Posts by kess

kess · May 17th 2017

Just for you to check further:
apache log during request:

Code

66.133.109.36 - - [17/May/2017:11:24:51 +0200] "GET /.well-known/acme-challenge/Rmfg8eE-nMh9eGcKA2HXNBssLUnDKaFeVfNrBICBUco HTTP/1.1" 403 - "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"66.133.109.36 - - [17/May/2017:11:24:51 +0200] "GET /.well-known/acme-challenge/WLbSRgaX5QDyecJ7C47NO5kf-d1OvhcpTV36j5JmJR4 HTTP/1.1" 403 - "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"

files in the directory during request:

Code

root@w01 /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge # ls -la
total 16K
drwxr-xr-x 2 vu2000 vu2000 4.0K May 17 11:24 .
drwxr-xr-x 3 vu2000 vu2000 4.0K May 16 21:37 ..
-rw-r--r-- 1 vu2000 vu2000 0 May 16 21:40 .gitkeep
-rw-r--r-- 1 root root 87 May 17 11:24 Rmfg8eE-nMh9eGcKA2HXNBssLUnDKaFeVfNrBICBUco
-rw-r--r-- 1 root root 87 May 17 11:24 WLbSRgaX5QDyecJ7C47NO5kf-d1OvhcpTV36j5JmJR4

Can't understand why apache returns a 403 error on these files.

kess · May 17th 2017

Hi @Nuxwin,
the certbot-auto has been upgraded from 0.14.0 to 0.14.1 automatically.
The problem is still the same.

Did you find time to perform some tests ?

Thank you, bye Kess.

kess · May 16th 2017

Hello @Nuxwin,
i confirm that the path is

Code

/var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge

and during the request:

Code

root@w01 /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge # ls -la
total 8.0K
drwxr-xr-x 2 vu2000 vu2000 4.0K May 16 20:37 .
drwxr-xr-x 3 vu2000 vu2000 4.0K May 13 16:25 ..
-rw-r--r-- 1 vu2000 vu2000 0 May 16 17:58 .gitkeep
root@w01 /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge # ls -la
total 16K
drwxr-xr-x 2 vu2000 vu2000 4.0K May 16 20:37 .
drwxr-xr-x 3 vu2000 vu2000 4.0K May 13 16:25 ..
-rw-r--r-- 1 root root 87 May 16 20:37 C4Q2JoeGuCuZnfIlGt8taU78FzA-nmqjZu9pbSOywzc
-rw-r--r-- 1 vu2000 vu2000 0 May 16 17:58 .gitkeep
-rw-r--r-- 1 root root 87 May 16 20:37 WjclIbHycSduNxRTdf8XsyvXWYncVhfbFaLINJUTkWU
root@w01 /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge # ls -la
total 16K
drwxr-xr-x 2 vu2000 vu2000 4.0K May 16 20:37 .
drwxr-xr-x 3 vu2000 vu2000 4.0K May 13 16:25 ..
-rw-r--r-- 1 root root 87 May 16 20:37 C4Q2JoeGuCuZnfIlGt8taU78FzA-nmqjZu9pbSOywzc
-rw-r--r-- 1 vu2000 vu2000 0 May 16 17:58 .gitkeep
-rw-r--r-- 1 root root 87 May 16 20:37 WjclIbHycSduNxRTdf8XsyvXWYncVhfbFaLINJUTkWU
root@w01 /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge # ls -la
total 8.0K
drwxr-xr-x 2 vu2000 vu2000 4.0K May 16 20:37 .
drwxr-xr-x 3 vu2000 vu2000 4.0K May 13 16:25 ..
-rw-r--r-- 1 vu2000 vu2000 0 May 16 17:58 .gitkeep

Display More

I've disabled the ServerDefaultPage Plugin and restarted apache, but no changes...

Do you need any other informations in order to investigate ?

kess · May 16th 2017

Thank you for your reply.
I already tested the access to the .well-known directory and it works without problems.

At least, if I click here: http://www.erbolandia.biz/.wel…n/acme-challenge/.gitkeep it works correctly.
During the certificate request procedure I can see the 2 files that are created it the directory, they rest there for something like 2 seconds and then these files disappear... I bet because of a cleanup at the end of the procedure.

The problem should be elsewhere, but I can't understand...

kess · May 16th 2017

Hello guys, I searched the forums for similar problems but I couldn't find the right solution for my situation
I've successfully generated certificates for a couple of domains with one of the previous versions, but the last one gives me some problems while trying to generate a new certificate for some other domain.

This is what I get in the plugin's log:

Code

[Tue May 16 17:14:05 2017] [debug] Modules::Plugin::_call: Calling run() method on Plugin::LetsEncrypt[Tue May 16 17:14:05 2017] [debug] iMSCP::Service::__ANON__: Systemd init system has been detected[Tue May 16 17:14:05 2017] [debug] iMSCP::Execute::execute: /bin/systemctl --system is-active apache2.service[Tue May 16 17:14:05 2017] [debug] iMSCP::Provider::Service::Sysvinit::_exec: active[Tue May 16 17:14:05 2017] [debug] Plugin::LetsEncrypt::run: Executing `toadd' tasks for the `erbolandia.biz' SSL certificate[Tue May 16 17:14:05 2017] [debug] Plugin::LetsEncrypt::_issueCertificate: Required action: issue[Tue May 16 17:14:05 2017] [debug] Plugin::LetsEncrypt::_deleteLineages: Deleting any SSL certificate lineage matching the erbolandia.biz domain name[Tue May 16 17:14:05 2017] [debug] iMSCP::Execute::execute: /usr/local/sbin/certbot-auto certonly --quiet --agree-tos --email [email protected] --webroot --webroot-path /var/www/imscp/gui/plugins/LetsEncrypt/acme --preferred-challenges http --allow-subset-of-names --cert-name erbolandia.biz --domains erbolandia.biz,www.erbolandia.biz[Tue May 16 17:14:11 2017] [debug] iMSCP::Execute::getExitCode: Command exited with value: 1[Tue May 16 17:14:11 2017] [error] Plugin::LetsEncrypt::run: Challenge failed for domain erbolandia.bizChallenge failed for domain www.erbolandia.bizChallenges failed for all domains

