Hi!
Ich habe das Lets Encrypt Plugin (Version 3.3.0) und schaffe es nicht, domains (subdomains) mit proxy mit einem Zertifikat zu versorgen.
Der Proxy ist für Proxmox und geht daher auf https://subdomain.domain2.de:8006
i-mscp 1.5.1
php 5.6
debian 8.9
Code
- Server: nginx
- Content-Type: application/json
- Content-Length: 1775
- Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
- Replay-Nonce: HsckBxPjse3Udpl8TnzSM1GMkC4IQL8vk38nVtv6jtc
- X-Frame-Options: DENY
- Strict-Transport-Security: max-age=604800
- Expires: Tue, 31 Oct 2017 15:04:42 GMT
- Cache-Control: max-age=0, no-cache, no-store
- Pragma: no-cache
- Date: Tue, 31 Oct 2017 15:04:42 GMT
- Connection: keep-alive
- {
- "identifier": {
- "type": "dns",
- "value": "subdomain.domain.de"
- },
- "status": "invalid",
- "expires": "2017-11-07T15:04:38Z",
- "challenges": [
- {
- "type": "http-01",
- "status": "invalid",
- "error": {
- "type": "urn:acme:error:unauthorized",
- "detail": "Invalid response from http://subdomain.domain.de/.well-known/acme-challenge/1Xu5w2RJpvSj-ctGhnziK56keKAKAzXiF0nT4ZNaLU8 [213.32.122.4]: 501",
- "status": 403
- },
- "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/HD57mPFvNFjoNd3fdhAxjH2KxGVdvqYaEOtnDsBvQPk/2354336797",
- "token": "1Xu5w2RJpvSj-ctGhnziK56keKAKAzXiF0nT4ZNaLU8",
- "keyAuthorization": "1Xu5w2RJpvSj-ctGhnziK56keKAKAzXiF0nT4ZNaLU8.v-H_FyIaHpQ8-e9iwFXK0sXsKJPop3CvcCT7ezx--hM",
- "validationRecord": [
- {
- "url": "http://subdomain.domain.de/.well-known/acme-challenge/1Xu5w2RJpvSj-ctGhnziK56keKAKAzXiF0nT4ZNaLU8",
- "hostname": "subdomain.domain.de",
- "port": "80",
- "addressesResolved": [
- "213.32.122.4"
- ],
- "addressUsed": "213.32.122.4",
- "addressesTried": []
- }
- ]
- },
- {
- "type": "dns-01",
- "status": "pending",
- "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/HD57mPFvNFjoNd3fdhAxjH2KxGVdvqYaEOtnDsBvQPk/2354336798",
- "token": "bMH5i9ABoHDayqMYOoY13K6sHxMu6BxJNOYT5Ma0u-M"
- },
- {
- "type": "tls-sni-01",
- "status": "pending",
- "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/HD57mPFvNFjoNd3fdhAxjH2KxGVdvqYaEOtnDsBvQPk/2354336799",
- "token": "tBXGOQrK0IesHyk6ad-z-Jlw7Nc8Hr5qIhL4kFuk_2E"
- }
- ],
- "combinations": [
- [
- 1
- ],
- [
- 0
- ],
- [
- 2
- ]
- ]
- }
- 2017-10-31 15:04:42,147:WARNING:certbot.auth_handler:Challenge failed for domain subdomain.domain.de
- 2017-10-31 15:04:42,147:INFO:certbot.auth_handler:Cleaning up challenges
- 2017-10-31 15:04:42,147:DEBUG:certbot.plugins.webroot:Removing /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge/1Xu5w2RJpvSj-ctGhnziK56keKAKAzXiF0nT4ZNaLU8
- 2017-10-31 15:04:42,148:DEBUG:certbot.plugins.webroot:All challenges cleaned up, removing /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge
- 2017-10-31 15:04:42,148:DEBUG:certbot.log:Exiting abnormally:
- Traceback (most recent call last):
- File "/usr/local/sbin/certbot", line 11, in <module>
- sys.exit(main())
- File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 743, in main
- return config.func(config, plugins)
- File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 683, in certonly
- lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
- File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 77, in _get_and_save_cert
- renewal.renew_cert(config, domains, le_client, lineage)
- File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/renewal.py", line 297, in renew_cert
- new_certr, new_chain, new_key, _ = le_client.obtain_certificate(domains)
- File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py", line 313, in obtain_certificate
- self.config.allow_subset_of_names)
- File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 92, in get_authorizations
- "Challenges failed for all domains")
- AuthorizationError: Challenges failed for all domains
Danke!
