Certification error for subdomain


My domain is: gpms.jp (instance 1) - (this works fine)

subdomain is : master.gpms.jp (instance 2)

I ran this command: certbot certonly --webroot -w /var/lib/redmine/public -d master.gpms.jp

It produced this output:

Failed authorization procedure. master.gpms.jp (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://master.gpms.jp/.well-known/acme-challenge/-hkcBmz31YR5neiBJZoLirQLqC_rIEkESBeG29BfSTw: "

401 Unauthorized



My web server is (include version): Apache: 2.4.6-80 (centOS)

The operating system my web server runs on is (include version): CentOS 7.5-1804

My hosting provider, if applicable, is: Conoha VPS

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):


You have Basic Auth protecting your webroot.

This isn’t going to work, because Let’s Encrypt needs to be able to make a successful request to the /.well-known/acme-challenge/ tree within that webroot.

There’s a couple of things you can try.

Use the Apache plugin and hope it solves your problem:

certbot certonly -a apache -d master.gpms.jp


Exclude the path from your Basic Auth

Where you have

Require valid-user

add above it

Require expr %{REQUEST_URI} =~ m#^/.well-known/acme-challenge/.*#

One of those two approaches should hopefully help you.


Thank you very much, it did work. it was becasue of the basic auth.

Appriciate your help !!!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.