Cannot renew manual verification


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:cmrose.no-ip.biz and mnet.sytes.net

I ran this command:Download SSL Certificate

It produced this output:Domain “cmrose.no-ip.biz” challenge3 failed. … …

My web server is (include version):Apache, PHP, MySQL, Zend

The operating system my web server runs on is (include version):Windows 7 SP1

My hosting provider, if applicable, is: pc myself at home

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no


#2

Hi,

If you are using web based certificate creator, you’ll need to provide us the error message. So we can help you

Thank you


#3

Thanks for your reply.
Here is the error message when I click “Download SSL Certificate” :

Domain “cmrose.no-ip.biz” challenge3 failed. Response from “https://acme-v02.api.letsencrypt.org/acme/challenge/Gzm0Lx5FhhJe9VsDLYQeicxnHvPRtQqrf3qc6sdU9RM/4384976471” was:

Error: No valid IP addresses found for cmrose.no-ip.biz

Full Error: { “type”: “http-01”, “status”: “invalid”, “error”: { “type”: “urn:ietf:params:acme:error:unknownHost”, “detail”: “No valid IP addresses found for cmrose.no-ip.biz”, “status”: 400 }, “url”: “https://acme-v02.api.letsencrypt.org/acme/challenge/Gzm0Lx5FhhJe9VsDLYQeicxnHvPRtQqrf3qc6sdU9RM/4384976471”, “token”: “Lb8vMklG9KG0CXIpzKaz-0hKpc7Rz3KkWSj_t0KI7_o”, “validationRecord”: [ { “url”: “http://cmrose.no-ip.biz/.well-known/acme-challenge/Lb8vMklG9KG0CXIpzKaz-0hKpc7Rz3KkWSj_t0KI7_o”, “hostname”: “cmrose.no-ip.biz”, “port”: “80” } ] }


#4

PROBLEM:
ReservedAddress

EXPLANATION:
An IANA/IETF-reserved address was found for cmrose.no-ip.biz. Let’s Encrypt will always fail HTTP validation for any domain that is pointing to an address that is not routable on the internet. You should either remove this address or use the DNS validation method instead.

DETAIL:
10.2.51.73


#5

this is renew SSL, which means previously I’ve managed to get certificate for this domain https://cmrose.no-ip.biz

https://cmrose.no-ip.biz/01.png
https://cmrose.no-ip.biz/02.png

BTW. I will try another way as you suggest.

Thanks
Pras


#6

The likely explanation is that your domain wasn’t pointing to a private IP address at the time you initially created the certificate.

As long as you understand that only people inside your LAN can access that website, you’re fine to use DNS validation.


#7

Thanks for your help and attention

It work now with the same procedure as before I have done

sometime I get IP addr range from 10. x.x.x
after I reboot my router several time, I get valid IP

case closed!

Thanks everyone for your help and hard work here


#8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.