Lets Encrtype seems broken on 5.99 update

I had my server running previously. After I got updated to Virtualmin 5.99 letsencrypt stopped working shows following error when requesting new certificate either old domain ( renew) or new fresh domain.

Parsing account key...
Parsing CSR...
Registering account...
Already registered!
Verifying autodiscover.hamrochords.com...
Traceback (most recent call last):
  File "/usr/share/webmin/webmin/acme_tiny.py", line 235, in <module>
    main(sys.argv[1:])
  File "/usr/share/webmin/webmin/acme_tiny.py", line 231, in main
    signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, args.dns_hook, args.cleanup_hook, log=LOGGER, CA=args.ca)
  File "/usr/share/webmin/webmin/acme_tiny.py", line 171, in get_crt
    raise ValueError("Gave up waiting for valiation")
ValueError: Gave up waiting for valiation

I have checked for any redirection code etc all seems blank.

Status: 
Active

Comments

Joe's picture
Submitted by Joe on Sun, 07/09/2017 - 13:01 Pro Licensee

That usually indicates the validation server can't reach your site. It tries to load .well-known/acme-challenge/SOMEHASH

If it can't find it, either because the domain isn't resolving, or the server doesn't respond, it'll fail like this. Create a file in that path (/home/domain/public_html/.well-known/acme-challenge) and check to be sure it can be reached from the internet.

Thank you but I browsed through the /home/hamrochords/public_html/.well-known/acme-challenge I found only .htaccess file with following content in it. When we request ssl certificate shouldn't it create a file under that directory. Also, checked for the permissions and both user and group permissions seems okay as being hamrochords:hamrochords with 0755 permission.

AuthType None
Require all granted
Satisfy any

Also, checked i don't have any .htaccess in my public_html folder.

Also, when I try to renew the certficate for another domain it says following error

Requesting a certificate for pathivara.crystalsoft.com.np, www.pathivara.crystalsoft.com.np, autoconfig.pathivara.crystalsoft.com.np, autodiscover.pathivara.crystalsoft.com.np from Let's Encrypt ..
.. request failed : DNS zone www.pathivara.crystalsoft.com.np does not exist on this system

I checked for dns records and www.pathivara.crystalsoft.com.np is resolving correctly. Also, there is following entry in apache

