letsencrypt-cpanel icon indicating copy to clipboard operation
letsencrypt-cpanel copied to clipboard

Published 20 hours ago verified publisher icon Prajithp

Error occurred: Status: 400, Detail: DNS name does not have enough labels, Type: urn:acme:error:malformed

Open will-ashworth opened this issue 7 years ago • 10 comments

This is when generating cert for the following:

  • WHM/cPanel
  • Exim
  • FTP
  • Dovecot

Now here's the weird part. When I originally installed this plugin 2-3 months ago (on a new cPanel server), it all worked great. Other LE domains are renewing fine, it's the WHM service certs that are not renewing and giving that error:

Error occurred: Status: 400, Detail: DNS name does not have enough labels, Type: urn:acme:error:malformed

CENTOS 7.2 x86_64 virtuozzo – labs  WHM 58.0 (build 32)

Is there a simple fix? It worked once. Not sure why all of a sudden it would stop working.

will-ashworth avatar Oct 25 '16 03:10 will-ashworth

Could you please email me your hostname csr file?

/var/letsencrypt/live/<Your server hostname>/<Your server hostname>.csr

So that I can check the SAN field and advice you further on this.

Prajithp avatar Oct 29 '16 11:10 Prajithp

Just sent. Thank you for your help @Prajithp

will-ashworth avatar Oct 29 '16 12:10 will-ashworth

Any luck @Prajithp ?

will-ashworth avatar Nov 03 '16 03:11 will-ashworth

I just noticed this issue also.

BeZazz avatar Nov 08 '16 19:11 BeZazz

I think it has to do with OpenVZ VPS hostname not surviving reboot. For example, if you type hostname and see "myserver", you should try hostname myserver.mycompany.com" so thathostname` outputs the full, correct hostname.

If Lets Encrypt cannot validate a correct hostname, I believe it will fail. This isn't a @Prajithp issue; but rather a server one. Not that a little helpful information upon failure wouldn't be useful. It would be great if this plugin/module could do some debuggery and output possible causes/solutions so that the admin has something more to go on when attempting to troubleshoot this type of issue.

Meanwhile, I'm working on solving this hostname issue on my end. And, I'm curious if @BeZazz or anyone else having this issue is also using Solus for their servers. It's possible that's an across-the-board cause for this particular issue. My other Xen containers aren't having issues like this. Only the OpenVZ containers.

will-ashworth avatar Nov 08 '16 19:11 will-ashworth

Also, what tipped me off was installing a competing product, and the same issue happening.

will-ashworth avatar Nov 08 '16 19:11 will-ashworth

I think you are correct. The server I had the issue with is CENTOS 7.2 x86_64 virtuozzo and the hostname was incomplete, instead of pluto.domain.com it was only pluto

BeZazz avatar Nov 08 '16 20:11 BeZazz

Well, it appears this is an issue with OpenVZ in general. The only fix I think may work is this...

hostnamectl set-hostname yoursubdomain.yourdomain.com
chattr +i /etc/hostname
reboot

chattr will ensure that even root cannot write to the file to change it. Even on reboot.

If for some reason you want to modify the file again in the future, you can do this:

chattr -i /etc/hostname

@Prajithp @BeZazz

will-ashworth avatar Nov 08 '16 20:11 will-ashworth

Just rebooted, and this is confirmed working.

will-ashworth avatar Nov 08 '16 20:11 will-ashworth

I am using VMWare and the error occurs too.

MarksEliel avatar Dec 05 '16 19:12 MarksEliel