Auto renew failed - invalid response

Help
#1

I have had an issue renewing my cert. Worked fine three months ago. Initial error was indicating an error about no virtual host on port 80. So I created one and now I'm getting the invalid response from .well-known/acme-challenge error. I am not very efficient in Linux so apologies if I don't communicate clearly. I have tried reinstalling packages/updating versions and still get the same error.

If I had to guess, it is something to do with the https redirect, but I am stuck on where to go from here.

My domain is: Piler.bilton.ca
I ran this command: certbot renew

It produced this output:
Domain: piler.bilton.ca
Type: unauthorized
Detail: Invalid response from http://piler.bilton.ca/.well-known/acme-challenge/

My web server is (include version): Apache/2.4.6

The operating system my web server runs on is (include version):CentOS 7.9.009

I can login to a root shell on my machine (yes or no, or I don't know):Console

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):n/a

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Certbot 1.11.0

2 Likes
#2

Hi @AMclean and welcome to the LE community forum :slight_smile:

Let's start resolving this problem by checking what Apache is configured to do.
Please show the output of:
apachectl -S

2 Likes
#3

image
image732×368 3.79 KB

2 Likes
#4

When I visit your domain name, I am greeted not by Apache server, but by a Sonicwall server.

Has something gone wrong with your port forwarding?

2 Likes
#5

Hi @AMclean

an Apache?

Checking the not existing file

http://piler.bilton.ca/.well-known/acme-challenge/1234

the answer:

File not found!

The requested URL /.well-known/acme-challenge/1234 was not found on this server.

If you entered the URL manually please check your spelling and try again.

Error 404

SonicWall Server

Same checking your headers:

Server: SonicWALL

Looks like there answers another instance.

1 Like
#6

Let me double check. I normally disable HTTP/HTTPS when not renewing cert, so something might be off.

2 Likes
#7

I think I might have made a problem when one didn't exist!
Sonicwall issue fixed! (My PC had cached redirect so was skipping the sonicwall)

Now should I delete the VirtualHost I created on port 80 since it was working before?

2 Likes
#8

After removing the VirtualHost I added and restarting everything renewed fine!

8 hours because I didn't clear my cache so I could see the real issue....

Thanks for the help!

2 Likes