I ran this command:
/usr/local/bin/certbot-auto --apache --apache-server-root /opt/apache --apache-ctl /opt/apache/bin/apachectl --apache-challenge-location /opt/apache/conf/
It produced this output:
The following errors were reported by the server: Domain: geroceramica.com Type: unauthorized Detail: Invalid response from http://geroceramica.com/.well-known/acme-challenge/KLcYpSAq3YwWpmn9gE4k57z6cp0U9IcIuX-43WGemCw [184.108.40.206]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>403 Forbidden</title>\n</head><body>\n<h1>Forbidden</h1>\n<p" Domain: www.geroceramica.com Type: unauthorized Detail: Invalid response from http://www.geroceramica.com/.well-known/acme-challenge/e2ufXQKram0HVRoGwuWTlDAZ6u9olC8PznVNpkPnbHE [220.127.116.11]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>403 Forbidden</title>\n</head><body>\n<h1>Forbidden</h1>\n<p" To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
My web server is (include version): Apache/2.4.39
The operating system my web server runs on is (include version): CentOS 6.10 (Final)
My hosting provider, if applicable, is: DonWeb
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you’re using Certbot): certbot 1.3.0
As you can see, this server doesn’t have a standard setup when it comes to Apache paths, so my best guess is that it’s related to that (but to be honest, at this point I’m not sure).
I’ve tried checking if the verification URL is accesible, and to my surprise, it is (I left a test file at https://geroceramica.com/.well-known/acme-challenge/index.html and https://geroceramica.com/.well-known/acme-challenge/test) so I’m not sure what is causing the verification error.
I’m not sure if it makes a difference, but currently there’s another SSL certificate installed from another vendor which is about to expire and that’s why I’m looking to install a Let’s Encrypt certificate.
Any help on the matter would be appreciated. Please let me know if there’s anything else (such as Apache config files or Lets Encrypt log) I can provide.
Thanks in advance!