and this is the letsencrypt.log

Code

2017-05-16 15:14:07,027:DEBUG:certbot.main:certbot version: 0.14.0
2017-05-16 15:14:07,027:DEBUG:certbot.main:Arguments: ['--quiet', '--agree-tos', '--email', '[email protected]', '--webroot', '--webroot-path', '/var/www/imscp/gui/plugins/LetsEncrypt/acme', '--preferred-challenges', 'http', '--allow-subset-of-names', '--cert-name', 'erbolandia.biz', '--domains', 'erbolandia.biz,www.erbolandia.biz']
2017-05-16 15:14:07,027:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2017-05-16 15:14:07,075:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer <certbot.cli._Default object at 0x7f4ddceca0d0>
2017-05-16 15:14:07,075:DEBUG:certbot.cli:Default Detector is Namespace(account=<certbot.cli._Default object at 0x7f4ddcec3590>, agree_dev_preview=None, allow_subset_of_names=True, apache=<certbot.cli._Default object at 0x7f4ddceca3d0>, apache_challenge_location=<certbot.cli._Default object at 0x7f4ddcecafd0>, apache_ctl=<certbot.cli._Default object at 0x7f4ddcecf410>, apache_dismod=<certbot.cli._Default object at 0x7f4ddcecaa10>, apache_enmod=<certbot.cli._Default object at 0x7f4ddceca910>, apache_handle_modules=<certbot.cli._Default object at 0x7f4ddcecf190>, apache_handle_sites=<certbot.cli._Default object at 0x7f4ddcecf310>, apache_init_script=<certbot.cli._Default object at 0x7f4ddcecf510>, apache_le_vhost_ext=<certbot.cli._Default object at 0x7f4ddcecab50>, apache_logs_root=<certbot.cli._Default object at 0x7f4ddcecae90>, apache_server_root=<certbot.cli._Default object at 0x7f4ddcecac90>, apache_vhost_root=<certbot.cli._Default object at 0x7f4ddcecad90>, authenticator='webroot', break_my_certs=<certbot.cli._Default object at 0x7f4ddcec5190>, cert_path=<certbot.cli._Default object at 0x7f4ddcec5410>, certname='erbolandia.biz', chain_path=<certbot.cli._Default object at 0x7f4ddcec5b90>, checkpoints=<certbot.cli._Default object at 0x7f4ddcea32d0>, config_dir=<certbot.cli._Default object at 0x7f4ddcec5c90>, config_file=None, configurator=<certbot.cli._Default object at 0x7f4ddceca0d0>, csr=<certbot.cli._Default object at 0x7f4ddcea38d0>, debug=<certbot.cli._Default object at 0x7f4ddcec3c50>, debug_challenges=<certbot.cli._Default object at 0x7f4ddcec3d50>, dialog=None, domains='erbolandia.biz,www.erbolandia.biz', dry_run=<certbot.cli._Default object at 0x7f4ddcea3850>, duplicate=<certbot.cli._Default object at 0x7f4ddcec3690>, eff_email=<certbot.cli._Default object at 0x7f4ddcea3c50>, email='[email protected]', expand=<certbot.cli._Default object at 0x7f4ddcea3f50>, force_interactive=<certbot.cli._Default object at 0x7f4ddcea3390>, fullchain_path=<certbot.cli._Default object at 0x7f4ddcec5050>, func=<function certonly at 0x7f4ddd0fb758>, hsts=<certbot.cli._Default object at 0x7f4ddcec5690>, http01_port=<certbot.cli._Default object at 0x7f4ddcec5090>, ifaces=<certbot.cli._Default object at 0x7f4ddcec5810>, init=<certbot.cli._Default object at 0x7f4ddcf11cd0>, installer=<certbot.cli._Default object at 0x7f4ddceca0d0>, key_path=<certbot.cli._Default object at 0x7f4ddcec5210>, logs_dir=<certbot.cli._Default object at 0x7f4ddcec5e90>, manual=<certbot.cli._Default object at 0x7f4ddceca6d0>, manual_auth_hook=<certbot.cli._Default object at 0x7f4ddceca8d0>, manual_cleanup_hook=<certbot.cli._Default object at 0x7f4ddcecf750>, manual_public_ip_logging_ok=<certbot.cli._Default object at 0x7f4ddcecf850>, must_staple=<certbot.cli._Default object at 0x7f4ddcec5390>, nginx=<certbot.cli._Default object at 0x7f4ddceca4d0>, nginx_ctl=<certbot.cli._Default object at 0x7f4ddcecfa90>, nginx_server_root=<certbot.cli._Default object at 0x7f4ddcecf610>, no_bootstrap=<certbot.cli._Default object at 0x7f4ddcec3990>, no_self_upgrade=<certbot.cli._Default object at 0x7f4ddcec3890>, no_verify_ssl=<certbot.cli._Default object at 0x7f4ddcec3e50>, noninteractive_mode=<certbot.cli._Default object at 0x7f4ddcea3150>, num=<certbot.cli._Default object at 0x7f4ddcea3d10>, os_packages_only=<certbot.cli._Default object at 0x7f4ddcec3790>, post_hook=<certbot.cli._Default object at 0x7f4ddcec3650>, pre_hook=<certbot.cli._Default object at 0x7f4ddcec3850>, pref_challs='http', prepare=<certbot.cli._Default object at 0x7f4ddcf11850>, quiet=True, reason=<certbot.cli._Default object at 0x7f4ddcea3710>, redirect=<certbot.cli._Default object at 0x7f4ddcec5490>, register_unsafely_without_email=<certbot.cli._Default object at 0x7f4ddcea3950>, reinstall=<certbot.cli._Default object at 0x7f4ddcea3e50>, renew_by_default=<certbot.cli._Default object at 0x7f4ddcec3150>, renew_hook=<certbot.cli._Default object at 0x7f4ddcec3450>, renew_with_new_domains=<certbot.cli._Default object at 0x7f4ddcec3250>, rsa_key_size=<certbot.cli._Default object at 0x7f4ddcec5290>, server=<certbot.cli._Default object at 0x7f4ddcec5f90>, staging=<certbot.cli._Default object at 0x7f4ddcea3510>, standalone=<certbot.cli._Default object at 0x7f4ddceca5d0>, standalone_supported_challenges=<certbot.cli._Default object at 0x7f4ddcecfb90>, staple=<certbot.cli._Default object at 0x7f4ddcec3fd0>, strict_permissions=<certbot.cli._Default object at 0x7f4ddcec3c10>, text_mode=<certbot.cli._Default object at 0x7f4ddcf11e50>, tls_sni_01_port=<certbot.cli._Default object at 0x7f4ddcec3f50>, tos=True, uir=<certbot.cli._Default object at 0x7f4ddcec5890>, update_registration=<certbot.cli._Default object at 0x7f4ddcea3a50>, user_agent=<certbot.cli._Default object at 0x7f4ddcea3b10>, validate_hooks=<certbot.cli._Default object at 0x7f4ddcec3210>, verb='certonly', verbose_count=<certbot.cli._Default object at 0x7f4ddcf11b90>, webroot=True, webroot_map=<certbot.cli._Default object at 0x7f4ddcecfd90>, webroot_path='/var/www/imscp/gui/plugins/LetsEncrypt/acme', work_dir=<certbot.cli._Default object at 0x7f4ddcec5d90>)
