Slow Website and Invalid SSL

Hey there. I have started a fresh website with my redirected domain from Hostinger.
I am running a Moodle LMS with this one website, but we’re getting a lot of slow connections lately.
My department and I are also figuring out a way on how we can fix SSL connection issues with our domain.
We did attempted certain fixes for SSL like with here and the basic SSL config documentation in this forum.
On our CP Main Log file, the following errors appear:

[03.18.2022_13-11-13] Trying to obtain SSL for: carlbalita.online and: www.carlbalita.online
[03.18.2022_13-11-13] /root/.acme.sh/acme.sh --issue -d carlbalita.online -d www.carlbalita.online --cert-file /etc/letsencrypt/live/carlbalita.online/cert.pem --key-file /etc/letsencrypt/live/carlbalita.online/privkey.pem --fullchain-file /etc/letsencrypt/live/carlbalita.online/fullchain.pem -w /usr/local/lsws/Example/html -k ec-256 --force --server letsencrypt
[03.18.2022_13-11-16] Failed to obtain SSL for: carlbalita.online and: www.carlbalita.online
[03.18.2022_13-11-16] Trying to obtain SSL for: carlbalita.online
[03.18.2022_13-11-19] Failed to obtain SSL, issuing self-signed SSL for: carlbalita.online
[03.18.2022_13-12-03] {'email@carlbalita.online': (554, b'5.7.1 <email@carlbalita.online>: Relay access denied')}
[03.18.2022_13-12-03] Self signed SSL issued for carlbalita.online.

If anyone would like to give the domain a look, it is at https://carlbalita.online and give us some insight on how to properly run this VPS. Thank you!

can you please share you vhost configrations with me?

Sure thing.

docRoot                   $VH_ROOT/public_html
vhDomain                  $VH_NAME
vhAliases                 www.$VH_NAME
adminEmails               cbrcinnovations@gmail.com
enableGzip                1
enableIpGeo               1

index  {
  useServer               0
  indexFiles              index.php, index.html
}

errorlog $VH_ROOT/logs/$VH_NAME.error_log {
  useServer               0
  logLevel                WARN
  rollingSize             10M
}

accesslog $VH_ROOT/logs/$VH_NAME.access_log {
  useServer               0
  logFormat               "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
  logHeaders              5
  rollingSize             10M
  keepDays                10  
  compressArchive         1
}

errorpage 403 {
  url                     403.html
}

errorpage 404 {
  url                     404.html
}

errorpage 500 {
  url                     500.html
}

scripthandler  {
  add                     lsapi:carlb3233 php
}

extprocessor carlb3233 {
  type                    lsapi
  address                 UDS://tmp/lshttpd/carlb3233.sock
  maxConns                10
  env                     LSAPI_CHILDREN=10
  initTimeout             600
  retryTimeout            0
  persistConn             1
  pcKeepAliveTimeout      1
  respBuffer              0
  autoStart               1
  path                    /usr/local/lsws/lsphp74/bin/lsphp
  extUser                 carlb3233
  extGroup                carlb3233
  memSoftLimit            2047M
  memHardLimit            2047M
  procSoftLimit           400
  procHardLimit           500
}

phpIniOverride  {
}

module cache {
 storagePath /usr/local/lsws/cachedata/$VH_NAME
}

rewrite  {
 enable                  1
  autoLoadHtaccess        1
}

context /.well-known/acme-challenge {
  location                /usr/local/lsws/Example/html/.well-known/acme-challenge
  allowBrowse             1

  rewrite  {

  }
  addDefaultCharset       off

  phpIniOverride  {

  }
}


vhssl  {
  keyFile                 /etc/letsencrypt/live/carlbalita.online/privkey.pem
  certFile                /etc/letsencrypt/live/carlbalita.online/fullchain.pem
  certChain               1
  sslProtocol             24
  enableECDHE             1
  renegProtection         1
  sslSessionCache         1
  enableSpdy              15
  enableStapling           1
  ocspRespMaxAge           86400
}

Running latest version of CP.
image

Are you using cloudflare to host your DNS records? If so, please disable it and try to issue the SSL again

No, I am not using Cloudflare. I have an SSL provided by Hostinger which was used to encrypt the same domain with my Cloud Enterprise Hosting, but was having a hard time applying it to my VPS with the same domain name.

