MRatWork Forum by Mustafa Ramadhan

Sawo Project - Kloxo-MR Discussions => Kloxo-MR Bugs and Requests => Topic started by: Spacedust on 2019-05-18, 12:36:44

Title: Unable to verify SSL for subdomain
Post by: Spacedust on 2019-05-18, 12:36:44
https://domain.com/.well-known/acme-challenge/HslgN0P7ZqhUrmA3NJKVvv_3D36C3rwvWS2Vk52XyJ8

Simply doesn't see the file inside this directory, while it works properly for main domain.
Title: Re: Unable to verify SSL for subdomain
Post by: MRatWork on 2019-05-18, 13:09:18
Try until several times. Remember, all addresses in 'Subject Alternative Name (SAN)' must be access via web browser.
Title: Re: Unable to verify SSL for subdomain
Post by: Spacedust on 2019-05-18, 13:38:48
I tried and it seems I've hitted some limit. I need to retry later.
Title: Re: Unable to verify SSL for subdomain
Post by: Spacedust on 2019-05-21, 18:53:13
Still doesn't work:

[Tue May 21 18:51:53 CEST 2019] pics.domain.com:Verify error:Fetching https://pics.domain.com/.well-known/acme-challenge/PzwErsnWR34aNkTGgSEYytoUXqmHUU7DH2oFWUQmQB0: Connection refused
[Tue May 21 18:51:53 CEST 2019] Please add '--debug' or '--log' to check more details.
[Tue May 21 18:51:53 CEST 2019] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
Title: Re: Unable to verify SSL for subdomain
Post by: Spacedust on 2019-05-21, 19:06:59
After disabling IPv6:

[Tue May 21 19:04:57 CEST 2019] Pending
[Tue May 21 19:04:59 CEST 2019] Pending
[Tue May 21 19:05:02 CEST 2019] Pending
[Tue May 21 19:05:04 CEST 2019] Pending
[Tue May 21 19:05:07 CEST 2019] Pending
[Tue May 21 19:05:09 CEST 2019] Pending
[Tue May 21 19:05:12 CEST 2019] Pending
[Tue May 21 19:05:14 CEST 2019] Pending
[Tue May 21 19:05:17 CEST 2019] Pending
[Tue May 21 19:05:20 CEST 2019] pics.domain.com:Verify error:Fetching https://pics.domain.com/.well-known/acme-challenge/pGEVLMGkmxyDcpnQkSbuto5WnAgTbWXRuMH4m2cKDhM: Timeout during connect (likely firewall problem)
[Tue May 21 19:05:20 CEST 2019] Please add '--debug' or '--log' to check more details.
[Tue May 21 19:05:20 CEST 2019] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh

Subdomain is normally reachable via browser.
Title: Re: Unable to verify SSL for subdomain
Post by: MRatWork on 2019-05-22, 05:38:24
Is it ok for domain?.
Title: Re: Unable to verify SSL for subdomain
Post by: Spacedust on 2019-05-22, 10:04:10
Yes. Main domain worked just fine.

How to try refreshing manually with debug option?
Title: Re: Unable to verify SSL for subdomain
Post by: Spacedust on 2019-05-24, 23:09:50
Still the same. Even with IPv6 working :(
Title: Re: Unable to verify SSL for subdomain
Post by: Spacedust on 2019-05-24, 23:27:11
Connection is always refused.
Title: Re: Unable to verify SSL for subdomain
Post by: MRatWork on 2019-05-26, 13:13:34
Can you inform your dns setting for subdomain (also their domain)?.
Title: Re: Unable to verify SSL for subdomain
Post by: Spacedust on 2019-05-26, 22:52:51
I think I know what's wrong. It's working via IPv6 only via http not https and Letsencrypt is using IPv6 when it's available. I use nginxproxy.

Domain/subdomain settings are correct.
Title: Re: Unable to verify SSL for subdomain
Post by: Spacedust on 2019-05-28, 14:46:59
Now when I fixed the IPv6 nginx ports I was able to verify my subdomain in Letsencrypt.