Hello!
I'm trying to obtain a certificate for gooff.it, whereas www.gooff.it points elsewhere. But judging by the output it seems that LE tries to validate both with and without www?
I ran this command: dehydrated -c -d gooff.it
It produced this output:
root@kahlan / # sudo -u letsencrypt dehydrated -c -d gooff.it
# INFO: Using main config file /etc/dehydrated/config
# INFO: Using additional config file /etc/dehydrated/conf.d/config.sh
Processing gooff.it
+ Signing domains...
+ Generating private key...
+ Generating signing request...
+ Requesting new certificate order from CA...
+ Received 1 authorizations URLs from the CA
+ Handling authorization for gooff.it
+ 1 pending challenge(s)
+ Deploying challenge tokens...
+ Responding to challenge for gooff.it authorization...
+ Cleaning challenge tokens...
+ Challenge validation has failed :(
ERROR: Challenge is invalid! (returned: invalid) (result: ["type"] "http-01"
["status"] "invalid"
["error","type"] "urn:ietf:params:acme:error:unauthorized"
["error","detail"] "95.85.2.163: Invalid response from https://www.gooff.it/.well-known/acme-challenge/3joosWMd32c22u8lR9rH9U9sT0y7prH-qG__Fg-6vxc: 404"
["error","status"] 403
["error"] {"type":"urn:ietf:params:acme:error:unauthorized","detail":"95.85.2.163: Invalid response from https://www.gooff.it/.well-known/acme-challenge/3joosWMd32c22u8lR9rH9U9sT0y7prH-qG__Fg-6vxc: 404","status":403}
["url"] "https://acme-v02.api.letsencrypt.org/acme/chall-v3/275784088666/FMswJg"
["token"] "3joosWMd32c22u8lR9rH9U9sT0y7prH-qG__Fg-6vxc"
["validationRecord",0,"url"] "http://gooff.it/.well-known/acme-challenge/3joosWMd32c22u8lR9rH9U9sT0y7prH-qG__Fg-6vxc"
["validationRecord",0,"hostname"] "gooff.it"
["validationRecord",0,"port"] "80"
["validationRecord",0,"addressesResolved",0] "95.85.2.163"
["validationRecord",0,"addressesResolved"] ["95.85.2.163"]
["validationRecord",0,"addressUsed"] "95.85.2.163"
["validationRecord",0] {"url":"http://gooff.it/.well-known/acme-challenge/3joosWMd32c22u8lR9rH9U9sT0y7prH-qG__Fg-6vxc","hostname":"gooff.it","port":"80","addressesResolved":["95.85.2.163"],"addressUsed":"95.85.2.163"}
["validationRecord",1,"url"] "https://www.gooff.it/.well-known/acme-challenge/3joosWMd32c22u8lR9rH9U9sT0y7prH-qG__Fg-6vxc"
["validationRecord",1,"hostname"] "www.gooff.it"
["validationRecord",1,"port"] "443"
["validationRecord",1,"addressesResolved",0] "142.250.188.243"
["validationRecord",1,"addressesResolved",1] "2607:f8b0:4007:809::2013"
["validationRecord",1,"addressesResolved"] ["142.250.188.243","2607:f8b0:4007:809::2013"]
["validationRecord",1,"addressUsed"] "2607:f8b0:4007:809::2013"
["validationRecord",1] {"url":"https://www.gooff.it/.well-known/acme-challenge/3joosWMd32c22u8lR9rH9U9sT0y7prH-qG__Fg-6vxc","hostname":"www.gooff.it","port":"443","addressesResolved":["142.250.188.243","2607:f8b0:4007:809::2013"],"addressUsed":"2607:f8b0:4007:809::2013"}
["validationRecord"] [{"url":"http://gooff.it/.well-known/acme-challenge/3joosWMd32c22u8lR9rH9U9sT0y7prH-qG__Fg-6vxc","hostname":"gooff.it","port":"80","addressesResolved":["95.85.2.163"],"addressUsed":"95.85.2.163"},{"url":"https://www.gooff.it/.well-known/acme-challenge/3joosWMd32c22u8lR9rH9U9sT0y7prH-qG__Fg-6vxc","hostname":"www.gooff.it","port":"443","addressesResolved":["142.250.188.243","2607:f8b0:4007:809::2013"],"addressUsed":"2607:f8b0:4007:809::2013"}]
["validated"] "2023-10-20T19:45:04Z")
My web server is (include version): apache 2.4.57
The operating system my web server runs on is (include version): Debian 12
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): dehydrated 0.7.0