HTTPS access problem

For two times, just after:

  1. Install Debian 9 on Hetznet VPS.
  2. ssh [email protected]
  3. “apt update” and “apt upgrade”
  4. wget https://raw.githubusercontent.com/hestiacp/hestiacp/release/install/hst-install.sh
  5. bash hst-install.sh
  6. exit
  7. ssh [email protected]
  8. v-add-letsencrypt-host

I get the next error message:

Error: Let’s Encrypt acc registration failed
Error: domain ssh host.domain.tld does not have an SSL certificate.

Doing it from GUI the message is the same. I have tried to generate a LE certificate for “host.domain.tld” marking “Enable automatic HTTP-to-HTTPS redirection” and/or “Enable HTTP Strict Transport Security (HSTS)” but don’t works. I used “Rebuild All” too.

I can visit https://host.domain.tld:8083 and http://host.domain.tld(:80), but not https://host.domain.tld(:443). Probably this is the problem. Creating a new web (test.domain.tld) the problem continues.

I have installed HestiaCP more times and never happened this.

Can you try to run v-add-letsencrypt-user admin and post the result? Sounds like a invalid email address has entered for admin user.

~# v-add-letsencrypt-user admin
Error: Let’s Encrypt acc registration failed

The pointed domain and admin mail TLD is “.eu”. Can it be that?

not really, the email needs just to be a valid one. I just tested v-add-letsencrypt-user admin on one of our test system, all worked properly. I’ll check with the team if someone would have time to look in your system.

As I said, I did a “Rebuild All”. Today I created the admin email account and found this message:

Cron [email protected] sudo /usr/local/hestia/bin/v-update-sys-hestia-all

W: Failed to fetch https://apt.hestiacp.com/dists/stretch/InRelease Could not resolve host: apt.hestiacp.com
W: Some index files failed to download. They have been ignored, or old ones used instead.
W: Failed to fetch https://apt.hestiacp.com/dists/stretch/InRelease Could not resolve host: apt.hestiacp.com
W: Some index files failed to download. They have been ignored, or old ones used instead.
W: Failed to fetch https://apt.hestiacp.com/dists/stretch/InRelease Could not resolve host: apt.hestiacp.com
W: Some index files failed to download. They have been ignored, or old ones used instead.

I don’t know if it can be related.

It sounds that you have a dns issue. Can you check if the outbound connection is working (ping google.ch)? Also do you use openvz?

I don’t know if my vps uses openvz, but a couple of days ago HestiaCP worked perfectly on it. You’re right. “ping google.es” does not respond:

ping google.es
ping: google.es: Temporary failure in name resolution

After checking it, I have done several times:

  • Installed Debian 9 on my VPS again and “ping google.es” works.
  • Upgraded the system and “ping google.es” works.
  • Installed HestiaCP and “ping google.es” DON’T works.
  • Installed HestiaCP without upgrade and “ping google.es” DON’T works.
  • Logout and login and “ping google.es” DON’T works.
  • Reboot and “ping google.es” DON’T works.
  • Pointed a domain from another registrar and “ping google.es” DON’T works.
  • Changed system hostname and PTR register and “ping google.es” DON’T works.

I can’t think what else to do.

Installing Ubuntu 18.04 all works fine. I continue to investigate.

Finally a solution: the time zone must be established and restarted the server before installing HestiaCP on Debian 9.

During package upgrade:

exim4/oldstable,oldstable 4.89-2+deb9u5 all [upgradable from: 4.89-2+deb9u4]
exim4-base/oldstable,oldstable 4.89-2+deb9u5 amd64 [upgradable from: 4.89-2+deb9u4]
exim4-config/oldstable,oldstable 4.89-2+deb9u5 all [upgradable from: 4.89-2+deb9u4]
exim4-daemon-light/oldstable,oldstable 4.89-2+deb9u5 amd64 [upgradable from: 4.89-2+deb9u4]
linux-image-4.9.0-9-amd64/oldstable,oldstable 4.9.168-1+deb9u5 amd64 [upgradable from: 4.9.168-1+deb9u3]
patch/oldstable,oldstable 2.7.5-1+deb9u2 amd64 [upgradable from: 2.7.5-1+deb9u1]
tzdata/oldstable-updates,oldstable-updates 2019b-0+deb9u1 all [upgradable from: 2019a-0+deb9u1]

Appears the next message:

Current default time zone: ‘Europe/Berlin’
Local time is now: Wed Aug 21 21:20:40 CEST 2019.
Universal Time is now: Wed Aug 21 19:20:40 UTC 2019.
Run ‘dpkg-reconfigure tzdata’ if you wish to change it.

Running dpkg-reconfigure tzdata, setting a time zone and restarting the server before installing HestiaCP, everything works properly.

The funny thing is that without installing the updates, it is also necessary to perform this procedure.

Hi @Wibol

That’s a interresting catch, never had such issues on my installation. I’m glad you found a solution that worked for you!

I will mark your answer as solution, please let us know if you need anything.

1 Like

Today I created a DNS zone, several websites and email accounts and everything works perfectly.

Thank you very much for your time, great work and excellent support. I had never seen such fluid communication between developers and users.

1 Like