I hope you have configured the DNS all correct. I am unable to understand the relation between your hostinger hosting, SSL and your VPS

Its all confusing.

So, you are using VPS from Hostinger and installed cyberpanel in it and trying to configure the SSL ?

Just login to your server SSH and run this command and see if its able to issue SSL (copy paste the entire code from below.

/root/.acme.sh/acme.sh --issue -d carlbalita.online -d www.carlbalita.online --cert-file /etc/letsencrypt/live/carlbalita.online/cert.pem --key-file /etc/letsencrypt/live/carlbalita.online/privkey.pem --fullchain-file /etc/letsencrypt/live/carlbalita.online/fullchain.pem -w /usr/local/lsws/Example/html -k ec-256 --force --server letsencrypt

This is what appeared.

[root@cbrcopms ~]# /root/.acme.sh/acme.sh --issue -d carlbalita.online -d www.carlbalita.online --cert-file /etc/letsencrypt/live/carlbalita.online/cert.pem --key-file /etc/letsencrypt/live/carlbalita.online/privkey.pem --fullchain-file /etc/letsencrypt/live/carlbalita.online/fullchain.pem -w /usr/local/lsws/Example/html -k ec-256 --force --server letsencrypt --log
[Sat Mar 19 11:50:51 UTC 2022] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Sat Mar 19 11:50:52 UTC 2022] Multi domain='DNS:carlbalita.online,DNS:www.carlbalita.online'
[Sat Mar 19 11:50:52 UTC 2022] Getting domain auth token for each domain
[Sat Mar 19 11:50:56 UTC 2022] Getting webroot for domain='carlbalita.online'
[Sat Mar 19 11:50:56 UTC 2022] Getting webroot for domain='www.carlbalita.online'
[Sat Mar 19 11:50:56 UTC 2022] Verifying: carlbalita.online
[Sat Mar 19 11:50:57 UTC 2022] Pending, The CA is processing your order, please just wait. (1/30)
[Sat Mar 19 11:51:00 UTC 2022] carlbalita.online:Verify error:Invalid response from http://carlbalita.online/.well-known/acme-challenge/3G314rUUPx8UQBZyScnzayHVsQP5ZNMcVJqywiVJlRQ [2a02:4780:3:578:0:3261:503d:1]: 404
[Sat Mar 19 11:51:00 UTC 2022] Please check log file for more details: /root/.acme.sh/acme.sh.log

@die2mrw007 I hope you have configured the DNS all correct. I am unable to understand the relation between your hostinger hosting, SSL and your VPS
Its all confusing.
So, you are using VPS from Hostinger and installed cyberpanel in it and trying to configure the SSL ?

I just reached out to Hostinger. Sorry. We are currently trying to use CP’s SSL. We actually don’t have any other SSL in use.

@die2mrw007 Just login to your server SSH and run this command and see if its able to issue SSL (copy paste the entire code from below.

[root@cbrcopms ~]# /root/.acme.sh/acme.sh --issue -d carlbalita.online -d www.carlbalita.online --cert-file /etc/letsencrypt/live/carlbalita.online/cert.pem --key-file /etc/letsencrypt/live/carlbalita.online/privkey.pem --fullchain-file /etc/letsencrypt/live/carlbalita.online/fullchain.pem -w /usr/local/lsws/Example/html -k ec-256 --force --server letsencrypt --log
[Sat Mar 19 11:50:51 UTC 2022] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Sat Mar 19 11:50:52 UTC 2022] Multi domain='DNS:carlbalita.online,DNS:www.carlbalita.online'
[Sat Mar 19 11:50:52 UTC 2022] Getting domain auth token for each domain
[Sat Mar 19 11:50:56 UTC 2022] Getting webroot for domain='carlbalita.online'
[Sat Mar 19 11:50:56 UTC 2022] Getting webroot for domain='www.carlbalita.online'
[Sat Mar 19 11:50:56 UTC 2022] Verifying: carlbalita.online
[Sat Mar 19 11:50:57 UTC 2022] Pending, The CA is processing your order, please just wait. (1/30)
[Sat Mar 19 11:51:00 UTC 2022] carlbalita.online:Verify error:Invalid response from http://carlbalita.online/.well-known/acme-challenge/3G314rUUPx8UQBZyScnzayHVsQP5ZNMcVJqywiVJlRQ [2a02:4780:3:578:0:3261:503d:1]: 404
[Sat Mar 19 11:51:00 UTC 2022] Please check log file for more details: /root/.acme.sh/acme.sh.log

I have no idea how to obtain the .log file unfortunately.

