I’m getting this error and im pretty sure it’s because of the subdomains:

• The following errors were reported by the server:

  Domain: simplebyte.co
  Type: unauthorized
  Detail: Invalid response from
  http://simplebyte.co/.well-known/acme-challenge/HqwB3_Th5gdYujCc0XHpNWURxTsBVnMt4L14m4uK0gg:
  “\r\n404 Not Found\r\n<body
  bgcolor=“white”>\r\n

  404 Not
  Found

  \r\n

  ---

  ”

  To fix these errors, please make sure that your domain name was
  entered correctly and the DNS A/AAAA record(s) for that domain
  contain(s) the right IP address.

• The following errors were reported by the server:

  Domain: www.simplebyte.co
  Type: connection
  Detail: Fetching
  https://simplebyte.co/.well-known/acme-challenge/hwY4hUGMAaTRgQ7GM3zpoZGI8ZNASNnI0qyBfKI863Q:
  Error getting validation data

My Domain Settings look like this:

Untitled.png1299×666 28.3 KB

Focus on this:

[that other part of the message seems only to confuse this matter]

Hi @amiramieng

you have a curious configuration ( simplebyte.co - Make your website better - DNS, redirects, mixed content, certificates ):

If you use http-01 validation, a file under /.well-known/acme-challenge is checked.

Your http + non www has a http status 404, which is good.

Your http + www redirects to https + non-www - then follows a timeout.

So Letsencrypt can't validate your www - domain name.

Remove the redirect, then check your config file to find your webroot. Then use something like

certbot run -a webroot -i apache -w yourwebroot -d simplebyte.co -d www.simplebyte.co

The http to https redirect was a thing i added on my previous server in .htaccess, why is it still an issue, it’s a different IP address.

Let me also add that I had a previous SSL certificate on the cpanel, does that make a difference?

If you use cPanel, you shouldn't use Certbot directly.

cPanel has it's own management.

I used cpanel on my other server with this domain.

What command did you run?

Do you know why port 443 on your site returns a “No route to host” error? A firewall? Is SSL set up on this server currently? Was it before?

@mnordhoff No, I never had any certificates on this server. I ran this command:
sudo certbot certonly --agree-tos --email admin@example.com --webroot -w /var/lib/letsencrypt/ -d example.com -d www.example.com

Is this really your webroot? Where your domain starts?

Then you have a wrong redirect (rechecked now):

http://www.simplebyte.co/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
95.179.182.197
	301
	https://simplebyte.co/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
	0.037
	E

Your http www + /.well-known/acme-challenge redirects to https + non-www. But https has a timeout / doesn't exist.

If you have a working certificate, you can use such a redirect. But if there is no working SSL-configuration, then the redirect result is dead -> timeout -> challenge fails.

So remove this redirect to create a certificate with www.

Non-www hasn't such a redirect.

I had the redirect on my other server through cpanel in my .htaccess file, but not on this IP, could that be an issues?

I don't understand your setup.

Which instance answers if I check your domain via simplebyte.co - Make your website better - DNS, redirects, mixed content, certificates

It's impossible to see that.

I see only the result. Redirect http -> https, then a timeout.

You have this settings:

So 95.179.182.197 answers. And Certbot should run on the server with this ip.

PS: Letsencrypt must check if you are the domain owner. So if Certbot (the client) works on server (1), but Letsencrypt checks server (2), that can't work.

As @JuergenAuer pointed out:
This does NOT look like a DocumentRoot:

Unless you have made some /.well-known/acme-challenge/ rewrite, the webroot must match the actual documentroot.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.