Let's encrypt - Can't create a certificate for the panel

**Eomer** · Apr 11th 2017

Hey,

i'm trying to create some ssl certificates for my panel but it's failing.

i changed my panels domain today. It was "server1.rlxd.de" and now it's "rlxd.de"

The first issue is: It's showing me

Code

Challenge failed for domain server1.rlxd.deChallenge failed for domain rlxd.deChallenges failed for all domains

Why is it still showing "server1.rlxd.de" eben though i changed it?

Why does it fail?

i-MSCP 1.4.1
Build: 20170328
Codename: Zimmer

Debian 8.7

I don't know if this is relevant but heres the info from my host file:
127.0.0.1 www.rlxd.de.local localhost
93.159.253.78 www.rlxd.de www

I dont know which part you'll need so here's the complete logfile:

Code

2017-04-11 07:27:05,216:DEBUG:certbot.log:Root logging level set at 30
2017-04-11 07:27:05,217:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2017-04-11 07:27:05,218:DEBUG:certbot.main:certbot version: 0.13.0
2017-04-11 07:27:05,218:DEBUG:certbot.main:Arguments: ['--quiet', '--agree-tos', '--email', '[email protected]', '--webroot', '--webroot-path', '/var/www/imscp/gui/plugins/LetsEncrypt/acme', '--preferred-challenges', 'http', '--allow-subset-of-names', '--domains', 'server1.rlxd.de,rlxd.de']
2017-04-11 07:27:05,219:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#standalone,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#webroot,PluginEntryPoint#apache,PluginEntryPoint#null)
2017-04-11 07:27:05,220:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2017-04-11 07:27:05,227:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0x7f2b15fc1fd0>
Prep: True
2017-04-11 07:27:05,228:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7f2b15fc1fd0> and installer None
2017-04-11 07:27:05,236:DEBUG:certbot.main:Picked account: <Account(a050ee80ed04caab2eb0666c48c2cc52)>
2017-04-11 07:27:05,238:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/directory.
2017-04-11 07:27:05,247:DEBUG:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2017-04-11 07:27:05,520:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 352
2017-04-11 07:27:05,522:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 352
Boulder-Request-Id: TTs-aJuLSEqz7AYj3cM4hUERsv1AqtekVq0-cbMMzhA
Replay-Nonce: -4NJSdRjZj5OCIqG3HVxTgHu40xe4Xd844lqzj1Rjho
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Tue, 11 Apr 2017 07:28:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 11 Apr 2017 07:28:08 GMT
Connection: keep-alive
{
"key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change",
"new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",
"new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",
"new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",
"revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"
}
2017-04-11 07:27:05,529:INFO:certbot.main:Obtaining a new certificate
2017-04-11 07:27:05,530:DEBUG:acme.client:Requesting fresh nonce
2017-04-11 07:27:05,531:DEBUG:acme.client:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz.
2017-04-11 07:27:05,713:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "HEAD /acme/new-authz HTTP/1.1" 405 0
2017-04-11 07:27:05,715:DEBUG:acme.client:Received response:
HTTP 405
Server: nginx
Content-Type: application/problem+json
Content-Length: 91
Allow: POST
Boulder-Request-Id: 22uKiEeWWcQymegiID9sLPt4qQKMjLMM5lcvItOu-eQ
Replay-Nonce: -v4freKDz8ZgaCzSc1IwqvmRpy069i-SGR2VWbUBGVI
Expires: Tue, 11 Apr 2017 07:28:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 11 Apr 2017 07:28:08 GMT
Connection: keep-alive
2017-04-11 07:27:05,715:DEBUG:acme.client:Storing nonce: -v4freKDz8ZgaCzSc1IwqvmRpy069i-SGR2VWbUBGVI
2017-04-11 07:27:05,715:DEBUG:acme.client:JWS payload:
{
"identifier": {
"type": "dns",
"value": "server1.rlxd.de"
},
"resource": "new-authz"
}
2017-04-11 07:27:05,721:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz:
{
"header": {
"alg": "RS256",
"jwk": {
"e": "AQAB",
"kty": "RSA",
"n": "5IbQc0z-yF537bM2RHl_oHo32w1InBKibEiqKv6h2OhVr-abewhox1z-otfBtyOneGwFqgSypUckb9SDojfNQTPxC8jc94HsynHEW5ZPVNj19Xy-no8GWf15TYrS51PnN9zq8S-JsoDBDoMXkGTLtyIH6NsGSyQhTFFv2vfXQZegZQOh3QK9G6uyGPxUEQOId54N7-GxKKMVv893NAq6mk0aH9555NSJIF0mfX6rYGFOnSOD3TLXQF6Dds5oBjV4xZgRJ_vxSR3Ec8HhaIkYlVKProHwlCCTYzdhzrBjOmsfJ-SD39w937JgHtDtDxneNViTx4Op8ikBGJM8vHGouQ"
}
},
"protected": "eyJub25jZSI6ICItdjRmcmVLRHo4WmdhQ3pTYzFJd3F2bVJweTA2OWktU0dSMlZXYlVCR1ZJIn0",
"payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAic2VydmVyMS5ybHhkLmRlIgogIH0sIAogICJyZXNvdXJjZSI6ICJuZXctYXV0aHoiCn0",
"signature": "N3sxTmhthG8L5cj_UtJHdKZI1xwpZS03UorgwoFp8SgMki8aWF_uHGb46Ew4fDGtdWOmUHuKSEVA1c5wEsGRWJ-bo5mqstpNX8h6NudfiGxsIt0cSRW2cKS6BvD7peFYOD7hbdGKNiS_TSf0ZNrTuhGGwPTGwqCvRAaVhaDG5xyLdJDknZIYgF-zL1ZGtSqyTrQw7vIg6uTaLSU535jWn0ClRbKTFxOeouWNznydHhtCB6Rk5MQs86Es4qQpogyBxX0UHhZ7EaujH9IeoH_suRsme2oMTI8A-XYATjlda-iqiI9NUuNCUUHj99jE6ndRMuslx39XKxIO34NKnolrcQ"
}
2017-04-11 07:27:05,931:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 1003
2017-04-11 07:27:05,933:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 1003
Boulder-Request-Id: 8MSiwaUhb3fiAkQ9yqWiJPWsrG4Bua-YOpsBn0UPv7I
Boulder-Requester: 11855201
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Location: https://acme-v01.api.letsencrypt.org/acme/authz/RT8KyX9q9Vt_XXzlQ983oYl4DnjBlPZWlWUgbB8YN28
