LetsEncrypt issues

So, I recently let InterWorx update itself which added the LetsEncrypt module. Apart from enabling the module I am having issues.

First issue is:

I can’t generate SSL Certs.

Hosting Features > Domain > SSL Certs
and I click “Generate all with LetsEncrypt”

I then receive the error message:

? file(/var/log/letsencrypt/letsencrypt.log): failed to open stream: No such file or directory
A system error has occurred. Please try your request again in a few minutes.
If the error persists, please contact support.

I also received the Cronjob error this morning with:

CLI_Cron_IWorx::_executeClass(/home/interworx/include/Cron/RenewLetsEncryptCerts.php): failed to open stream: No such file or directory
A system error has occurred. Please try your request again in a few minutes.
If the error persists, please contact support.

Any suggestions? I’ve tried disabling the module and re-enabling it. Just thought I would post on the forum before I head to support.

Hi David

Firstly, could I ask what distro your using, and if centos 6, was this an update from centos 5 - we had this issue on one of our servers, and it turns out on the upgrade to centos 6, it did not update some files from 5 to 6

Does the domain your trying actually point to your server ie A records - if not LE would only work if the domain and DNS were pointing at the server

Your first error is the path does not exist, so you could create it and that would resolve that issue

It is your second error why I ask the above questions

If you do open a support ticket, I would appreciate if you could update post when resolved

Many thanks

John

CentOS 6 – No previous upgrade from CentOS5.

The domain has valid DNS and points via A records.
I’ve tried touching/creating/chowning the logfile manually and doesn’t solve the issue. When I do, I instead get

? Installing SSL Certificate failed

With no error’s logged anywhere.

Hi David

Many thanks, and I would advise you open a support ticket with your license provider

As I said, if you don’t mind updating once resolved that would be helpful

Many thanks

John

Sorry to bring up a slight off-topic question, but is there any documentation for the LetsEncrypt plugin for InterWorx? I searched the basic support area, and for other related topics, but just that it’s been integrated with InterWorx recently. It looks quite appealing to those whom can’t afford to purchase outright SSL certs for small sites.

Hi techalta

I’m sorry, I do not believe there are any documentation on LE plugin.

It has been integrated so you turn on or off from nodeworx plugins.

If on, there are few things which need to correct, ie DNS must point to server with domain on it, and domain must exist

The error I referred to above was not a fault of LE but one on our server using centos 5 and not centos 6 file, which when we did the upgrade to centos 6, did but upgrade all files, and retained some centos 5 files, which LE use, so errored.

We are not to bothered about this, as this server is due to be replaced very soon anyway with a new server running IW

Also, the SSL only covers the main domain you choose, so it would only cover either www.domain.url or domain.url, but not both as far as I understand. I could be wrong though, so apologies in advance

I hope that helps

Many thanks

John

I found a bug with the plugin. In the file /home/interworx/bin/install-letsencrypt.sh, line 34 there is a missing fi statement (closing out the IF).

I notified support about it.

I dont know this error from?

? Installing SSL Certificate failed!
? <!–[if IE 7]> <html class="no-js "

SS

Hi khairil

Welcome to IW forums

What IW version are you using and what distro

Lets encrypt was fully resolved in 5.1.22, and works lovely on our servers

If your using 5.1.22, I might think it’s connected with cloudflare, so I would turn off cloudflare and retry LE, then turn cloudflare back on

I hope that helps

Many thanks

John

[TABLE=“class: iw-table iw-w-full”]
[TR=“class: row1 ruler”]
[TD=“class: iw-w-m nowrap”]InterWorx Version: [/TD]
[TD] InterWorx-CP v5.1.23 [Unlimited Domain][/TD]
[/TR]
[TR=“class: row2 ruler”]
[TD=“class: iw-w-m nowrap”] SiteWorx Accounts:[/TD]
[TD] 2 / Unlimited Used[/TD]
[/TR]
[TR=“class: row1 ruler”]
[TD] Distribution:[/TD]
[TD] CentOS Linux release 7.2.1511 (Core)[/TD]
[/TR]
[TR=“class: row2 ruler”]
[TD] Operating System: [/TD]
[TD] Linux 3.10.0-327.18.2.el7.x86_64 (SMP)

[/TD]
[/TR]
[/TABLE]
Every got this error, my web server is down and I cannot start it, except I am reboot the server.

