Hi Guys,
Are there any pre-requisites to running Let’s Encrypt on v1.4? I upgraded my instance to 1.4 but it doesn’t work. I have a site which has an existing Let’s Encrypt Certificate. When I click Install Certificate I get the following success message “LetsEncrypt Certificate successfully installed on website” but the certificate is not renewed.
Any ideas? Thanks.
Hello,
It sounds like LetsEncrypt is unable to validate the file in the .well-known folder.
Can you try load the URL yourself directly in the browser and make sure it is accessible externally? If you have any redirect rules in web.config you will need to exclude the .well-known folder (For example a https redirector).
Thanks,
Trevor
Hey Trevor,
here are some of the error messages:
- ACME server reported “type” “urn:acme:error:unauthorized”
- ACME server reported “detail” “Invalid response from http://domain.com/.well-known/acme-challenge/-AIURe4PRNrD7pysBWlACqf9SfopgMxQ6yWR8nBtag0: “<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Strict//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd”>
<html xmlns=”http”” - ACME server reported “detail” “Invalid response from http://advantt.com/.well-known/acme-challenge/-AIURe4PRNrD7pysBWlACqf9SfopgMxQ6yWR8nBtag0: “<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Strict//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd”>
<html xmlns=”http”” - NullReferenceException: “Object reference not set to an instance of an object.”
- ArgumentOutOfRangeException: “no challenge found matching requested type
Parameter name: challengeType”
The above is a string of errors that occur on one request.
Thank you.
I think it helps to add something like the following to the system.webServer section of the LetsEncrypt Web_Config.xml file, and (if it doesn’t cause problems) maybe this change could be made within the SolidCP installer.
<httpRedirect enabled=”false” />
<rewrite>
<rules>
<clear />
</rules>
</rewrite>
<modules>
<remove name=”Helicon.Ape” />
</modules>
I cannot get the certs to install either. My Event Logs show only this:
NullReferenceException: “Object reference not set to an instance of an object.”
I see nothing else in the log
I too have this problem. New certificates are fine but renewals fail with
NullReferenceException: Object reference not set to an instance of an object.
I do have SSL redirects in place, but have tried
- turning them off
- adding exception for the .well-known folder
Still the same. Additionally I’m noticing a system log error
A fatal error occurred while creating an SSL client credential. The internal error state is 10013.
We do have TLS1 disabled, along with insecure cyphers – wondering if that might be causing an issue??
Any pointers appreciated, got to get this sorted
We had this exact problem and we managed to find the cause of it for us. It turns out that if one of the scheduled certificate renewals is for a website that you no longer host it will not renew any other certificates. If you run the letsencrypt software from the command line
C:\SolidCP\Server\bin\LetsEncrypt\letsencrypt.exe
And then choose “L” to list the scheduled renewals and check that each website is still pointing at your server. You can generally tell which one is causing the problem if you run the renewal manually by choosing option “R” to Renew Scheduled and as soon as you start to get the “Object reference not set to an instance of an object.” error then look at the website it just tried to renew as that will probably be the cause.
Regards
Mark Donne
https://host100.co.uk
Hello,
I have added this forum post to the current bug report around error tracking. We will look into how to make this simpler but generally once the certificate is first made in SolidCP it is handed off to the win-simple-client for all renewals.
Thanks,
Trevor