Hi all.
From April 1st I am finding it impossible to renew certificates or to create new ones.
Nothing has changed in the server side
Basically the http-1 validation procedure fails, even if the folder my-domain / .well-known / acme-challenge / xxxxx is reachable from internet and port 80 is open. I made a capture with wireshark and I saw that during the validation the TCP three-way handshacke is completed, but the ACME server (for example 3.122.178.200) immediately sends a reset, without making any http requests to compare the token.
The error log indicates that the DNS record may be missing, but it is present instead
Best regards,
Daniele
My domain is: test.informatica.aci.it
I ran this command: sudo certbot certonly --webroot -w /var/www/html/test --debug-challenges -v
It produced this output:
Root logging level set at 10
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requested authenticator webroot and installer None
Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot._internal.plugins.webroot:Authenticator
Initialized: <certbot._internal.plugins.webroot.Authenticator object at 0x7f220edd8cd0>
Prep: True
Selected authenticator <certbot._internal.plugins.webroot.Authenticator object at 0x7f220edd8cd0> and installer None
Plugins selected: Authenticator webroot, Installer None
Picked account: <Account(RegistrationResource(body=Registration(status=None, terms_of_service_agreed=None, agreement=u'https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf', only_return_existing=None, contact=(u'mailto:d.nardini@informatica.aci.it',), key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7f2211bcdb90>)>), external_account_binding=None), uri=u'https://acme-v01.api.letsencrypt.org/acme/reg/2586237', new_authzr_uri=u'https://acme-v01.api.letsencrypt.org/acme/new-authz', terms_of_service=u'https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf'), e94fc354a91b293a177bef6365548626, Meta(creation_host=u'reg.domini', register_to_eff=None, creation_dt=datetime.datetime(2016, 7, 12, 8, 6, 1, tzinfo=)))>
Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
"GET /directory HTTP/1.1" 200 658
Received response:
HTTP 200
content-length: 658
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
cache-control: public, max-age=0, no-cache
date: Tue, 01 Jun 2021 10:50:24 GMT
x-frame-options: DENY
content-type: application/json
{
"Da_RUwgCofw": "Adding random entries to the directory",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
No installer, picking names manually
Please enter in your domain name(s) (comma and/or space separated) (Enter 'c'
to cancel): test.informatica.aci.it
Notifying user: Requesting a certificate for test.informatica.aci.it
Requesting a certificate for test.informatica.aci.it
Generating RSA key (2048 bits): /etc/letsencrypt/keys/1179_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/1179_csr-certbot.pem
Requesting fresh nonce
Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
"HEAD /acme/new-nonce HTTP/1.1" 200 0
Received response:
HTTP 200
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
cache-control: public, max-age=0, no-cache
date: Tue, 01 Jun 2021 10:50:36 GMT
x-frame-options: DENY
replay-nonce: 0103xlg_gZ9MwF2etmlP03s612KtknWQngFDQK8BMSyyKmM
Storing nonce: 0103xlg_gZ9MwF2etmlP03s612KtknWQngFDQK8BMSyyKmM
JWS payload:
{
"identifiers": [
{
"type": "dns",
"value": "test.informatica.aci.it"
}
]
}
Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJub25jZSI6ICIwMTAzeGxnX2daOU13RjJldG1sUDAzczYxMkt0a25XUW5nRkRRSzhCTVN5eUttTSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9yZWcvMjU4NjIzNyIsICJhbGciOiAiUlMyNTYifQ",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwgCiAgICAgICJ2YWx1ZSI6ICJ0ZXN0LmluZm9ybWF0aWNhLmFjaS5pdCIKICAgIH0KICBdCn0",
