Problem with generating Let's Encrypt certificate

Read 2612 times
Hello everyone,

I\m trying to generate Let's Encrypt certificates. Symlinks are created and everything works fine until I perform:

Code: [Select]
/usr/local/centovacast/sbin/setssl letsencrypt my_domain_name.pl
which produces an error:

Code: [Select]
2018-05-28 15:11:59 ERROR 403: Forbidden.
  > Download error details:
  > --2018-05-28 15:11:59--  http://my_domain_name.pl/.well-known/acme-challenge/test-1527534719.21341.txt
  > Resolving my_domain_name.pl... 185.157.80.126
  > Connecting to my_domain_name.pl|185.157.80.126|:80... connected.
  > HTTP request sent, awaiting response... 403 Forbidden
  > 2018-05-28 15:11:59 ERROR 403: Forbidden.
  >
Challenge URI is not accessible.


The "Let's Encrypt" certificate authority requires a web server to be listening
on my_domain_name.pl port 80.  This means that you either need to configure
Centova Cast to listen on port 80, or (if you are using another web server on this
server) configure that web server to serve the files required to prove to "Let's
Encrypt" that you own this domain.

Refer to the following article for instructions on configuring your server
correctly for use with "Let's Encrypt":
http://www.centova.com/en/faq/cast3/information/lets_encrypt

From what I've observed, performing

Code: [Select]
/usr/local/centovacast/sbin/setssl letsencrypt my_domain_name.pl
changes permissions of

Code: [Select]
/usr/local/centovacast/etc/ssl/acme-challenges
so that the generated txt file cannot be viewed in a browser and produces an 403 error.

Any way to fix this?
Hello radioparanormalium,

If you're using a third-party web server to serve the challenge files, you'll need to add the user account under which your web server runs, to the system group "centovacast".

Either that, or simply edit setssl (line 111), and change "chmod 750" to "chmod 755".


Regards.