Error accepting authorization: acme: authorization error for mydomain.com: 403 urn:ietf:params:acme:error:unauthorized: During secondary validation: xx.yy.zz.aa

Error accepting authorization: acme: authorization error for dev.payments.centerbase.com: 403 urn:ietf:params:acme:error:unauthorized: During secondary validation: 38.98.143.11: Invalid response from http://dev.payments.centerbase.com/.well-known/acme-challenge/o0ebwa6TysF4n_RkoWkkgjmbUeE7u2Ya4ZRvUzV_hQg: 403

I have setup cert-manager and let's encrypt on my kubernetes cluster. I am trying to get SSL certificate but face this issue.

when I go to the challange URL I am able to see the challange. I am not sure why it's showing unauthorized

Is there any geoblocking or datacentor ip range ban in front of that server?

1 Like

Hi @orangepizza Yes I am not sure what kind but we do have a Geoblocking on on firewall.

Do we need to fully unrestrict or we can allow some certain region that let's encrypt uses?

IIRC they are currently using AWS : I remember something in SG and one in europe (not sure where) but it will rotate so individual IP won't matter much

You may find this FAQ helpful:

3 Likes