Error with ddns.net


#1

Hello,

I’m trying to set up Let’s Encrypt with my server but every time I enter my domain I get this error:

Waiting for verification…
Cleaning up challenges
Failed authorization procedure. mydomain.ddns.net (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://mydomain.ddns.net/.well-known/acme-challenge/gOjYPXvPPwQF17OiBoJEGwqBIL-xw3kCK3tAcjMPH7E: "

<li"

IMPORTANT NOTES:


Anyone could kindly assist me by telling me what am I doing wrong?

Thank you!


#2

Hi,

Well. If you don’t show us the domain, how could we know what’s wrong?

Thank you


#3

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):


Also, I’ve moved your thread to the Help section. @jared.m beat me to it… :stuck_out_tongue:


#4

I moved your topic to “Help”, where you would ordinarily be presented with the following questions when opening a topic. Could you please fill this out?

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):


#5

Oh sorry guys! Here it is:

My domain is:
ai-server.ddns.net

I ran this command:
sudo certbot certonly

It produced this output:

Cleaning up challenges
Failed authorization procedure. ai-server.ddns.net (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://ai-server.ddns.net/.well-known/acme-challenge/gOjYPXvPPwQF17OiBoJEGwqBIL-xw3kCK3tAcjMPH7E: "

<li"

IMPORTANT NOTES:

My web server is (include version):
Rumpus 8.0.7

The operating system my web server runs on is (include version):
macOS High Sierra 10.13.4

My hosting provider, if applicable, is:
None.

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes.

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No.

Thank you!


#6

Every URL on this server returns the same “Account Login” page, which suggests that this is taking precedence over your challenge files.

Two questions:

  • How did you tell Certbot to prove your control over the domain name? It presumably gave you a set of options like manual, standalone, webroot; which one did you pick?
  • Do you know where the redirection of all pages to the Account Login is taking place?

#7

Hi schoen,

Thank you.
Please see below:

How did you tell Certbot to prove your control over the domain name? It presumably gave you a set of options like manual, standalone, webroot; which one did you pick?
Webroot.

Do you know where the redirection of all pages to the Account Login is taking place?
Not sure what to say here, this domain is redirecting to my private IP address

I followed Rumpus instructions from here:
http://www.maxum.com/Rumpus/Blog/LetsEncrypt.html

Hope this helps.

Thank you.


#8

Could you create a file /usr/local/Rumpus/test.txt and then see it if you can see the contents of that file at http://ai-server.ddns.net/test.txt?


#9

I looked at the instructions that you followed again and I think they’re wrong!

Certbot will use a special file, served by your Rumpus Web service, to confirm your domain name and server access. This file is saved in the “well-known” folder automatically by Certbot, but you need to enable “well-known” support in Rumpus.

In Rumpus, choose “Open Config Folder” from the “File” menu. In the config folder, create a folder named exactly “well-known”. In Rumpus, click “Stop Server” and “Start Server” so that Rumpus detects the folder, which enables well-known support.

The name of this file should be .well-known (with a . at the beginning) rather than well-known!


#10

Oh… I corrected that error and added a . to .well-know.
Then I repeated all steps but the same error message is still showing up.

Also, I created the test file you suggested and it worked.
http://ai-server.ddns.net/test.txt


#11

Hi,

The issue seems to be related to your redirection rule.
Can you try to add a exception on your config files that allow access to.well-known (this is a folder)
As well as
Create a file under .well-known/acme-challenge/?

Thank you


#12

Hi,

How do I add an exception to allow access to .well-known folder?
I created a folder (acme-challenge) under .well-known and then created a test.txt under acme-challenge.
http://ai-server.ddns.net/.well-known/acme-challenge/test.txt
But it sends me to the login page.

Also, I’ve noticed that when I run the command sudo certbot certonly and follow all the instructions, I can see a file being created inside acme-challenge, something like this: YP9L3cbUM6kHJ1dcv2K6oPQmJmUZ_zHbyqfRxyj05fI
But then the file disappears and I get the same error message.


#13

I think the best course of action would be to write to Rumpus support at the address at the bottom of the instructions that you followed, perhaps sending a link to this forum thread. The Rumpus developer should be able to better understand what’s going wrong; I don’t think anyone else here will be able to diagnose this easily.


#14

Okay, I will do that!

Thanks for the help everyone!


#15

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.