Error on setup with new site (worked on other sites before)


Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: October 26th, 11:50:13 AM

It produced this output: ```
–2018-10-26 10:49:51--
Resolving (…,, 2606:4700:20::6819:820, …
Connecting to (||:443… connected.
HTTP request sent, awaiting response… 200 OK
Length: unspecified [text/html]
Saving to: ‘letsencrypt_script1540550991’

 0K ..                                                     26.6M=0s

2018-10-26 10:49:51 (26.6 MB/s) - ‘letsencrypt_script1540550991’ saved [2317]

Cloning into ‘letsencrypt1540550991’…
ERROR: Challenge is invalid! (returned: invalid) (result: {
“type”: “http-01”,
“status”: “invalid”,
“error”: {
“type”: “urn:ietf:params:acme:error:unauthorized”,
“detail”: “Invalid response from “\u003chtml\u003e\r\n\u003chead\u003e\u003ctitle\u003e403 Forbidden\u003c/title\u003e\u003c/head\u003e\r\n\u003cbody bgcolor=\“white\”\u003e\r\n\u003ccenter\u003e\u003ch1\u003e403 Forbidden\u003c/h1\u003e\u003c/center\u003e\r\n\u003chr\u003e\u003ccenter\u003e””,
“status”: 403
“url”: “”,
“token”: “WqaJWnaLodTwRpPx2oPIJ-ZsBFYGeaRetgeo52hkQrY”,
“validationRecord”: [
“url”: “”,
“hostname”: “”,
“port”: “80”,
“addressesResolved”: [
“addressUsed”: “”

My web server is (include version): forge

The operating system my web server runs on is (include version): linux

My hosting provider, if applicable, is: 123reg

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): forge


Hi @tsedgman

your challenge url says, that your server sends a http status 403: Forbidden.

"Invalid response from \"<html>\\r\\n<head><title>403 Forbidden</title>

So check your directory permissions of /.well-known/acme-challenge/. Create there a file and check, if you can load this file via your browser.


there is no file with that name, i assumed that it was created by letsencrypt


ok, found the problem. it was the NGINX security settings that were preventing it from running