<VirtualHost *:80>
ServerName pathivara.crystalsoft.com.np
ServerAlias www.pathivara.crystalsoft.com.np
ServerAlias webmail.pathivara.crystalsoft.com.np
ServerAlias admin.pathivara.crystalsoft.com.np
ServerAlias autoconfig.pathivara.crystalsoft.com.np
ServerAlias autodiscover.pathivara.crystalsoft.com.np
DocumentRoot /home/crystal/domains/pathivara.crystalsoft.com.np/public_html
ErrorLog /var/log/virtualmin/pathivara.crystalsoft.com.np_error_log
CustomLog /var/log/virtualmin/pathivara.crystalsoft.com.np_access_log combined
ScriptAlias /cgi-bin/ /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin/
ScriptAlias /AutoDiscover/AutoDiscover.xml /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin/autoconfig.cgi
ScriptAlias /Autodiscover/Autodiscover.xml /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin/autoconfig.cgi
ScriptAlias /autodiscover/autodiscover.xml /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin/autoconfig.cgi
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /home/crystal/domains/pathivara.crystalsoft.com.np/public_html>
Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
</Directory>
<Directory /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin>
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
</Directory>
RewriteEngine on
RewriteCond %{HTTP_HOST} =webmail.pathivara.crystalsoft.com.np
RewriteRule ^(.*) https://server.crystalsoft.com.np:20000 [R]
RewriteCond %{HTTP_HOST} =admin.pathivara.crystalsoft.com.np
RewriteRule ^(.*) https://server.crystalsoft.com.np:10000 [R]
ProxyPassMatch ^/(.*.php(/.*)?)$ fcgi://localhost:8011/home/crystal/domains/pathivara.crystalsoft.com.np/public_html/$1
RemoveHandler .php
RemoveHandler .php7.0
php_admin_value engine Off
Redirect /mail/config-v1.1.xml /cgi-bin/autoconfig.cgi
Redirect /.well-known/autoconfig/mail/config-v1.1.xml /cgi-bin/autoconfig.cgi
</VirtualHost>
<VirtualHost 45.76.144.138:443>
ServerName pathivara.crystalsoft.com.np
ServerAlias www.pathivara.crystalsoft.com.np
ServerAlias webmail.pathivara.crystalsoft.com.np
ServerAlias admin.pathivara.crystalsoft.com.np
ServerAlias autoconfig.pathivara.crystalsoft.com.np
ServerAlias autodiscover.pathivara.crystalsoft.com.np
DocumentRoot /home/crystal/domains/pathivara.crystalsoft.com.np/public_html
ErrorLog /var/log/virtualmin/pathivara.crystalsoft.com.np_error_log
CustomLog /var/log/virtualmin/pathivara.crystalsoft.com.np_access_log combined
ScriptAlias /cgi-bin/ /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin/
ScriptAlias /AutoDiscover/AutoDiscover.xml /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin/autoconfig.cgi
ScriptAlias /Autodiscover/Autodiscover.xml /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin/autoconfig.cgi
ScriptAlias /autodiscover/autodiscover.xml /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin/autoconfig.cgi
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /home/crystal/domains/pathivara.crystalsoft.com.np/public_html>
Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
</Directory>
<Directory /home/crystal/domains/pathivara.crystalsoft.com.np/cgi-bin>
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
</Directory>
RewriteEngine on
RewriteCond %{HTTP_HOST} =webmail.pathivara.crystalsoft.com.np
RewriteRule ^(.*) https://server.crystalsoft.com.np:20000 [R]
RewriteCond %{HTTP_HOST} =admin.pathivara.crystalsoft.com.np
RewriteRule ^(.*) https://server.crystalsoft.com.np:10000 [R]
ProxyPassMatch ^/(.*.php(/.*)?)$ fcgi://localhost:8011/home/crystal/domains/pathivara.crystalsoft.com.np/public_html/$1
RemoveHandler .php
RemoveHandler .php7.0
php_admin_value engine Off
SSLEngine on
SSLCertificateFile /home/crystal/domains/pathivara.crystalsoft.com.np/ssl.cert
SSLCertificateKeyFile /home/crystal/domains/pathivara.crystalsoft.com.np/ssl.key
SSLProtocol all -SSLv2 -SSLv3
SSLCACertificateFile /home/crystal/domains/pathivara.crystalsoft.com.np/ssl.ca
Redirect /mail/config-v1.1.xml /cgi-bin/autoconfig.cgi
Redirect /.well-known/autoconfig/mail/config-v1.1.xml /cgi-bin/autoconfig.cgi
</VirtualHost>

Can't figure out what exactly is the problem.

roshanbudhathoki - are you fully updated to the latest Webmin and Virtualmin versions?

Yeap Jamie, I am using webmin 1.850 and usermin 1.720 and virtualmin 5.99. Just checked once again. Also, checked for dns records which are fine and resolving from all places (checked from this site https://www.whatsmydns.net/ ) . Also, checked for any .htaccess records, found no .htaccess in public_html.

I don't know what else is going wrong?

Any chance we could get access to your system to see what's going wrong here?

A few other users have reported this "gave up" error, but it's hard to debug as it doesn't happen on our test systems!

This is what i was trying to fix then This happened. (also, the log viewer is broken on 1.850). I can give you the root for that vps.

Can confirm the same error shown in the first post of this thread

Thank you Jamie, update 1.8.51 worked well.

It worked but only on main domains. When I request certificate for subdomains it has another issue for which I have created another issue in the issue list. Here's the link https://www.virtualmin.com/node/52841

I haven't changed credentials of the server yet, if you have to check my system please go ahead and check the system. :)