2017-05-16 15:14:07,085:DEBUG:certbot.log:Root logging level set at 30
2017-05-16 15:14:07,086:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2017-05-16 15:14:07,086:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2017-05-16 15:14:07,091:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0x7f4ddcecaf50>
Prep: True
2017-05-16 15:14:07,092:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7f4ddcecaf50> and installer None
2017-05-16 15:14:07,097:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(status=None, contact=(u'mailto:[email protected]',), agreement=u'https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf', key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7f4ddf7e6850>)>)), uri=u'https://acme-v01.api.letsencrypt.org/acme/reg/11039534', new_authzr_uri=u'https://acme-v01.api.letsencrypt.org/acme/new-authz', terms_of_service=u'https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf'), 4ebcdc981b300ddf5744d2a6a2c1e0e4, Meta(creation_host=u'w01.futurahosters.com', creation_dt=datetime.datetime(2017, 3, 18, 17, 25, 29, tzinfo=<UTC>)))>
2017-05-16 15:14:07,098:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/directory.
2017-05-16 15:14:07,103:DEBUG:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2017-05-16 15:14:07,380:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 352
2017-05-16 15:14:07,381:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 352
Boulder-Request-Id: HzKMZJE2jhgOI6ffbXmBpZW3hNIcy3tEtsnhv0_qllQ
Replay-Nonce: 7O1eYRPpRCGN1brH3ydyqCeRzpw4QPXu-Jhgu3HN7yo
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Tue, 16 May 2017 15:14:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 16 May 2017 15:14:07 GMT
Connection: keep-alive
{
"key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change",
"new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",
"new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",
"new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",
"revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"
}
2017-05-16 15:14:07,382:INFO:certbot.main:Obtaining a new certificate
2017-05-16 15:14:07,382:DEBUG:acme.client:Requesting fresh nonce
2017-05-16 15:14:07,382:DEBUG:acme.client:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz.
2017-05-16 15:14:07,598:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "HEAD /acme/new-authz HTTP/1.1" 405 0
2017-05-16 15:14:07,599:DEBUG:acme.client:Received response:
HTTP 405
Server: nginx
Content-Type: application/problem+json
Content-Length: 91
Allow: POST
Boulder-Request-Id: Rum-ucqtYpm5VEnBnB8-g0pFuQvpIxjiZX0K0tLwPjA
Replay-Nonce: bElKaaqTS_Mi9jUKrGZhksm1FKSCE-wUjHu5vS6VgIA
Expires: Tue, 16 May 2017 15:14:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 16 May 2017 15:14:07 GMT
Connection: keep-alive
2017-05-16 15:14:07,599:DEBUG:acme.client:Storing nonce: bElKaaqTS_Mi9jUKrGZhksm1FKSCE-wUjHu5vS6VgIA
2017-05-16 15:14:07,599:DEBUG:acme.client:JWS payload:
{
"identifier": {
"type": "dns",
"value": "erbolandia.biz"
},
"resource": "new-authz"
}
2017-05-16 15:14:07,605:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz:
{
"header": {
"alg": "RS256",
"jwk": {
"e": "AQAB",
"kty": "RSA",
"n": "6bTKdYZ8f5wzrodmRDRA6r1CtJ-_atrwcfnK2pl9edJh7tF1WuqEVUwroGO8I13iE2g9wdAxait8D1Y9JWsimGKYjokTiLKOVP7ZdBQNhRCGcxIYfQktcsIodsx3Lw5DqiOrmB95fTUukOK0lETnQ0HsYJKXY9e-kr14_-s9d8Pb8wn3txDm0lMN0pT04ry6Weo2FHmNbt7EJPe3bVUPskuHJ3_hMXmsuTJz-08hRfcFJw9vVFScKPnv3SpYV-R5KIkarBASzon5C2WfisbkyrqVRcyjiB8V2GC45AI6ZH8ZMkTnOd5c_kuRm1EnASPfUyTNGe8xWq5EjUtc-njiOQ"
}
},
"protected": "eyJub25jZSI6ICJiRWxLYWFxVFNfTWk5alVLckdaaGtzbTFGS1NDRS13VWpIdTV2UzZWZ0lBIn0",
"payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAiZXJib2xhbmRpYS5iaXoiCiAgfSwgCiAgInJlc291cmNlIjogIm5ldy1hdXRoeiIKfQ",
"signature": "t5TENudVRtjxFNnWM1l6BopcAbCDMetWpz9Bc_DPd49EmOi9Rj2ExJHAephefUsypfZk2HPlxW68OOpAnKARIkgIgV_zVY0swkMIyvBT6rVaKaYevBF6bnWRuBZqrcHBdUB10GHJcf4CaXnfWuo6dEyBeXDZNr4TR9HL6pOa0dQKZY4TsvcXijgsb0A-3o8m4Khw-GPw5qU3gqFQMFda7rD_Sf4tw5admPjKenaj3_6M7e_IxB8Mq4tt1aemgr7akZMqT6N9649lJyNdGjovVCGjJwM9Qes2Pyoz_m0WV5Sef81cqi1Z3f_UUbUWX996uM0bMK-D7kbQ7F5c9Op5hA"
}
2017-05-16 15:14:07,815:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 1002
2017-05-16 15:14:07,816:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 1002
Boulder-Request-Id: O1c2c9xwcPcDTfPS7w3I3HO1K6UmSPJdXgPO1cW57CI
Boulder-Requester: 11039534
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Location: https://acme-v01.api.letsencrypt.org/acme/authz/EMeM42Kws4qmNyWJAvTZTuDLLziYyu10FyAcaMBFKZk
Replay-Nonce: Qg75YfRQuXKOE7StwheOzP1lMkAPdwf9Ye8FqtdEMj4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Tue, 16 May 2017 15:14:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 16 May 2017 15:14:07 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "erbolandia.biz"
},
"status": "pending",
