Domain appending .well-known in challenge (Solved)

mtcjoshua · September 1, 2017, 3:28pm

My domain is:

5ivegames.com

I ran this command:

acme_tiny.py --account-key ./account.key --csr server.csr --acme-dir docs/.well-known/acme-challenge/

It produced this output:

ValueError: www.5ivegames.com challenge did not pass: {u'status': u'invalid', u'validationRecord': [{u'addressesResolved': [], u'url': u'https://www.5ivegames.com.well-known/acme-challenge/3xaXj0NHfVTQcWCsS_S1l0tPghHi8CNbfPW6GcGblYY', u'hostname': u'www.5ivegames.com.well-known', u'addressesTried': [], u'addressUsed': u'', u'port': u'443'}, {u'addressesResolved': [u'192.99.188.73'], u'url': u'http://www.5ivegames.com/.well-known/acme-challenge/3xaXj0NHfVTQcWCsS_S1l0tPghHi8CNbfPW6GcGblYY', u'hostname': u'www.5ivegames.com', u'addressesTried': [], u'addressUsed': u'192.99.188.73', u'port': u'80'}], u'keyAuthorization': u'3xaXj0NHfVTQcWCsS_S1l0tPghHi8CNbfPW6GcGblYY.oWrKGOVWyCgVsINzBgUrzunRNdBOgo2PUu83oSrWlcc', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/DVBhYrcJK9SYcRRrF_l-x92qe6kyLPrwZdboJGaRPLQ/1888474910', u'token': u'3xaXj0NHfVTQcWCsS_S1l0tPghHi8CNbfPW6GcGblYY', u'error': {u'status': 400, u'type': u'urn:acme:error:connection', u'detail': u'Fetching https://www.5ivegames.com.well-known/acme-challenge/3xaXj0NHfVTQcWCsS_S1l0tPghHi8CNbfPW6GcGblYY: Error getting validation data'}, u'type': u'http-01'}

My web server is (include version):

apache 2.4.25

The operating system my web server runs on is (include version):

Linux 4.9.16 (Gentoo)

My hosting provider, if applicable, is:

Ourselves

I can login to a root shell on my machine (yes or no, or I don't know):

Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

No

Something appears to be having an issue parsing this domain correctly, it is attempting to append the .well-known folder onto the domain name. I am using this same script on a number of other domains on this server, and they are renewing correctly. This site currently has an LE certificate, which was created in June, and renewed once in July, but has failed renewal in both August and September. We use an automated script to renew all certs once per month. All the other domains on this server handled by this script renewed successfully this month.

cool110 · September 1, 2017, 4:21pm

Check the .htaccess or VirtualHost config, you’ve got the problem where the http to https redirect is removing the first /

mtcjoshua · September 1, 2017, 4:46pm

Doh! I was cleaning up the vhost config to remove unnecessary junk, and must have edited that line. Thanks for the help.

system · October 1, 2017, 4:46pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.