letsencrypt not renewing - Local resolving checks failed
Posted: Sat 2. Jul 2022, 17:48
I'm sure the cause of the problem is within KeyHelp
(Problems not related to KeyHelp belong in the Offtopic forum)
I did not touch the letsencrypt process, so it should be KH.
Server operating system + version
Debian 10
Server virtualization technology used
KVM
KeyHelp version + build number
22.0.1 (Build 2660)
Problem description / error messages
For some time now (2+ weeks) KeyHelp keeps failing to renew LE for a specific subdomain of a domain hosted on this keyhelp server as well.
Expected result
Renew the certificate.
Actual result
Failed to aquire a Let's Encrypt certificate for subdomain.domain.com.
Local resolving checks failed for domain "subdomain.domain.com". Please ensure that your domain is locally resolvable!
Steps to reproduce
Run keyhelp? Nothing to do it's an automated task.
Additional information
No changes, the A record for subdomain.domain.com is the same as domain.com which is the server's own IP. If I dig subdomain.domain.com from CLI it is able to resolve it, so this is an internal keyhelp specific failure. I think it's an incorrect interpretation of a domain lookup in your scripts.
DNS Server in use is google's 8.8.4.4
The LE specific LOG states http://sudomain.domain.com/.well-known/ ... 3.82670472 returns a 404 error. I don't know how it gets that because curling the URL from within the server or externally I still get a regular response. The only time a 404 is returned when the URL is requested via httpS. Is your script mistakenly doing that and then spitting our the error with a regular http ?
(Problems not related to KeyHelp belong in the Offtopic forum)
I did not touch the letsencrypt process, so it should be KH.
Server operating system + version
Debian 10
Server virtualization technology used
KVM
KeyHelp version + build number
22.0.1 (Build 2660)
Problem description / error messages
For some time now (2+ weeks) KeyHelp keeps failing to renew LE for a specific subdomain of a domain hosted on this keyhelp server as well.
Expected result
Renew the certificate.
Actual result
Failed to aquire a Let's Encrypt certificate for subdomain.domain.com.
Local resolving checks failed for domain "subdomain.domain.com". Please ensure that your domain is locally resolvable!
Steps to reproduce
Run keyhelp? Nothing to do it's an automated task.
Additional information
No changes, the A record for subdomain.domain.com is the same as domain.com which is the server's own IP. If I dig subdomain.domain.com from CLI it is able to resolve it, so this is an internal keyhelp specific failure. I think it's an incorrect interpretation of a domain lookup in your scripts.
DNS Server in use is google's 8.8.4.4
The LE specific LOG states http://sudomain.domain.com/.well-known/ ... 3.82670472 returns a 404 error. I don't know how it gets that because curling the URL from within the server or externally I still get a regular response. The only time a 404 is returned when the URL is requested via httpS. Is your script mistakenly doing that and then spitting our the error with a regular http ?