Error during cert renewal as a challenge was requested for a foreign domain

Help
1

Hi!

I’m renewing a certificate (some-domain.net), but for some reasons a challenge for the “some-domain.at” (!) is tested by letsencrypt. The some-domain.at domain is never requested by myself, it’s not found in any config file.

Maybe during my last change in July I had a typo, but I got a valid certificate in the end.

Now my renewal fails due to the fact, that letsencrypt can’t resolve some-domain.at as it’s not registered.

How can I tell letsencrypt to drop some-domain.at? I’m using dehydrated https://github.com/lukas2511/dehydrated as a client.

+ Requesting challenge for some-domain.net...
+ Requesting challenge for www.some-domain.net...
+ Already validated!
+ Requesting challenge for cloud.some-domain.net...
+ Already validated!
+ Responding to challenge for some-domain.net...
ERROR: Challenge is invalid! (returned: invalid) (result: {
  "type": "http-01",
  "status": "invalid",
  "error": {
    "type": "urn:acme:error:connection",
    "detail": "Fetching https://www.some-domain.at/.well-known/acme-challenge/*****: Error getting validation data",
    "status": 400
  },

“some-domain” is a synonym for my real domain.

Thanks! Arthur

2

Can you please provide your real domain? It isn't possible to troubleshoot this problem without it.

3

Hi!

zaczek.net is the real domain
zaczek.at is the not registered domain, maybe I accidentally added it once.

4

Hi @arthurzaczek,

Something on your end is returning 301 redirect to https://www.zaczek.at:

$ curl -I zaczek.net 
HTTP/1.1 301 Moved Permanently
Server: nginx/1.10.3
Date: Wed, 27 Sep 2017 13:53:12 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://www.zaczek.at/

Is there anything in your nginx config that might explain the redirect?

1 Like
5

Yes! That’s it. Very good hidden in a longer string in my nginx config. “grep” is my friend :slight_smile:

Fixed and it’s working.

Thank you very much and sorry bothering you! Arthur

1 Like
6

Woohoo. Glad things are working now :trophy: No bother at all, this is what the forum is here for!

Take care Arthur,

7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.