open)(__file__).read().replace('\r\n', '\n'), __file__, 'exec'))" install --record /tmp/pip-nF1pEX-record/install-record.txt --single-version-externally-managed --compile --install-headers /root/.local/share/letsencrypt/include/site/python2.7/cryptography" failed with error code 1 in /tmp/pip-build-nmljjI/cryptography
    setup general /etc/letsencrypt/webroot.ini letsencrypt config file
    touch: cannot touch `/etc/letsencrypt/webroot.ini': No such file or directory
    inc/letsencrypt.inc: line 78: /etc/letsencrypt/webroot.ini: No such file or directory
    grep: /etc/letsencrypt/webroot.ini: No such file or directory
    /root/.local/share/letsencrypt/bin/letsencrypt not found
    What is this error and how to get over it?
    Thanks.
     
  17. eva2000

    eva2000 Administrator Staff Member

    54,548
    12,221
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,790
    Local Time:
    11:53 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    find you nginx addvhost log at /root/centminlogs via command to list logs in ascending date order
    Code:
    ls -Alrt /root/centminlogs
    and post it's contents to pastebin.com or gist.github.com so can see the full run

    looks like letsencrypt client failed to install or there was already a /root/tools/letsencrypt directory there

    was this 1st time ever you ran the 123.09beta01le branch's add vhost for letsencrypt ssl ?
     
  18. Shaiffulnizam Mohamad

    Shaiffulnizam Mohamad New Member

    29
    8
    3
    Jun 6, 2014
    Ratings:
    +9
    Local Time:
    9:53 PM
    1.7.0
    5.5
    Actually that is after I have successfully add 1 ssl, but after trying to add another one, then it fails. Will try again if this issues come across next time.
     
  19. eva2000

    eva2000 Administrator Staff Member

    54,548
    12,221
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,790
    Local Time:
    11:53 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    the 2nd attempt run should have a /root/centminlogs logged file too so would be help to view to troubleshoot :)
     
  20. Z61

    Z61 New Member

    3
    2
    3
    Dec 19, 2015
    Ratings:
    +2
    Local Time:
    8:53 AM
    Hi, I'm clearly new to the board and new to the mod. I'm having issues with the le branch as well.
    Here's a pastebin of running vhost (this is after installing LE.)
    Centminmod new vhost log - Pastebin.com