Workaround for Letsencrypt error "Unable to setup, Let's Encrypt"

A workaround, thanks to EE support, at least for subdomains (My system is latest stable Debian, Linode)

This is the error message: " Unable to setup, Let’s Encrypt Please make sure that your site is pointed to same server on which you are running Let’s Encrypt Client to allow it to verify the site automatically"

  1. Use the script manually sudo -H /opt/letsencrypt/letsencrypt-auto certonly --standalone -d

  2. Add SSL configuration in nginx conf files. I added an “ssl.conf” file, under /var/www/ (already existed by EE installation) with the following lines " listen 443 ssl http2; ssl on; ssl_certificate /etc/letsencrypt/live/; ssl_certificate_key /etc/letsencrypt/live/; "

nginx is already configured to include all conf files under the “live” directory with the keys already created by the script, so it’s good to go.

1 Like

seems like it works only for one domain?

You don’t need all those. Read this:

It is simply a matter of adding an A record for the subdomain you wish to install LE on.


My Domain had CAA records that did not allow Let’s Encrypt issue the certificate. By using the following commands, I found out:

sudo service nginx stop sudo -H /opt/letsencrypt/letsencrypt-auto certonly --standalone -d

This gave me the following result:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. (http-01): urn:acme:error:caa :: CAA record for prevents issuance

 - The following errors were reported by the server:

   Type:   None
   Detail: CAA record for prevents issuance`

By adding a CAA record to my DNS host, I was able to use the command:

sudo ee site update --letsencrypt

This is just to help other that might use CAA

Just in case someone else is also having this problem while trying to setup letsencrypt on a subdomain, this is the answer: Easyengine and Letsencrypt setup