Failed Auth - Incorrect return body

luketheterrible · June 22, 2017, 8:49pm

Please fill out the fields below so we can help you better.

I ran this command:
sudo certbot --manual certonly -d dev.unityvillage.org

It produced this output:

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: dev.unityvillage.org
   Type:   unauthorized
   Detail: Invalid response from
   http://dev.unityvillage.org/.well-known/acme-challenge/fteAvEUgDUcNWUuYaek3c-yiAm4P_ZfwkCVcz0FKXrA:
   "<!DOCTYPE html>
   <html lang="en" dir="ltr" prefix="content:
   http://purl.org/rss/1.0/modules/content/  dc:
   http://purl.org/dc/term"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A record(s) for that domain
   contain(s) the right IP address.

My web server is (include version):
Apache 2.4

The operating system my web server runs on is (include version):
Ubuntu 16.04

My hosting provider, if applicable, is:
Digital Ocean

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No

This is a server for the development of our Drupal 8 site. Initially I thought it was something with the Drupal .htaccess configuration so I redirected the apache 000-default to have a DocumentRoot of /var/www/html to avoid anything Drupal. I created a “Hello, world” at index.html that is accessible from the browser. I also have attempted to install the cert with the --apache and --webroot plugins. I ran it as a manual update to make sure that the challenges were being created properly, and accessible to the outside world. You can see one here:

http://dev.unityvillage.org/.well-known/acme-challenge/fteAvEUgDUcNWUuYaek3c-yiAm4P_ZfwkCVcz0FKXrA

The error message shows return content that begins with <!DOCTYPE… which should not be happening. The references to purl.org look identical to the headers created by Drupal which is in a completely different directory and should not be involved with the challenge/response.

The error message I am still getting is the same as when I had the DocRoot pointed at the Drupal site. When pointed at the Drupal directory I tried the webroot and apache plugins with the same error message. I updated the apache config, restarted apache and even restarted the server, but am still getting the same error as if I had not changed anything.

Almost all of the errors reference the DNS A record being incorrect, but I have checked with several different tools and everything seems to be resolving correctly.

Thanks!

schoen · June 22, 2017, 9:15pm

Hi @luketheterrible,

Did you mean for your sample challenge file to work? When I try to visit it with a browser, it doesn’t work!

luketheterrible · June 23, 2017, 12:37am

Oh, you know what, it doesn’t work for me either now that I’m home. I’m willing to bet it’s an internal/external DNS issue.

Thanks @schoen, I’ll track that down and report back!

system · July 23, 2017, 12:38am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.