Hem, i’ve disabled cloudflare, but still get error

� Installing SSL Certificate failed!
� FailedChallenges: Failed authorization procedure. khairil.xyz (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: DNS problem: SERVFAIL looking up A for khairil.xyz, www.khairil.xyz (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: DNS problem: SERVFAIL looking up A for www.khairil.xyz

Generate succes, butt after few menute, my apache going down.

and i cannot start apache

Hi khairil

Glad LE resolved

I do but think your Apache is connected with LE for Apache going down (unless you have changed any files)

I think your on centos 7, so have you tried this post

Many thanks

John

~iworx/bin/cvspermsfix.pex

~iworx/bin/varpermsfix.pex

Now I can start apache without reboot.
But I am still not understand why my apache stopped after I am generate LE.

is my apache error log is fine?

Hi khairil

Glad it resolved your issue with Apache

The LE did not stop Apache sorry, on centos 7 it can become slightly stuck on perms

The LE failure to create SSL was because you had cloudflare on domain set enabled, therefore when LE checks the A records, it is no longer pointing at your server, and due to this, will not create SSL. To create SSL with LE, your domain must be on your server and your DNS A records must resolve to your server (not cloudflare )

Many thanks

John

And again, Failed Generate Certificate with Let’s Encrypt

And my httpd is going down.
my httpd status

When I am trying to start httpd

Finally I reboot my server and httpd running.

Hi khairil

Thanks for posting, and I know on the previous RC, there was a small issue on symlink with LE for multiple CN

I might suggest you open a support ticket with IW and let them have a look to see what’s going wrong fully

If you do open a support ticket, login to nodeworx remote assistance, turn on remote assistance, then complete the support ticket, and include this forum thread link as well.

I would appreciate if you could update your post once it’s been resolved to help others

If you do open a support ticket, please leave your IW as is, with Apache running

Lastly, I should have checked, but your server does meet the minimum requirements I trust, which I assume it does or IW should not have installed.

Also, apologies, trying to view your pictures on a small mobile with my eyes is not ideal for me

I hope that helps

Many thanks

John

Hem, Generating with LE is success again, but whyyyy my httpd is always stopped???

Recently I am trying install Comodo Trial certificate, and my httpd is not stopped.

what wrong??? :confused:

Hi khairil

At a guess, I would think the LE symlink is causing perms errors in httpd

If you care to test my theory, create a LE cert, Apache should stop on your server, but then run the 2 commands I posted earlier, which should resolve perms issues, then restart Apache

If Apache restarts, then it is likely to be a permission issue

As I posted above, I would open a support ticket

Lastly, is your IW running the release candidate, if not I would update IW software to release candidate channel, update IW if new update available and test again

Many thanks

John

[QUOTE=d2d4j;28729]Hi khairil

At a guess, I would think the LE symlink is causing perms errors in httpd

If you care to test my theory, create a LE cert, Apache should stop on your server, but then run the 2 commands I posted earlier, which should resolve perms issues, then restart Apache

If Apache restarts, then it is likely to be a permission issue

As I posted above, I would open a support ticket

Lastly, is your IW running the release candidate, if not I would update IW software to release candidate channel, update IW if new update available and test again

Many thanks

John[/QUOTE]

Thank you for your reply John,

I have been created Support Ticket (USK-460102)

[QUOTE=d2d4j;28729]
At a guess, I would think the LE symlink is causing perms errors in httpd

If you care to test my theory, create a LE cert, Apache should stop on your server, but then run the 2 commands I posted earlier, which should resolve perms issues, then restart Apache

If Apache restarts, then it is likely to be a permission issue[/QUOTE]

You mean these command?

~iworx/bin/cvspermsfix.pex

~iworx/bin/varpermsfix.pex

ok, I will try it now.

My IW is running on Beta Channel.

Its fine? No such file or directory

[root@srv1iw ~]# ~iworx/bin/cvspermsfix.pex
/usr/bin/find: ‘/usr/local/interworx/lib/htmlpurifier’: No such file or directory
/usr/bin/find: ‘/usr/local/interworx/lib/htmlpurifier’: No such file or directory
[root@srv1iw ~]# ~iworx/bin/varpermsfix.pex
[root@srv1iw ~]# ~iworx/bin/varpermsfix.pex
[root@srv1iw ~]#