Certbot failed to authenticate some domains (java web)

I apologize, but I am not fluent in English. I'm Brazilian and I can barely speak my native language. So with the help of google translator, I hope you understand my problem and can help me.
I have a debian server and a java web application running, I tried to follow the ssl installation process through the website: Certbot Instructions | Certbot.
However, it does not finish the process to generate the ssl certificate and shows the following message:
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: [domain]
Type: unauthorized
Invalid response from http://[domain]/.well-known/acme-challenge/FylwJbqoZr92Nz2i0FVdXotLGwPcfM22fFs4lwPWef0: 404

Attached below is letsencrypt.log

letsencrypt.txt (2.8 KB)

@davidmozart, and welcome to the LE community forum :slight_smile:

You have not provided enough information to clearly identify the problem.

My best guess is ...
You are using an Apache web server [OR a java web server] and have not been able to properly match the required --webroot path to the ACME challenge request.

In the case of Apache, use this to identify [and correct] any misconfiguration before proceeding:
sudo apachectl -t -D DUMP_VHOSTS

In the case of any other web server, ensure you have used a webroot path that matches the web site's root folder.

In all cases, use the staging environment until all testing has been completed.

Cheers from Miami :beers:


Hello dear colleague @rg305, thank you very much for the warm welcome. :partying_face: :partying_face: :partying_face:
I hope I can learn a lot here, I will try to pass on as much information as possible I installed a java system that creates a web server and by the way it is a system provided by the government for outpatient medical care, I followed the government documentation for the installation using the command: sudo certbot certonly --webroot, but I believe that when the documentation was made available there was no need to put it in the root folder of the system.
I believe that the root folder is the one with the name webserver where it has the config and stanalone.sh files, among others. Even so when I direct to that folder it still generates the error. I noticed that in the certbot log it appears as Server: nginx, I don't know if that would be exactly the error, considering that I want ssl for a system with a java server.
I noticed the Cuban flag in the profile picture, I had the pleasure of meeting some medical professionals from Cuba and I can say that they were the best professionals I had the pleasure of working with! :clap: :clap:


If you can't find the document root for that java web service, you may be able to place the whole thing behind a reverse proxy.


Dear friend, excuse my lack of knowledge. :see_no_evil: However, could you provide me with a link with instructions on how to perform the reverse proxy? :pray:

Is there anyone in the IT section that you could ask for help?


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.