Unable to Create SSL

mxroute · March 2, 2020, 3:04pm

Hi,

I’m unable to create an SSL as per the guide with my domain. The latest error I got was:

“Error: http://mail.(domain)/.well-known/acme-challenge/letsencrypt_1569451269 is not reachable. Aborting the script.
dig output for mail.(domain):
Please make sure /.well-known alias is setup in WWW server.”

Since I am just forwarding the sub-domain to you, I cannot create the .well_known file

Would this be resolved on MXRoute’s end?

Alento · March 2, 2020, 3:04pm

There would be no need for you to do anything … the servers control panel will handle everything for you.

Which server are you on? and how long has it been since you have added the necessary DNS records?

Are you only using MXroute for a specific sub-domain’s email rather than the root domain? If so you will need to enter the CNAME records differently than in the documentation. The documentation was written with the root domain in mind, rather than a sub-domain.

Jarland · March 2, 2020, 3:04pm

If your DNS records are set correctly (can verify at whatsmydns.net), this is usually just a matter of waiting 2-4 hours to be sure that LetsEncrypt sees them. No one will be more slow to see them.

tjareson · March 2, 2020, 3:04pm

Hi there,
I have exactly the same issue, but without the subdomain setup, just regular domain for email.
DNS check shows configured CNAME for webmail and mail, both were registered at google-domains like 8 hours ago. I follow strictly the how-to for ssl certificates, selecting only webmail… and mail… still I get this message:
Error: http://mail.xxxxxx.info/.well-known/acme-challenge/letsencrypt_15xxxxxxx is not reachable. Aborting the script.
dig output for mail.xxxxx.info:
lisa.mxrouting.net.
Please make sure /.well-known alias is setup in WWW server.

Do I need to wait longer? Is there anything I might have missed on my end?

Cheers
Tjareson

tjareson · March 2, 2020, 3:04pm

Problem solved. The How-To was describing the cname record for lisa… but I am on arrow…

mxroute · April 3, 2022, 6:43pm

It’s for the root domain, albeit the login URL I have set is mail.(mydomain).com.

I’m still unable to create SSL’s for any domains

mxroute · December 19, 2021, 6:30am

It’s been a few weeks for me at this point and no luck.

Jarland · December 19, 2021, 6:31am

@mxroute I tested your domains and found that two of them had “mail” subdomains but not “webmail” subdomains in their DNS (the other two had neither). Please make sure that you follow this guide, or if you do not that you adjust all parameters relatively:

https://mxroutehelp.com/index.php/2019/08/25/custom-webmail-pop-imap-smtp-domain/

To confirm that LetsEncrypt is working, I created an SSL certificate for the “mail” subdomain on one of your domains (b------f-------.com) and it worked fine. But note as stated in the guide, this is only for POP/IMAP/SMTP and not webmail. If intentionally not using the webmail part, you’ll need to also uncheck that hostname when following the steps to finalize the certificate creation.

It may give you trouble now trying to fix the domain that I did that on, if you decide to add the webmail subdomain later. I do not know a fix for that if it does (last time I had to delete and re-create the entire account). I highly recommend following the guide to the letter for that reason, as I may have broken that chance for you by having to test it outside of the intended workflow.

Jarland · June 25, 2021, 3:48am

Added some language to the guide that may help to clarify.