Which names would you like to activate HTTPS for?
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for learner.lincs.ed.gov
Waiting for verification...
Challenge failed for domain learner.lincs.ed.gov
http-01 challenge for learner.lincs.ed.gov
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: learner.lincs.ed.gov
Type: unauthorized
Detail: Invalid response from
http://learner.lincs.ed.gov/.well-known/acme-challenge/CeRAbAPwWxi7nkyjdAAyThkWt3zzBGwdlfT-oi9q810
[52.45.67.36]: "\n\n403
Forbidden\n\nForbidden
\n<p"To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
Using curl I get a 404 trying to hit the url, because I am sure it is gone by then, but I do not get unauthorized. The DNS for his site and the configs pass all checks.
[root@learner01 ~]# curl -v --insecure https://learner.lincs.ed.gov/.well-known/acme-challenge/CeRAbAPwWxi7nkyjdAAyThkWt3zzBGwdlfT-oi9q810
- About to connect() to learner.lincs.ed.gov port 443 (#0)
- Trying 192.168.0.130... connected
- Connected to learner.lincs.ed.gov (192.168.0.130) port 443 (#0)
- Initializing NSS with certpath: sql:/etc/pki/nssdb
- warning: ignoring value of ssl.verifyhost
- skipping SSL peer certificate verification
- SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- Server certificate:
- subject: CN=*.lincs.ed.gov,OU=Domain Control Validated
- start date: Jul 03 19:23:38 2018 GMT
- expire date: Aug 24 15:58:36 2020 GMT
- common name: *.lincs.ed.gov
- issuer: CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O="GoDaddy.com, Inc.",L=Scottsdale,ST=Arizona,C=US
GET /.well-known/acme-challenge/CeRAbAPwWxi7nkyjdAAyThkWt3zzBGwdlfT-oi9q810 HTTP/1.1
User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.44 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
Host: learner.lincs.ed.gov
Accept: /
< HTTP/1.1 404 Not Found