Replay-Nonce: 7_DpoFH9RfAgjojvLoxZHvRXiTSZCUOqk1PmKMcUbdw
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Tue, 11 Apr 2017 07:28:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 11 Apr 2017 07:28:08 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "server1.rlxd.de"
},
"status": "pending",
"expires": "2017-04-18T07:28:08.845836746Z",
"challenges": [
{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/RT8KyX9q9Vt_XXzlQ983oYl4DnjBlPZWlWUgbB8YN28/1001544122",
"token": "YYofFdr4wjXT3UujrLOl0AZrKguvLUV4G6olgvUTRF8"
},
{
"type": "http-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/RT8KyX9q9Vt_XXzlQ983oYl4DnjBlPZWlWUgbB8YN28/1001544123",
"token": "xK9lgzMViE-e_-zVjGshPOkxzuO_xiT8WwO1QRBaoFQ"
},
{
"type": "dns-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/RT8KyX9q9Vt_XXzlQ983oYl4DnjBlPZWlWUgbB8YN28/1001544124",
"token": "vNV_Jf71eDstaa_5gGH-kquwfdyVch83rMQHp0wd28s"
}
],
"combinations": [
[
0
],
[
2
],
[
1
]
]
}
2017-04-11 07:27:05,933:DEBUG:acme.client:Storing nonce: 7_DpoFH9RfAgjojvLoxZHvRXiTSZCUOqk1PmKMcUbdw
2017-04-11 07:27:05,934:DEBUG:acme.client:JWS payload:
{
"identifier": {
"type": "dns",
"value": "rlxd.de"
},
"resource": "new-authz"
}
2017-04-11 07:27:05,939:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz:
{
"header": {
"alg": "RS256",
"jwk": {
"e": "AQAB",
"kty": "RSA",
"n": "5IbQc0z-yF537bM2RHl_oHo32w1InBKibEiqKv6h2OhVr-abewhox1z-otfBtyOneGwFqgSypUckb9SDojfNQTPxC8jc94HsynHEW5ZPVNj19Xy-no8GWf15TYrS51PnN9zq8S-JsoDBDoMXkGTLtyIH6NsGSyQhTFFv2vfXQZegZQOh3QK9G6uyGPxUEQOId54N7-GxKKMVv893NAq6mk0aH9555NSJIF0mfX6rYGFOnSOD3TLXQF6Dds5oBjV4xZgRJ_vxSR3Ec8HhaIkYlVKProHwlCCTYzdhzrBjOmsfJ-SD39w937JgHtDtDxneNViTx4Op8ikBGJM8vHGouQ"
}
},
"protected": "eyJub25jZSI6ICI3X0Rwb0ZIOVJmQWdqb2p2TG94Wkh2UlhpVFNaQ1VPcWsxUG1LTWNVYmR3In0",
"payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAicmx4ZC5kZSIKICB9LCAKICAicmVzb3VyY2UiOiAibmV3LWF1dGh6Igp9",
"signature": "jD3eCKo5058-Mwa-6CUmc33LSfhyfzxcHVCsKuagzNDREVF-Iw037HMws0f7snYhxfL83PXm79MDMgbc9uSDqK6ZRvebsEhD1IGiviJBDVx0nUcrOO5-dIdfx9v9yvF5q8R_hxXu5FwKiSyExwjKSVZ8-DcgEavyug10XehxhgcqX7wO98KvdTrNAMf8jJsP7NkV7zNEJjHtqZlEXiIB02F2RovI-k-XmVYcAuUdIklxsuOr4s4Wco4mi4elyaUAHiTzkaO6hicNGD5k97wQM5rzkPSmqmbegVp_9m90VJM2u8Gyornu9mg2dxLtrmZ0DMO9l87HFKdrGRbfy3ZuGg"
}
2017-04-11 07:27:06,155:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 995
2017-04-11 07:27:06,156:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 995
Boulder-Request-Id: xhwvNURnCyPTY8JLcDitHeYslreGqbnl7GQ542hdzg0
Boulder-Requester: 11855201
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Location: https://acme-v01.api.letsencrypt.org/acme/authz/E8e_FxLXmiSVpzMaCkpMWoYPkHgAGS61eyWx36hqcIc
Replay-Nonce: JDGvofADTuWy4ssIj49WmP_hsLQMgjMnMJN1DLYR1ic
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Tue, 11 Apr 2017 07:28:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 11 Apr 2017 07:28:09 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "rlxd.de"
},
"status": "pending",
"expires": "2017-04-18T07:28:09.070800211Z",
"challenges": [
{
"type": "dns-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/E8e_FxLXmiSVpzMaCkpMWoYPkHgAGS61eyWx36hqcIc/1001544137",
"token": "ZAwfLFh8wIX23VcZ7DcrLYQS_DrgGsDnPGzCN0RyxAQ"
},
{
"type": "http-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/E8e_FxLXmiSVpzMaCkpMWoYPkHgAGS61eyWx36hqcIc/1001544138",
"token": "BgCa8KQ8gQIlNSQONWYbcXhO9TZRPU_9eYDbYImSq4k"
},
{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/E8e_FxLXmiSVpzMaCkpMWoYPkHgAGS61eyWx36hqcIc/1001544139",
"token": "zv5znESg8X3ClMKRNaVvm8AKkp8Al2tBeKXO8XNHJ6g"
}
],
"combinations": [
[
0
],
[
2
],
[
1
]
]
}
2017-04-11 07:27:06,156:DEBUG:acme.client:Storing nonce: JDGvofADTuWy4ssIj49WmP_hsLQMgjMnMJN1DLYR1ic
2017-04-11 07:27:06,157:INFO:certbot.auth_handler:Performing the following challenges:
2017-04-11 07:27:06,158:INFO:certbot.auth_handler:http-01 challenge for server1.rlxd.de
2017-04-11 07:27:06,158:INFO:certbot.auth_handler:http-01 challenge for rlxd.de
2017-04-11 07:27:06,158:INFO:certbot.plugins.webroot:Using the webroot path /var/www/imscp/gui/plugins/LetsEncrypt/acme for all unmatched domains.
2017-04-11 07:27:06,158:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge
2017-04-11 07:27:06,159:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge
2017-04-11 07:27:06,165:DEBUG:certbot.plugins.webroot:Attempting to save validation to /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge/xK9lgzMViE-e_-zVjGshPOkxzuO_xiT8WwO1QRBaoFQ
2017-04-11 07:27:06,171:DEBUG:certbot.plugins.webroot:Attempting to save validation to /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge/BgCa8KQ8gQIlNSQONWYbcXhO9TZRPU_9eYDbYImSq4k
2017-04-11 07:27:06,172:INFO:certbot.auth_handler:Waiting for verification...
2017-04-11 07:27:06,172:DEBUG:acme.client:JWS payload:
{
"keyAuthorization": "xK9lgzMViE-e_-zVjGshPOkxzuO_xiT8WwO1QRBaoFQ.Q9Jp32ByM_KZJ5QU3XNGWMqCkIFVh8Bo5X8X46iQP9A",
"type": "http-01",
"resource": "challenge"
}
2017-04-11 07:27:06,177:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/RT8KyX9q9Vt_XXzlQ983oYl4DnjBlPZWlWUgbB8YN28/1001544123:
{
"header": {
"alg": "RS256",
"jwk": {
"e": "AQAB",
"kty": "RSA",
