Cant issue certificate for domain


Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:sudo certbot --apache

It produced this output:

certbot type: unauthorized detail: invalid response from apache

My web server is (include version):
apache 2.4.18

The operating system my web server runs on is (include version):
Ubuntu 16.04

My hosting provider, if applicable, is:
(Local hosting in South Africa : Hetzner)

I can login to a root shell on my machine (yes or no, or I don’t know):


I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.26.1

I have checked that no AAAA record is setup for the domain


What does this show?

apachectl -t -D DUMP_VHOSTS

Could you please include the full output of the command? Thanks!


Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel): 1
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from “\n\n404 Not Found\n\n

Not Found




Thanks, that looks fine. In case it got lost:

In cases like these, it’s common for ServerName/ServerAlias duplication to cause this problem, and the above can help diagnose it.


Thanks so much for your help. It seems i forgot that 0000-default.conf uses the server name setup in the config file.

Thanks again!


Any idea why the certificate is not trusted? I just issues it, on the same server i run certificates for another domain working fine.

This one now shows that it issues the certificate itself? Instead of by Letsencrypt like my other certificates


Did Certbot report success in installing the certificate?

If it did, then the cause is probably the same - some duplication in the port 443 virtual host ServerNames.


Ofcourse… the default ssl vhost (facepalm)

closed #9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.