Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: forum.tamarisktechnicals.com
I ran this command: sudo certbot --apache
It produced this output:
Which names would you like to activate HTTPS for?
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel): 1
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for forum.tamarisktechnicals.com
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. forum.tamarisktechnicals.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://forum.tamarisktechnicals.com/?path=.well-known/acme-challenge/6ZEBAcBu3Ys53m33HQQTNUyi8x1ZaHPst-6IeSdy9c8%!f(MISSING) [220.127.116.11]: “\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n<META NAME=“keywords” CONTENT=”">\r\n<META NAME=“description” CONTENT="">\r\n</he"
The following errors were reported by the server:
Detail: Invalid response from
NAME=“keywords” CONTENT=”">\r\n<META NAME=“description”
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version):Server version: Apache/2.4.29 (Ubuntu) Server built: 2018-10-10T18:59:25
The operating system my web server runs on is (include version): ubuntu 18.04 LTS
My hosting provider, if applicable, is: dnsexit.com and a home server, see later
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you’re using Certbot): certbot 0.31.0
OK let me start my ramblings, long sorry.
I have a web page tamarisktechnicals.com hosted on dnsexit.com and they provide ssl certificates, automatically as a free service.
I am tying to learn more about computers and software packages, so I have a free second level domain that points to my home WAN IP, ports 80 and 443 are picked up and forwarded to a small PC on my home network. That already has certbot running and providing ssl certificate (thanks).
So I wished to have another simple server running a phpbb system, this in on yet another PC on my home network. Now the issue was I already used my home router to redirect ports 80 and 443 to the first server, so needed to find a method of coming in on another port.
So I thought I would have forum.tamarisktechnicals.com being on port 8000 (could have been 8080).
I was told that dns records can not have port numbers so I struggled setting it up.
dnsexit came up with a solution for me that works and talks to port 80 on my server.
They set up a home.tamarisktechnicals.com in dns that points to my external IP. and forum.tamarisktechnicals on dns as well. This has URL forwarding ‘with cloaking’ setup for forum.tamarisktechnicals.com , to go to, home.tamarisktechnicals.com:8000
It took me a while to understand what it was about but it does work it comes to me on port 8000 and is forwarded to 80 on the correct machine, but unfortunately certbot errors as above I believe because it is seeing the IP of the website for tamarisktechnicals.com
Is there any thing else I could try.