Certbot:challenge failed for domain "python3 certbot apache"


My domain is: mecandid.com

I ran this command: python3 certbot apache

It produced this output:
Which names would you like to activate HTTPS for?

1: mecandid.com
2: admin.mecandid.com
3: mail.mecandid.com
4: server3.mecandid.com
5: webmail.mecandid.com
6: www.mecandid.com

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 3
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mail.mecandid.com
Waiting for verification...
Challenge failed for domain mail.mecandid.com
http-01 challenge for mail.mecandid.com
Cleaning up challenges
Some challenges have failed.


  • The following errors were reported by the server:

    Domain: mail.mecandid.com
    Type: unauthorized
    Detail: Invalid response from https://privateemail.com/
    []: "<!doctype html>

    !function(e,t,a,n,g){e[n]=e[n]||[],e[n].push({\"gtm.start\":(new Date).getTime(),eve"

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address.

My web server is (include version):

The operating system my web server runs on is (include version): Ubuntu Linux 20.04.3

I have been trying to fix this but still could not solve this problem,
Does anyone get this issue, would be able to share steps or help?

Thank you

1 Like

Hi @jin1,

Is that name pointed at your own server? It looks like it's pointed at privateemail.com's server, which maybe isn't your web server and maybe you're not the administrator of?


Hello @schoen,

Yes, I try to point to my own server. Privateemail.com is the email service that I created email from. Is it something to do with DNS? Thank you

1 Like

Yes, I guess your DNS records are wrong because you have not pointed any of these names to your own server yet, from the point of view of the public DNS.


In this process, I have set up 3 "A Record" on my domain.

  1. Type: A Record, Host: mail Value: my IP TTL: Automatic
  2. Type: A Record, Host: mautic Value: my IP TTL: Automatic
  3. Type: A Record, Host: server3 Value: my IP TTL: Automatic

It should point to mail.mecandid.com? because Type number 1.

1 Like

Those records you mentioned don't seem to be showing up in the public DNS at all. Maybe the DNS server where you're creating them isn't set as the authoritative name server for your domain? So your DNS changes aren't taking effect for the rest of the Internet.


Hey schoen,

Thank you for your time to answer here. I was reinstall VPS but still, the same problem happened. Did you mean my domain provider is not authorized to connect? Should I change any setting on domain?

1 Like

Hello @jin1,

Checking your sites as listed in your OP:

  1. mecandid.com - server not found
  2. admin.mecandid.com - server not found

3) mail.mecandid.com - redirects to privateemail.com which is NameCheap's Private Email service. Not good.

  1. server3.mecandid.com - "Under Construction" page for mail.mecandid.com (not secure, no cert)
  2. webmail.mecandid.com - server not found
  3. www.mecandid.com server not found

This service - owned and run by NameCheap - is where you have an email address. This is not your server, but NameCheap's web mail server. I don't think what you are tying to do will work, and it would most likely be illegal.

I think you misunderstand that just because you have an email address from privateemail.com, it doesn't mean you own the server. It doesn't work like that. :slightly_smiling_face:


Hey Jim,

I have a study course on how to build your own SMTP and to use Email application.
I try to connect my domain to VPS, sorry if that was misunderstood.

1 Like

It seems you have either missed a step or incorrectly did a step in the procedure... maybe with creating an elastic IP. But that is not what this forum is for. You may wish to revisit the procedures you've gone through. I hope you make out okay. Once you've got your own IP set up for your cloud SMTP then you should be able to obtain a cert for your mail domain. We're here to help if you run into any problems at that point.


@jin1, if you're updating your DNS records somewhere, the place where you're updating them is probably not correct because it isn't changing them in the authoritative server (as seen by the rest of the Internet). You need to find how to make DNS changes that will be visible to the rest of the Internet.


Hey Schoen, Thank you. I will be looking into it.

1 Like

Hey Jim, Thank you for your information.
I have already Reinstall and re-do a few times already but yes thank you so that I know where to look for.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.