Error getting ACME certs on RT-N16 with nginx

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain

I ran this command:bash ./dehydrated --domain --cron

It produced this output:

INFO: Using main config file /tmp/mnt/sda/entware/etc/nginx/config


My web server is (include version):nginx version: nginx/1.12.1

The operating system my web server runs on is (include version) Entware-ng

My hosting provider, if applicable, is:NetbyNet

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):no

Hi @bigAboo80,

It looks like you or your ISP is blocking inbound port 80 connections with a firewall, so that the public can’t connect to your server. Can you get that blocking removed? Inbound port 80 connections from the Internet are necessary for this validation method.

1 Like

I was able to get a response on port 80 a couple of times, but then it started dropping traffic after that.

So perhaps it’s not a blocked port but “fail2ban”-like behavior or a device that can’t handle simultaneous requests well.

In general, I thought about this, it will be necessary to check with the provider, but when I turned off router firewall, I received another message. Here it is
ERROR: Challenge is invalid! (returned: invalid) (result: {
“type”: “http-01”,
“status”: “invalid”,
“error”: {
“type”: “urn:ietf:params:acme:error:unauthorized”,
“detail”: “Invalid response from []: “\u003chtml\u003e\r\n\u003chead\u003e\u003ctitle\u003e404 Not Found\u003c/title\u003e\u003c/head\u003e\r\n\u003cbody bgcolor=\“white\”\u003e\r\n\u003ccenter\u003e\u003ch1\u003e404 Not Found\u003c/h1\u003e\u003c/center\u003e\r\n\u003chr\u003e\u003ccenter\u003e””,
“status”: 403
“url”: “”,
“token”: “pTiJPDZYpzyvm3z8_B33D_rLzZoPsh70xeKhvGWCHHs”,
“validationRecord”: [
“url”: “”,
“hostname”: “”,
“port”: “80”,
“addressesResolved”: [
“addressUsed”: “”

That does seem like more progress toward getting your certificate. :slight_smile:

How is dehydrated trying to prove your control over the domain? What have you told it about your configuration or environment?

Where I can see this ?

What did dehydrated ask or tell you about authentication when you first ran it? Did you create any other configuration for it?

1 Like

No, I did’t create other configuration for dehydrated.
I уdit two sections at /opt/etc/nginx/nginx.conf :

  • in server section:

server_name "";

  • in location section:

root /opt/share/nginx/html;

You were right, problem was in config file, I remove something & dehydrated works well!) Thanx.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.