Failed authorization procedure with www


#1

Hi,

I am having probleem configuring my domain with https. It is wokring with alwash.org but when I try www.alwash.org, I get this error.

How can solve this?

My domain is:
www.alwash.org

I ran this command:
certbot --nginx

It produced this output:
Obtaining a new certificate

Performing the following challenges:

http-01 challenge for www.alwash.org

Waiting for verification…

Cleaning up challenges

Failed authorization procedure. www.alwash.org (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.alwash.org/.well-known/acme-challenge/QwOZvq2AopnnZl1SpxRLqL5NOwv04985YYCRRXNm_2s: "<!DOCTYPE HTML>\n<html lang=“en-US”>\n<head>\n <meta charset=“UTF-8” />\n <meta http-equiv=“Content-Type” content=“text/html; char”

IMPORTANT NOTES:

_ - The following errors were reported by the server:_

Domain: www.alwash.org

Type: unauthorized

Detail: Invalid response from

http://www.alwash.org/.well-known/acme-challenge/QwOZvq2AopnnZl1SpxRLqL5NOwv04985YYCRRXNm_2s:

"<!DOCTYPE HTML>\n<html lang=“en-US”>\n<head>\n <meta

charset=“UTF-8” />\n <meta http-equiv=“Content-Type”

content=“text/html; char”

To fix these errors, please make sure that your domain name was

entered correctly and the DNS A/AAAA record(s) for that domain

contain(s) the right IP address.

My web server is (include version):
nginx version: nginx/1.14.0 (Ubuntu)

The operating system my web server runs on is (include version):
VERSION=“18.04.1 LTS (Bionic Beaver)”

ID=ubuntu

ID_LIKE=debian

PRETTY_NAME=“Ubuntu 18.04.1 LTS”

VERSION_ID=“18.04”


#2

Your hostnames have different IP addresses:

www.alwash.org.		300	IN	A	104.31.76.3
www.alwash.org.		300	IN	A	104.31.77.3
;; Received 75 bytes from 173.245.58.84#53(chin.ns.cloudflare.com) in 13 ms

 

alwash.org.		300	IN	A	51.15.110.72
;; Received 55 bytes from 173.245.59.146#53(todd.ns.cloudflare.com) in 15 ms

Also, when I surf to http://www.alwash.org, I’m getting a 404 error, while https://alwash.org results in the nginx welcome page.

By the way, when I manually check for the hostname www.alwash.org on the IP 51.15.110.72 (i.e., from alwash.org, I’m getting a 404 file not found too. So I guess there’s also something wrong with your virtualhosts.


#3

Hi @abbasalwash

this isn’t a certificate problem.

You have the typical cloudflare configuration. Your ip addresses:

Host T IP-Address is auth. ∑ Queries ∑ Timeout
alwash.org A 51.15.110.72 yes 1 0
AAAA yes
www.alwash.org A 104.31.76.3 yes 1 0
A 104.31.77.3 yes 1 0
AAAA 2606:4700:0030:0000:0000:0000:681F:4C03 yes
AAAA 2606:4700:0030:0000:0000:0000:681F:4D03 yes

Non-www is your domain, www is via Cloudflare.

All connections are ok. Your non-www uses

CN=alwash.org
	19.01.2019
	19.04.2019
	alwash.org - 1 entry

your www has a “big certificate” from Cloudflare:

CN=sni164517.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

	31.12.2018
	10.07.2019
	sni164517.cloudflaressl.com, *.04596.com.ua, *.0566.com.ua, *.06242.ua, *.06452.com.ua, 
*.ahousefireessay.website, *.alwash.org, *.aomame.de, *.argumentative-essay-buy.xyz, 
*.celebritywallpapershd.com, *.citydomodedovo.ru, *.diyibookt.cf, *.eciryhogenuw.tk, 
*.ecoheatvloerverwarming.nl, *.edustat.xyz, *.essay-introduction-buy.xyz, *.finfo.dk, *.gomelaka.my, 
*.hartjewonenplatform.nl, *.hash-cloud-reviewer.site, *.howtobuyanessay.site, *.icysusicoma.tk, *.iproperty.pk, 
*.jerseyconferences.co.uk, *.jijonatava.tk, *.kobd.us, *.kotlintutorials.com, *.kubiganum.tk, *.maqam.pk, 
*.pathologymoviereview.website, *.r-hwpdf.cf, *.scooterreparatie.nl, *.seech.nl, *.spahotels-rotorua.com, 
*.streamsports.live, *.ubaileyxdoominic.tk, *.wtherepofilm.ga, *.yenrex.org, *.zatubinefujej.tk, 04596.com.ua, 
0566.com.ua, 06242.ua, 06452.com.ua, ahousefireessay.website, alwash.org, aomame.de, argumentative-essay-buy.xyz, celebritywallpapershd.com, citydomodedovo.ru, diyibookt.cf, eciryhogenuw.tk, 
ecoheatvloerverwarming.nl, edustat.xyz, essay-introduction-buy.xyz, finfo.dk, gomelaka.my, 
hartjewonenplatform.nl, hash-cloud-reviewer.site, howtobuyanessay.site, icysusicoma.tk, iproperty.pk, 
jerseyconferences.co.uk, jijonatava.tk, kobd.us, kotlintutorials.com, kubiganum.tk, maqam.pk, 
pathologymoviereview.website, r-hwpdf.cf, scooterreparatie.nl, seech.nl, spahotels-rotorua.com, 
streamsports.live, ubaileyxdoominic.tk, wtherepofilm.ga, yenrex.org, zatubinefujej.tk - 77 entries

Your non www + https shows the standard nginx - page.

Your www + https shows the 404 - not found.

So don’t create a new certificate, this isn’t required if you use Cloudflare.


PS: Summary: If you use Cloudflare, you need only a certificate with your non-www domain name.


#4

Thnx, it is working now.


closed #5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.