My domain is:
I ran this command:
It produced this output:
- The following errors were reported by the server:
Detail: Invalid response from
[184.108.40.206]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version):
The operating system my web server runs on is (include version):
Debian GNU/Linux 10 (buster)
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot):
Every http-request to this subdomain (any (sub-)domain is working fine, except for this) is redirected to a https-version of it. But because there is no ssl certificate, the error is reported. My apache-conf:
Thy syntax test of Apache returns "OK".
There is no .htaccess etc. which can cause a redirection.
Do you need more information to help me or give me an hint?
Best regards, Ben
There's no redirect to HTTPS for your hostname.
No, that's not it. There's no certificate error what so ever. The Let's Encrypt validation server doesn't care about invalid certificates, but in this case there was no HTTPS connection established.
I'm missing some information though. You say you run
certbot. And you're giving us the error. But I'm missing the steps between the
certbot command and the error! I.e.: what options are you inputting into certbot?
Thanks for your answer.
certbot and than I chose the numbers
23 27. Next, the error was reported. This was the output between it:
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 23 27
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mail.webserv.me
Waiting for verification...
Cleaning up challenges
Running post-hook command: systemctl restart postfix
Failed authorization procedure. mail.webserv.me (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://mail.webserv.me/.well-known/acme-challenge/zUxNfmZdXUodzaB4YhmZXPnosHXScJcHAYY01AKxi4k [220.127.116.11]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
The site that opens when you try to open https://mail.webserv.me is the domain which is sent when the domain is invalid --> error screen.
Please show the output of:
if needed, use
sudo apachectl -S
*:443 is a NameVirtualHost
*default server mail.webserv.me (/etc/apache2/sites-enabled/111aaaa.conf:1)*
port 80 namevhost mail.webserv.me (/etc/apache2/sites-enabled/111aaaa.conf:1)
port 80 namevhost mail.webserv.me (/etc/apache2/sites-enabled/mailserver.conf:1)
port 80 namevhost webmail.webserv.me (/etc/apache2/sites-enabled/mailserver.conf:8)
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/run/apache2/" mechanism=default
User: name="www-data" id=33
Group: name="www-data" id=33
I deleted some content. There were domains of my customers.
default server mail.webserv.me (/etc/apache2/sites-enabled/111aaaa.conf:1) is a bit strange. This configline is redirecting every "unknown" page to an unavoidable page. Like mail.webserv.me is directed too. mailserver.conf is the right file.
Please show these two files:
(There was a damaged slink to a file called mailconfig-le-ssl.conf. I removed it now but cerbot is still reporting the error.)
111aaaa.conf probably uses the default hostname as "ServerName" and has a completely different DocumentRoot than the virtualhost in
What's the purpose of
111aaaa.conf? Can you disable it and see what happens when you re-run certbot?
Now, I was able to create a ssl certificate.
The purpose of this file is that every Domain which is not configured in the Apache configs but is redirected via DNS to our server gets the response, that the site is temporary unavailable. That's the page you've probably seen, with a ws. in the middle.
Thank you so much! How can I active this config again without having the error?
Its probably the default virtualhost. That means every non-configured hostname ends up in that virtualhost, just as you want to. However, by not having a ServerName, it competes with the other virtualhost and as this 111aaa vhost takes precedence, the other vhost does nothing. However, if you do set a ServerName in the 111aaa vhost, this latter issue would be gone and because of the priority given to the 111aaa vhost, its catch-all function would still exist.
I recommend setting the ServerName to something like
localhost. That should do the trick.
Allright, I will set it up.
Thanks for your help.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.