"n": "5IbQc0z-yF537bM2RHl_oHo32w1InBKibEiqKv6h2OhVr-abewhox1z-otfBtyOneGwFqgSypUckb9SDojfNQTPxC8jc94HsynHEW5ZPVNj19Xy-no8GWf15TYrS51PnN9zq8S-JsoDBDoMXkGTLtyIH6NsGSyQhTFFv2vfXQZegZQOh3QK9G6uyGPxUEQOId54N7-GxKKMVv893NAq6mk0aH9555NSJIF0mfX6rYGFOnSOD3TLXQF6Dds5oBjV4xZgRJ_vxSR3Ec8HhaIkYlVKProHwlCCTYzdhzrBjOmsfJ-SD39w937JgHtDtDxneNViTx4Op8ikBGJM8vHGouQ"
}
},
"protected": "eyJub25jZSI6ICJKREd2b2ZBRFR1V3k0c3NJajQ5V21QX2hzTFFNZ2pNbk1KTjFETFlSMWljIn0",
"payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogInhLOWxnek1WaUUtZV8telZqR3NoUE9reHp1T194aVQ4V3dPMVFSQmFvRlEuUTlKcDMyQnlNX0taSjVRVTNYTkdXTXFDa0lGVmg4Qm81WDhYNDZpUVA5QSIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9",
"signature": "gvNu2ikE3aQ3fdsOHeMOsB7cW7NzsOQ-fdYVBlRam9kyQGFPrlo19uAmVNTIQdYMWqKXu15mEYVeWn6V-XkaWkwPy_vgwzTo0tc4tagmrOlZ2RwJU-wq-UTi0GGnIPwFlskjMsbpG25R0n0hM0fS4X-Hv07s2lCSqOzbk1e5vmzQ8XVg4GzzGBCqU1xb1LP5tXrW1IUU9qxGs-GUexHd2GgASK_lDKjiPx1h3HvRLTefvsdlgJJJkbV7jbJvQyxHYR0aJaIN7di4PrV2g2tsccK4uwDTH94uShsV8sfCyNy1df2BQtLe3KxMmnttyd_V51O3XIoUgvxaatSN8mNLRw"
}
2017-04-11 07:27:06,384:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/challenge/RT8KyX9q9Vt_XXzlQ983oYl4DnjBlPZWlWUgbB8YN28/1001544123 HTTP/1.1" 202 336
2017-04-11 07:27:06,386:DEBUG:acme.client:Received response:
HTTP 202
Server: nginx
Content-Type: application/json
Content-Length: 336
Boulder-Request-Id: P1kgjRww2eYtiZiHMmWL1Z-Kb8rO36N0UuvEg0BoqCQ
Boulder-Requester: 11855201
Link: <https://acme-v01.api.letsencrypt.org/acme/authz/RT8KyX9q9Vt_XXzlQ983oYl4DnjBlPZWlWUgbB8YN28>;rel="up"
Location: https://acme-v01.api.letsencrypt.org/acme/challenge/RT8KyX9q9Vt_XXzlQ983oYl4DnjBlPZWlWUgbB8YN28/1001544123
Replay-Nonce: gG56ujeLKELq1L0Mkl86-mdJKiuRKEJcg5YCrNE_Hg0
Expires: Tue, 11 Apr 2017 07:28:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 11 Apr 2017 07:28:09 GMT
Connection: keep-alive
{
"type": "http-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/RT8KyX9q9Vt_XXzlQ983oYl4DnjBlPZWlWUgbB8YN28/1001544123",
"token": "xK9lgzMViE-e_-zVjGshPOkxzuO_xiT8WwO1QRBaoFQ",
"keyAuthorization": "xK9lgzMViE-e_-zVjGshPOkxzuO_xiT8WwO1QRBaoFQ.Q9Jp32ByM_KZJ5QU3XNGWMqCkIFVh8Bo5X8X46iQP9A"
}
2017-04-11 07:27:06,386:DEBUG:acme.client:Storing nonce: gG56ujeLKELq1L0Mkl86-mdJKiuRKEJcg5YCrNE_Hg0
2017-04-11 07:27:06,387:DEBUG:acme.client:JWS payload:
{
"keyAuthorization": "BgCa8KQ8gQIlNSQONWYbcXhO9TZRPU_9eYDbYImSq4k.Q9Jp32ByM_KZJ5QU3XNGWMqCkIFVh8Bo5X8X46iQP9A",
"type": "http-01",
"resource": "challenge"
}
2017-04-11 07:27:06,392:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/E8e_FxLXmiSVpzMaCkpMWoYPkHgAGS61eyWx36hqcIc/1001544138:
{
"header": {
"alg": "RS256",
"jwk": {
"e": "AQAB",
"kty": "RSA",
"n": "5IbQc0z-yF537bM2RHl_oHo32w1InBKibEiqKv6h2OhVr-abewhox1z-otfBtyOneGwFqgSypUckb9SDojfNQTPxC8jc94HsynHEW5ZPVNj19Xy-no8GWf15TYrS51PnN9zq8S-JsoDBDoMXkGTLtyIH6NsGSyQhTFFv2vfXQZegZQOh3QK9G6uyGPxUEQOId54N7-GxKKMVv893NAq6mk0aH9555NSJIF0mfX6rYGFOnSOD3TLXQF6Dds5oBjV4xZgRJ_vxSR3Ec8HhaIkYlVKProHwlCCTYzdhzrBjOmsfJ-SD39w937JgHtDtDxneNViTx4Op8ikBGJM8vHGouQ"
}
},
"protected": "eyJub25jZSI6ICJnRzU2dWplTEtFTHExTDBNa2w4Ni1tZEpLaXVSS0VKY2c1WUNyTkVfSGcwIn0",
"payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogIkJnQ2E4S1E4Z1FJbE5TUU9OV1liY1hoTzlUWlJQVV85ZVlEYllJbVNxNGsuUTlKcDMyQnlNX0taSjVRVTNYTkdXTXFDa0lGVmg4Qm81WDhYNDZpUVA5QSIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9",
"signature": "wug0O8kFPBq9MXvkf2yrO1_Rmm8W_wvY6P5Moe2TzGBh7ZCyIjsjLjwpfK2z6935a7RxuXKiCV7VUVI6avknGV94WQnuvY81RFoginKZNkXq5RgPzCijScxT8WnBErmjFL6_7wPQhs0itQYT2fT8d3Xw3RHmJxt5n0v0nccQUR-ql6zHzg8ehZLf1YsnLI4uUbo3ICn1Q20w-dSgv-hm42sq1M0iF2qnBgNTq0-B2qRQNhPn2BwcYlbwsM1hl4rG_Q-Af_8C2OZxnu41M7ewmsaVrRZ5NO8L3Z1x8usCOUMA8OcWq5mgvANHzX4PZbavTsRnSJmmN_QrKJ6DuERMKg"
}
2017-04-11 07:27:06,592:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/challenge/E8e_FxLXmiSVpzMaCkpMWoYPkHgAGS61eyWx36hqcIc/1001544138 HTTP/1.1" 202 336
2017-04-11 07:27:06,594:DEBUG:acme.client:Received response:
HTTP 202
Server: nginx
Content-Type: application/json
Content-Length: 336
Boulder-Request-Id: 6NLnnm6SxmNugblNDXNzQYffyqgj1vrwnhZXSqghhJ4
Boulder-Requester: 11855201
Link: <https://acme-v01.api.letsencrypt.org/acme/authz/E8e_FxLXmiSVpzMaCkpMWoYPkHgAGS61eyWx36hqcIc>;rel="up"
Location: https://acme-v01.api.letsencrypt.org/acme/challenge/E8e_FxLXmiSVpzMaCkpMWoYPkHgAGS61eyWx36hqcIc/1001544138
Replay-Nonce: BMoPmaiP2AX0f7dhajJUMecvHWlfJjEsl8tGRI8hfAg
Expires: Tue, 11 Apr 2017 07:28:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 11 Apr 2017 07:28:09 GMT
Connection: keep-alive
{
"type": "http-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/E8e_FxLXmiSVpzMaCkpMWoYPkHgAGS61eyWx36hqcIc/1001544138",
"token": "BgCa8KQ8gQIlNSQONWYbcXhO9TZRPU_9eYDbYImSq4k",
"keyAuthorization": "BgCa8KQ8gQIlNSQONWYbcXhO9TZRPU_9eYDbYImSq4k.Q9Jp32ByM_KZJ5QU3XNGWMqCkIFVh8Bo5X8X46iQP9A"
}
2017-04-11 07:27:06,594:DEBUG:acme.client:Storing nonce: BMoPmaiP2AX0f7dhajJUMecvHWlfJjEsl8tGRI8hfAg
2017-04-11 07:27:09,598:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/RT8KyX9q9Vt_XXzlQ983oYl4DnjBlPZWlWUgbB8YN28.
2017-04-11 07:27:09,804:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /acme/authz/RT8KyX9q9Vt_XXzlQ983oYl4DnjBlPZWlWUgbB8YN28 HTTP/1.1" 200 1932
2017-04-11 07:27:09,806:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1932
Boulder-Request-Id: VpLyHtxN2WHZAcwmTomgESyTokxCMMqj6IgY0H7X3K4
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Replay-Nonce: TK8lgKJ8e7gphe6GeOecm6NqILhmqZwHv5fyfDy7k5s