"expires": "2017-05-23T15:14:07.704003801Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/EMeM42Kws4qmNyWJAvTZTuDLLziYyu10FyAcaMBFKZk/1183652461",
"token": "IFqyWmBe9-LRafopV-HCTq5_Z7c8rzx_U3fIycpEqgQ"
},
{
"type": "dns-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/EMeM42Kws4qmNyWJAvTZTuDLLziYyu10FyAcaMBFKZk/1183652462",
"token": "BlcKDoAjxWQXmtcb7MtL7B8EK6O-N7WegS2bXbMLpGE"
},
{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/EMeM42Kws4qmNyWJAvTZTuDLLziYyu10FyAcaMBFKZk/1183652463",
"token": "cHCzlqLygROVFZ0OFi3-SNd2bSJX5hNc1Q0WzIIDXmw"
}
],
"combinations": [
[
1
],
[
2
],
[
0
]
]
}
2017-05-16 15:14:07,816:DEBUG:acme.client:Storing nonce: Qg75YfRQuXKOE7StwheOzP1lMkAPdwf9Ye8FqtdEMj4
2017-05-16 15:14:07,818:DEBUG:acme.client:JWS payload:
{
"identifier": {
"type": "dns",
"value": "www.erbolandia.biz"
},
"resource": "new-authz"
}
2017-05-16 15:14:07,823:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz:
{
"header": {
"alg": "RS256",
"jwk": {
"e": "AQAB",
"kty": "RSA",
"n": "6bTKdYZ8f5wzrodmRDRA6r1CtJ-_atrwcfnK2pl9edJh7tF1WuqEVUwroGO8I13iE2g9wdAxait8D1Y9JWsimGKYjokTiLKOVP7ZdBQNhRCGcxIYfQktcsIodsx3Lw5DqiOrmB95fTUukOK0lETnQ0HsYJKXY9e-kr14_-s9d8Pb8wn3txDm0lMN0pT04ry6Weo2FHmNbt7EJPe3bVUPskuHJ3_hMXmsuTJz-08hRfcFJw9vVFScKPnv3SpYV-R5KIkarBASzon5C2WfisbkyrqVRcyjiB8V2GC45AI6ZH8ZMkTnOd5c_kuRm1EnASPfUyTNGe8xWq5EjUtc-njiOQ"
}
},
"protected": "eyJub25jZSI6ICJRZzc1WWZSUXVYS09FN1N0d2hlT3pQMWxNa0FQZHdmOVllOEZxdGRFTWo0In0",
"payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAid3d3LmVyYm9sYW5kaWEuYml6IgogIH0sIAogICJyZXNvdXJjZSI6ICJuZXctYXV0aHoiCn0",
"signature": "qR2Y1Usg_BRZkUw1mkLKthOllPydr0CtHnbXRqIVZJHienWBjAH2EavtVPDWeePFgMN93Bxq1OEthJMWBOAi2Xw5-fQOsvi1LzTLgLGgrwVWsm01tD2zG5dFaZdLjr_BdVZoBX5uLgTz12Panp4W_Ujr0tSU-B64Je2f0TcMIMGK_QO7l5ZzHS254wFZcvE0q-ZGCuT-kLLJTNGy5brYC0_Vp6ngLCbKJZymyy_krbkTfzOVtkkMzD7uX8G23NkDqARMddovDAtbcK-NyzK-MAIZMPCPuJDmn-b4BgK-0qNO2cEhCaI00F1F_9AmIgHtntD-zWgv-T42WdqeR9l8Dg"
}
2017-05-16 15:14:08,014:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 1006
2017-05-16 15:14:08,015:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 1006
Boulder-Request-Id: adTEl9BasEBZwMIGV3n98R6oPkyNQvcv4Pueasqom3Y
Boulder-Requester: 11039534
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Location: https://acme-v01.api.letsencrypt.org/acme/authz/kWOij8-i_8siJyvEIzxCS4rbg1qYzBuEyWJWOTg69vc
Replay-Nonce: OxSAq3pebn3ahuH5bRcVgr0eiixr0p2Ew12BtzrPQvI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Tue, 16 May 2017 15:14:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 16 May 2017 15:14:08 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "www.erbolandia.biz"
},
"status": "pending",
"expires": "2017-05-23T15:14:07.908160086Z",
"challenges": [
{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/kWOij8-i_8siJyvEIzxCS4rbg1qYzBuEyWJWOTg69vc/1183652484",
"token": "jDlk3DezOkj60ZIPSDyNYWF0jpmVVHAKPPBVofCx_qg"
},
{
"type": "dns-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/kWOij8-i_8siJyvEIzxCS4rbg1qYzBuEyWJWOTg69vc/1183652485",
"token": "e1vlbb52TeGEy_lU4JIARcd7Ri8mX2Q3rHFmSYmkhlM"
},
{
"type": "http-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/kWOij8-i_8siJyvEIzxCS4rbg1qYzBuEyWJWOTg69vc/1183652486",
"token": "0c1hdSjKa-qHbmlp-hr1qMMaBsJLXO1sHkEOyzohxCI"
}
],
"combinations": [
[
0
],
[
2
],
[
1
]
]
}
2017-05-16 15:14:08,015:DEBUG:acme.client:Storing nonce: OxSAq3pebn3ahuH5bRcVgr0eiixr0p2Ew12BtzrPQvI
2017-05-16 15:14:08,016:INFO:certbot.auth_handler:Performing the following challenges:
2017-05-16 15:14:08,016:INFO:certbot.auth_handler:http-01 challenge for erbolandia.biz
2017-05-16 15:14:08,016:INFO:certbot.auth_handler:http-01 challenge for www.erbolandia.biz
2017-05-16 15:14:08,017:INFO:certbot.plugins.webroot:Using the webroot path /var/www/imscp/gui/plugins/LetsEncrypt/acme for all unmatched domains.
2017-05-16 15:14:08,017:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge
2017-05-16 15:14:08,017:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge
2017-05-16 15:14:08,021:DEBUG:certbot.plugins.webroot:Attempting to save validation to /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge/IFqyWmBe9-LRafopV-HCTq5_Z7c8rzx_U3fIycpEqgQ
2017-05-16 15:14:08,025:DEBUG:certbot.plugins.webroot:Attempting to save validation to /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge/0c1hdSjKa-qHbmlp-hr1qMMaBsJLXO1sHkEOyzohxCI
2017-05-16 15:14:08,025:INFO:certbot.auth_handler:Waiting for verification...
2017-05-16 15:14:08,026:DEBUG:acme.client:JWS payload:
{
"keyAuthorization": "IFqyWmBe9-LRafopV-HCTq5_Z7c8rzx_U3fIycpEqgQ.UWSrTKp5dAnMELIsurlLgJ-99d88dMT63Eghk00_5yA",
"type": "http-01",
"resource": "challenge"
}
2017-05-16 15:14:08,031:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/EMeM42Kws4qmNyWJAvTZTuDLLziYyu10FyAcaMBFKZk/1183652461:
{
"header": {
"alg": "RS256",
"jwk": {
"e": "AQAB",
"kty": "RSA",
"n": "6bTKdYZ8f5wzrodmRDRA6r1CtJ-_atrwcfnK2pl9edJh7tF1WuqEVUwroGO8I13iE2g9wdAxait8D1Y9JWsimGKYjokTiLKOVP7ZdBQNhRCGcxIYfQktcsIodsx3Lw5DqiOrmB95fTUukOK0lETnQ0HsYJKXY9e-kr14_-s9d8Pb8wn3txDm0lMN0pT04ry6Weo2FHmNbt7EJPe3bVUPskuHJ3_hMXmsuTJz-08hRfcFJw9vVFScKPnv3SpYV-R5KIkarBASzon5C2WfisbkyrqVRcyjiB8V2GC45AI6ZH8ZMkTnOd5c_kuRm1EnASPfUyTNGe8xWq5EjUtc-njiOQ"
}
},
"protected": "eyJub25jZSI6ICJPeFNBcTNwZWJuM2FodUg1YlJjVmdyMGVpaXhyMHAyRXcxMkJ0enJQUXZJIn0",
"payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogIklGcXlXbUJlOS1MUmFmb3BWLUhDVHE1X1o3YzhyenhfVTNmSXljcEVxZ1EuVVdTclRLcDVkQW5NRUxJc3VybExnSi05OWQ4OGRNVDYzRWdoazAwXzV5QSIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9",
"signature": "TnOtOmqTSmy5OgDUKrgs-UE-AdKCxolKFG2f0syh71DA7yobdLT_1ypzcjd2OKNcdz22iT_rzwWfFf5hwrR4OCP7r3l7LOdgEKY3P9IEKXhrmBM81iejts8q3fBmD_lDXdVN1MmAhgwSi1Znr0kkaagiPeAavwcAtpG6Kn494xVLqdIFU09BVHAp062pFDOtmNdM4PhvQhF7DE-t0PSRJ__eUfnUGJtzTbWKV9CJJOao8XPj9bwDC7qR11qQBzgDNw8cmKckM0w0fOS1nzO3HSxTxvD9pf8JneeeWCFaV5u-KrWJeFdu6GpILsY3_gIyvTR2oPLrheomgDqVvtw49w"
}
2017-05-16 15:14:08,244:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/challenge/EMeM42Kws4qmNyWJAvTZTuDLLziYyu10FyAcaMBFKZk/1183652461 HTTP/1.1" 202 336
2017-05-16 15:14:08,246:DEBUG:acme.client:Received response:
HTTP 202
Server: nginx
Content-Type: application/json
Content-Length: 336
Boulder-Request-Id: e40cPG7SIdx_9a00hVF1f1iklJOMlIAPqp4TRjJ0Gkg
Boulder-Requester: 11039534
Link: <https://acme-v01.api.letsencrypt.org/acme/authz/EMeM42Kws4qmNyWJAvTZTuDLLziYyu10FyAcaMBFKZk>;rel="up"
Location: https://acme-v01.api.letsencrypt.org/acme/challenge/EMeM42Kws4qmNyWJAvTZTuDLLziYyu10FyAcaMBFKZk/1183652461
Replay-Nonce: 6W90fMP-fXu7tXJxqNw4Hg1K9hgSJKHa_nulE2O8RNw
Expires: Tue, 16 May 2017 15:14:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 16 May 2017 15:14:08 GMT
Connection: keep-alive
{
"type": "http-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/EMeM42Kws4qmNyWJAvTZTuDLLziYyu10FyAcaMBFKZk/1183652461",
"token": "IFqyWmBe9-LRafopV-HCTq5_Z7c8rzx_U3fIycpEqgQ",
"keyAuthorization": "IFqyWmBe9-LRafopV-HCTq5_Z7c8rzx_U3fIycpEqgQ.UWSrTKp5dAnMELIsurlLgJ-99d88dMT63Eghk00_5yA"
}
2017-05-16 15:14:08,246:DEBUG:acme.client:Storing nonce: 6W90fMP-fXu7tXJxqNw4Hg1K9hgSJKHa_nulE2O8RNw
2017-05-16 15:14:08,247:DEBUG:acme.client:JWS payload:
{
"keyAuthorization": "0c1hdSjKa-qHbmlp-hr1qMMaBsJLXO1sHkEOyzohxCI.UWSrTKp5dAnMELIsurlLgJ-99d88dMT63Eghk00_5yA",
"type": "http-01",
"resource": "challenge"
}
2017-05-16 15:14:08,252:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/kWOij8-i_8siJyvEIzxCS4rbg1qYzBuEyWJWOTg69vc/1183652486:
{
"header": {
"alg": "RS256",
"jwk": {
"e": "AQAB",
"kty": "RSA",
"n": "6bTKdYZ8f5wzrodmRDRA6r1CtJ-_atrwcfnK2pl9edJh7tF1WuqEVUwroGO8I13iE2g9wdAxait8D1Y9JWsimGKYjokTiLKOVP7ZdBQNhRCGcxIYfQktcsIodsx3Lw5DqiOrmB95fTUukOK0lETnQ0HsYJKXY9e-kr14_-s9d8Pb8wn3txDm0lMN0pT04ry6Weo2FHmNbt7EJPe3bVUPskuHJ3_hMXmsuTJz-08hRfcFJw9vVFScKPnv3SpYV-R5KIkarBASzon5C2WfisbkyrqVRcyjiB8V2GC45AI6ZH8ZMkTnOd5c_kuRm1EnASPfUyTNGe8xWq5EjUtc-njiOQ"
}
},
"protected": "eyJub25jZSI6ICI2VzkwZk1QLWZYdTd0WEp4cU53NEhnMUs5aGdTSktIYV9udWxFMk84Uk53In0",
"payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogIjBjMWhkU2pLYS1xSGJtbHAtaHIxcU1NYUJzSkxYTzFzSGtFT3l6b2h4Q0kuVVdTclRLcDVkQW5NRUxJc3VybExnSi05OWQ4OGRNVDYzRWdoazAwXzV5QSIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9",
"signature": "MvNTrJL4wqfb9YiTs9MlZdCPvG7hcxx9dXfHVr4eZN132KHpRuwdKXYio_bAYCby2WJDOQtxz-OkTzCADJ0q-1bfSz0CtT3pWzfLXB2K9Md4fJWW1E24qfHCz3N_gCxYW6E0-DpEb6QMBHwZ9MyKPt-73Z23TuZhcCsmpDQBT3ZzAzvtm4hfaroXlW_5EpRK5c54oh-JDi5Av14Yj2sZPE1krOARaekvb1f5Pdx9wmiJSx_GxKzlU9wjYBlHq9lVWH-LOip0tcd7oLsxLl0Gy5U9NKJ1aCvBferOha8V7NCxjG6JL5pukvUe2_w1FapJHHAO61-Qmcgm9n_7VqeToA"
}
2017-05-16 15:14:08,483:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/challenge/kWOij8-i_8siJyvEIzxCS4rbg1qYzBuEyWJWOTg69vc/1183652486 HTTP/1.1" 202 336
2017-05-16 15:14:08,484:DEBUG:acme.client:Received response:
HTTP 202
Server: nginx
Content-Type: application/json
Content-Length: 336
Boulder-Request-Id: 0Zu5nxeLGFUAjhwh1aGNp2Q-0H6QXz1LCS1qpRqM1bM
Boulder-Requester: 11039534
Link: <https://acme-v01.api.letsencrypt.org/acme/authz/kWOij8-i_8siJyvEIzxCS4rbg1qYzBuEyWJWOTg69vc>;rel="up"
Location: https://acme-v01.api.letsencrypt.org/acme/challenge/kWOij8-i_8siJyvEIzxCS4rbg1qYzBuEyWJWOTg69vc/1183652486
Replay-Nonce: sYo1QOO7Taw094quqHnFV2LxlUY_QmvyC6N-XV9OSFQ
Expires: Tue, 16 May 2017 15:14:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 16 May 2017 15:14:08 GMT
Connection: keep-alive
{
"type": "http-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/kWOij8-i_8siJyvEIzxCS4rbg1qYzBuEyWJWOTg69vc/1183652486",
"token": "0c1hdSjKa-qHbmlp-hr1qMMaBsJLXO1sHkEOyzohxCI",
"keyAuthorization": "0c1hdSjKa-qHbmlp-hr1qMMaBsJLXO1sHkEOyzohxCI.UWSrTKp5dAnMELIsurlLgJ-99d88dMT63Eghk00_5yA"
}
2017-05-16 15:14:08,484:DEBUG:acme.client:Storing nonce: sYo1QOO7Taw094quqHnFV2LxlUY_QmvyC6N-XV9OSFQ
2017-05-16 15:14:11,488:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/EMeM42Kws4qmNyWJAvTZTuDLLziYyu10FyAcaMBFKZk.
2017-05-16 15:14:11,683:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /acme/authz/EMeM42Kws4qmNyWJAvTZTuDLLziYyu10FyAcaMBFKZk HTTP/1.1" 200 1959
2017-05-16 15:14:11,684:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1959
Boulder-Request-Id: Xeyzv8PcbF1w4llRNkreq3v0L1EiXuI42x0tvFCwU0c
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Replay-Nonce: -4IxSAlnXc9kzZ1rTftJGuLFK3-GTbEOLgI_lx39NIg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Tue, 16 May 2017 15:14:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 16 May 2017 15:14:11 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "erbolandia.biz"
},
"status": "invalid",
"expires": "2017-05-23T15:14:07Z",
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:acme:error:unauthorized",
