0 votes
71 views
by Rookie

Trying to get certificate on reverse proxy sites.

If I use "sudo site sub.domain.com -ssl=on -root-path=/opt/myapp/web" (*note "-ssl=on")

I get: [ERROR] Invalid root path!

If I use "sudo site sub.domain.com -ssl-on -root-path=/opt/myapp/web" (*note "-ssl-on")

The certificate tries to authenticate, but I get: Failed authorization procedure. 

- The following errors were reported by the server: Domain: sub.domain.com Type: unauthorized Detail: Invalid response from http://sub.domain.com/.well-known/acme-challenge/xxxxxxxxxxxxxxxxxxxxxx [xxx.xxx.xxx.xxx]: 404

To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.

1 Answer

0 votes
by Expert
I will check the syntax error. Are you sure you are using the latest Webinoly version?

Because I already fixed a similar issue in the last release.

The second error is very clear, seems like your site is not publicly available.
by Rookie

Yes, I'm using the latest version, v1.7.1.

The site is publicly available, the DNS A/AAAA records are set correctly.

A quick workaround, I just created a -php site, no problems with getting the certificates authenticated, and then I just edited the conf file and added the proxy info.

by Expert

There may be several possible issues:

  • You are entering a wrong root-path.
  • Permissions are wrong in your reverse proxy location.
  • You have a custom nginx rule blocking access to the "well-known" temporal Let's Encrypt folder.
  • Your DNS is not properly propagated.
  • Etc...
by Expert
You are right, "root-path" option is not working with the new SSL syntax.

 It will be fixed in the next release (v1.7.2).

Thanks for reporting this issue!
Welcome to the Community site for Webinoly.

If you have a question about Webinoly, please ask in English or Spanish.

To report a bug, please ask a question here with the bug tag.

News: Now you can use any external SMTP service in your server. All the server outgoing emails from any of your websites will be sent through this service.

Donations

Webinoly Support Paypal Donations Webinoly Support Bitcoin Donations

Your regular donations is what keep this project moving forward. If you like Webinoly, buy me a coffee or a beer to show support.

Affiliate Links

It is very important that any visitor to the site read the disclaimer, terms of use and privacy and legal statement before start browsing.

...