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Tue, 11 Apr 2017 07:28:12 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 11 Apr 2017 07:28:12 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "server1.rlxd.de"
},
"status": "invalid",
"expires": "2017-04-18T07:28:08Z",
"challenges": [
{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/RT8KyX9q9Vt_XXzlQ983oYl4DnjBlPZWlWUgbB8YN28/1001544122",
"token": "YYofFdr4wjXT3UujrLOl0AZrKguvLUV4G6olgvUTRF8"
},
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:acme:error:unauthorized",
"detail": "Invalid response from http://server1.rlxd.de/.well-known/acme-challenge/xK9lgzMViE-e_-zVjGshPOkxzuO_xiT8WwO1QRBaoFQ: \"\u003c!DOCTYPE html\u003e\n\u003chtml lang=\"en\"\u003e\n\u003chead\u003e\n \u003ctitle\u003ei-MSCP internet - Multi Server Control Panel - Error 404\u003c/title\u003e\n \u003cmeta ch\"",
"status": 403
},
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/RT8KyX9q9Vt_XXzlQ983oYl4DnjBlPZWlWUgbB8YN28/1001544123",
"token": "xK9lgzMViE-e_-zVjGshPOkxzuO_xiT8WwO1QRBaoFQ",
"keyAuthorization": "xK9lgzMViE-e_-zVjGshPOkxzuO_xiT8WwO1QRBaoFQ.Q9Jp32ByM_KZJ5QU3XNGWMqCkIFVh8Bo5X8X46iQP9A",
"validationRecord": [
{
"url": "http://server1.rlxd.de/.well-known/acme-challenge/xK9lgzMViE-e_-zVjGshPOkxzuO_xiT8WwO1QRBaoFQ",
"hostname": "server1.rlxd.de",
"port": "80",
"addressesResolved": [
"93.159.253.78",
"2a00:fe0:1:4d:5054:ff:fe00:c"
],
"addressUsed": "93.159.253.78"
}
]
},
{
"type": "dns-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/RT8KyX9q9Vt_XXzlQ983oYl4DnjBlPZWlWUgbB8YN28/1001544124",
"token": "vNV_Jf71eDstaa_5gGH-kquwfdyVch83rMQHp0wd28s"
}
],
"combinations": [
[
0
],
[
2
],
[
1
]
]
}
2017-04-11 07:27:09,808:WARNING:certbot.auth_handler:Challenge failed for domain server1.rlxd.de
2017-04-11 07:27:09,809:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/E8e_FxLXmiSVpzMaCkpMWoYPkHgAGS61eyWx36hqcIc.
2017-04-11 07:27:10,006:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /acme/authz/E8e_FxLXmiSVpzMaCkpMWoYPkHgAGS61eyWx36hqcIc HTTP/1.1" 200 1900
2017-04-11 07:27:10,008:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1900
Boulder-Request-Id: 9G6G8NgQ6fYArp5xpoIaUBDA91_7ZQvDEQK5wLYf7j0
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Replay-Nonce: 2GZ02kAyS7AaBKztXkH356r7RUNTZT5ULyXx92FWlaI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Tue, 11 Apr 2017 07:28:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 11 Apr 2017 07:28:13 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "rlxd.de"
},
"status": "invalid",
"expires": "2017-04-18T07:28:09Z",
"challenges": [
{
"type": "dns-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/E8e_FxLXmiSVpzMaCkpMWoYPkHgAGS61eyWx36hqcIc/1001544137",
"token": "ZAwfLFh8wIX23VcZ7DcrLYQS_DrgGsDnPGzCN0RyxAQ"
},
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:acme:error:unauthorized",
"detail": "Invalid response from http://rlxd.de/.well-known/acme-challenge/BgCa8KQ8gQIlNSQONWYbcXhO9TZRPU_9eYDbYImSq4k: \"\u003c!DOCTYPE html\u003e\n\u003chtml lang=\"en\"\u003e\n\u003chead\u003e\n \u003ctitle\u003ei-MSCP internet - Multi Server Control Panel - Error 404\u003c/title\u003e\n \u003cmeta ch\"",
"status": 403
},
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/E8e_FxLXmiSVpzMaCkpMWoYPkHgAGS61eyWx36hqcIc/1001544138",
"token": "BgCa8KQ8gQIlNSQONWYbcXhO9TZRPU_9eYDbYImSq4k",
"keyAuthorization": "BgCa8KQ8gQIlNSQONWYbcXhO9TZRPU_9eYDbYImSq4k.Q9Jp32ByM_KZJ5QU3XNGWMqCkIFVh8Bo5X8X46iQP9A",
"validationRecord": [
{
"url": "http://rlxd.de/.well-known/acme-challenge/BgCa8KQ8gQIlNSQONWYbcXhO9TZRPU_9eYDbYImSq4k",
"hostname": "rlxd.de",
"port": "80",
"addressesResolved": [
"93.159.253.78",
"2a00:fe0:1:4d:5054:ff:fe00:c"
],
"addressUsed": "93.159.253.78"
}
]
},
{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/E8e_FxLXmiSVpzMaCkpMWoYPkHgAGS61eyWx36hqcIc/1001544139",
"token": "zv5znESg8X3ClMKRNaVvm8AKkp8Al2tBeKXO8XNHJ6g"
}
],
"combinations": [
[
0
],
[
2
],
[
1
]
]
}
2017-04-11 07:27:10,010:WARNING:certbot.auth_handler:Challenge failed for domain rlxd.de
2017-04-11 07:27:10,011:INFO:certbot.auth_handler:Cleaning up challenges
2017-04-11 07:27:10,011:DEBUG:certbot.plugins.webroot:Removing /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge/xK9lgzMViE-e_-zVjGshPOkxzuO_xiT8WwO1QRBaoFQ
2017-04-11 07:27:10,012:DEBUG:certbot.plugins.webroot:Removing /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge/BgCa8KQ8gQIlNSQONWYbcXhO9TZRPU_9eYDbYImSq4k
2017-04-11 07:27:10,012:DEBUG:certbot.plugins.webroot:All challenges cleaned up, removing /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge
2017-04-11 07:27:10,014:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/root/.local/share/letsencrypt/bin/letsencrypt", line 11, in <module>
sys.exit(main())
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 755, in main
return config.func(config, plugins)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 682, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 82, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py", line 316, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py", line 285, in obtain_certificate
self.config.allow_subset_of_names)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 92, in get_authorizations
"Challenges failed for all domains")
AuthorizationError: Challenges failed for all domains

