I'm trying to run certbot and I'm getting invalid responses. Domain: www.domain.com Type: unauthorized Detail: Invalid response from http://www.domain.com/.well-known/acme-challenge/fq2NxqsvWaQXYI3GwrFBed5hXJ2LPlVtKxVP_v-PDr8: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p" and from apache logs [Sun Jan 27 18:53:32.716961 2019] [:notice] [pid 29107] mod_python: Creating 8 session mutexes based on 150 max processes and 0 max threads. [Sun Jan 27 18:53:32.716965 2019] [:notice] [pid 29107] mod_python: using mutex_directory /tmp [Sun Jan 27 18:53:32.727762 2019] [ssl:warn] [pid 29107] AH01906: ixxx:8080:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Sun Jan 27 18:53:32.727853 2019] [ssl:error] [pid 29107] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: CN=ip-xxx,OU=xxx,O=xxxx,L=xxx,ST=xxx,C=xx / issuer: xxxxl,OU=xxx,O=xxx,L=xx,ST=xx,C=xx/ serial: xxxxx/ notbefore: Jan 24 17:26:25 2019 GMT / notafter: Jan 21 17:26:25 2029 GMT] [Sun Jan 27 18:53:32.727860 2019] [ssl:error] [pid 29107] AH02604: Unable to configure certificate xxxx:8080:0 for stapling [Sun Jan 27 18:53:32.737764 2019] [mpm_prefork:notice] [pid 29107] AH00163: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 mod_python/3.3.1 Python/2.7.15rc1 OpenSSL/1.1.0g configured -- resuming normal operations [Sun Jan 27 18:53:32.737798 2019] [core:notice] [pid 29107] AH00094: Command line: '/usr/sbin/apache2' I installed from the script with no apparent errors. This seems to be causing some chrome browsers to ignore vhosts as well.
With ISPConfig Let's Encrypt certificates are automatic after ticking on the setting in Website. If it does not work, here is error FAQ: https://www.howtoforge.com/community/threads/lets-encrypt-error-faq.74179/ If you have been running certbot yourself, it may be necessary to remove the certificates it made so ISPConfig can begin from a clean slate.
ok, i figured that out with certbot delete. now when I select letsencrypt in the settings, after a few moments I start getting lots in /var/log/letsencrypt/letsencrypt.log unfortunately it's the same error. invalid response looking for that '.well-known/acme-challenge/asdkfjasldkgjlasdfkgj' now, firefox sees the vhosts and shows me separate sites, but chrome doesn't. It brings up just the first site even when I type the others in. orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/client.py", line 330, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 80, in handle_authorizations self._respond(aauthzrs, resp, best_effort) File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 153, in _respond self._poll_challenges(aauthzrs, chall_update, best_effort) File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 224, in _poll_challenges raise errors.FailedChallenges(all_failed_achalls) certbot.errors.FailedChallenges: Failed authorization procedure. my.domain.com (http-01): urn:ietfarams:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from my.domain.com/.well-known/acme-challenge/asdfasdfasdfasdfasdf: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p", my.domain.com (http-01): urn:ietfarams:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from my.domain.com/.well-known/acme-challenge/asdfasdfasdfasdf_A: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p" what should I look at next?
I should note that this is being hosted at lightswitch and there is a 1:1 NAT from the public to a private IP.
