-
-
Notifications
You must be signed in to change notification settings - Fork 107
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
When a SSL certificate fails to be generated - add these warnings #939
Comments
Don’t we already display that under the "Setup SSL Certificates —> Let's Encrypt" tab? I distinctly remember fixing it, so the full error message should be shown there already... |
I do get the letsencypt error message but these 2 particular errors that would not get directly flagged up could be the cause of a lot of errors, we'll for noobies and me. The letsencypt error message, for the error with htaccess, showed my IP and Https and a fail message. I can't remember what it said but I don't remember it saying that the cert was expired and because of that it failed. However I could be wrong. My feature request was really for a prompt in certain circumstances to educate the user and have them check propagation and the presence of dodgy htaccess rules. |
Having a self-signed cert isn't itself bad, as long as there's no unilateral redirect to HTTPS. When Virtualmin sets up that redirect it excludes Let's Encrypt validation requests for this exact reason .... but we can't do that in all cases, like where there's a migrated or manually created |
thinking through the issue
My thoughts
Bug or Feature request ?
|
The HTTPS domain is definitely created before the SSL cert is installed, so that shouldn't be the issue. Actually, what was the full error that you got from Let's Encrypt? As for |
I will see if we have the error. Disabling the htaccess redirect during an SSL installation is an option but it could adversely affect a very active site so might not be best, I welcome advise though. |
i have the error log for letsencrypt, i just need to find when an entry starts and finished, it is not very clear. |
I don’t think this is something we should do. There are many situations where disabling |
background
I imported a website from a cpanel account, though the source could be anywhere or even a fresh website.
the issue
I tried unsuccessfully to get my SSL certificate generated and I could not figure out why.
When I did figure it out it was caused by 2 reasons:
.htaccess
the DNS propagation issue is obvious and the htaccess code was causing the http requests for the lets encrypt connection to be upgraded to a HTTPS connection however this would not work becasue the cert was self signed and invalid.
proposed solution
Manage Web Server --> Setup SSL Certificates --> Let's Encrypt
The text was updated successfully, but these errors were encountered: