I am still having all kinds of issues with SSL not working. I have been testing Hestia for a few days now. I have install 3 Domains and 20 different websites.
When I Enable SSL for this domain / Use Lets Encrypt to obtain SSL certificate, it fails every time on all the domains, with a error 15 or several different 400 errors. However when I and to the host it works fine.
Yesterday it did work once one of my domains but in testing today I tried the same thing again and it failed again. I just wanted to tell you about the issues I am having. I have been doing IT for 30 years so I have some experience at these things.
According to https://github.com/hestiacp/hestiacp/issues/1380 it looks like you’ve a bit a weird installation - what is your hestia version? If you write since a few days, you should be on 1.3.0, according to your issue, it looks that you’re on a much older version.
perhaps the dns, a records, if you use cloudflare make sure you dont use the proxy or use dns only
sometime when i adding domain and apply ssl got problem cause the domain is not resolve yet,
wait for a few mins while you break for americano or espresso then you try it again for me after i made a break and try, the ssl work seamlessly and i a not quite long on IT, perhaps only a few back years for sure after testing several control panel beside virtualmin (ups so sorry @ScIT )
i am falling in love with hestia (i tried the vesta, myvesta already )
for sure hestia can handle well all my apps even on low end vps
Hey @johnzapf , you could check, what the nginx log is saying. watch out for the .well-known being requested.
in general we can only support you, if you are more informative about what’s going on. as others pointed out ‘does not work’ or just the general letsencrypt error codes won’t help much. only you can dig into the logfiles on your system properly, which I am sure you know how to do and where to find them
if the difference appears to lie between issuing the request via GUI vs CLI than I strongly assume there is something different f.i. in the aliases listed. maybe you have an old/orphaned/forgotten alias under your domain settings, that does not point correctly to the server and while you request via cli you don’t list that?
without knowing which command and options for that you used, it’s probably getting difficult to narrow it down any further anyway…
As far as the nginx log I don’t see where to find that. Like I have said before I have been a Windows Admin, IT etc… for 29 years and all my websites have been on IIS. I just started learning Linux a few weeks ago.
My DNS its set to the right IP at GoDaddy and my NAT is right in my SonicWALL. Like I said all work perfect in Vesta with this same setup and domain. just let me know what info I can supply and I will get it.
I am afraid I can’t help you much then. if everything were set right, it would work, easy as that
if it does not work, something is not set right… and the logs might tell you.
for that you might want to explore /var/logs/nginx/domains/* and search for lines with GET requests towards urls with .well-known in the path… if those do not have 200 response, obviously something can’t be reached and verified.
again, as written above, check all aliases you put into the web domains config and test if they lead to your server properly. also don’t have empty lines in there… somewhere there is a problem, a minor typo or whatever.
if in doubt delete the whole user and recreate it from scratch including the domains and whatnot.
other than that you are pretty much on your own. rest asured this isn’t a problem with Hestia.
I don’t want to expand my knowledge of Linux, I think its so stupid that you still have to type commands in 2020… I don’t want to spend hours doing something that should take 2 minutes. I started working on computers in 1990, I am so over, typing commands… I am just trying to move my website for better performance. I like Hestia for its simplicity and performance. and fyi the SSL did work a couple days ago.
I am migrating all 9 of my server to a new server this week so that is when I will really get into it. I was just trying to get this all figured out ahead of time.
Honestly, then I would stop using linux and hestia. If you run a linux based webserver, you cant come around the cli. You need to know where to check the logs, understand what they could mean or how to trigger a google search and filter out the relevant informations.
So based on your explanation, your not willing to learn it nor have the knowledge to do it - so you will get in big troubled, for example if one of your sites get hacked.
I get it. I am just frustrated with the googling commands… don’t take me so serous.
hacked – that’s scary, I have been hosting my own websites on IIS for 20 years and have never been hacked that I know of. I did have a virus get in once, but I am very good with backups–so that was not a problem.
We dont know your setup, we dont know your website or aliases. We can verify that the let’s encrypt api is working and that we can request valid certs on our productive aswell as dev servers.
Suggestion: Rent a hetzner.cloud vps, install hestia on top, give it a hostname from one of your domains, add a new user, add there a domain and request a lets encrypt certificate - proper dns records ofc. If it still fails, I’m willing to do a deep analyze of that vps.