Display More

**Nuxwin** · Apr 11th 2017

Quote from Eomer

93.159.253.78 rlxd.de www

rlxd.de is not a fully qualified hostname name. You must configure your server correctly first and make sure that DNS are corrects. Don't forget that if you change the server hostname, you need to reconfigure i-MSCP.

**Eomer** · Apr 11th 2017

You're right. I reconfigured the hoe.

Now the hostname is:

server1.rlxd.de

I reconfigured the panel to listen to imscp.rlxd.de.

Code

127.0.0.1 server1.rlxd.de.local localhost
93.159.253.78 server1.rlxd.de server1
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

I reconfigured everything following this tut:

https://www.serverbiz.de/debia…aft-andern-fqdn-anpassen/

My provider checked the DNS settings and said "everything is fine". Creating a certificate still fails. any idea?

**Nuxwin** · Apr 12th 2017

Quote from Eomer

My provider checked the DNS settings and said "everything is fine". Creating a certificate still fails. any idea?

For which domain?
Did you reconfigured i-MSCP by running the i-MSCP reconfiguration script?
Latest letsentcrypt log?

If you cannot figure out alone, give us access to your server.

**Eomer** · Apr 12th 2017

Quote from Nuxwin

For which domain?

Did you reconfigured i-MSCP by running the i-MSCP reconfiguration script?

Latest letsentcrypt log?

If you cannot figure out alone, give us access to your server.

I would like to at least try to figure it out first. If that doesnt work i would love to grant you access.

1. for rlxd.de / server1.rlxd.de
2. yes
3.