"signature": "gLyjEaZOTiAssQDhCfzY-NOWMDDjEf2ZFDSDR2cKLxWZ4WAVZAEhdT10SUyrxK9cUblkRcmhTYBw-skyMf-UmuKZnldjH4DxSztSb1PadiL79LMZe3ND6uDn_LH4yS2aRFr0gp0LZM8Pm1TdYKFjjGmNOwpAau0S-rifl1uWs4ZdxAMRikYVNh81Y3-w-98gze4Ga_8OTgTSCUyY317DAQ8z4O4tbCFkn_p7sHEcvi9EkxrIukiEKA0y9XmxtryFLelC_Nd4frSV9wFDS-Y0epAVQY9YyFzv2HFGoZ-aKZytAePPWJ13EgVusysTPBpbf14IQOiR4bxTHdf2HuBaRQ"
}
"POST /acme/new-order HTTP/1.1" 201 344
Received response:
HTTP 201
content-length: 344
cache-control: public, max-age=0, no-cache
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
location: https://acme-v02.api.letsencrypt.org/acme/order/2586237/10098353496
boulder-requester: 2586237
date: Tue, 01 Jun 2021 10:50:36 GMT
x-frame-options: DENY
content-type: application/json
replay-nonce: 0104fCxfS-O7PzDjG97xZZde_j_Q2qxDzp5zGBNj4RXesxo
{
"status": "pending",
"expires": "2021-06-08T10:50:36Z",
"identifiers": [
{
"type": "dns",
"value": "test.informatica.aci.it"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/13617829937"
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/2586237/10098353496"
}
Storing nonce: 0104fCxfS-O7PzDjG97xZZde_j_Q2qxDzp5zGBNj4RXesxo
JWS payload:
Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/13617829937:
{
"protected": "eyJub25jZSI6ICIwMTA0ZkN4ZlMtTzdQekRqRzk3eFpaZGVfal9RMnF4RHpwNXpHQk5qNFJYZXN4byIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMTM2MTc4Mjk5MzciLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDEuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL3JlZy8yNTg2MjM3IiwgImFsZyI6ICJSUzI1NiJ9",
"payload": "",
"signature": "aTWlkRaVh3DwVrHrYxR3r8guKcwQtrNYVoYw7yJNUtdnznipxWMsIpoXICL4Cpp_aHvQcz-J_SR6Q2z2JQ41LzbaPrZzVGCncmajIT-j8DTMA_dgmMO1s8qZq7wZiovZidgyMfrK3wP03RWbytwBG1ggH69V09DQB67KWYi08D73II7lqXfnfwRmtg1c5a5C6JLpvqRh8Spt14rgQ_hjo3ZWZcLkRV2dvqzyKrpFdok9_dCho-NAJqYzIGDNedws8ddBbd8L3LIoYYpYNohn7qUBJVktA7xRIg_pUoW6VEp9ceJC6IMiIlY8ieodfVGJ3BM6pZJYUYWIIwdye-qE4g"
}
"POST /acme/authz-v3/13617829937 HTTP/1.1" 200 804
Received response:
HTTP 200
content-length: 804
cache-control: public, max-age=0, no-cache
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
boulder-requester: 2586237
date: Tue, 01 Jun 2021 10:50:36 GMT
x-frame-options: DENY
content-type: application/json
replay-nonce: 0103jFulg3MSIwAzyvQHz3ZnoDfh4gmw4SUtYNXF0R89TLA
{
"identifier": {
"type": "dns",
"value": "test.informatica.aci.it"
},
"status": "pending",
"expires": "2021-06-08T10:50:36Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/13617829937/MiBfQA",
"token": "j1CDQn1-JNOF2tiL9fzDd_j8jUMBkNKx5mEfam75fsI"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/13617829937/CMpg4A",
"token": "j1CDQn1-JNOF2tiL9fzDd_j8jUMBkNKx5mEfam75fsI"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/13617829937/Ktu-EQ",
"token": "j1CDQn1-JNOF2tiL9fzDd_j8jUMBkNKx5mEfam75fsI"
}
]
}
Storing nonce: 0103jFulg3MSIwAzyvQHz3ZnoDfh4gmw4SUtYNXF0R89TLA
Performing the following challenges:
http-01 challenge for test.informatica.aci.it
Using the webroot path /var/www/html/test for all unmatched domains.
Creating root challenges validation dir at /var/www/html/test/.well-known/acme-challenge
Attempting to save validation to /var/www/html/test/.well-known/acme-challenge/j1CDQn1-JNOF2tiL9fzDd_j8jUMBkNKx5mEfam75fsI
Waiting for verification...
Notifying user: Challenges loaded. Press continue to submit to CA. Pass "-v" for more info about
challenges.
Challenges loaded. Press continue to submit to CA. Pass "-v" for more info about
challenges.