Restart your server and then login to ssh and execute this code this time:

/root/.acme.sh/acme.sh --issue -d carlbalita.online -d www.carlbalita.online --cert-file /etc/letsencrypt/live/carlbalita.online/cert.pem --key-file /etc/letsencrypt/live/carlbalita.online/privkey.pem --fullchain-file /etc/letsencrypt/live/carlbalita.online/fullchain.pem -w /usr/local/lsws/Example/html -k ec-256 --force --server letsencrypt --debug

Hello!
Here is the entirety.


[root@cbrcopms ~]# /root/.acme.sh/acme.sh --issue -d carlbalita.online -d www.carlbalita.online --cert-file /etc/letsencrypt/live/carlbalita.online/cert.pem --key-file /etc/letsencrypt/live/carlbalita.online/privkey.pem --fullchain-file /etc/letsencrypt/live/carlbalita.online/fullchain.pem -w /usr/local/lsws/Example/html -k ec-256 --force --server letsencrypt --debug
[Sat Mar 19 15:22:49 UTC 2022] Selected server: https://acme-v02.api.letsencrypt.org/directory
[Sat Mar 19 15:22:49 UTC 2022] Lets find script dir.
[Sat Mar 19 15:22:49 UTC 2022] _SCRIPT_='/root/.acme.sh/acme.sh'
[Sat Mar 19 15:22:49 UTC 2022] _script='/root/.acme.sh/acme.sh'
[Sat Mar 19 15:22:49 UTC 2022] _script_home='/root/.acme.sh'
[Sat Mar 19 15:22:49 UTC 2022] Using config home:/root/.acme.sh
https://github.com/acmesh-official/acme.sh
v3.0.3
[Sat Mar 19 15:22:49 UTC 2022] Using server: letsencrypt
[Sat Mar 19 15:22:49 UTC 2022] Running cmd: issue
[Sat Mar 19 15:22:49 UTC 2022] _main_domain='carlbalita.online'
[Sat Mar 19 15:22:49 UTC 2022] _alt_domains='www.carlbalita.online'
[Sat Mar 19 15:22:49 UTC 2022] Using config home:/root/.acme.sh
[Sat Mar 19 15:22:49 UTC 2022] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Sat Mar 19 15:22:49 UTC 2022] DOMAIN_PATH='/root/.acme.sh/carlbalita.online_ecc'
[Sat Mar 19 15:22:49 UTC 2022] Le_NextRenewTime
[Sat Mar 19 15:22:49 UTC 2022] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Sat Mar 19 15:22:49 UTC 2022] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Sat Mar 19 15:22:49 UTC 2022] GET
[Sat Mar 19 15:22:49 UTC 2022] url='https://acme-v02.api.letsencrypt.org/directory'
[Sat Mar 19 15:22:49 UTC 2022] timeout=
[Sat Mar 19 15:22:49 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
[Sat Mar 19 15:22:50 UTC 2022] ret='0'
[Sat Mar 19 15:22:50 UTC 2022] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Sat Mar 19 15:22:50 UTC 2022] ACME_NEW_AUTHZ
[Sat Mar 19 15:22:50 UTC 2022] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Sat Mar 19 15:22:50 UTC 2022] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Sat Mar 19 15:22:50 UTC 2022] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Sat Mar 19 15:22:50 UTC 2022] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Sat Mar 19 15:22:50 UTC 2022] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Sat Mar 19 15:22:50 UTC 2022] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Sat Mar 19 15:22:50 UTC 2022] _on_before_issue
[Sat Mar 19 15:22:50 UTC 2022] _chk_main_domain='carlbalita.online'
[Sat Mar 19 15:22:50 UTC 2022] _chk_alt_domains='www.carlbalita.online'
