An open collection of noteworthy things

Code

Let’s Encrypt with EasyEngine: Unable to Setup, Let’s Encrypt (Solution)

When creating a site with EasyEngine (or updating one) while trying to get it running with Let’s Encrypt (using the –letsencrypt flag), you may run into the following error:

Unable to setup, Let's Encrypt
Please make sure that your site is pointed to
same server on which you are running Let's Encrypt Client
 to allow it to verify the site automatically.

I got this error and was quite confused. Though I was using CloudFlare, its proxying mode was disabled (i.e., the grey cloud) – I found out what was causing it though.

When you run ee site update example.com --letsencrypt (or ee site create example.com <args> --letsencrypt), you’ll notice that EasyEngine creates the NGINX config (and listens for) both example.com and www.example.com – in my case, since I’d been installing on subdomain.example.com I didn’t need a www.subdomain.example.com here. Since EasyEngine will have told Let’s Encrypt to try and verify subdomain.example.com as well as www.subdomain.example.com – something which I hadn’t created a DNS record for – it would fail to get the response it needed at www.subdomain.example.com, and give that useless error message.

So the solution to the error is to create records for both the domain/subdomain you’re trying to verify as well as with www. in front of itSo if I were trying to get a certificate in EasyEngine with Let’s Encrypt for hello.example.com, I’d create records for both hello.example.com as well as www.hello.example.com pointing to my origin.

This will allow Let’s Encrypt to verify your site when EasyEngine makes the request, allowing it to get and install your certificate.