Press Enter to Continue
JWS payload:
{}
Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/13617829937/MiBfQA:
{
"protected": "eyJub25jZSI6ICIwMTAzakZ1bGczTVNJd0F6eXZRSHozWm5vRGZoNGdtdzRTVXRZTlhGMFI4OVRMQSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMTM2MTc4Mjk5MzcvTWlCZlFBIiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9yZWcvMjU4NjIzNyIsICJhbGciOiAiUlMyNTYifQ",
"payload": "e30",
"signature": "higxI4xY4FVH_C-w1fkU7l_eBWHWSTPOy0vcEBFDFfIICdbJUIrD8HGRVEF1sylKxVa9eSoAkwwV6CRifpf2uZ1r9q07TUYb3le_bGG0UinTxJLhbNYa9xqTRYc1EHXerT1tveZmNUWDMLVeo172TS9AwmGIxXFigN58RJ1BDuPlxJQrlZ-07LhuOfjBR5odO27HjPQX_ec0Xh0eL_OPcwGuYTDqwc8itEMIpypN3ZmwK37bL4LpGbXNdLxAKaIOgl7tSH_sN-qT6TVYyp7SKiMuRXwwqVi1H7ops3FVb4iJyBt7OF4V8rQENyk2NjqZ5fRABOK2qzDdrrxdUF5onQ"
}
"POST /acme/chall-v3/13617829937/MiBfQA HTTP/1.1" 200 186
Received response:
HTTP 200
content-length: 186
cache-control: public, max-age=0, no-cache
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
link: https://acme-v02.api.letsencrypt.org/directory;rel="index", https://acme-v02.api.letsencrypt.org/acme/authz-v3/13617829937;rel="up"
location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/13617829937/MiBfQA
boulder-requester: 2586237
date: Tue, 01 Jun 2021 10:51:15 GMT
x-frame-options: DENY
content-type: application/json
replay-nonce: 0103ut1EtzhKY01I8Xtp0zUwH3pw5I3kUDaLkaoWpN0_0tA
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/13617829937/MiBfQA",
"token": "j1CDQn1-JNOF2tiL9fzDd_j8jUMBkNKx5mEfam75fsI"
}
Storing nonce: 0103ut1EtzhKY01I8Xtp0zUwH3pw5I3kUDaLkaoWpN0_0tA
JWS payload:
Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/13617829937:
{
"protected": "eyJub25jZSI6ICIwMTAzdXQxRXR6aEtZMDFJOFh0cDB6VXdIM3B3NUkza1VEYUxrYW9XcE4wXzB0QSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMTM2MTc4Mjk5MzciLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDEuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL3JlZy8yNTg2MjM3IiwgImFsZyI6ICJSUzI1NiJ9",
"payload": "",
"signature": "CCJBrWCmwywp7IiZ_Yo1s8WX5FJr9S3A-Rdxg3zYTciTgbfziCHudTUO7X-zRRR6_tUOa5RCEBYpc9cbni8Dnvv-GtDS7VTIQOzLpBr8aD37wEaqNHENYqFDQJ3UtthV8BCOygw791dL-lTCGyqz6P8xi3vwgVLHhh0cpxtCfNJmOw_ZAJzeFsJmFxE8z9pCMAkm1vNYWLuRETXjTsvUTDXAPqk3GHFQW7-aSkE4OxxLanvVqXwWxxvmT4uAflYBAMNyXD6RUAK8Aa9C0mEmF3jdm57Tfr2tjuFQSurrW6sG5GpVQRAmLVhJp8ise4cVncndFaw4VJ5BVT6nwu4Lyw"
}
"POST /acme/authz-v3/13617829937 HTTP/1.1" 200 804
Received response:
HTTP 200
content-length: 804
cache-control: public, max-age=0, no-cache
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
boulder-requester: 2586237
date: Tue, 01 Jun 2021 10:51:16 GMT
x-frame-options: DENY
content-type: application/json
replay-nonce: 0104nOSSm5IV6-yYbm_zAjG99Egs9CiFPaItLa27Jak1RAk
{
"identifier": {
"type": "dns",
"value": "test.informatica.aci.it"
},
"status": "pending",
"expires": "2021-06-08T10:50:36Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/13617829937/MiBfQA",
"token": "j1CDQn1-JNOF2tiL9fzDd_j8jUMBkNKx5mEfam75fsI"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/13617829937/CMpg4A",
"token": "j1CDQn1-JNOF2tiL9fzDd_j8jUMBkNKx5mEfam75fsI"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/13617829937/Ktu-EQ",
"token": "j1CDQn1-JNOF2tiL9fzDd_j8jUMBkNKx5mEfam75fsI"
}
]
}
Storing nonce: 0104nOSSm5IV6-yYbm_zAjG99Egs9CiFPaItLa27Jak1RAk
JWS payload:
Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/13617829937:
{
"protected": "eyJub25jZSI6ICIwMTA0bk9TU201SVY2LXlZYm1fekFqRzk5RWdzOUNpRlBhSXRMYTI3SmFrMVJBayIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMTM2MTc4Mjk5MzciLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDEuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL3JlZy8yNTg2MjM3IiwgImFsZyI6ICJSUzI1NiJ9",
"payload": "",
"signature": "laDaCc1K4l0L2uN4TT_kUK0DawkWV0Toj8gqM2cYfgXSLx-c7yM20xl11PG0tgDOcE6yelhpDCLXPhGZi2KDC2w-XXkFNBk3iBQbHykpqeBhENsdbFthe0OOAkZgwhPayPI-lXTxNOjHXiIwGFZEckyoqaaFrIvsB3RfweDxUF-4zoP9nqjOvYRe1AO4g6_9q19Dsy1px3HzjYdtlW4ZEFpgYfhTvsoA8hVBxdqJDxL3he8iPUAVfsrlMnJSdjsnrm1ncFPDp-0WZRgtFCoQl-lJxvNqna2o6DHs87o2nEOfe1tpO4wURD8SWuh-PKC292SpLtInEVxii3Fug8KMPg"