Code

2017-04-12 07:45:28,431:DEBUG:certbot.log:Root logging level set at 302017-04-12 07:45:28,432:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log2017-04-12 07:45:28,433:DEBUG:certbot.main:certbot version: 0.13.02017-04-12 07:45:28,433:DEBUG:certbot.main:Arguments: ['--quiet', '--agree-tos', '--email', '[email protected]', '--webroot', '--webroot-path', '/var/www/imscp/gui/plugins/LetsEncrypt/acme', '--preferred-challenges', 'http', '--allow-subset-of-names', '--domains', 'server1.rlxd.de']2017-04-12 07:45:28,434:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#standalone,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#webroot,PluginEntryPoint#apache,PluginEntryPoint#null)2017-04-12 07:45:28,435:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None2017-04-12 07:45:28,441:DEBUG:certbot.plugins.selection:Single candidate plugin: * webrootDescription: Place files in webroot directoryInterfaces: IAuthenticator, IPluginEntry point: webroot = certbot.plugins.webroot:AuthenticatorInitialized: <certbot.plugins.webroot.Authenticator object at 0x7fcda602b190>Prep: True2017-04-12 07:45:28,442:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7fcda602b190> and installer None2017-04-12 07:45:28,449:DEBUG:certbot.main:Picked account: <Account(a050ee80ed04caab2eb0666c48c2cc52)>2017-04-12 07:45:28,451:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/directory.2017-04-12 07:45:28,457:DEBUG:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org2017-04-12 07:45:28,738:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 3522017-04-12 07:45:28,740:DEBUG:acme.client:Received response:HTTP 200Server: nginxContent-Type: application/jsonContent-Length: 352Boulder-Request-Id: cLjpBxgkSivRotheQH5TgqkTYZCTva9Mh3oZYzwFKakReplay-Nonce: 6-I90pzUcph6fMPYDMFEDrAewQOZ0hmXsxE9uWlFzdQX-Frame-Options: DENYStrict-Transport-Security: max-age=604800Expires: Wed, 12 Apr 2017 07:46:31 GMTCache-Control: max-age=0, no-cache, no-storePragma: no-cacheDate: Wed, 12 Apr 2017 07:46:31 GMTConnection: keep-alive{ "key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change", "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz", "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert", "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg", "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"}2017-04-12 07:45:28,758:INFO:certbot.main:Obtaining a new certificate2017-04-12 07:45:28,758:DEBUG:acme.client:Requesting fresh nonce2017-04-12 07:45:28,759:DEBUG:acme.client:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz.2017-04-12 07:45:28,961:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "HEAD /acme/new-authz HTTP/1.1" 405 02017-04-12 07:45:28,963:DEBUG:acme.client:Received response:HTTP 405Server: nginxContent-Type: application/problem+jsonContent-Length: 91Allow: POSTBoulder-Request-Id: atXIylnfBJvCd4JaviTfSvT39qYNRgSeSOyZHjUBQN8Replay-Nonce: SkM80HxIoxpx3-ZlCQQymci-SXkvViNzVT0GsyZLKZcExpires: Wed, 12 Apr 2017 07:46:31 GMTCache-Control: max-age=0, no-cache, no-storePragma: no-cacheDate: Wed, 12 Apr 2017 07:46:31 GMTConnection: keep-alive2017-04-12 07:45:28,963:DEBUG:acme.client:Storing nonce: SkM80HxIoxpx3-ZlCQQymci-SXkvViNzVT0GsyZLKZc2017-04-12 07:45:28,970:DEBUG:acme.client:JWS payload:{ "identifier": { "type": "dns", "value": "server1.rlxd.de" }, "resource": "new-authz"}2017-04-12 07:45:28,984:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz:{ "header": { "alg": "RS256", "jwk": { "e": "AQAB", "kty": "RSA", "n": "5IbQc0z-yF537bM2RHl_oHo32w1InBKibEiqKv6h2OhVr-abewhox1z-otfBtyOneGwFqgSypUckb9SDojfNQTPxC8jc94HsynHEW5ZPVNj19Xy-no8GWf15TYrS51PnN9zq8S-JsoDBDoMXkGTLtyIH6NsGSyQhTFFv2vfXQZegZQOh3QK9G6uyGPxUEQOId54N7-GxKKMVv893NAq6mk0aH9555NSJIF0mfX6rYGFOnSOD3TLXQF6Dds5oBjV4xZgRJ_vxSR3Ec8HhaIkYlVKProHwlCCTYzdhzrBjOmsfJ-SD39w937JgHtDtDxneNViTx4Op8ikBGJM8vHGouQ" } }, "protected": "eyJub25jZSI6ICJTa004MEh4SW94cHgzLVpsQ1FReW1jaS1TWGt2VmlOelZUMEdzeVpMS1pjIn0", "payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAic2VydmVyMS5ybHhkLmRlIgogIH0sIAogICJyZXNvdXJjZSI6ICJuZXctYXV0aHoiCn0", "signature": "ZpKMw2pJzIEdse7y9Oneqr94KsKPEyqzJViW9fRNISPhAGYOCF7eJXmuUqncjyigw_C0493HckLWsGp2_gZIV8BiY6jQqa-yESJFdd9aRIVLAoqDK_EF-Ad5DpKw1zYN6a3WU5rj9rf7JRf6bgj64CE6W-I770Qt8n78KDD7P1jg4fpn_FMlWaw45AvzTz2UC_c0TIoX1-ovp2vwZWYphrCg37GZ7RH1xCdSMAWVgHweMiV3aVI1QG48Wg4RMuZlxMt7RGsCc0FHBSqZcWw3KJQzul8VmE13BJlzPme93j1kl5QCMgH4Tpm82KgL1-AB00ace4ZWt-G9Z8vOmw9X7Q"}2017-04-12 07:45:29,223:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 10032017-04-12 07:45:29,225:DEBUG:acme.client:Received response:HTTP 201Server: nginxContent-Type: application/jsonContent-Length: 1003Boulder-Request-Id: EqVuiNf0oV3oLW62Evao4IbwB7eAbRh4pOMzEeoPe5MBoulder-Requester: 11855201Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"Location: https://acme-v01.api.letsencrypt.org/acme/authz/r3t3uzxDQyPa716N9Yw4QG-eyPZ0_-3Z4ywrja5fRigReplay-Nonce: waXDOPSoy2lyrpfUfhJLsdVCgxrLF7jih2v20igOMGoX-Frame-Options: DENYStrict-Transport-Security: max-age=604800Expires: Wed, 12 Apr 2017 07:46:32 GMTCache-Control: max-age=0, no-cache, no-storePragma: no-cacheDate: Wed, 12 Apr 2017 07:46:32 GMTConnection: keep-alive{ "identifier": { "type": "dns", "value": "server1.rlxd.de" }, "status": "pending", "expires": "2017-04-19T07:46:32.137244222Z", "challenges": [ { "type": "dns-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/r3t3uzxDQyPa716N9Yw4QG-eyPZ0_-3Z4ywrja5fRig/1007782229", "token": "hnw-A0cyQOZhtB4_75iPmzVgg64EaWXGpjSNFyqXcmg" }, { "type": "tls-sni-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/r3t3uzxDQyPa716N9Yw4QG-eyPZ0_-3Z4ywrja5fRig/1007782230", "token": "F741vBdGCtrbz5jpVkBXCo9juS3viO0w5OBSahULXpQ" }, { "type": "http-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/r3t3uzxDQyPa716N9Yw4QG-eyPZ0_-3Z4ywrja5fRig/1007782231", "token": "0Y19piIBQlg6Wos-WuXTCjTYBiN-CPIRqeOaO_GJ40I" } ], "combinations": [ [ 1 ], [ 0 ], [ 2 ] ]}2017-04-12 07:45:29,225:DEBUG:acme.client:Storing nonce: waXDOPSoy2lyrpfUfhJLsdVCgxrLF7jih2v20igOMGo2017-04-12 07:45:29,227:INFO:certbot.auth_handler:Performing the following challenges:2017-04-12 07:45:29,227:INFO:certbot.auth_handler:http-01 challenge for server1.rlxd.de2017-04-12 07:45:29,228:INFO:certbot.plugins.webroot:Using the webroot path /var/www/imscp/gui/plugins/LetsEncrypt/acme for all unmatched domains.2017-04-12 07:45:29,228:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge2017-04-12 07:45:29,241:DEBUG:certbot.plugins.webroot:Attempting to save validation to /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge/0Y19piIBQlg6Wos-WuXTCjTYBiN-CPIRqeOaO_GJ40I2017-04-12 