Certbot stopped working on my server a while back so I'm trying to convert everything over to use acme.sh with a helper script to generate the apache config entries etc...
And it's really giving me trouble. Basically for sub domains I added an alias for the /.well-known/acme-challenge for each sub domain so that it points to the main, but since some of the top level domains are showing as already verified, I think it's skipping the part to create the folder there.
But also, it's not adding the / and trying to go to an invalid domain. See error below:
To add the alias I edited the virtualhost for the forum host, so that it goes to www, as acme.sh puts it there. (or normally would...)
Is there a way to make this work properly?
Also how do I go about adding another subdomain after the fact? This is where things seem to break down, because the top level domain will already have been verified so it's not going to add the proper files to that folder, but then it still wants to verify the new sub domain. I know there's a way to do it with DNS too but that sounds like an even bigger pain as you need to setup dynamic DNS, which I've looked into before and it's super tedious and needs to be done for each individual domain and there is lot of legwork involved.
And it's really giving me trouble. Basically for sub domains I added an alias for the /.well-known/acme-challenge for each sub domain so that it points to the main, but since some of the top level domains are showing as already verified, I think it's skipping the part to create the folder there.
But also, it's not adding the / and trying to go to an invalid domain. See error below:
Code:
[user@server03 acme.sh-master]$ ./acme.sh -f --issue -d example.com -d www.example.com -d forums.example.com --webroot /home/user/www/example.com/www/
[Mon Mar 15 20:09:30 EDT 2021] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Mon Mar 15 20:09:30 EDT 2021] Multi domain='DNS:example.com,DNS:www.example.com,DNS:forums.example.com'
[Mon Mar 15 20:09:30 EDT 2021] Getting domain auth token for each domain
[Mon Mar 15 20:09:31 EDT 2021] Getting webroot for domain='example.com'
[Mon Mar 15 20:09:31 EDT 2021] Getting webroot for domain='www.example.com'
[Mon Mar 15 20:09:31 EDT 2021] Getting webroot for domain='forums.example.com'
[Mon Mar 15 20:09:32 EDT 2021] example.com is already verified, skip http-01.
[Mon Mar 15 20:09:32 EDT 2021] www.example.com is already verified, skip http-01.
[Mon Mar 15 20:09:32 EDT 2021] Verifying: forums.example.com
[Mon Mar 15 20:09:34 EDT 2021] forums.example.com:Verify error:Fetching https://forums.example.com.well-known/acme-challenge/MlP0f6CGg7vi7JlWDNTwVmsTA6PtstN8t7yrkwFPE8M: Invalid host in redirect target
[Mon Mar 15 20:09:34 EDT 2021] Please add '--debug' or '--log' to check more details.
[Mon Mar 15 20:09:34 EDT 2021] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
[user@server03 acme.sh-master]$To add the alias I edited the virtualhost for the forum host, so that it goes to www, as acme.sh puts it there. (or normally would...)
Code:
<VirtualHost *:443>
ServerAdmin webmaster@iceteks.com
DocumentRoot /home/user/www/example.com/forums/
ServerName forums.example.com
ServerAlias forums.example.ca
alias "/.well-known/acme-challenge/" "/home/user/www/example.com/www/.well-known/acme-challenge/"
<directory />Is there a way to make this work properly?
Also how do I go about adding another subdomain after the fact? This is where things seem to break down, because the top level domain will already have been verified so it's not going to add the proper files to that folder, but then it still wants to verify the new sub domain. I know there's a way to do it with DNS too but that sounds like an even bigger pain as you need to setup dynamic DNS, which I've looked into before and it's super tedious and needs to be done for each individual domain and there is lot of legwork involved.
Last edited:
Facebook
Twitter