I get "Incorrect validation certificate for TLS-SNI-01 challenge"



I’m trying to get certificate for apache 2.4 on Centos 7.x with cerbot

But it’s failing

FailedChallenges: Failed authorization procedure. soporte.example-aid.com (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect validation certificate for TLS-SNI-01 challenge. Requested fb62ff249750c2b0cba9fbe31c62fde2.89cff7057a07c68e42a39ed14393b0b4.acme.invalid from xxx.210.20.179:443. Received certificate containing ''

I have a DNS A Record for the hostname… what could be wrong?

Below you may take a look of complete log:


Thanks in advance!


Something went wrong when Let’s Encrypt tried to connect to your Apache web server via HTTPS (on port 443) to validate that it’s really your server (ie run by the same person making the application to Let’s Encrypt).

It got past the DNS record, so that’s not the problem. Could there be anything else between the Apache server and the rest of the world (where Let’s Encrypt is) that interferes with HTTPS? For example a home router that’s not sending the HTTPS traffic to the Apache server? Or in a company maybe an “application firewall” ?

Otherwise I’m out of ideas - hopefully somebody else can do better.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.