Challenge failing for domain certificate generating

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:sudo certbot --nginx -d

It produced this output:Challenge failed for domain

My web server is (include version): nginx

The operating system my web server runs on is (include version):linux ubuntu 20.04.1

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):certbot 0.40.0

1 Like

Hi @william1995 and welcome to the LE community forum :slight_smile:

Your command uses --nginx, but an Apache server is heard answering at that location:

curl -Iki
HTTP/1.1 200 OK
Date: Wed, 24 Feb 2021 10:29:48 GMT
Server: Apache
Cache-Control: max-age=600
Expires: Wed, 24 Feb 2021 10:39:48 GMT
Strict-Transport-Security: max-age=31536000
Vary: User-Agent
Content-Type: text/html;charset=ISO-8859-1
1 Like

her it's showing nginx
curl -Iki
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 24 Feb 2021 10:39:25 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Cache-Control: no-cache, no-store
Pragma: no-cache

Hi @william1995

as @rg305 explained - there is no nginx. See
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0	404
Html is minified: 100,00 %	0.387
Not Found
Visible Content: Not Found The requested URL was not found on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Date: Wed, 24 Feb 2021 10:27:21 GMT
Server: Apache
Content-Length: 315
Connection: close
Content-Type: text/html; charset=iso-8859-1

Only Apache answers.

Looks like you check the wrong system, not that system, that's online.

PS: Or you have a proxy or something else in front of your server.

Host Type IP-Address is auth. ∑ Queries ∑ Timeout A Southfield/Michigan/United States (US) - ACENET, INC. Hostname: yes 1 0
AAAA yes A Southfield/Michigan/United States (US) - ACENET, INC. Hostname: yes 1 0

is your public visible ip address.

1 Like

How can i proceed to solve this issue?

Please read required basics:

Then explain why you think you have a nginx.

Your setup is unknown.


Where is here?

1 Like

It seems like the domain name you're using has a different meaning—somehow pointing to a different server—on your own network compared to the rest of the Internet. That could be because of split-horizon DNS (i.e. having different DNS records for inside and outside the network), or a reverse proxy, or something else.

It will definitely be tricky to solve this until you can figure out which machine is which, and why it looks different from the inside and the outside! (For example, you might be running Certbot on the wrong machine, or people outside your network might not be connecting to the same machine you intended.)


My money is on the additional reverse proxy layer unseen by internal systems.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.