"detail": "Invalid response from http://erbolandia.biz/.well-known/acme-challenge/IFqyWmBe9-LRafopV-HCTq5_Z7c8rzx_U3fIycpEqgQ: \"\u003c!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"\u003e\n\u003chtml\u003e\u003chead\u003e\n\u003ctitle\u003e403 Forbidden\u003c/title\u003e\n\u003c/head\u003e\u003cbody\u003e\n\u003ch1\u003eForbidden\u003c/h1\u003e\n\u003cp\"",
"status": 403
},
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/EMeM42Kws4qmNyWJAvTZTuDLLziYyu10FyAcaMBFKZk/1183652461",
"token": "IFqyWmBe9-LRafopV-HCTq5_Z7c8rzx_U3fIycpEqgQ",
"keyAuthorization": "IFqyWmBe9-LRafopV-HCTq5_Z7c8rzx_U3fIycpEqgQ.UWSrTKp5dAnMELIsurlLgJ-99d88dMT63Eghk00_5yA",
"validationRecord": [
{
"url": "http://erbolandia.biz/.well-known/acme-challenge/IFqyWmBe9-LRafopV-HCTq5_Z7c8rzx_U3fIycpEqgQ",
"hostname": "erbolandia.biz",
"port": "80",
"addressesResolved": [
"193.246.36.157"
],
"addressUsed": "193.246.36.157",
"addressesTried": []
}
]
},
{
"type": "dns-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/EMeM42Kws4qmNyWJAvTZTuDLLziYyu10FyAcaMBFKZk/1183652462",
"token": "BlcKDoAjxWQXmtcb7MtL7B8EK6O-N7WegS2bXbMLpGE"
},
{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/EMeM42Kws4qmNyWJAvTZTuDLLziYyu10FyAcaMBFKZk/1183652463",
"token": "cHCzlqLygROVFZ0OFi3-SNd2bSJX5hNc1Q0WzIIDXmw"
}
],
"combinations": [
[
1
],
[
2
],
[
0
]
]
}
2017-05-16 15:14:11,685:WARNING:certbot.auth_handler:Challenge failed for domain erbolandia.biz
2017-05-16 15:14:11,686:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/kWOij8-i_8siJyvEIzxCS4rbg1qYzBuEyWJWOTg69vc.
2017-05-16 15:14:11,909:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /acme/authz/kWOij8-i_8siJyvEIzxCS4rbg1qYzBuEyWJWOTg69vc HTTP/1.1" 200 1975
2017-05-16 15:14:11,911:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1975
Boulder-Request-Id: biCA8JdpDwvrhqyLJXrrftE9p1e2jerqmizXrxlybGI
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Replay-Nonce: qK0OgwGBMhbES9erQmITHERIus24dJV8tG8-e8tkW7c
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Tue, 16 May 2017 15:14:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 16 May 2017 15:14:11 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "www.erbolandia.biz"
},
"status": "invalid",
"expires": "2017-05-23T15:14:07Z",
"challenges": [
{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/kWOij8-i_8siJyvEIzxCS4rbg1qYzBuEyWJWOTg69vc/1183652484",
"token": "jDlk3DezOkj60ZIPSDyNYWF0jpmVVHAKPPBVofCx_qg"
},
{
"type": "dns-01",
"status": "pending",
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/kWOij8-i_8siJyvEIzxCS4rbg1qYzBuEyWJWOTg69vc/1183652485",
"token": "e1vlbb52TeGEy_lU4JIARcd7Ri8mX2Q3rHFmSYmkhlM"
},
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:acme:error:unauthorized",
"detail": "Invalid response from http://www.erbolandia.biz/.well-known/acme-challenge/0c1hdSjKa-qHbmlp-hr1qMMaBsJLXO1sHkEOyzohxCI: \"\u003c!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"\u003e\n\u003chtml\u003e\u003chead\u003e\n\u003ctitle\u003e403 Forbidden\u003c/title\u003e\n\u003c/head\u003e\u003cbody\u003e\n\u003ch1\u003eForbidden\u003c/h1\u003e\n\u003cp\"",
"status": 403
},
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/kWOij8-i_8siJyvEIzxCS4rbg1qYzBuEyWJWOTg69vc/1183652486",
"token": "0c1hdSjKa-qHbmlp-hr1qMMaBsJLXO1sHkEOyzohxCI",
"keyAuthorization": "0c1hdSjKa-qHbmlp-hr1qMMaBsJLXO1sHkEOyzohxCI.UWSrTKp5dAnMELIsurlLgJ-99d88dMT63Eghk00_5yA",
"validationRecord": [
{
"url": "http://www.erbolandia.biz/.well-known/acme-challenge/0c1hdSjKa-qHbmlp-hr1qMMaBsJLXO1sHkEOyzohxCI",
"hostname": "www.erbolandia.biz",
"port": "80",
"addressesResolved": [
"193.246.36.157"
],
"addressUsed": "193.246.36.157",
"addressesTried": []
}
]
}
],
"combinations": [
[
0
],
[
2
],
[
1
]
]
}
2017-05-16 15:14:11,912:WARNING:certbot.auth_handler:Challenge failed for domain www.erbolandia.biz
2017-05-16 15:14:11,912:INFO:certbot.auth_handler:Cleaning up challenges
2017-05-16 15:14:11,912:DEBUG:certbot.plugins.webroot:Removing /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge/IFqyWmBe9-LRafopV-HCTq5_Z7c8rzx_U3fIycpEqgQ
2017-05-16 15:14:11,913:DEBUG:certbot.plugins.webroot:Removing /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge/0c1hdSjKa-qHbmlp-hr1qMMaBsJLXO1sHkEOyzohxCI
2017-05-16 15:14:11,913:INFO:certbot.plugins.webroot:Unable to clean up challenge directory /var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge
2017-05-16 15:14:11,913:DEBUG:certbot.plugins.webroot:Error was: [Errno 39] Directory not empty: '/var/www/imscp/gui/plugins/LetsEncrypt/acme/.well-known/acme-challenge'
2017-05-16 15:14:11,914:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/root/.local/share/letsencrypt/bin/letsencrypt", line 11, in <module>
sys.exit(main())
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 742, in main
return config.func(config, plugins)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 682, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 82, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py", line 344, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py", line 313, in obtain_certificate
self.config.allow_subset_of_names)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 92, in get_authorizations
"Challenges failed for all domains")
AuthorizationError: Challenges failed for all domains

