Let's Encrypt referring to wrong site?!

2 posts / 0 new
Last post
#1 Wed, 04/17/2019 - 05:02
Walter81

Let's Encrypt referring to wrong site?!

Hi

I got several sites. All secured with Let's Encrypt without any issue. I've added a new domain. When I try to request an Let's Encrypt certificat this always fails because it lookups the acme-file in the wrong directory!?

My new domain is bellespieds.be but for some reason it goes to another site (hosted on the same server) to perform the check: https://spellenfestival.be/.well-known/acme-challenge No forwards have been setup (really just added a new domain, uploaded an index.html file as a placeholder to verify and tried to fetch a certificate).

I've been looking into the DNS records, config-files, everything. Can't figure out what's wrong. DNS records are not maintained on my server but with GoDaddy. So that's normal to fail. HTTP-based authentication did succeed without any issue for all my other domains.

Requesting a certificate for bellespieds.be, www.bellespieds.be from Let's Encrypt ..
.. request failed : Web-based validation failed :
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for bellespieds.be
http-01 challenge for www.bellespieds.be
Using the webroot path /home/bellespieds/public_html for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. www.bellespieds.be (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://spellenfestival.be/.well-known/acme-challenge/eL5VWNrZ10HfXIABYWSs7Y8QAgMKkX5HBwrbyoZUjP4 [2a01:7c8:aac8:116:5054:ff:fe65:3796]: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p", bellespieds.be (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://spellenfestival.be/.well-known/acme-challenge/ep6H7o0XVilZXhP2SR0mIxm5DMjfNcj7euhMkzSsbKE [2a01:7c8:aac8:116:5054:ff:fe65:3796]: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
IMPORTANT NOTES:
- The following errors were reported by the server:

   Domain: www.bellespieds.be
   Type:   unauthorized
   Detail: Invalid response from
   https://spellenfestival.be/.well-known/acme-challenge/eL5VWNrZ10HfXIABYWSs7Y8QAgMKkX5HBwrbyoZUjP4
   [2a01:7c8:aac8:116:5054:ff:fe65:3796]: "<!DOCTYPE HTML PUBLIC
   "-//IETF//DTD HTML 2.0//EN">\n<html><head>\n<title>404 Not
   Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"

   Domain: bellespieds.be
   Type:   unauthorized
   Detail: Invalid response from
   https://spellenfestival.be/.well-known/acme-challenge/ep6H7o0XVilZXhP2SR0mIxm5DMjfNcj7euhMkzSsbKE
   [2a01:7c8:aac8:116:5054:ff:fe65:3796]: "<!DOCTYPE HTML PUBLIC
   "-//IETF//DTD HTML 2.0//EN">\n<html><head>\n<title>404 Not
   Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.
DNS-based validation failed :
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for bellespieds.be
dns-01 challenge for www.bellespieds.be
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. bellespieds.be (dns-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.bellespieds.be, www.bellespieds.be (dns-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.www.bellespieds.be
IMPORTANT NOTES:
- The following errors were reported by the server:

   Domain: bellespieds.be
   Type:   None
   Detail: DNS problem: NXDOMAIN looking up TXT for
   _acme-challenge.bellespieds.be

   Domain: www.bellespieds.be
   Type:   None
   Detail: DNS problem: NXDOMAIN looking up TXT for
   _acme-challenge.www.bellespieds.be
Thu, 04/18/2019 - 03:46
Walter81

this is resolved! It turned that -for some reason- in my httpd.conf file my new virtualhosts only got the ipv4 address configured, not the ipv6 address. I manually updated it which resolved all issues.