Can't Issue SSL
in Bug Report
HI, In the current version of cyberpanel (with support for PHP 7.3) I can not use Issue SSL from CLI:
Issue SSL from webgui also does not work:
I did not find any changes to the file httpd_config.conf; There is no declaration about the listener SSL {}, something like this:
With Cyberpanle old version, only have "PHP 5.3 -> 7.2", everything still works fine.
cyberpanel issueSSL --domainName cyberpanel.net
Issue SSL from webgui also does not work:
Cannot issue SSL. Error message: 0,283 Failed to obtain SSL for domain. [issueSSLForDomain]
I did not find any changes to the file httpd_config.conf; There is no declaration about the listener SSL {}, something like this:
listener SSL {
map fb.vn fb.vn
address 0.0.0.0:443
secure 1
keyFile /usr/local/lsws/admin/conf/webadmin.key
certFile /usr/local/lsws/admin/conf/webadmin.crt
}With Cyberpanle old version, only have "PHP 5.3 -> 7.2", everything still works fine.
Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Comments
[08-57-26-Thu-Dec-2018] Failed to obtain SSL, issuing self-signed SSL for: locloc.club [08-58-52-Thu-Dec-2018] Trying to obtain SSL for: locloc.club and: www.locloc.com [08-59-08-Thu-Dec-2018] Failed to obtain SSL for: locloc.club and: www.locloc.com [08-59-08-Thu-Dec-2018] Trying to obtain SSL for: locloc.com [08-59-17-Thu-Dec-2018] Failed to obtain SSL, issuing self-signed SSL for: locloc.comDec 20 15:06:08 s1 gunicorn[4625]: [Thu Dec 20 15:06:08 UTC 2018] locloc.com:Verify error:Invalid response from http://locloc.com/.well-known/acme-challenge/rgvqFe_ZGEgAcjFJNchQO4C0oIJKZ8VslFDZxIDONTU: Dec 20 15:06:08 s1 gunicorn[4625]: [Thu Dec 20 15:06:08 UTC 2018] Please add '--debug' or '--log' to check more details. Dec 20 15:06:08 s1 gunicorn[4625]: [Thu Dec 20 15:06:08 UTC 2018] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh Dec 20 15:06:19 s1 gunicorn[4625]: [Thu Dec 20 15:06:19 UTC 2018] locloc.com:Verify error:Invalid response from http://locloc.com/.well-known/acme-challenge/Pfm95pSj7gxwBcjfiG3yMpKq6HVK8QwCt-QEH29fw2w: Dec 20 15:06:19 s1 gunicorn[4625]: [Thu Dec 20 15:06:19 UTC 2018] Please add '--debug' or '--log' to check more details. Dec 20 15:06:19 s1 gunicorn[4625]: [Thu Dec 20 15:06:19 UTC 2018] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh1. DNS.
2. Some rewrite rule is conflicting
Centos 7
The problem is in the command:
cyberpanel issueSSL --domainName locloc.comIt can not add HTTPS webs to Cyberpanel and Openlitespeed
Oh, we canceled issuing self-signed SSL, is this what you want?OMG, yes that's what I want. Why disable self-signed SSL, I feel it is very useful for sites that can not get a certificate from Let's Encrypt.
Besides, many websites use SSL from the cloudflare proxy and they just need a self-signed SSL in the backend Openlitespeed for thier site.
We can try to think of more good work around.
For the problem you mentioned, you can create an additional function to automatically check the SSL certificate of the domain and when you discover an invalid certificate you can request again certificate from "Let's encrypt" cycle.
cyberpanel issueSSL --domainName abc.com --privatekey /home/abc.com.key --publickey /home/abc.com.crt