have some websites running with let's encrypt without problems, they are all on domainwit autosubdomain www i.e. webseite domain.com with autosubdomain www.domain.com now I like to have a website sub.domain.com no autosubdomain. domain.com exists and has valid DNS records, I have a A record for sub.domain.com under doamin.com I can access sub.domain.com with http: but if I try to get a Let's encypt certificat I get errors like Could not verify domain sub.domain.com, so excluding it from letsencrypt request. and Let's Encrypt SSL Cert for: sub.domain.com could not be issued. I think I missed something or did something wrong but do not know what need help, thanks
Maybe you use some custom rewrite or proxy rules in the sub.domain.com which prevent letsencrypt domain verification.
no rules at all execept the rewrite rule to https like in the other sites, but even before this rule it didn't work. Is there a way to monitor the the request to let's encrypt. Shure I can scan the traffic with a network sniffer but ther eis the traffic of some email accounts and from the other websites on the same address so filtering will be not so easy
You can test it like this: 1) Create a test file in the letsencrypt token directory: touch /usr/local/ispconfig/interface/acme/.well-known/acme-challenge/test.txt 2) Then try to reach the test txt file in the way that ispconfig and LE are doing it: http://sub.yourdomain.tld/.well-known/acme-challenge/test.txt