Really Simple SSL Could not reach challenge directory

  • Resolved starapple

    (@starapple)


    2 years, 7 months ago

    Greetings,

    I have added Really Simple SSL to a domain running on a VPS with Cyberpanel and OpenLiteSpeed. I installed a Let’s Encrypt certificate and it seemed to have been working fine then things went awry after I configured DNS for email. When I try reinstalling a certificate using Really Simple SSL, I get the following message:

    “Could not reach challenge directory over https://www.leecorpweb.com/.well-known/acme-challenge/really-simple-ssl-permissions-check.txt. Error code no response.”

    It’s possible the SSL problem is not caused by Really Simple SSL but since it threw me the message and the file exists where it should, I wonder if there’s a permissions problem. If this is so, what permission does RSSL expect for the the directory and the file?

    Thanks.

    The page I need help with: [log in to see the link]

Viewing 11 replies - 1 through 11 (of 11 total)
  • greldon7

    (@greldon7)

    2 years, 7 months ago

    Hi! I’m facing the same problem, it’s really frustrating because previous steps work fine. In my case this is the error I get: Could not reach challenge directory over http://barcelonaviptour.com/.well-known/acme-challenge/really-simple-ssl-permissions-check.txt. Error code no response.

    Maybe it’s because it’s trying to reach the file using http instead of https? I have created that folder and file in two places just in case, I can clic on the link and see the content of the file…

    Help please!

    Thanks!

    Thread Starter starapple

    (@starapple)

    2 years, 7 months ago

    @greldon7, what web server are you using and any control panel? In my case, the mapping to the document root seems to differ from the site’s pages and the .well-known location.

    At any rate, your problem seems to have been solved as I can see your text file by following the link in your post.

    • This reply was modified 2 years, 7 months ago by starapple.
    • This reply was modified 2 years, 7 months ago by starapple.
    Plugin Author Mark

    (@markwolters)

    2 years, 7 months ago

    Hi @starapple,

    the directory where the file is located, (.well-known/acme-challenge) should have 755 permissions. The .txt file should be automatically created if the folder permissions are sufficient. Generally files should have 644 permissions.

    Plugin Author Mark

    (@markwolters)

    2 years, 7 months ago

    Hi @greldon7,

    the file on your site is indeed reachable, could you try if resetting the Let’s Encrypt wizard using the ‘Reset Let’s Encrypt’ link in the top right corner of the wizard resolves the issue?

    Thread Starter starapple

    (@starapple)

    2 years, 7 months ago

    Hi @markwolters,

    Thanks for your response. I had set the directory permission to 755 but as I mentioned to my last reply to @greldon7, it seems RSS is not the problem. In my case, the mapping to the document root seems to differ from the site’s pages and the .well-known location.

    RSS did create the folder in the root directory and created the txt file but it seems the Cyberpanel and OpenLiteSpeed combination looks for example.com/.well-known in a different server path.

    greldon7

    (@greldon7)

    2 years, 7 months ago

    Hi @markwolters!

    Thank you for your response! No, resetting didn’t work :(. We are using Plesk 18.0.56 Update 4, I’m going to try in a different project within the same server and let you know if we face the same issue, I’m looking forward to avoiding changing the register’s records every 3 months 🙂

    Saludos!

    Plugin Author Mark

    (@markwolters)

    2 years, 7 months ago

    Hi @starapple,

    I see, Really Simple SSL will check domain.com/.well-known/acme-challenge, which is the default location for this directory. If your mapping differs, you can try if making the directory accessible via domain.com/.well-known/acme-challenge will work. You could try this using a symlink in your websites root directory. In short, if the correct folder can be accessed via domain.com/.well-known/acme-challenge, generating a certificate using Really Simple SSL should work.

    Plugin Author Mark

    (@markwolters)

    2 years, 7 months ago

    Hi @greldon7,

    you could check if the .well-known/acme-challenge directory exists in your websites root directory. If it doesn’t, that’s likely the problem. If it does, it could be a permission issue or your host blocks the generation of Let’s Encrypt certificates. Instead of manually renewing, you could also check out a tool like certbot which is able to automatically renew the certificates every three months: https://certbot.eff.org/

    Thread Starter starapple

    (@starapple)

    2 years, 7 months ago

    Hi @markwolters, the plugin does create the folder with the file in the default location. However, OpenLiteSpeed and Cyberpanel create the folder and challenge in a different location and possibly sets a map that redirects example.com/.well-known/acme-challenge in the browser bar to a different path on the server. If I chose to access the default location say /path/to/root/html/.well-known/acme-challenge, with Really Simple SSL, I would have to change the OpenLiteSpeed virtual host directive related to Let’s Encrypt.

    Bottom line is that I have to confine SSL installation and management to the panel/server rather than involving the plugin for a simple life.

    Thanks for your help so far.

    • This reply was modified 2 years, 7 months ago by starapple.
    • This reply was modified 2 years, 7 months ago by starapple.
    greldon7

    (@greldon7)

    2 years, 6 months ago

    Hi @markwolters and company!

    I have checked this issue with another project, and I have verified that the pach and verification file exist in both places:

    root/.well-known/really-simple-ssl-permissions-check.txt

    root/httpdocs/.well-known/really-simple-ssl-permissions-check.txt

    But I’m getting the same error (in Spanish):

    No se pudo acceder al directorio challenge (de verificaciones) en http://www.clifercal.es/.well-known/acme-challenge/really-simple-ssl-permissions-check.txt. Código de error no hay respuesta.

    The link is actually readable, but I don’t know if the problem is that the plugin is using HTTP instead of HTTPS as I’m managing this project under HTTPS with and invalid certificate (for example, the URL in which I’m getting the SSL installation results is https://www.clifercal.es/wp-admin/options-general.php?page=really-simple-security&letsencrypt=1#letsencrypt/le-directories)

    Any ideas? 🙂

    Un saludo!

    Thread Starter starapple

    (@starapple)

    2 years, 6 months ago

    @greldon7, check out this link. It helped me a lot in solving my problems: https://tools.letsdebug.net/. Use the Let’s Debug link on the page.

    • This reply was modified 2 years, 6 months ago by starapple.
Viewing 11 replies - 1 through 11 (of 11 total)

The topic ‘Really Simple SSL Could not reach challenge directory’ is closed to new replies.