Challenge did not pass: {u'status': u'invalid', u'validationRecord

I am not sure what I am missing. Can someone help?

Requesting a certificate for iqutopia.com, www.iqutopia.com from Let’s Encrypt …
… request failed : Web-based validation failed : Failed to request certificate :
Parsing account key…
Parsing CSR…
Registering account…
Already registered!
Verifying www.iqutopia.com…
Traceback (most recent call last):
File “/usr/share/webmin/webmin/acme_tiny.py”, line 235, in
main(sys.argv[1:])
File “/usr/share/webmin/webmin/acme_tiny.py”, line 231, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, args.dns_hook, args.cleanup_hook, log=LOGGER, CA=args.ca)
File “/usr/share/webmin/webmin/acme_tiny.py”, line 184, in get_crt
domain, challenge_status))
ValueError: www.iqutopia.com challenge did not pass: {u’status’: u’invalid’, u’validationRecord’: [{u’addressesResolved’: [u’68.199.251.169’], u’url’: u’http://www.iqutopia.com/.well-known/acme-challenge/2XSCCNx0xLdAsCH9DICdK69gEyWj_1H2CPPxMpmFPj0’, u’hostname’: u’www.iqutopia.com’, u’addressesTried’: [], u’addressUsed’: u’68.199.251.169’, u’port’: u’80’}], u’keyAuthorization’: u’2XSCCNx0xLdAsCH9DICdK69gEyWj_1H2CPPxMpmFPj0.4HQR3BLfjQCOp9kHIjRtDnGLpJa5_UCFFslfz3S4BGU’, u’uri’: u’https://acme-v01.api.letsencrypt.org/acme/challenge/FilLti0ESJiFiQI_zdoCSMfpXxcknjwPCepp_HtVTrY/2182776479’, u’token’: u’2XSCCNx0xLdAsCH9DICdK69gEyWj_1H2CPPxMpmFPj0’, u’error’: {u’status’: 400, u’type’: u’urn:acme:error:connection’, u’detail’: u’Fetching http://www.iqutopia.com/.well-known/acme-challenge/2XSCCNx0xLdAsCH9DICdK69gEyWj_1H2CPPxMpmFPj0: Timeout’}, u’type’: u’http-01’}
DNS-based validation failed : Failed to request certificate :
Parsing account key…
Parsing CSR…
Registering account…
Already registered!
Verifying www.iqutopia.com…
Undefined subroutine &main::get_bind_zone_for_domain called at /usr/share/webmin/webmin/letsencrypt-dns.pl line 21.
Traceback (most recent call last):
File “/usr/share/webmin/webmin/acme_tiny.py”, line 235, in
main(sys.argv[1:])
File “/usr/share/webmin/webmin/acme_tiny.py”, line 231, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, args.dns_hook, args.cleanup_hook, log=LOGGER, CA=args.ca)
File “/usr/share/webmin/webmin/acme_tiny.py”, line 184, in get_crt
domain, challenge_status))
ValueError: www.iqutopia.com challenge did not pass: {u’status’: u’invalid’, u’keyAuthorization’: u’_tQwRxjhfo2qY3Q0JbgV9dCFmwY_iquVIIBhv33f4IE.4HQR3BLfjQCOp9kHIjRtDnGLpJa5_UCFFslfz3S4BGU’, u’uri’: u’https://acme-v01.api.letsencrypt.org/acme/challenge/aBnceTKSRCJpdVJV7Upm5hVJNJRDFyQiQ1omos8cNhM/2182777013’, u’token’: u’_tQwRxjhfo2qY3Q0JbgV9dCFmwY_iquVIIBhv33f4IE’, u’error’: {u’status’: 403, u’type’: u’urn:acme:error:unauthorized’, u’detail’: u’Correct value not found for DNS challenge’}, u’type’: u’dns-01’}

Hi @cosolito,

Your acme client is trying to obtain a certificate using http-01 challenge, that means that Let’s Encrypt will try to connect to your site using port 80 but or your web server is not listening on port 80 or your firewall is dropping the connection.

Cheers,
sahsanu

Looks like Let’s Encrypt timed out attempting to load: http://www.iqutopia.com/.well-known/acme-challenge/2XSCCNx0xLdAsCH9DICdK69gEyWj_1H2CPPxMpmFPj0

First, are you sure that 68.199.251.169 is the right IP for that server? I’m not able to access the server with cURL either - it just times out. If it is the right IP, do you have ports/firewalls open and passing traffic on port 80? This server needs to be accessible from the internet before you will be able to issue certificates with this challenge method. If that’s not possible, you could use the dns-01 challenge type which involves creating a DNS TXT record instead, but does not require that your server be accessible.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.