[Sat Mar 19 15:22:50 UTC 2022] Le_LocalAddress
[Sat Mar 19 15:22:50 UTC 2022] d='carlbalita.online'
[Sat Mar 19 15:22:50 UTC 2022] Check for domain='carlbalita.online'
[Sat Mar 19 15:22:50 UTC 2022] _currentRoot='/usr/local/lsws/Example/html'
[Sat Mar 19 15:22:50 UTC 2022] d='www.carlbalita.online'
[Sat Mar 19 15:22:50 UTC 2022] Check for domain='www.carlbalita.online'
[Sat Mar 19 15:22:50 UTC 2022] _currentRoot='/usr/local/lsws/Example/html'
[Sat Mar 19 15:22:50 UTC 2022] d
[Sat Mar 19 15:22:50 UTC 2022] _saved_account_key_hash is not changed, skip register account.
[Sat Mar 19 15:22:51 UTC 2022] Read key length:ec-256
[Sat Mar 19 15:22:51 UTC 2022] _createcsr
[Sat Mar 19 15:22:51 UTC 2022] Multi domain='DNS:carlbalita.online,DNS:www.carlbalita.online'
[Sat Mar 19 15:22:51 UTC 2022] Getting domain auth token for each domain
[Sat Mar 19 15:22:51 UTC 2022] d='www.carlbalita.online'
[Sat Mar 19 15:22:51 UTC 2022] d
[Sat Mar 19 15:22:51 UTC 2022] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Sat Mar 19 15:22:51 UTC 2022] payload='{"identifiers": [{"type":"dns","value":"carlbalita.online"},{"type":"dns","value":"www.carlbalita.online"}]}'
[Sat Mar 19 15:22:51 UTC 2022] RSA key
[Sat Mar 19 15:22:51 UTC 2022] HEAD
[Sat Mar 19 15:22:51 UTC 2022] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Sat Mar 19 15:22:51 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g  -I  '
[Sat Mar 19 15:22:52 UTC 2022] _ret='0'
[Sat Mar 19 15:22:52 UTC 2022] POST
[Sat Mar 19 15:22:52 UTC 2022] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Sat Mar 19 15:22:52 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
[Sat Mar 19 15:22:53 UTC 2022] _ret='0'
[Sat Mar 19 15:22:53 UTC 2022] code='201'
[Sat Mar 19 15:22:53 UTC 2022] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/451217160/72826100630'
[Sat Mar 19 15:22:53 UTC 2022] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/451217160/72826100630'
[Sat Mar 19 15:22:53 UTC 2022] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/89326921590'
[Sat Mar 19 15:22:53 UTC 2022] payload
[Sat Mar 19 15:22:53 UTC 2022] POST
[Sat Mar 19 15:22:53 UTC 2022] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/89326921590'
[Sat Mar 19 15:22:53 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
[Sat Mar 19 15:22:54 UTC 2022] _ret='0'
[Sat Mar 19 15:22:54 UTC 2022] code='200'
[Sat Mar 19 15:22:54 UTC 2022] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/89326921600'
[Sat Mar 19 15:22:54 UTC 2022] payload
[Sat Mar 19 15:22:54 UTC 2022] POST
[Sat Mar 19 15:22:54 UTC 2022] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/89326921600'
[Sat Mar 19 15:22:54 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
[Sat Mar 19 15:22:55 UTC 2022] _ret='0'
[Sat Mar 19 15:22:55 UTC 2022] code='200'
[Sat Mar 19 15:22:55 UTC 2022] d='carlbalita.online'
[Sat Mar 19 15:22:55 UTC 2022] Getting webroot for domain='carlbalita.online'
[Sat Mar 19 15:22:55 UTC 2022] _w='/usr/local/lsws/Example/html'
