Free SSL

epiz_11 · July 1, 2020, 2:33am

Error Message

I did dns forwarding successfully, but when trying to get free ssl, I am getting _acme-challenge not ready error even though it takes 24 hours.

UnknownLolz · July 1, 2020, 3:26am

Hello there,

What do you mean about "DNS forwarding? Did you meant about the CNAME records?

Sorry but I’m confused with your last 5 sentences, what do you mean it takes 24 hours? Did you mean about you’ve already waited for 24 hours for your CNAME records to propagate?

Also make sure that you’ve added the CNAME records correctly in the Control Panel which the SSL issuer provided you to add and you’ll have to wait up to 24 hours until those CNAME records will propagate before you can issue your SSL certificate.

epiz_11 · July 1, 2020, 3:30am

yes

UnknownLolz · July 1, 2020, 3:37am

So did you add your CNAME records to the Control Panel like this?

Please make sure that you’re doing the process correctly, try following this instruction in this KB article:

Also by any chance, are you using Cloudflare?

epiz_11 · July 1, 2020, 3:43am

No

yes

HaydenANG · July 1, 2020, 6:42am

As you can see in the photo at the bottom, you need to ensure you have added the record _acme-challenge.www, however if we could have your domain to check this, this would be easier, as we can check, along with the nameserver check.

May i have your domain you wish to get SSL for?

InfiniteHelp · July 1, 2020, 7:25am

Is there not a Let’s Encrypt SSL thing in there?

HaydenANG · July 1, 2020, 7:34am

No, your going the write way, It is a very useful SSL tool, but I now see no cname records showing up, and a minute ago, I got a response from cloudflare’s nameservers, now you are back on infinityfree’s, can you double check you have added the records like UnknownLolz said, and add them at the vista-panel, this is the response i just got for nameservers

[Wed Jul 01 09:30:48] Welcome, hang@hn
~$ dig ns robloxenthusiasts.ga

; <<>> DiG 9.11.3-1ubuntu1.12-Ubuntu <<>> ns robloxenthusiasts.ga
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45546
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 2d77f6def92938a4c472e7265efc3bab21a1f946a6e039dc (good)
;; QUESTION SECTION:
;robloxenthusiasts.ga. IN NS

;; ANSWER SECTION:
robloxenthusiasts.ga. 21331 IN CNAME robloxenthusiasts.ga.cdn.cloudflare.net.

;; AUTHORITY SECTION:
cloudflare.net. 1546 IN SOA ns1.cloudflare.net. dns.cloudflare.com. 1593588398 10000 2400 604800 3600

;; Query time: 0 msec
;; SERVER: 195.154.106.113#53(195.154.106.113)
;; WHEN: Wed Jul 01 09:30:51 CEST 2020
;; MSG SIZE rcvd: 188

But this is the response a minute ago,
[Wed Jul 01 09:28:55] Welcome, hang@hn
~$ dig cname _acme-challenge.robloxenthusiasts.ga

; <<>> DiG 9.11.3-1ubuntu1.12-Ubuntu <<>> cname _acme-challenge.robloxenthusiasts.ga
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48482
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 5170f678bb26916de0ed320d5efc3ba8c4967c803d765416 (good)
;; QUESTION SECTION:
;_acme-challenge.robloxenthusiasts.ga. IN CNAME

;; AUTHORITY SECTION:
robloxenthusiasts.ga. 1503 IN SOA ns2.epizy.com. support.robloxenthusiasts.ga. 2006112402 28800 7200 604800 86400

;; Query time: 0 msec
;; SERVER: 195.154.106.113#53(195.154.106.113)
;; WHEN: Wed Jul 01 09:30:48 CEST 2020
;; MSG SIZE rcvd: 150

[ French CEST Time]

This basically shows me that you are switching between InfinityFrees nameservers and cloudflares, can you double check in your registar dashboard what nameservers you are using?

And if infinityfree’s create a cname in the ‘CNAME’ section in the VistaPanel.

And if cloudflares nameserver, add a record in dash.cloudflare.com.

InfiniteHelp · July 1, 2020, 7:38am

I just used the Cloudflare option in Vistapanel.

HaydenANG · July 1, 2020, 7:40am

Ok, Then login to Cloudflare with your InfinityFree Account’s email, and assuming you know your password, go to DNS, add a new cname record for the SSL verification as the SSL tool told you to do.

Admin · July 1, 2020, 12:27pm

Our control panel Cloudflare integration has many issues, among which is that any subdomains and custom DNS records don’t work with it.

You can either use Cloudflare’s nameservers and set the CNAME records through their panel, or you can use our nameservers without Cloudflare.

Or your could just use Cloudflare’s Flexible SSL and not install an SSL certificate on your hosting account at all.

epiz_11 · July 1, 2020, 2:29pm

sosyalolta.tech

katufo · July 1, 2020, 3:30pm

I suggest you to setup the cloudflare using or by changing the nameservers of your domain, and so that you can also edit your DNS records using Cloudflare.

allroundernaman · July 1, 2020, 3:41pm

I have the best solution that works even without cloudflare.

Visit this website: https://freessl.space/
This is a free website where you can get SERTIGO free ssl certificates 3 months.
It’s not Let’s encrypt. But it is better than that.

allroundernaman · July 1, 2020, 3:43pm

@epiz_11 @Admin @UnknownLolz

Admin · July 1, 2020, 5:00pm

Or just use our SSL certificates tool. Which works just as well, but is provided, tested and supported by InfinityFree for use with InfinityFree.

This is contrary to other online services. Which may not work at all with our hosting, or may stop working at any time.

What makes this solution better than ours? If you think that our tools are lacking, would you please be so kind to share your feedback?

allroundernaman · July 1, 2020, 6:39pm

No I am not dominating you services. I am just advicing on the basis of my experience.

I told this because I found this topic in https://byet.net/ forums.

Yes I think your tools are lacking. Because I was unable to get the certificate even after 3 days. It worked well with other websites and cloudflare.

Sure I will provide feedback,

HaydenANG · July 2, 2020, 7:22am

I find that it is due to cname propagation that the SSL tool takes about a day to update, remeber probably hundreds of thousands of people rely on 5 nameservers and they sometimes will be on heavy demand, and unlike the fact that google use anycast to have hundreds of servers running one nameserver, i doubt it is the same.

@Admin I find the SSL tool is perfect for use, and issues the certificates like it should.

And @epiz_11, your nameservers for sosyalolta.tech are still on ns01.000webhost.com, as below;

; <<>> DiG 9.11.3-1ubuntu1.12-Ubuntu <<>> @8.8.8.8 ns sosyalolta.tech
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30491
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;sosyalolta.tech. IN NS

;; ANSWER SECTION:
sosyalolta.tech. 899 IN NS ns02.000webhost.com.
sosyalolta.tech. 899 IN NS ns01.000webhost.com.

;; Query time: 23 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Jul 02 09:21:20 CEST 2020
;; MSG SIZE rcvd: 96

Change them to ns1.epizy.com and ns2.epizy.com, then try again with everything, then like @Katufo says, use the Cloudflare integration or just cloudflare itself, then try with the DNS records again.

system · July 17, 2020, 7:23am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.