}
"POST /acme/authz-v3/13617829937 HTTP/1.1" 200 1210
Received response:
HTTP 200
content-length: 1210
cache-control: public, max-age=0, no-cache
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
boulder-requester: 2586237
date: Tue, 01 Jun 2021 10:51:20 GMT
x-frame-options: DENY
content-type: application/json
replay-nonce: 0103h-ZPiNZaYbpZqYf0dsJ3NxKH9A-avDnRu4sdg4DaRjs
{
"identifier": {
"type": "dns",
"value": "test.informatica.aci.it"
},
"status": "invalid",
"expires": "2021-06-08T10:50:36Z",
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "Invalid response from http://test.informatica.aci.it/.well-known/acme-challenge/j1CDQn1-JNOF2tiL9fzDd_j8jUMBkNKx5mEfam75fsI [77.73.61.72]: "\u003c!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\"\u003e\u003chtml x"",
"status": 403
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/13617829937/MiBfQA",
"token": "j1CDQn1-JNOF2tiL9fzDd_j8jUMBkNKx5mEfam75fsI",
"validationRecord": [
{
"url": "http://test.informatica.aci.it/.well-known/acme-challenge/j1CDQn1-JNOF2tiL9fzDd_j8jUMBkNKx5mEfam75fsI",
"hostname": "test.informatica.aci.it",
"port": "80",
"addressesResolved": [
"77.73.61.72"
],
"addressUsed": "77.73.61.72"
}
],
"validated": "2021-06-01T10:51:15Z"
}
]
}
Storing nonce: 0103h-ZPiNZaYbpZqYf0dsJ3NxKH9A-avDnRu4sdg4DaRjs
Challenge failed for domain test.informatica.aci.it
http-01 challenge for test.informatica.aci.it
Reporting to user: The following errors were reported by the server:
Domain: test.informatica.aci.it
Type: unauthorized
Detail: Invalid response from http://test.informatica.aci.it/.well-known/acme-challenge/j1CDQn1-JNOF2tiL9fzDd_j8jUMBkNKx5mEfam75fsI [77.73.61.72]: "<html x"
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
Encountered exception:
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/lib/python2.7/site-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
AuthorizationError: Some challenges have failed.
Calling registered functions
Cleaning up challenges
Removing /var/www/html/test/.well-known/acme-challenge/j1CDQn1-JNOF2tiL9fzDd_j8jUMBkNKx5mEfam75fsI
All challenges cleaned up
Exiting abnormally:
Traceback (most recent call last):
File "/bin/certbot", line 9, in
load_entry_point('certbot==1.11.0', 'console_scripts', 'certbot')()
File "/usr/lib/python2.7/site-packages/certbot/main.py", line 15, in main
return internal_main.main(cli_args)
File "/usr/lib/python2.7/site-packages/certbot/_internal/main.py", line 1421, in main
return config.func(config, plugins)
File "/usr/lib/python2.7/site-packages/certbot/_internal/main.py", line 1294, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File "/usr/lib/python2.7/site-packages/certbot/_internal/main.py", line 135, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/usr/lib/python2.7/site-packages/certbot/_internal/client.py", line 441, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
File "/usr/lib/python2.7/site-packages/certbot/_internal/client.py", line 374, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/usr/lib/python2.7/site-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File "/usr/lib/python2.7/site-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/lib/python2.7/site-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
AuthorizationError: Some challenges have failed.
Some challenges have failed.
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: test.informatica.aci.it
Type: unauthorized
Detail: Invalid response from
http://test.informatica.aci.it/.well-known/acme-challenge/j1CDQn1-JNOF2tiL9fzDd_j8jUMBkNKx5mEfam75fsI
[77.73.61.72]: "<html
x"To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): Apache 2.4.6
The operating system my web server runs on is (include version): CentOS Linux release 7.2.1511
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.11.0