letsencrypt not working with imscp 1.3.0

    hi,


    just bought the letsencrypt plugin and tried to add a certificate to one of the websites, but ending up in the error:
    2016-07-07 22:33:26,290:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org


    this was already discussed in a previous topic but its closed and the issue still exists.


    help appriciated


    what info do else you need?




    kind regards



    *edit
    apache restart didn't work out

    Edited once, last by MasterTH: sorry for my english.... not in the best mood ().

    Can you tell us the content of the log file in /var/log/imscp/Plugin_LetsEncrypt.log /or something like that). Also:

    • Is the domain reachable under www.* (www.YOURDOMAIN/YOURSUBDOMAIN/YOURALIASDOMAIN.TLD)?
    • This is not an IDN domain?

    I had this problem too, but the reason was, that domain wasn't a live domain (not registered yet) and in this case LetsEncrypt doesn't work yet.
    You must register and set the domain name, and wait couple of hour after registration, to all DNS servers refresh.
    So just add a new domain is not enough, it's must have a correcly working domain name.

    i-MSCP 1.5.3
    Plugins (latest version): ClamAV, CronJobs, DomainAutoApproval, LetsEncrypt, OpenDKIM, PanelRedirect, PhpSwitcher, PolicydSPF, Postgrey, RecaptchaPMA, RoundcubePlugins, SpamAssasin, WHMCS

    yes the site is reachable from outside. well there is a webprotection on it now....
    i'll delete it and try again.



    will report back

    doesn't change anything, even with disabled protected area.


    its a subdomain like shop.domain.tld and the dns was set like 6 month ago - even longer.
    i just added an a-record *.shop.domain.tld - may this helps.. will wait unitl tomorrow evening.

    @MasterTH webprotection will not do some problems with validation.


    Quote from MasterTH

    *.shop.domain.tld

    This should solve your problem. You can already try. As I know letsencrypt dns does not use any dns caching..

    @MasterTH


    For the subdomains for which you want activate LetsEncrypt, you must ensure to have a www CNAME DNS resource record such as www.shop.domain.tld. 300 IN CNAME shop.domain.tld.


    You added a wildcard which will surely solve the problem but it is preferable to simply add a CNAME DNS resource record here (as shown above).


    I'm atm in discussion with @Ninos about this. For me, we should remove www for subdomains.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    SSH key for online support