Hello, I'm using ISPConfig 3.1 from the Alpha version and even now updating Beta, LetsEncrypt does not work. 1 - My initial problem was that Letsencrypt issued a certificate but with key mismatch problem 2 - Now the problem is the following failed (2: No such file or directory), client: 66.133.109.36, server: sub.domain.com, request: "GET /.well-known/acme-challenge/FWGMfDFr9LLJM9o7mO7vyki5EmUCVFH5OsVo48Paez4 HTTP/1.1", host: "sub.domain.com" I am using Nginx. If anyone can help, thank you!
Does the nginx vhost file of this website contains this part? Code: location /\.well-known/acme-challenge { root /usr/local/ispconfig/interface/acme/.well-known/acme-challenge; index index.html index.htm; try_files $uri =404; } if not, then run Tools > Resync to get all vhost files updated.
I found the problem on /var/log/ispconfig/httpd/domain.com/error.log After Rsync [error] 2771#0: *19 access forbidden by rule, client: 66.133.109.36, server: domain.com.br, request: "GET /.well-known/acme-challenge/tDYb-lM8wg-GzqI56-fKJ4xeoS3PjLbb-19J2l2lZos HTTP/1.1", host: "domain.com.br"
Please check the vhost file of this website, it should contain this code: Code: ## Disable .htaccess and other hidden files location ~ /\.(?!well-known/acme-challenge/) { deny all; access_log off; log_not_found off; } which should allow access to /.well-known/acme-challenge/. If this code is there and it is still not working, try to change it to: Code: ## Disable .htaccess and other hidden files location ~ /\.(?!well-known) { deny all; access_log off; log_not_found off; }
Now changed too 14 open() "/var/www/domain.com/web/.well-known/acme-challenge/KPjcEcV_NMarHjlAVVLLlNnxC7QJVIrbcdgyUzuUF44" failed (2: No such file or directory), client: 66.133.109.36, server: domain.com, request: "GET /.well-known/acme-challenge/KPjcEcV_NMarHjlAVVLLlNnxC7QJVIrbcdgyUzuUF44 HTTP/1.1", host: "domain.com
Now, Forbiden again when using ## Disable .htaccess and other hidden files location ~ /\.(?!well-known) { deny all; access_log off; log_not_found off; }
I guess we have to debug that on our test systems again. I added a issue report in the bugtracker. https://git.ispconfig.org/ispconfig/ispconfig3/issues/3845
Hello friend access forbidden by rule, client: 66.133.109.36,, request: "GET /.well-known/acme-challenge/6aznz_5LNoxklp-73RNz2Vk2YIwtp9jy8EO_BsGIxyA
I tested it on a freshly installed nginx server and it works there. Please make sure you have the latest vhost conf template as there was a misconfigured block earlier.
Sorry, i updated now, and the log show 2016/04/27 07:47:09 [error] 31369#0: *3 open() "/var/www/domain.com/web/.well-known/acme-challenge/qEJ1yyGkJlRJycV42Fu7PZwNoZXpdZpESIM6rlQ6g3E" failed (2: No such file or directory), client: 66.133.109.36, server: domain.com, request: "GET /.well-known/acme-challenge/qEJ1yyGkJlRJycV42Fu7PZwNoZXpdZpESIM6rlQ6g3E HTTP/1.1", host: "domain.com"
@robson: Please check your site's vhost file if the location for well-known is there (location ~ /.well-known ... etc.) Code: location ~ /\.well-known/acme-challenge/ { root /usr/local/ispconfig/interface/acme/; index index.html index.htm; try_files $uri =404; }
And earlier in the file, is it Code: location ~ /\. { deny all; access_log off; log_not_found off; } or Code: location ~ /\.(?!well-known/acme-challenge/) { deny all; access_log off; log_not_found off; }
Then there must be a non-default rule in your files somewhere. Please check your files for any deny rule.