07:45:29,243:INFO:certbot.auth_handler:Waiting for verification...2017-04-12 07:45:29,243:DEBUG:acme.client:JWS payload:{ "keyAuthorization": "0Y19piIBQlg6Wos-WuXTCjTYBiN-CPIRqeOaO_GJ40I.Q9Jp32ByM_KZJ5QU3XNGWMqCkIFVh8Bo5X8X46iQP9A", "type": "http-01", "resource": "challenge"}2017-04-12 07:45:29,252:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/r3t3uzxDQyPa716N9Yw4QG-eyPZ0_-3Z4ywrja5fRig/1007782231:{ "header": { "alg": "RS256", "jwk": { "e": "AQAB", "kty": "RSA", "n": "5IbQc0z-yF537bM2RHl_oHo32w1InBKibEiqKv6h2OhVr-abewhox1z-otfBtyOneGwFqgSypUckb9SDojfNQTPxC8jc94HsynHEW5ZPVNj19Xy-no8GWf15TYrS51PnN9zq8S-JsoDBDoMXkGTLtyIH6NsGSyQhTFFv2vfXQZegZQOh3QK9G6uyGPxUEQOId54N7-GxKKMVv893NAq6mk0aH9555NSJIF0mfX6rYGFOnSOD3TLXQF6Dds5oBjV4xZgRJ_vxSR3Ec8HhaIkYlVKProHwlCCTYzdhzrBjOmsfJ-SD39w937JgHtDtDxneNViTx4Op8ikBGJM8vHGouQ" } }, "protected": "eyJub25jZSI6ICJ3YVhET1BTb3kybHlycGZVZmhKTHNkVkNneHJMRjdqaWgydjIwaWdPTUdvIn0", "payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogIjBZMTlwaUlCUWxnNldvcy1XdVhUQ2pUWUJpTi1DUElScWVPYU9fR0o0MEkuUTlKcDMyQnlNX0taSjVRVTNYTkdXTXFDa0lGVmg4Qm81WDhYNDZpUVA5QSIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9", "signature": "ueCqDcerZsPh4chVWj_eIMSzZICFqWwXs5b7gUjxE6cnSI3I3hbq9hpRcWCWrImC8c3M5eRNLUFZpkhB8RBjW0MhGWRt0NuxdHejSca2Qx9OHScRlp1mktxFwwrE_pioV5IPeD2c-GNMhtN1XwUW_mL_OcZd-rTKfMShMCHlZLIG35zW25HyeSZ4z31du0WXn1Urdjq2HwtRzhqWPCL_g_DWoPxA8ZCpc6C9VRG-PW4Cmg7Ycu7ac-0F4DP83--dpqUxbhvrgwTuvXrNCz3G4vkifWVzdJ7yZjLMybrGb-QiNr-m8ij5nTRhEiXbcOCpVm4PoWffpaxAgUD3PGpmxA"}2017-04-12 07:45:29,511:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/challenge/r3t3uzxDQyPa716N9Yw4QG-eyPZ0_-3Z4ywrja5fRig/1007782231 HTTP/1.1" 202 3362017-04-12 07:45:29,531:DEBUG:acme.client:Received response:HTTP 202Server: nginxContent-Type: application/jsonContent-Length: 336Boulder-Request-Id: XkMosIN3Z0axkkWe20S0RxqyBz5slMwc2CZ6VscQv_EBoulder-Requester: 11855201Link: <https://acme-v01.api.letsencrypt.org/acme/authz/r3t3uzxDQyPa716N9Yw4QG-eyPZ0_-3Z4ywrja5fRig>;rel="up"Location: https://acme-v01.api.letsencrypt.org/acme/challenge/r3t3uzxDQyPa716N9Yw4QG-eyPZ0_-3Z4ywrja5fRig/1007782231Replay-Nonce: t0K8mv3CWDE6hWHfyGJ2u1uAyvQ4oYRZ9FpZ6JV3w9AExpires: Wed, 12 Apr 2017 07:46:32 GMTCache-Control: max-age=0, no-cache, no-storePragma: no-cacheDate: Wed, 12 Apr 2017 07:46:32 GMTConnection: keep-alive{ "type": "http-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/r3t3uzxDQyPa716N9Yw4QG-eyPZ0_-3Z4ywrja5fRig/1007782231", "token": "0Y19piIBQlg6Wos-WuXTCjTYBiN-CPIRqeOaO_GJ40I", "keyAuthorization": "0Y19piIBQlg6Wos-WuXTCjTYBiN-CPIRqeOaO_GJ40I.Q9Jp32ByM_KZJ5QU3XNGWMqCkIFVh8Bo5X8X46iQP9A"}2017-04-12 07:45:29,532:DEBUG:acme.client:Storing nonce: t0K8mv3CWDE6hWHfyGJ2u1uAyvQ4oYRZ9FpZ6JV3w9A2017-04-12 07:45:32,544:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/r3t3uzxDQyPa716N9Yw4QG-eyPZ0_-3Z4ywrja5fRig.2017-04-12 07:45:32,735:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /acme/authz/r3t3uzxDQyPa716N9Yw4QG-eyPZ0_-3Z4ywrja5fRig HTTP/1.1" 200 19322017-04-12 07:45:32,738:DEBUG:acme.client:Received response:HTTP 200Server: nginxContent-Type: application/jsonContent-Length: 1932Boulder-Request-Id: RwpPlMPuhfI8BGY_ky-g2KtkweZBtARG7stju_Pxa_ALink: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"Replay-Nonce: avfJ1mJ2kPRtGuL1ym1n-FbT9I8QolEf8Dj0lOY88egX-Frame-Options: DENYStrict-Transport-Security: max-age=604800Expires: Wed, 12 Apr 2017 07:46:35 GMTCache-Control: max-age=0, no-cache, no-storePragma: no-cacheDate: Wed, 12 Apr 2017 07:46:35 GMTConnection: keep-alive{ "identifier": { "type": "dns", "value": "server1.rlxd.de" }, "status": "invalid", "expires": "2017-04-19T07:46:32Z", "challenges": [ { "type": "dns-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/r3t3uzxDQyPa716N9Yw4QG-eyPZ0_-3Z4ywrja5fRig/1007782229", "token": "hnw-A0cyQOZhtB4_75iPmzVgg64EaWXGpjSNFyqXcmg" }, { "type": "tls-sni-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/r3t3uzxDQyPa716N9Yw4QG-eyPZ0_-3Z4ywrja5fRig/1007782230", "token": "F741vBdGCtrbz5jpVkBXCo9juS3viO0w5OBSahULXpQ" }, { "type": "http-01", "status": "invalid", "error": { "type": "urn:acme:error:unauthorized", "detail": "Invalid response from http://server1.rlxd.de/.well-known/acme-challenge/0Y19piIBQlg6Wos-WuXTCjTYBiN-CPIRqeOaO_GJ40I: \"\u003c!DOCTYPE html\u003e\n\u003chtml lang=\"en\"\u003e\n\u003chead\u003e\n \u003ctitle\u003ei-MSCP internet - Multi Server Control Panel - Error 404\u003c/title\u003e\n \u003cmeta ch\"", "status": 403 }, "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/r3t3uzxDQyPa716N9Yw4QG-eyPZ0_-3Z4ywrja5fRig/1007782231", "token": "0Y19piIBQlg6Wos-WuXTCjTYBiN-CPIRqeOaO_GJ40I", "keyAuthorization": "0Y19piIBQlg6Wos-WuXTCjTYBiN-CPIRqeOaO_GJ40I.Q9Jp32ByM_KZJ5QU3XNGWMqCkIFVh8Bo5X8X46iQP9A", "validationRecord": [ { "url": "http://server1.rlxd.de/.well-known/acme-challenge/0Y19piIBQlg6Wos-WuXTCjTYBiN-CPIRqeOaO_GJ40I", "hostname": "server1.rlxd.de", "port": "80", "addressesResolved": [ "93.159.253.78", "2a00:fe0:1:4d:5054:ff:fe00:c" ], "addressUsed": "93.159.253.78" } ] } ], "combinations": [ [ 1 ], [ 0 ], [ 2 ] ]}2017-04-12 07:45:32,739:WARNING:certbot.auth_handler:Challenge failed for domain server1.rlxd.de2017-04-12 07:45:32,740:INFO:certbot.auth_handler:Cleaning up challenges2017-04-12 07:45:32,740:DEBUG:certbot.plugins.webroot:Removing /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge/0Y19piIBQlg6Wos-WuXTCjTYBiN-CPIRqeOaO_GJ40I2017-04-12 07:45:32,741:DEBUG:certbot.plugins.webroot:All challenges cleaned up, removing /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge2017-04-12 07:45:32,744:DEBUG:certbot.log:Exiting abnormally:Traceback (most recent call last): File "/root/.local/share/letsencrypt/bin/letsencrypt", line 11, in <module> sys.exit(main()) File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 755, in main return config.func(config, plugins) File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 682, in certonly lineage = _get_and_save_cert(le_client, config, domains, certname, lineage) File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 82, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py", line 316, in obtain_and_enroll_certificate certr, chain, key, _ = self.obtain_certificate(domains) File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py", line 285, in obtain_certificate self.config.allow_subset_of_names) File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 92, in get_authorizations "Challenges failed for all domains")AuthorizationError: Challenges failed for all domains