Display More

i-MSCP : 1.3.16
System : Debian Jessie x64
System : php-fpm, apache2, proftpd, SSL for services and panel
Plugins : ClamAV, LetsEncrypt, Mailgraph, Monitorix, OpenDKIM, PhpSwitcher, Postscreen, RoundcubePlugins, ServerDefaultPage, SpamAssassin
Plugins Versions : all are the latest versions

Could you please help me in finding out if I'm doing something wrong ?

Thank you very much, bye Kess.

kess · May 13th 2017

Thank you very much @Nuxwin
after that, I clicked "Force Retry" and everything has been resolved perfectly

Thank you very much !
Bye Kess.

kess · May 13th 2017

Hello guys,
i have the following error while upgrading RoundCube Plugins on my box:

Code

An unexpected error occurred: Plugin::RoundcubePlugins::_installComposerPackages: ./composer.json has been updatedLoading composer repositories with package informationInitializing PEAR repository https://pear.php.netPEAR repository from https://pear.php.net could not be loaded. Undefined index: channelReading composer.json of roundcube/net_sieve (RELEASE_1_1_6) Reading composer.json of roundcube/net_sieve (RELEASE_1_1_5)Reading composer.json of roundcube/net_sieve (RELEASE_1_1_3)Reading composer.json of roundcube/net_sieve (RELEASE_1_1_2)Reading composer.json of roundcube/net_sieve (RELEASE_1_0_4)Reading composer.json of roundcube/net_sieve (RELEASE_0_8_1)Reading composer.json of roundcube/net_sieve (RELEASE_0_8) Reading composer.json of roundcube/net_sieve (Net_Sieve-1.5.0)Reading composer.json of roundcube/net_sieve (Net_Sieve-1.3.3)Reading composer.json of roundcube/net_sieve (Net_Sieve-1.3.2)Reading composer.json of roundcube/net_sieve (Net_Sieve-1.3.1)Reading composer.json of roundcube/net_sieve (Net_Sieve-1.3.0)Reading composer.json of roundcube/net_sieve (Net_Sieve-1.2.1)Reading composer.json of roundcube/net_sieve (Net_Sieve-1.2.0)Reading composer.json of roundcube/net_sieve (1.5.4) Reading composer.json of roundcube/net_sieve (1.5.3)Reading composer.json of roundcube/net_sieve (1.5.2)Reading composer.json of roundcube/net_sieve (1.5.1)Reading composer.json of roundcube/net_sieve (1.5.0) Reading composer.json of roundcube/net_sieve (master) Reading composer.json of kolab/net_ldap3 (pear-Net-LDAP3-1.0.0)Reading composer.json of kolab/net_ldap3 (pear-Net-LDAP3-1.0.1)Reading composer.json of kolab/net_ldap3 (pear-Net-LDAP3-1.0.2)Reading composer.json of kolab/net_ldap3 (pear-Net-LDAP3-1.0.3)Reading composer.json of kolab/net_ldap3 (pear-Net-LDAP3-1.0.4)Reading composer.json of kolab/net_ldap3 (pear-Net-LDAP3-1.0.5) Reading composer.json of kolab/net_ldap3 (master) Updating dependenciesYour requirements could not be resolved to an installable set of packages. Problem 1 - The requested package pear-pear.php.net/net_ldap2 could not be found in any version, there may be a typo in the package name.Potential causes: - A typo in the package name - The package is not available in a stable-enough version according to your minimum-stability setting see for more details.Read for further common problems.Installation failed, reverting ./composer.json to its original content.

As stated here

RoundcubePlugins 2.0.2 PluginManager Feb 20th 2014 File

the version 2.0.1 should have fixed what i can read in the informations. Could you please help a bit in order to fix ?