[Sat Mar 19 15:22:55 UTC 2022] _currentRoot='/usr/local/lsws/Example/html'
[Sat Mar 19 15:22:55 UTC 2022] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/89326921590/lB-EZg","token":"jWv2KfOLl4zya3KF9YLEquSuEBEQyaV5HTG0AJ0rYFk"'
[Sat Mar 19 15:22:55 UTC 2022] token='jWv2KfOLl4zya3KF9YLEquSuEBEQyaV5HTG0AJ0rYFk'
[Sat Mar 19 15:22:55 UTC 2022] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/89326921590/lB-EZg'
[Sat Mar 19 15:22:55 UTC 2022] keyauthorization='jWv2KfOLl4zya3KF9YLEquSuEBEQyaV5HTG0AJ0rYFk.F8a5AGN1ds5algyBSrmLbkFM2LWWJK_p7zebunPGnBE'
[Sat Mar 19 15:22:55 UTC 2022] dvlist='carlbalita.online#jWv2KfOLl4zya3KF9YLEquSuEBEQyaV5HTG0AJ0rYFk.F8a5AGN1ds5algyBSrmLbkFM2LWWJK_p7zebunPGnBE#https://acme-v02.api.letsencrypt.org/acme/chall-v3/89326921590/lB-EZg#http-01#/usr/local/lsws/Example/html'
[Sat Mar 19 15:22:55 UTC 2022] d='www.carlbalita.online'
[Sat Mar 19 15:22:55 UTC 2022] Getting webroot for domain='www.carlbalita.online'
[Sat Mar 19 15:22:55 UTC 2022] _w='/usr/local/lsws/Example/html'
[Sat Mar 19 15:22:55 UTC 2022] _currentRoot='/usr/local/lsws/Example/html'
[Sat Mar 19 15:22:55 UTC 2022] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/89326921600/gEGrAA","token":"J4eiy0SG_qYCXhLbcwxgtbrfmJxwhC935_vFmGG9FHE"'
[Sat Mar 19 15:22:55 UTC 2022] token='J4eiy0SG_qYCXhLbcwxgtbrfmJxwhC935_vFmGG9FHE'
[Sat Mar 19 15:22:55 UTC 2022] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/89326921600/gEGrAA'
[Sat Mar 19 15:22:55 UTC 2022] keyauthorization='J4eiy0SG_qYCXhLbcwxgtbrfmJxwhC935_vFmGG9FHE.F8a5AGN1ds5algyBSrmLbkFM2LWWJK_p7zebunPGnBE'
[Sat Mar 19 15:22:55 UTC 2022] dvlist='www.carlbalita.online#J4eiy0SG_qYCXhLbcwxgtbrfmJxwhC935_vFmGG9FHE.F8a5AGN1ds5algyBSrmLbkFM2LWWJK_p7zebunPGnBE#https://acme-v02.api.letsencrypt.org/acme/chall-v3/89326921600/gEGrAA#http-01#/usr/local/lsws/Example/html'
[Sat Mar 19 15:22:55 UTC 2022] d
[Sat Mar 19 15:22:55 UTC 2022] vlist='carlbalita.online#jWv2KfOLl4zya3KF9YLEquSuEBEQyaV5HTG0AJ0rYFk.F8a5AGN1ds5algyBSrmLbkFM2LWWJK_p7zebunPGnBE#https://acme-v02.api.letsencrypt.org/acme/chall-v3/89326921590/lB-EZg#http-01#/usr/local/lsws/Example/html,www.carlbalita.online#J4eiy0SG_qYCXhLbcwxgtbrfmJxwhC935_vFmGG9FHE.F8a5AGN1ds5algyBSrmLbkFM2LWWJK_p7zebunPGnBE#https://acme-v02.api.letsencrypt.org/acme/chall-v3/89326921600/gEGrAA#http-01#/usr/local/lsws/Example/html,'
[Sat Mar 19 15:22:55 UTC 2022] d='carlbalita.online'
[Sat Mar 19 15:22:55 UTC 2022] d='www.carlbalita.online'
[Sat Mar 19 15:22:55 UTC 2022] ok, let's start to verify
[Sat Mar 19 15:22:55 UTC 2022] Verifying: carlbalita.online
[Sat Mar 19 15:22:55 UTC 2022] d='carlbalita.online'
[Sat Mar 19 15:22:55 UTC 2022] keyauthorization='jWv2KfOLl4zya3KF9YLEquSuEBEQyaV5HTG0AJ0rYFk.F8a5AGN1ds5algyBSrmLbkFM2LWWJK_p7zebunPGnBE'
[Sat Mar 19 15:22:55 UTC 2022] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/89326921590/lB-EZg'
[Sat Mar 19 15:22:55 UTC 2022] _currentRoot='/usr/local/lsws/Example/html'
[Sat Mar 19 15:22:55 UTC 2022] wellknown_path='/usr/local/lsws/Example/html/.well-known/acme-challenge'
