Challenge failed for domain

Please fill out the fields below, so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain

I ran this command:certbot renew

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: No hosting provider. I have a VPS on OVH

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --versionf you're using Certbot):

The certificate has never worked on this server. I had many problems last time when I tried to install it. Thus, since I was only trying to do it because it had worked on my other VPS but it was not really needed, I bypassed it by setting a rule on the iptables in such a way that connections to port 80 were redirected to 8080. Now the web is working only in http. But anyway, I keep on receiving warning mails for 10 days expiration.

Definitively, I dont need https on I will try to install it again when have some spare time.

On my other VPS,, I had initially similar problems that, asking in this forum, finally were solved by installing a reverse proxy, But when I tried to repeat the operation in, I found new problems that I did not have time to face. That's why I set the iptable rule in order to get throught of it.

Therefore, if I could get back to the no certificate status for, it could be ok. But the warning mails for the expiration worries me.

Any help would be much appreciated.

Thanks for having read til here!


Hi @Carles

that's not an Apache, that's a Tomcat Apache.

HTTP Status 404 – nicht gefunden

Type Status Report

Message The requested resource [/.well-known/acme-challenge/1234] is not available

Beschreibung The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.

Apache Tomcat/8.5.57

And Tomcat is an own world. So it's expected that the --apache authenticator can't work.

Same with installation, Tomcat uses something with Java.

Find the correct webroot, then use --webroot and certonly to create a certificate. Then use the Tomcat internal tools to install the certificate.


Firstly, thanks for your reply.

And also let me tell you the situation right now step by step:

  1. What I really would like to do is to install a reverse proxy on the same way I did three months ago on Since I had some problems when I tried it, I left the iptable rule working on the VPS that holds, than also holds I am concerned with a total of this three domains:,, and The only that has no problems is, since it is on a separate VPS. I have three registered domains on two VPSs.

  2. On the other hand, next Monday January the 25th, I will start as a teacher in a new job. I will teach some contents on system administration that I need to deeply review before. Thus, unfortunately, now I am a bit nervous. And I have no time for this.

  3. When I have some time to dedicate to it, I will try again to install the reverse proxy on and Since I got it working on, I guess I must get it for these other two. By now, I am just worried about its expiration date, since it is not working.

I assume that I have no problems on because the certificate is well installed and that makes the cron work right to renew it. That's why (I suppose) am not receiving mails about its expiration date. But on the other VPS ( and, since it is not working, I am getting in troubles.

If temporally I could get back with this certificate, this would be a good solution. I don't really need neither to be secure pages.

Might be the problem is because in the VPS that holds I just have one registered domain. Instead, in the other one, there are two. I don't know.

Anyway, as said, right now I have no time to dedicate to this.

Let me insist in thank you for your reply. Thanks a lot.


Missatge de Juergen Auer via Let's Encrypt Community Support <> del dia ds., 23 de gen. 2021 a les 14:44:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.