Error installing certificate


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://crt.sh/?q=b2m.nu

I ran this command: renew certificate

It produced this output: Error installing certificate Could not validate the choosen hostname for the certificate. No certificate issued.

My web server is (include version): www.b2m.nu (wordpress newest version)

My hosting provider, if applicable, is: mijnhostingpartner.nl

I’m using a control panel to manage my site

I can’t renew my SSL certificate. I keep on getting this message Error installing certificate Could not validate the choosen hostname for the certificate. No certificate issued. Any one knows what i can do about it?


#2

Hi @Benny13

what client do you use to create a certificate?

But if you use http-01 - validation, your configuration can’t work ( https://check-your-website.server-daten.de/?q=b2m.nu ):

Domainname Http-Status redirect Sec. G
http://b2m.nu/
185.41.127.36 301 https://www.b2m.nu/ 0.046 E
http://www.b2m.nu/
185.41.127.36 301 https://b2m.nu/ 0.047 E
https://www.b2m.nu/
185.41.127.36 301 https://b2m.nu/ 1.284 B
https://b2m.nu/
185.41.127.36 200 5.686 B
http://b2m.nu/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
185.41.127.36 301 https://www.b2m.nu/index.php 0.050 E
http://www.b2m.nu/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
185.41.127.36 301 https://b2m.nu/ 0.047 E
https://www.b2m.nu/index.php 301 https://b2m.nu/ 1.264 A

If you use http-01 validation, certbot or another client creates a file in /.well-known/acme-challenge with a random file name. Letsencrypt checks if this file exists and if the file has the required content.

But checking /.well-known/acme-challenge/random-filename, both domains have a redirect to https (this isn’t a problem) and to /.index.php, then /.

So Letsencrypt follows these redirects - and can’t find the file created in /.well-known/acme-challenge.

Remove these redirects.


#3

The redirects are… criss-crossed and incorrectly handle the HTTP challenge requests:

So…
Typical challenge requests result in:


closed #4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.