[Sat Mar 19 15:22:55 UTC 2022] writing token:jWv2KfOLl4zya3KF9YLEquSuEBEQyaV5HTG0AJ0rYFk to /usr/local/lsws/Example/html/.well-known/acme-challenge/jWv2KfOLl4zya3KF9YLEquSuEBEQyaV5HTG0AJ0rYFk
[Sat Mar 19 15:22:55 UTC 2022] Changing owner/group of .well-known to root:root
[Sat Mar 19 15:22:55 UTC 2022] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/89326921590/lB-EZg'
[Sat Mar 19 15:22:55 UTC 2022] payload='{}'
[Sat Mar 19 15:22:55 UTC 2022] POST
[Sat Mar 19 15:22:55 UTC 2022] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/89326921590/lB-EZg'
[Sat Mar 19 15:22:55 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
[Sat Mar 19 15:22:56 UTC 2022] _ret='0'
[Sat Mar 19 15:22:56 UTC 2022] code='200'
[Sat Mar 19 15:22:56 UTC 2022] trigger validation code: 200
[Sat Mar 19 15:22:56 UTC 2022] Pending, The CA is processing your order, please just wait. (1/30)
[Sat Mar 19 15:22:56 UTC 2022] sleep 2 secs to verify again
[Sat Mar 19 15:22:58 UTC 2022] checking
[Sat Mar 19 15:22:58 UTC 2022] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/89326921590/lB-EZg'
[Sat Mar 19 15:22:58 UTC 2022] payload
[Sat Mar 19 15:22:58 UTC 2022] POST
[Sat Mar 19 15:22:58 UTC 2022] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/89326921590/lB-EZg'
[Sat Mar 19 15:22:58 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
[Sat Mar 19 15:22:59 UTC 2022] _ret='0'
[Sat Mar 19 15:22:59 UTC 2022] code='200'
[Sat Mar 19 15:22:59 UTC 2022] carlbalita.online:Verify error:Invalid response from http://carlbalita.online/.well-known/acme-challenge/jWv2KfOLl4zya3KF9YLEquSuEBEQyaV5HTG0AJ0rYFk [2a02:4780:3:578:0:3261:503d:1]: 404
[Sat Mar 19 15:22:59 UTC 2022] Debug: get token url.
[Sat Mar 19 15:22:59 UTC 2022] GET
[Sat Mar 19 15:22:59 UTC 2022] url='http://carlbalita.online/.well-known/acme-challenge/jWv2KfOLl4zya3KF9YLEquSuEBEQyaV5HTG0AJ0rYFk'
[Sat Mar 19 15:22:59 UTC 2022] timeout=1
[Sat Mar 19 15:22:59 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g  --connect-timeout 1'
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>openresty</center>
</body>
</html>
[Sat Mar 19 15:23:00 UTC 2022] ret='0'
[Sat Mar 19 15:23:00 UTC 2022] Debugging, skip removing: /usr/local/lsws/Example/html/.well-known/acme-challenge/jWv2KfOLl4zya3KF9YLEquSuEBEQyaV5HTG0AJ0rYFk
[Sat Mar 19 15:23:00 UTC 2022] pid
[Sat Mar 19 15:23:00 UTC 2022] No need to restore nginx, skip.
[Sat Mar 19 15:23:00 UTC 2022] _clearupdns
[Sat Mar 19 15:23:00 UTC 2022] dns_entries
[Sat Mar 19 15:23:00 UTC 2022] skip dns.
[Sat Mar 19 15:23:00 UTC 2022] _on_issue_err
[Sat Mar 19 15:23:00 UTC 2022] Please check log file for more details: /root/.acme.sh/acme.sh.log
[Sat Mar 19 15:23:00 UTC 2022] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/89326921590/lB-EZg'
[Sat Mar 19 15:23:00 UTC 2022] payload='{}'
[Sat Mar 19 15:23:00 UTC 2022] POST
[Sat Mar 19 15:23:00 UTC 2022] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/89326921590/lB-EZg'
[Sat Mar 19 15:23:00 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
[Sat Mar 19 15:23:01 UTC 2022] _ret='0'
