SSL Certificate Issue: Only Subdomain Secured Manually, Main Domain Still Unsecured

Support and Discussion General Discussion
, , , ,
1

hello i would walk you through what im trying to achieve , i have a vps from contabo , a domain name from namecheap , i did setup cloudflare among these .
i installed cbPanel , created a website same as my domain , and created a sub domain , and ofcourse i ticked the mail when creating website .
i had 2 problems first the issuing of ssl where the forum is full of such topics (i believe i read them all ) : i couldnt connect to my smtp via an external app . 2nd problem is the ssl that couldnt get assigned but instead i got the self assigned one

what i did was i manually went to cyberpanel on my website and clicked on add ssl and copy pasted each one its key and cert
then i found out when i access website its still insecure but instead my subdomain is secured
when i found out about this i went ahead to website and copy pasted same certificate key and cert to used for subdomain

please to note that normal issue certificate via CBpanel only got me self assigned ssl i uninstalled cyberpanel and did it all over still same issue

cat /etc/letsencrypt/live/domain.com/cert.pem
cat /etc/letsencrypt/live/domain.com/privkey.pem
cat /etc/letsencrypt/live/domain.com/fullchain.pem

cat /etc/letsencrypt/live/server.domain.com/cert.pem
cat /etc/letsencrypt/live/server.domain.com/privkey.pem
cat /etc/letsencrypt/live/server.domain.com/fullchain.pem

cat /etc/letsencrypt/live/mail.domain.com/cert.pem
cat /etc/letsencrypt/live/mail.domain.com/privkey.pem
cat /etc/letsencrypt/live/mail.domain.com/fullchain.pem

ps: cloudflare is pointing to my server , domain nameservers already changed properly .
please dont hesitate i would provide any more needed data .
thanks in advance

2

I had a similar problem that no more certificates were issued by Let’s encrypt.

After a long search I found a solution in the forum that works for me. Unfortunately I can’t find the original article right now, so I can only describe what I did.

Go into the administration of your domain (via “Manage Domain”) and there into the area “configurations”. Here you can click on “vHost Conf” and get an editor with the loaded file.

(You can also do it via the shell).

At the end of the vhost.conf should be the following paragraph. If it is not there, you should add it at the end. Exactly like here below, i.e. “example” must remain in it - that refers to a template:

context /.well-known/acme-challenge {
location /usr/local/lsws/Example/html/.well-known/acme-challenge
allowBrowse 1

rewrite {

}
addDefaultCharset off

phpIniOverride {

}
}

this redirects the path /.well-known/acme-challenge that Lets encrypt looks for to the script from Cyberpanel.

Many greetings,
Kai

2 Likes
3

your response is very much appreciated and as i checked the vhost conf i found what you shared already exists .

context /.well-known/acme-challenge {
  location                /usr/local/lsws/Example/html/.well-known/acme-challenge
  allowBrowse             1

  rewrite  {
     enable                  0
  }
  addDefaultCharset       off

  phpIniOverride  {

  }
}