How imscp is configured:

1. Hostname: server1.rlxd.de
2. Domain name for the panel: imscp.rlxd.de

I've been trying different combinations (i don't know if that makes sense)

Hostname server1.rlxd.de, domain name for the panel server1.rlxd.de
Hostname server1.rlxd.de, domain name for the panel rlxd.de

My hosts:

Code

127.0.0.1 server1.rlxd.de.local localhost
93.159.253.78 server1.rlxd.de server1
2a00:fe0:1:4d:5054:ff:fe00:c server1.rlxd.de server1
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

Display More

One weird thing is that the reconfiguration of the panel always deletes the ipv6-address. I had to add it myself.

**Nuxwin** · Apr 12th 2017

@Eomer

Do you use the ServerDefautPage plugin? If yes, disable it and retry.

**Eomer** · Apr 12th 2017

No but im using "Panel redirect". I deactivated it and it worked. Thanks for pointing towards the right direction!

**Nuxwin** · Apr 12th 2017

PanelRedirect plugin version was ?

**Eomer** · Apr 12th 2017

Version 1.1.3

**Nuxwin** · Apr 12th 2017

Quote from Eomer

Version 1.1.3

Next time, read the documentation
See https://wiki.i-mscp.net/doku.p…anelredirect_plugin_users

Thread closed.

Let's encrypt - Can't create a certificate for the panel

Share

Similar Threads

lets encrypt stop working for new certificate

Support for Wilcard SSL Certificates and more...

Let's Encrypt can't renew certificate due to first hosted domain is disabled.

Daily visitors