Error during cert renewal as a challenge was requested for a foreign domain


I’m renewing a certificate (, but for some reasons a challenge for the “” (!) is tested by letsencrypt. The domain is never requested by myself, it’s not found in any config file.

Maybe during my last change in July I had a typo, but I got a valid certificate in the end.

Now my renewal fails due to the fact, that letsencrypt can’t resolve as it’s not registered.

How can I tell letsencrypt to drop I’m using dehydrated as a client.

+ Requesting challenge for
+ Requesting challenge for
+ Already validated!
+ Requesting challenge for
+ Already validated!
+ Responding to challenge for
ERROR: Challenge is invalid! (returned: invalid) (result: {
  "type": "http-01",
  "status": "invalid",
  "error": {
    "type": "urn:acme:error:connection",
    "detail": "Fetching*****: Error getting validation data",
    "status": 400

“some-domain” is a synonym for my real domain.

Thanks! Arthur

Can you please provide your real domain? It isn’t possible to troubleshoot this problem without it.

Hi! is the real domain is the not registered domain, maybe I accidentally added it once.

Hi @arthurzaczek,

Something on your end is returning 301 redirect to

$ curl -I 
HTTP/1.1 301 Moved Permanently
Server: nginx/1.10.3
Date: Wed, 27 Sep 2017 13:53:12 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive

Is there anything in your nginx config that might explain the redirect?

1 Like

Yes! That’s it. Very good hidden in a longer string in my nginx config. “grep” is my friend :slight_smile:

Fixed and it’s working.

Thank you very much and sorry bothering you! Arthur

1 Like

Woohoo. Glad things are working now :trophy: No bother at all, this is what the forum is here for!

Take care Arthur,

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.