Error: Could not issue a Let's Encrypt SSL/TLS certificate for app.basket-nation.com. Authorization for the domain failed

Hello,

I have a domain named basket-nation.com and a subdomain app.basket-nation.com
The server is Centos 7 with plesk installed and let’s encrypt too.

I have ssl certificate installed and renewed automatically on my main domain but have error on the subdomain.
Installation was OK but renew is KO:

Error: Could not issue a Let’s Encrypt SSL/TLS certificate for app.basket-nation.com. Authorization for the domain failed.
Details
Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/YwLF3fmG34FmJsvdXUlwRzb8fo85NwBVS1qS7Oh7OWU.
Details:
Type: urn:acme:error:connection
Status: 400
Detail: Fetching https://app.basket-nation.com.well-known/acme-challenge/2ZAyT74oR408UinMujDiL3owoxpiulS8FVvjGe62C1c: Error getting validation data

I don’t really know what to do, I also opened a ticket on plesk support and waiting for an answer.
If someone have an idea about what to do/check?

Thank you!

The web server is configured to redirect http://app.basket-nation.com/xyz to https://app.basket-nation.comxyz. It's missing a / and doesn't work.

What web server? How is it configured?

In Apache, it's usually because it has like "Redirect permanent / https://app.basket-nation.com" which needs to be changed to "Redirect permanent / https://app.basket-nation.com/".

SSL Report: basket-nation.com (2001:41d0:302:1100:0:0:4:383b)
Assessment failed: Unable to connect to the server

Good point. IPv4 works, but not IPv6.

Hello and thanks for the support!

As you said the / was missing, i have now a timeout error:

Error: Could not issue a Let’s Encrypt SSL/TLS certificate for app.basket-nation.com. Authorization for the domain failed.
Details
Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/QxcLPodEjxHRt1CoSjkUJG0qyL7mpOqGvvY9ioqEJbg.
Details:
Type: urn:acme:error:connection
Status: 400
Detail: Fetching https://app.basket-nation.com/.well-known/acme-challenge/R-RXD2dJwckLfMKoAbScT5fC4De3gLisZRFyA-0MWMM: Timeout

I’m on the IPv6 problem.
Yesterday I had the “IN AAAA 2001:41d0:302:1100::4:383b” DNS setting

I have resolved the IPv6 issue but still have a problem…

SSL Report: basket-nation.com Ready

Error: Could not issue a Let’s Encrypt SSL/TLS certificate for app.basket-nation.com.

The authorization token is not available at https://app.basket-nation.com/.well-known/acme-challenge/M8Evz-9-OlOu0Af7MWHMtS65qlJ4cvJj2MmHxmxd29c.
To resolve the issue, make it is possible to download the token file via the above URL.
See the related Knowledge Base article for details.
Details
Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/zOe2jzdtjMwQBYhpmP2RhZ4C9jeUPvSObxSI2ibUPSU.
Details:
Type: urn:acme:error:unauthorized
Status: 403
Detail: Invalid response from http://app.basket-nation.com/.well-known/acme-challenge/M8Evz-9-OlOu0Af7MWHMtS65qlJ4cvJj2MmHxmxd29c: “{“timestamp”:“2017-11-20T10:18:38.795+0000”,“status”:404,“error”:“Not Found”,“message”:“Not Found”,“path”:”/.well-known/acme-cha"

I’m working on it.

Problem solved.

Was because of my “Additional directives for HTTPS” in my domain’s “Apache & Nginx settings” in plesk.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.