[Sat Mar 19 15:23:01 UTC 2022] code='400'
[Sat Mar 19 15:23:01 UTC 2022] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/89326921600/gEGrAA'
[Sat Mar 19 15:23:01 UTC 2022] payload='{}'
[Sat Mar 19 15:23:01 UTC 2022] POST
[Sat Mar 19 15:23:01 UTC 2022] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/89326921600/gEGrAA'
[Sat Mar 19 15:23:01 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header  -L  -g '
[Sat Mar 19 15:23:02 UTC 2022] _ret='0'
[Sat Mar 19 15:23:02 UTC 2022] code='200'
[Sat Mar 19 15:23:02 UTC 2022] Diagnosis versions:
openssl:openssl
OpenSSL 1.0.2k-fips  26 Jan 2017
apache:
apache doesn't exist.
nginx:
nginx doesn't exist.
socat:
socat by Gerhard Rieger and contributors - see www.dest-unreach.org
socat version 1.7.3.2 on Jun 23 2017 10:19:11
   running on Linux version #1 SMP Tue Aug 25 11:59:26 MSK 2020, release 3.10.0, machine x86_64
features:
  #define WITH_STDIO 1
  #define WITH_FDNUM 1
  #define WITH_FILE 1
  #define WITH_CREAT 1
  #define WITH_GOPEN 1
  #define WITH_TERMIOS 1
  #define WITH_PIPE 1
  #define WITH_UNIX 1
  #define WITH_ABSTRACT_UNIXSOCKET 1
  #define WITH_IP4 1
  #define WITH_IP6 1
  #define WITH_RAWIP 1
  #define WITH_GENERICSOCKET 1
  #define WITH_INTERFACE 1
  #define WITH_TCP 1
  #define WITH_UDP 1
  #define WITH_SCTP 1
  #define WITH_LISTEN 1
  #define WITH_SOCKS4 1
  #define WITH_SOCKS4A 1
  #define WITH_PROXY 1
  #define WITH_SYSTEM 1
  #define WITH_EXEC 1
  #define WITH_READLINE 1
  #define WITH_TUN 1
  #define WITH_PTY 1
  #define WITH_OPENSSL 1
  #undef WITH_FIPS
  #define WITH_LIBWRAP 1
  #define WITH_SYCLS 1
  #define WITH_FILAN 1
  #define WITH_RETRY 1
  #define WITH_MSGLEVEL 0 /*debug*/
[root@cbrcopms ~]#

When was the last time you performed cyberpanel update command? If its long time, then please try to run the update script of cyberpanel and see if it helps

https://community.cyberpanel.net/docs?topic=81

We just updated Cyberpanel quite recently (Friday to be exact) because we wanted to fix this SSL issue. It hasn’t been a long time.


you have problem at your DNS Manager…
you should fix that first

  1. login to your domain manager
  2. point the NS to your dns manager
  3. open your dns manager
  4. set domain.tld IN A your.cyberpanel.ip
  5. set www CNAME to your domain.tld
  6. set mail.domain.tld to your cyberpanel ip

i know that you already set it to 156.67.216.21
my suggestion use cloudflare or dns from he.net

Which is the SSL provider? If its not something mandatory for you to use the same SSL provider, then you can try the inbuilt provided Letsencrypt SSL in cyberpanel and issue a valid SSL for your domain easily.

invalid response and 404 mean your site is not getting that page.
please run the systemctl restart lsws and then run this command also check htaccess rules

Where did you lookup this DNS query? I want to see this as well.


now all you need is re-issue the SSL…

that was old script run internally…
i forgot where i get the API
but it from free tools on internet