Fresh install on hetzner box. LetsEncrypt wont work

BIF · February 15, 2018, 8:20am

Ok im new, have been using QB for some time, decided to try and install with letsencrypt. I have a single domain that i want to use. I have all records through cloudflare as suggested in the post. I get as far as …

Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about EFF and
our work to encrypt the web, protect its users and defend digital rights.

(Y)es/(N)o: n
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for MYDOMAIN.COM
Waiting for verification...
Cleaning up challenges

We were unable to find a vhost with a ServerName or Address of MYDOMAIN
Which virtual host would you like to choose?
(note: conf files with multiple vhosts are not yet supported)

1: default-ssl.conf               |                       |       | Enabled
2: default-ssl.conf               |                       | HTTPS | Enabled

Select the appropriate number [1-2] then [enter] (press 'c' to cancel): c
No vhost exists with servername or alias of MYDOMAIN. No vhost was selected. Please specify ServerName or ServerAlias in the Apache config, or split vhosts into separate files.
No vhost selected

IMPORTANT NOTES:
 - Unable to install the certificate
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/MYDOMAIN/fullchain.pem   
.... ETC

There is no 000-default-le option.

Thanks For the Help…

bate · February 15, 2018, 8:53am

Hi, cleaned up your post to make it better readable.
Are you running the box install letsencrypt ?

I just did a LE install yesterday with CloudFlare and all went smooth.

BIF · February 15, 2018, 8:57am

Fresh install of the OS … 16.04 … then installed QB. when that finished i did the box install letsencrypt as root.
Am i supposed to add the domain manually to the server ? before running it ?

ps… 5 try… lol

JMSolo · February 15, 2018, 6:12pm

According to your original post up top, it looks as if you tried to either follow the LE Wiki here in the forums, or you tried to install it from another source, as box install letsencrypt does not produce that type of output, it’s all .acme working.

Check your /etc/letsencrypt directory and remove the domain.com from the archive, live, and renewal directories, then run box install letsencrypt once more. Additionally, make sure you have the A Records setup on your DNS.

BIF · February 15, 2018, 6:56pm

i assure you i used box install letsencrypt per the post. and i did it several times. all with the same output

JMSolo · February 15, 2018, 7:07pm

Did you comply with my instructions above and run it once more?

BIF · February 15, 2018, 7:56pm

yes i removed all 3. re ran it and it says

Bifster:/opt/letsencrypt# ./letsencrypt-auto --apache -d DOMAIN
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for DOMAIN
Waiting for verification…
Cleaning up challenges
An unexpected error occurred:
There were too many requests of a given type :: Error creating new cert :: too many certificates already issued for exact set of domains: DOMAIN: see https://letsencrypt.org/docs/rate-limits/

obviously due to trying it too many times.
I used word for word Install Let's Encrypt on your seedbox
using option 1 .
the vhost config error always comes up but never with the option of selecting 000-default-le

JMSolo · February 15, 2018, 9:56pm

box install letsencrypt is the command we use now and there is no need to follow that Wiki.

You can now install valid SSL certificates with Let’s Encrypt using QuickBox’s builtin installer.

Run: box install letsencrypt

This happened as you ran the old method. For some reason or another that failed, I can’t say as I don’t personally support nor perform that option anymore en lieu of the box command. The unfortunate bit is that you’ll probably have to wait 5 to 7 days before you can attempt to generate a certificate for that domain, unless they lessened that rate limit.

BIF · February 16, 2018, 9:05am

im confused… the first part in that wiki is to run box install letsencrypt
are you saying i just run that and forget the rest ? do nothing else.

as in doing that command… i still get the same errors that i posted above/

bate · February 16, 2018, 9:35am

I’ve modified to wiki to only include the command box install letsencrypt.
Everything else is outdated

BIF · February 16, 2018, 9:47am

Ok,reinstalled OS and QB and ran that command. Works EXCEPT … i get

This page isn’t working
DOMAIN redirected you too many times.
Try clearing your cookies.
ERR_TOO_MANY_REDIRECTS

cookies have been cleared. a record is set up on cloudflare
i used a subdomain.domain in order to bypass the limit on the main domain

from reading cloudflare says there flexible ssl option could be to blame, i switched that feature off and will let you know

BIF · February 17, 2018, 8:09am

ok so it seems to be a cloudflare issue. When using the proxy on… ( orange ) i get too many redirects. when i select DNS only ( grey ) it works. fine. Thoughts ?

bate · February 17, 2018, 8:59am

Yep… This is also how mines setup