Invalid response from

My domain is: SkyBeast.de

I ran this command: sudo certbot --apache

It produced this output:

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: skybeast.de
   Type:   unauthorized
   Detail: Invalid response from
   http://skybeast.de/.well-known/acme-challenge/MNHlCdXVZS50EoSbo83D9042UGITehOl2D53Cc0ESnw
   [134.255.240.45]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
   2.0//EN\">\n<html><head>\n<title>404 Not
   Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

My web server is (include version): Ubuntu 18.04.2 LTS

The operating system my web server runs on is (include version): Apache/2.4.29

My hosting provider, if applicable, is: contabo.de

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.28.0

Hi @CapuzDE

looks like Certbot doesn’t understand your config.

The main things are ok (checked with https://check-your-website.server-daten.de/?q=skybeast.de ):

Domainname Http-Status redirect Sec. G
http://skybeast.de/
134.255.240.45 200 0.293 H
https://skybeast.de/
134.255.240.45 -2 1.057 V
ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 134.255.240.45:443
http://skybeast.de/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
134.255.240.45 404 0.034 A
Not Found

There is no older certificate, so https doesn’t work. But port 80 is open, /.well-known/acme-challenge has the correct http status 404.

So check your vHost to find your DocumentRoot, then use it:

certbot run -a webroot -i apache -w yourDocumentRoot -d skybeast.de

Your domain has this IP address, as shown in the error message:

skybeast.de.  300  A  134.255.240.45

The Server header is “Apache/2.4.10 (Debian)”.

http://skybeast.de/ includes an iframe for http://207.180.196.157 but every other path returns a 404 Not Found error.

It looks like the domain is using some sort of web forwarding service that has a design incompatible with ACME HTTP-01 validation.

If that’s what’s going on, you should change the A record to use your real IP address, or maybe switch to a forwarding service with a different design.

(Plus, does it support HTTPS?)

Edit: This post was totally rewritten.

134.255.240.45 is my Domainhoster (https://mc-host24.de/)

It is compatible

Not helped.

On which ip is certbot running?

If there is a dns entry skybeast.de -> 134.255.240.45, then Certbot must run on this ip address.

So Certbot can create a file under

http://134.255.240.45/.well-known/acme-challenge

so Letsencrypt fetches that file via

http://134.255.240.45/.well-known/acme-challenge
host: skybeast.de

If your dns entry points to another webspace, that can’t work.

What are you using 134.255.240.45 for, anyway?

Apparently it’s not.

Maybe some of their other services are, or it can be configured to be, but it isn’t right now.

How can I find out? I have no idea about domain administration

What can i do now?

Run ifconfig to see your ip address

root@vmd32080:~# ifconfig
ens18: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 207.180.196.157 netmask 255.255.255.0 broadcast 207.180.196.255
ether 00:50:56:3c:45:9e txqueuelen 1000 (Ethernet)
RX packets 3535600510 bytes 320127099312 (320.1 GB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 175483990 bytes 26215189367 (26.2 GB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 303005637 bytes 106783010686 (106.7 GB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 303005637 bytes 106783010686 (106.7 GB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

There is your internet address. So it can’t work if your dns entry has the ip 134.255.240.45.

Are you able to configure the webserver running 207.180.196.157?

So that you create a vHost with skybeast.de as ServerName.

But there is another problem: If this is only a frame, you can’t use the certificate with your domain name, because you can’t install the certificate.

When you say me how, i think yes.

This ip - there is an Apache ( https://check-your-website.server-daten.de/?q=207.180.196.157 ).

So check your Apache config file to see if there are vHosts. Something like

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Create a new file in /sites-available and add ServerName skybeast.de

looks good.

Last step: Change your dns entry your domain -> your new ip.

I did everything in the introduction, but I do not get the page from /var/www/skybeast.de/public_html open via skybeast.de

Your domain doesn’t have an ip address:

Host T IP-Address is auth. ∑ Queries ∑ Timeout
skybeast.de A yes 1 0
AAAA yes
www.skybeast.de Name Error yes 1 0

You have removed the old address, but you have to add an A-entry with the 207 - ip address.

How i can made this?

Check your domain management, there you can create DNS entries.

There a new A record is required: skybeast.de -> ip address of your server.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.