CertSage error, well-known/acme-challenge/

I ran CertSage and it produced this output:

https://xensi.com/.well-known/acme-challenge/5BALTfBZPQmLj8sref2Yxtth8EeEizVh8Xnt2DsX-e0: 404 and I do not know where to start looking.

Welcome to the Let's Encrypt Community! :slightly_smiling_face:

That error, when coming from Let's Encrypt, means that a Let's Encrypt validation server can't acquire the challenge file from your server. Please post the complete error message, verbatim, as it contains more information (e.g. primary versus secondary validation failure).

Also, you should upgrade to CertSage 1.4.2 since I fixed some timing issues in that version caused by changes made by Let's Encrypt.

Additionally, based on your previous thread, your .htaccess file(s) might be getting in the way, which sounds strange to me given that LiteSpeed is your webserver, not Apache. Creating a test file inside the /.well-known/acme-challenge/ directory inside the webroot directory for xensi.com (where certsage.php is currently located) then ensuring that said file is accessible from the public internet (e.g. from you smartphone not connected to WiFi) can help address this problem.

Depending upon what your cPanel allows, you can probably certify all of these domain names under a single certificate using CertSage:

autodiscover.xensi.com
cpanel.xensi.com
cpcalendars.xensi.com
cpcontacts.xensi.com
xensi.com
mail.xensi.com
webdisk.xensi.com
webmail.xensi.com
www.xensi.com

4 Likes

I am using CertSage version 1.4.2 and I will test tomorrow as I am out on the limit of intent.

1 Like

1 Like

My result from the test using staging:
version 1.4.2
support@griffin.software

Trouble...
urn:ietf:params:acme:error:unauthorized
162.0.217.178: Invalid response from https://xxxsi.com/.well-known/acme-challenge/YBg7TVJIxAJ-a0hez6n5I6FDIZIsyQ2k0Wqy6RcYdLk: 404

by the way, my referred to /.well-known/acme-challenge/ directory was empty prior to entering this testing.

I created an empty file named test.

Correct. CertSage creates and removes the test files during the process. Please manually create a file named test with no extension in that directory so we can see if it's accessible from the public internet.

3 Likes

Why is the domain name changed to xxxsi.com? Typo?

https://www.xensi.com/.well-known/acme-challenge/test

...results in a 404. There's something amiss with your web server's file service. Maybe .htaccess messing things up?

1 Like

you know it is xensi.com I just wanted to keep others out to click on the link

Thank you so much but I manage to do it using acme.sh so I will continue with my cron update script as CertSage does not work for me.

2 Likes

I'm curious how that worked, but you couldn't get CertSage to work. Using DNS-01 instead of HTTP-01?

I have very little knowledge to either two forms.
But I have additional things I do not understand here:

  1. xensi.com the .well-known/ contains acme-challenge - empty.
  2. aajs.com the .well-known/acme-challenge contains one file .
  3. foto.aajs.com the .well-known/ contains one folder pki-validation - empty.
  4. radio.aajs.com the .well-known/ contains two folders; acme-challenge and pki-validation - both empty.
  5. wcg.aajs.com the .well-known/ contains one folder pki-validation with one file

Any way to make this correct?

Reissuing certificates I use /home/xensicom/.acme.sh"/acme.sh --cron --home "/home/xensicom/.acme.sh" and it works well even with the above missing files.

My .well-known/ details is visible to the net is that correct?