Certificates on Reverse Proxy sites

Question

Trying to get certificate on reverse proxy sites.

If I use "sudo site sub.domain.com -ssl=on -root-path=/opt/myapp/web" (*note "-ssl=on")

I get: [ERROR] Invalid root path!

If I use "sudo site sub.domain.com -ssl-on -root-path=/opt/myapp/web" (*note "-ssl-on")

The certificate tries to authenticate, but I get: Failed authorization procedure. 

- The following errors were reported by the server: Domain: sub.domain.com Type: unauthorized Detail: Invalid response from http://sub.domain.com/.well-known/acme-challenge/xxxxxxxxxxxxxxxxxxxxxx [xxx.xxx.xxx.xxx]: 404

To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.

Answer 1

I will check the syntax error. Are you sure you are using the latest Webinoly version?

Because I already fixed a similar issue in the last release.

The second error is very clear, seems like your site is not publicly available.

Comments

Yes, I'm using the latest version, v1.7.1.

The site is publicly available, the DNS A/AAAA records are set correctly.

A quick workaround, I just created a -php site, no problems with getting the certificates authenticated, and then I just edited the conf file and added the proxy info.

---

There may be several possible issues:

• You are entering a wrong root-path.
• Permissions are wrong in your reverse proxy location.
• You have a custom nginx rule blocking access to the "well-known" temporal Let's Encrypt folder.
• Your DNS is not properly propagated.
• Etc...

---

You are right, "root-path" option is not working with the new SSL syntax.

 It will be fixed in the next release (v1.7.2).

Thanks for reporting this issue!