So everytime i try to create this let's encrypt certificate with this command i can never get it completed because i get this error here:
"<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p", mail.blabla.cc (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://mail.blabla.cc/.well-known/acme-challenge/JCHNmTQhgr_FDpsERRZUj8caBGFbCbd9t-B3XIaBnHQ: "
When i visit regular http for blabla.de i get to the regular website but when i go to http://mail.blabla.de i get just a white page with no error whatsoever. When i direct my browser to the letsencrypt acme challenge i get a 404 not found.
When i visit https for mail.blabla.de i get to my roundcube installation and can just log in normally (still got a working certificate but i need to make new ones) These are my apache configs:
For the mail subdomain:
<VirtualHost *:443>
DocumentRoot /opt/www/roundcubemail/
ServerName blabla.cc
ServerAlias mail.blabla.cc
Alias / "/opt/www/roundcubemail/"
<Directory />
Options FollowSymLinks
</Directory>
<Directory "/opt/www/roundcubemail/">
Require all granted
Options -Indexes
AllowOverride All
</Directory>
SSLEngine on
LogLevel debug
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Header always set Strict-Transport-Security "max-age=15768000"
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AE$
SSLHonorCipherOrder on
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
SSLCertificateFile /etc/letsencrypt/live/blabla.cc/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/blabla.cc/privkey.pem
For the regular subdomains and main domain:
Port 80:
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName blabla.cc
ServerAdmin simon@blabla.cc
ServerAlias www.blabla.cc ftp.blabla.cc
DocumentRoot /var/www/webspaces/blabla.cc/htdocs
<Directory /var/www/webspaces/blabla.cc/htdocs>
Options Indexes FollowSymLinks MultiViews
RewriteEngine On
AllowOverride All
allow from all
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
LogLevel debug
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
Port 443:
<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName blabla.cc
ServerAlias www.blabla.cc ftp.blabla.cc
ServerAdmin simon@blabla.cc
DocumentRoot /var/www/webspaces/blabla.cc/htdocs
<Directory /var/www/webspaces/blabla.cc/htdocs>
Options Indexes FollowSymLinks MultiViews
RewriteEngine On
AllowOverride All
allow from all
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
LogLevel debug
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
SSLCertificateFile /etc/letsencrypt/live/blabla.cc/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/blabla.cc/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
I renamed my domain in this example to blabla.cc.
I don't know why i get the error, can someone please help me with fixing this? I think it's a apache misconfiguration. ...
