Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems: Domain: www.iimeedu.com Type: unauthorized Detail: 184.107.37.82: Invalid response from http://www.iimeedu.com/.well-known/acme

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:https://www.iimeedu.com/

root@iimeedu:~# sudo apt install certbot python3-certbot-apache
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
certbot is already the newest version (1.21.0-1build1).
python3-certbot-apache is already the newest version (1.21.0-1).
0 upgraded, 0 newly installed, 0 to remove and 67 not upgraded.
root@iimeedu:~# sudo ufw allow 'Apache Full'
Skipping adding existing rule
Skipping adding existing rule (v6)
root@iimeedu:~# sudo certbot --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Please enter the domain name(s) you would like on your certificate (comma and/or
space separated) (Enter 'c' to cancel): iimeedu.com
Requesting a certificate for iimeedu.com

Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: iimeedu.com
Type: unauthorized
Detail: 184.107.37.82: Invalid response from http://iimeedu.com/.well-known/acme-challenge/gl66TeCZ_gR1FBH4dzlq6FrBhsKV6WaZ8GHRSA148_o: 404

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

Do you control iimeedu.com, and is it hosted from the server on which you're running certbot?

3 Likes

Hi @sara184, and welcome to the LE community forum :slight_smile:

Presuming to do control this domain and more specifically that IP shown.
I'd start the troubleshooting this at Apache.

2 Likes

Hi Sara,

Could you perhaps explain a little bit more about what you're trying to achieve ultimately? Because as it is, your site is already protected by a (wildcard) Let's Encrypt certificate which isn't due to expire until February 2023.

3 Likes

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: iimeedu.com

I ran this command:
sudo ufw allow 'Apache Full'
sudo certbot --apache

It produced this output:

Requesting a certificate for iimeedu.com

Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: iimeedu.com
Type: unauthorized
Detail: 184.107.37.82: Invalid response from http://iimeedu.com/.well-known/acme-challenge/gl66TeCZ_gR1FBH4dzlq6FrBhsKV6WaZ8GHRSA148_o: 404

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
root@iimeedu:~# client_loop: send disconnect: Connection reset by peer
root@DESKTOP-ESI8GG0:~#

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Hello @rg305, @danb35, and @Osiris

Actually, I am trying to secure my site by providing an SSL certificate. I don't control iimeedu.com or hosted on my server. I have created a VPS on digital ocean and then I have used commands

sudo apt install certbot python3-certbot-apache
sudo ufw allow 'Apache Full'

to Install lets encrypt and allow HTTPS through the firewall and configure apache2 virtual hosts.

to Obtain an SSL certificate
sudo certbot --apache

output is
Requesting a certificate for iimeedu.com

Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: iimeedu.com
Type: unauthorized
Detail: 184.107.37.82: Invalid response from http://iimeedu.com/.well-known/acme-challenge/gl66TeCZ_gR1FBH4dzlq6FrBhsKV6WaZ8GHRSA148_o: 404

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

Some challenges have failed.

Actually, I am trying to secure my site by providing an SSL certificate. I don't control iimeedu.com or hosted on my server. I have created a VPS on digital ocean and then I have used commands

sudo apt install certbot python3-certbot-apache
sudo ufw allow 'Apache Full'

to Install lets encrypt and allow HTTPS through the firewall and configure apache2 virtual hosts.

to Obtain an SSL certificate
sudo certbot --apache

output is
Requesting a certificate for iimeedu.com

Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: iimeedu.com
Type: unauthorized

Detail: 184.107.37.82: Invalid response from http://iimeedu.com/.well-known/acme-challenge/gl66TeCZ_gR1FBH4dzlq6FrBhsKV6WaZ8GHRSA148_o: 404

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

Some challenges have failed.

Then I still don't understand what you're trying to do. You're trying to secure an already secured site (see https://www.iimeedu.com/, note the s in https://) which you don't even control at all?

4 Likes

please just search iimeedu.com it is still showing not secure

Please click the link I've provided: it's secure.

The only thing missing is a HTTP to HTTPS redirect.

2 Likes

Please show this output form your VPS:
curl -4 ifconfig.co
curl -4 ifconfig.io

[either output will do]

2 Likes

Then you won't be able to get a cert for that domain. In order to get a cert from Let's Encrypt, you need to own (or at least control) a domain name.

3 Likes

But if, as you say, iimeedu.com isn't your domain, why do you care whether it's secure?

3 Likes

Please don't follow red herrings: the site has a perfectly fine Let's Encrypt wildcard cert in place.

3 Likes

Sure it does, but that isn't her site--so why she wants a cert for that domain is a mystery to me.

3 Likes

Using this online tool https://crt.sh/ is is a list of issued certificates crt.sh | iimeedu.com, the latest one being 2022-11-20.

1 Like

Chances are the few English words about that could be meaning something else compared to how you're interpreting them.

4 Likes

Ownership is not in question [not for LE certs being validated via HTTP-01 authentication].
The only thing that matters is the IP of the VPS.
If it matches, then they can get a cert and do whatever that think is necessary.
We, however, don't even understand what might be necessary - since the site is already secure.
[as seen from the Internet]
If the IP does not match, then it is all mute.

4 Likes

so it is from someone I know and that person has asked me to help with this. So I am just trying to figure out a way to do this.

by the way thank you so much everyone for your replies.

5 Likes

Thank you so much I got what you are saying.

3 Likes

And I don't got what I've asked for now three times:

2 Likes