Unable to Create SSL


I’m unable to create an SSL as per the guide with my domain. The latest error I got was:

“Error: http://mail.(domain)/.well-known/acme-challenge/letsencrypt_1569451269 is not reachable. Aborting the script.
dig output for mail.(domain):
Please make sure /.well-known alias is setup in WWW server.”

Since I am just forwarding the sub-domain to you, I cannot create the .well_known file

Would this be resolved on MXRoute’s end?

There would be no need for you to do anything … the servers control panel will handle everything for you.

Which server are you on? and how long has it been since you have added the necessary DNS records?

Are you only using MXroute for a specific sub-domain’s email rather than the root domain? If so you will need to enter the CNAME records differently than in the documentation. The documentation was written with the root domain in mind, rather than a sub-domain.

If your DNS records are set correctly (can verify at whatsmydns.net), this is usually just a matter of waiting 2-4 hours to be sure that LetsEncrypt sees them. No one will be more slow to see them.

It’s for the root domain, albeit the login URL I have set is mail.(mydomain).com.

I’m still unable to create SSL’s for any domains :confused:

It’s been a few weeks for me at this point and no luck.

@mxroute I tested your domains and found that two of them had “mail” subdomains but not “webmail” subdomains in their DNS (the other two had neither). Please make sure that you follow this guide, or if you do not that you adjust all parameters relatively:


To confirm that LetsEncrypt is working, I created an SSL certificate for the “mail” subdomain on one of your domains (b------f-------.com) and it worked fine. But note as stated in the guide, this is only for POP/IMAP/SMTP and not webmail. If intentionally not using the webmail part, you’ll need to also uncheck that hostname when following the steps to finalize the certificate creation.

It may give you trouble now trying to fix the domain that I did that on, if you decide to add the webmail subdomain later. I do not know a fix for that if it does (last time I had to delete and re-create the entire account). I highly recommend following the guide to the letter for that reason, as I may have broken that chance for you by having to test it outside of the intended workflow.