Failed authorization procedure for my domain

herveg · September 27, 2023, 3:15pm

In the past I configured Apache as a reverse proxy and then deployed the Letsencrypt certificate and it worked fine for 2 years.
It's only in the last 2 weeks that the problem started.

rg305 · September 27, 2023, 3:16pm

What has changed since the last certificate was renewed?

MikeMcQ · September 27, 2023, 3:17pm

Yes, something is putting extra data around the ACME Challenge response from your Apache server.

This extra data is preventing the challenge from succeeding. The tags for <code><span> are the problem. We cannot figure out why this is being added to your server's response.

herveg · September 27, 2023, 3:17pm

Only the PHP version that i updated

rg305 · September 27, 2023, 3:20pm

hmm...
PHP should be avoiding/ignoring files that don't end with .php

herveg · September 27, 2023, 3:22pm

Yes, exactly

rg305 · September 27, 2023, 3:26pm

Can you review the PHP configuration?
Can you test downgrade PHP [to previous version]?

herveg · September 27, 2023, 3:30pm

my PHP version was actually 7.2, it was when I wanted to downgrade the PHP version to 5.5 that I ran into a few problems. I deleted the PHP 5.5 directory because I had installed it manually (make install), but when I type the PHP -v command, I still see the 5.5 version.

rg305 · September 27, 2023, 3:33pm

Show:
which php
which PHP

[whichever case you used]

herveg · September 27, 2023, 3:43pm

which php
/usr/local/bin/php

rg305 · September 27, 2023, 4:12pm

That explains why deleting the PHP 5.5 directory did not change the version number.
The PHP executable file is located:

herveg · September 28, 2023, 7:04am

How to solve this issue, pls.

herveg · September 28, 2023, 1:14pm

Hello, can you help me pls

rg305 · September 28, 2023, 2:04pm

I am out of ideas.
But I'm pretty sure it has something to do with your PHP configuration.
Do you know where the wrapping occurs?:

<code><span style="color: #000000">
test4<br /></span>

MikeMcQ · September 28, 2023, 2:10pm

I don't have good ideas either but could you show output of this

sudo grep -r prepend /etc/apache2

Something is adding those extra html tags around the actual data. This has to stop at least for the responses for /.well-known/acme-challenge requests

rg305 · September 28, 2023, 2:17pm

Since your certificate is expired, I would run certbot in manual mode and use a DNS challenge to obtain a new cert.

It is not a permanent solution; But it will give you 90 days to figure out the coding problem.

herveg · September 28, 2023, 2:20pm

Ok, i see.

herveg · September 28, 2023, 2:21pm

sudo grep -r prepend /etc/apache2
/etc/apache2/mods-available/autoindex.conf: # HeaderName is the name of a file which should be prepended to

rg305 · September 28, 2023, 2:29pm

what about?:
sudo grep -r 000000 /etc/apache2

herveg · September 28, 2023, 2:37pm

sudo grep -r 000000 /etc/apache2
/etc/apache2/magic:0 belong 0x00000001

Topic		Replies	Views
Comment régler : "Failed authorization procedure"? Aide (en français)	3	878	January 22, 2020
Error Certbot "Failed authorization procedure" Aide (en français)	6	2845	January 28, 2020
Challenge failed domain unauthorized Aide (en français)	5	2987	April 1, 2020
The client lacks sufficient authorization Server	2	663	March 6, 2019
Échec d'activation HTTPS Aide (en français)	3	633	March 22, 2023

Failed authorization procedure for my domain

Related topics