Challenge failed for domain Type: unauthorized Detail: Invalid response

My domain is: www.spendwithfriends.com

I ran this command: sudo certbot certonly --webroot -d spendwithfriends.com -d www.spendwithfriends.com

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for spendwithfriends.com
http-01 challenge for www.spendwithfriends.com
Input the webroot for spendwithfriends.com: (Enter ‘c’ to cancel): /opt/tomcat/webapps/

Select the webroot for www.spendwithfriends.com:


1: Enter a new webroot
2: /opt/tomcat/webapps


Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 2
Waiting for verification…
Challenge failed for domain spendwithfriends.com
Challenge failed for domain www.spendwithfriends.com
http-01 challenge for spendwithfriends.com
http-01 challenge for www.spendwithfriends.com
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

  • The following errors were reported by the server:

    Domain: spendwithfriends.com
    Type: unauthorized
    Detail: Invalid response from http://spendwithfriends.com/login
    [52.165.170.145]: “\n\n<html lang=“en”>\n
    \n\n\t\n\t<meta charset=“utf-8” />\n\t\n\tSpend With
    Friends\n\t\n\t<!-- Bootstrap co”

    Domain: www.spendwithfriends.com
    Type: unauthorized
    Detail: Invalid response from http://www.spendwithfriends.com/login
    [52.165.170.145]: “\n\n<html lang=“en”>\n
    \n\n\t\n\t<meta charset=“utf-8” />\n\t\n\tSpend With
    Friends\n\t\n\t<!-- Bootstrap co”

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address.

Also, after stopping tomcat, I tried this command: sudo certbot certonly --standalone -d www.spendwithfriends.com -d spendwithfriends.com

Which provided this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for spendwithfriends.com
http-01 challenge for www.spendwithfriends.com
Waiting for verification…
Challenge failed for domain spendwithfriends.com
Challenge failed for domain www.spendwithfriends.com
http-01 challenge for spendwithfriends.com
http-01 challenge for www.spendwithfriends.com
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

I’ve spent several days addressing different approaches and none seem to work. Any help would be greatly appreciated.

My web server is (include version): Tomcat/8.5.32

The operating system my web server runs on is (include version): RHEL Version 7.6

My hosting provider, if applicable, is: n/a

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.34.2

When you run Tomcat, it probably doesn’t listen on port 80, right (unless you use authbind or something like that)? Maybe it runs on port 8080 and you have a redirect rule in place?

You can find the port when Tomcat is running with:

sudo ss -tlnp | grep java

Anyway, if it is running on 8080, then you would need Certbot’s standalone mode to run on that port too. For example:

sudo certbot certonly --standalone --http-01-port 8080 ....
2 Likes

Excellent. That solved the problem. Thank you for your help!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.