I noticed on some of my domains I have a self-signed certificate instead of the regular SSL let’s encrypt.
I try to generate an SSL certificate through cyperpanel and it says “success” but it still shows as self-signed. I looked in the error logs and I get a message that there are too many redirects for the well-known / acme challenge
I first thought maybe this was a cloudflare thing, but disabling that did not fix the issue.
I then thought maybe there was a redirect in my .htaccess, but I am fairly certain I made sure it won’t redirect for those directories.
The only solution that worked was generating an SSL certificate separately and then manually adding the certificate in cyberpanel.
I can’t see doing this for multiple domains every 90 days. I’ve seen a few other posts with similar issues, but I’m not sure if they are the same actual issue or something else.
Am I the only person still having this problem? I’ve seen other threads with similar issues, and it seems the only solution that worked was to delete the website and create it new. I’m assuming there is a better solution at this time.
I am now having issues with this on my hostname SSL - it was not able to renew with similar errors to my other domains (too many redirects) and so it is now a self-signed certificate, which shows as not private when I try to access cyberpanel.
I’ve gone through the troubleshooting steps (mod security is not enabled), I’ve disabled cloudflare for the domain, checked the vhosts file, and I still get the same too many redirects so it issues a self-signed certificate.
I am thinking this is my limit of troubleshooting and it’s time to move on to another control panel. I do use cloudflare, but I have it disabled for the domain and still get the same errors.
I do not want to re-install cyberpanel and reinstall all of the domains, unless someone has an easy tutorial on how to do this.
[08.04.2022_03-54-19] Status Code: Unkown for: http://www.subdomain.mydomain.com/.well-known/acme-challenge/subdomainmydomain.com. Error: HTTPConnectionPool(host=‘www.subdomain.mydomain.com’, port=80): Max retries exceeded with url: /.well-known/acme-challenge/subdomain.mydomain.com (Caused by NewConnectionError(‘<urllib3.connection.HTTPConnection object at 0x7f8ff031e670>: Failed to establish a new connection: [Errno -2] Name or service not known’))
good, crying is for your friends, logs is for solving issues with strangers.
So, I’m trying to parse the complaining, I thought you were having issues with self-signed certificate for your cyberpanel, but now it’s subdomain? Where’s the issue exactly? Did you convert cyberpanel to a subdomain or something?
Ah well that’s important information, I guess @tmoore and @usmannasir always forget to mention this important step if you move your panel to a subdomain, but yeah the function to generate certificate for the panel not gonna magically guess you moved to a subdomain.
I think you’ll have to create a context for /.well-known/acme-challenge that points to /usr/local/lsws/Example/html/.well-known/acme-challenge for that subdomain because that’s where the challenges get written, or maybe change where challenges are written? Otherwise it’ll just redirect ( if your 404 are wrongly configured ) or 404 ( like my correct server ).
There’s also an issue with cloudflare issued certificates, in that you need to manually copy them from your main domain to the subdomains, or else it messes up everything
I always had cyberpanel in a subdomain - installed it using the vultr image. It initially created the ssl certificate through my encrypt without any issue.
Then I started getting these issues with renewing certificates on all domains (not subdomain). I manually created certificates for those sites and then added them in the cyoerpanel settings for each website.
Now it apparently was time to renew the hostname ssl and it failed with the above errors (similar to the errors I get for main domains - too many redirects).
I’ve tried troubleshooting the redirect error without any success. I can’t find any code anywhere that is redirecting for those locations, and I’ve even tried creating htaccess code to prevent redirects for those urls without success.
Obviously there is a redirect code somewhere but I don’t know how else to locate where else it would be if not in htaccess.
but you don’t have any 403.html, 404.html, 500.html so when it tries to redirect to it, can’t find it, making it redirect to 404.html, which doesn’t exist, etc. unlimited loops of redirects. So fix it ( by removing that, or by having a 404.html ).
In order to edit the vhost.conf I had to manually edit the file for the subdomain as I can not find a way to edit it directly through the cyberpanel interface. When I added the following to the end, and restarted the litespeed service, I was able to issue a Let’s Encrypt SSL certificate.
Similarly, if I add the below code to the vhost.conf for the regular domains, I can now get it to issue Let’s Encrypt certs.
