CA marked some of the authorizations as invalid

Help
1

My domain is: http://nodedokku.tk

I ran this command: dokku letsencrypt myApp

It produced this output: listening on: http://0.0.0.0:80/
2018-10-10 20:47:13,374:INFO:main:1211: Generating new account key
2018-10-10 20:47:15,696:WARNING:main:1303: nodedokku.tk was not successfully self-verified. CA is likely to fail as well!
2018-10-10 20:47:15,903:INFO:main:1313: Generating new certificate private key
2018-10-10 20:47:17,069:ERROR:main:1271: CA marked some of the authorizations as invalid, which likely means it could not access http://example.com/.well-known/acme-challenge/X. Did you set correct path in -d example.com:path or --default_root? Is there a warning log entry about unsuccessful self-verification? Are all your domains accessible from the internet? Failing authorizations: https://acme-v01.api.letsencrypt.org/acme/authz/ptm5fXvxHtj7UJl-TtW50E1U6QhbH7SL_9CKg4cYf48
Challenge validation has failed, see error log.

My web server is (include version): Digital Ocean

The operating system my web server runs on is (include version): CentOS Linux release 7.5.1804 (Core)

My hosting provider, if applicable, is: https://my.freenom.com

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

2

Hi @suatpolat

fetching your / - there is a redirect to /login. Fetching /.well-known/acme-challenge/1234 (not existing), there is a 404. So please create a file under

/.well-known/acme-challenge/1234

and try, if you can load this file via

http://nodedokku.tk/.well-known/acme-challenge/1234
1 Like
3

Hi @JuergenAuer where should I create this file in home folder ?

4

Your website has a root folder. Check your configuration file - something like "DocumentRoot" or "root".

This is the place "/" starts. Your client has to create a file under /.well-known/acme-challenge/, the ACME-service of Letsencrypt fetches this file to validate your domain ownership.

Perhaps you have a wrong redirect. To check that, create there a file and test, if you can load this file via browser.

5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.