There's the log /var/log/imscp/Modules:Plugin_RoundcubePlugins.log:

Code

[Sat May 13 17:16:53 2017] [debug] Modules::Plugin::_call: Calling disable() method on Plugin::RoundcubePlugins
[Sat May 13 17:16:53 2017] [debug] iMSCP::Execute::execute: /usr/sbin/dovecot --version
[Sat May 13 17:16:53 2017] [debug] Plugin::RoundcubePlugins::_modifyDovecotConfig: 2.2.13
[Sat May 13 17:16:53 2017] [debug] iMSCP::Execute::execute: /usr/sbin/dovecot --version
[Sat May 13 17:16:53 2017] [debug] Plugin::RoundcubePlugins::_modifyDovecotConfig: 2.2.13
[Sat May 13 17:16:53 2017] [debug] iMSCP::Config::_loadConfig: Tying /etc/imscp/dovecot/dovecot.data file in readonly mode
[Sat May 13 17:16:53 2017] [debug] iMSCP::Service::__ANON__: Systemd init system has been detected
[Sat May 13 17:16:53 2017] [debug] iMSCP::Execute::execute: /bin/systemctl --system is-active imscp_panel.service
[Sat May 13 17:16:53 2017] [debug] iMSCP::Provider::Service::Sysvinit::_exec: active
[Sat May 13 17:16:53 2017] [debug] iMSCP::Execute::execute: /bin/systemctl --system reload imscp_panel.service
[Sat May 13 17:16:53 2017] [debug] Modules::Plugin::_call: Calling update() method on Plugin::RoundcubePlugins
[Sat May 13 17:16:53 2017] [debug] iMSCP::Config::_loadConfig: Tying /etc/imscp/roundcube/roundcube.data file in writing mode
[Sat May 13 17:16:53 2017] [debug] iMSCP::Execute::execute: cp -fR /var/www/imscp/gui/plugins/RoundcubePlugins/roundcube-plugins/* /var/www/imscp/gui/public/tools/webmail/plugins/
[Sat May 13 17:16:53 2017] [debug] iMSCP::Execute::execute: cp -fR /var/www/imscp/gui/plugins/RoundcubePlugins/config-templates/* /var/www/imscp/gui/public/tools/webmail/plugins/
[Sat May 13 17:16:53 2017] [debug] iMSCP::Execute::execute: su -l vu2000 -s /bin/sh -c 'COMPOSER_HOME=/var/www/imscp/gui/data/persistent/.composer COMPOSER_PROCESS_TIMEOUT=2000 COMPOSER_NO_INTERACTION=1 COMPOSER_DISCARD_CHANGES=true php -d date.timezone=Europe/Zurich -d allow_url_fopen=1 -d suhosin.executor.include.whitelist=phar /var/local/imscp/composer.phar require --no-ansi -n -d=/var/www/imscp/gui/public/tools/webmail --update-no-dev --ignore-platform-reqs --prefer-stable --no-suggest sabre/vobject ~3.3.3'
[Sat May 13 17:17:15 2017] [debug] iMSCP::Execute::getExitCode: Command exited with value: 2
[Sat May 13 17:17:15 2017] [fatal] iMSCP::DbTasksProcessor::_process: Plugin::RoundcubePlugins::_installComposerPackages: ./composer.json has been updated
Loading composer repositories with package information
Initializing PEAR repository https://pear.php.net
PEAR repository from https://pear.php.net could not be loaded. Undefined Updating dependencies
Your requirements could not be resolved to an installable set of packages.
Problem 1
- The requested package pear-pear.php.net/net_ldap2 could not be found in any version, there may be a typo in the package name.
Potential causes:
- A typo in the package name
- The package is not available in a stable-enough version according to your minimum-stability setting
see <https://getcomposer.org/doc/04-schema.md#minimum-stability> for more details.
Read <https://getcomposer.org/doc/articles/troubleshooting.md> for further common problems.
Installation failed, reverting ./composer.json to its original content. at /var/www/imscp/engine/PerlLib/iMSCP/DbTasksProcessor.pm line 451.
[Sat May 13 17:17:15 2017] [debug] iMSCP::Bootstrapper::unlock: Releasing exclusive lock on /tmp/imscp.lock

Display More

If you need any other informations in order to investigate, please let me know.

Thank you very much,
Kess

System:
Debian Jessie x64, all the latest updates
i-MSCP 1.3.16
Plugins: ClamAV, LetsEncrypt, Mailgraph, Monitorix, OpenDKIM, PhpSwitcher, Postscreen, RoundcubePlugins, ServerDefaultPage, SpamAssassin
Installed with: php-fpm, apache2, Proftpd, SSL for panel and services

kess · May 8th 2017

Edit the file : /etc/spamassassin/00_imscp.cf

There you'll find the password used by the user sa_user to connect to your MySQL.

Set the MySQL password for sa_user in this file in order to reflect the password setup for the sa_user in your MySQL

kess · Apr 30th 2017

To resume:
1. Your server should be able to connect everywhere with every protocol
2. Traffic on the loopback interface should be allowed with every protocol

3. Traffic to your server:
Panel:
- Panel HTTP Port TCP
- Panel HTTPS Port TCP

Mail:
- Port 25 TCP (SMTP)
- Port 110 TCP (POP3)
- Port 143 TCP (IMAP)
- Port 465 TCP (SMTPs)
- Port 587 TCP (SMTP-Submission)
- Port 993 TCP (IMAPs)
- Port 995 TCP (POP3s)

FTP:
- Port 20 TCP
- Port 21 TCP
- Passive Port range you can find in FTP Server config file (ProFTPD or VSFTPD)

DNS:
- Port 53 (TCP and UDP)

Web:
- Port 80 TCP (HTTP)
- Port 443 TCP (HTTPS)

If you need to connect to MySQL externally:
- Port 3306 TCP

Than you should also open your ssh port in order to manage your box, or whatever other port/protocol used to perform this kind of tasts. Generally Port 22 TCP.
I think it's all you need. Perhaps I missed something, but it should be OK.

kess · Apr 30th 2017

@Nuxwin Yes i know, you are right.
In fact generally you change TTL at least 2 weeks before the beginning of the server move, to the lowest accepted value.

But as I can understand @Dylan is a little bit late now, and he is going to have problems for sure.
What I implemented, simply resolves the queries done against the old DNS, with the new IP addresses. This has nothing to do with "propagation speed up". It's just a really dirty workaround in order resolve some parts of the problem.

The rest, is cached somewhere in multiple parts of the internet, where you have no control... So... Just wait...

Posts by kess

LetsEncrypt 3.1.0 - Challenges Failed for all domains

LetsEncrypt 3.1.0 - Challenges Failed for all domains

LetsEncrypt 3.1.0 - Challenges Failed for all domains

LetsEncrypt 3.1.0 - Challenges Failed for all domains

LetsEncrypt 3.1.0 - Challenges Failed for all domains

RoundcubePlugins 2.0.1 upgrade error

RoundcubePlugins 2.0.1 upgrade error

SpamAssasin database connection error

Ports? (all)

Forward all domain queries to new server