I can´t get a certificate

My domain is: tapetestufan.mx

I ran this command: certbot certonly --standalone -d tapetestufan.mx

It produced this output:

Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: hostaf.dynalias.com
Type: unauthorized
Detail: 201.163.52.70: Invalid response from http://hostaf.dynalias.com/.well-known/acme-challenge/RMAAUN6Bifw8_VmK0ma0JAJDb0s7_JQWAeHXf4UyPuc: 404

My web server is (include version):

The operating system my web server runs on is (include version): cPanel

My hosting provider, if applicable, is: hostmonster.com

Welcome @ceski

Can you explain more what you are trying to do?

Because this command

Does not match the domain name in the results you posted

Further, the IP in the error message already has a cert for tapetestufan.com (note .com not .mx).

And, all of these domains already have an active server listening on port 80 (some nginx and some IIS). And also have a cert for HTTPS on port 443 (even tapetestufan.mx).

We need more info to know how to help

4 Likes

You are right

I ran this command: certbot certonly --standalone -d tapetestufan.mx

I got this error:
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: tapetestufan.mx
Type: unauthorized
Detail: 70.40.214.97: Invalid response from http://tapetestufan.mx/.well-known/acme-challenge/PnV_GoRzDjvJJPtl3AFrnExWMkOrk-wCcDBYN9yNkZg: 404

You have an Apache server responding to HTTP requests to that domain. But, an nginx server responds to HTTP requests if they include a URI of /.well-known/acme-challenge/.

Do you control that nginx server? Or is it handled by your hosting service?

The --standalone method requires exclusive use of port 80 for the inbound HTTP Challenge request from the Let's Encrypt server. It won't work when some other server handles port 80 requests.

HTTPS requests are also handled by an nginx server and already have a valid cert.

Please tell us more what you are trying to do. This is very unusual configuration and we want to make sure a good solution

5 Likes

Its a hosting service, they use an Apache server.

Doesn't the hosting service provide a control panel [like: cPanel]?
Doesn't that panel have a choice to get an SSL cert?

4 Likes

and, who handles the nginx server?

4 Likes

Its handled by your hosting service

Let's Encrypt does not have a hosting service.

Did you mean it was handled by "your" hosting service? If so, you should contact them about all this.

4 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.