Invalid response from

Help
1

My domain is: SkyBeast.de

I ran this command: sudo certbot --apache

It produced this output:

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: skybeast.de
   Type:   unauthorized
   Detail: Invalid response from
   http://skybeast.de/.well-known/acme-challenge/MNHlCdXVZS50EoSbo83D9042UGITehOl2D53Cc0ESnw
   [134.255.240.45]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
   2.0//EN\">\n<html><head>\n<title>404 Not
   Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

My web server is (include version): Ubuntu 18.04.2 LTS

The operating system my web server runs on is (include version): Apache/2.4.29

My hosting provider, if applicable, is: contabo.de

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.28.0

2

Hi @CapuzDE

looks like Certbot doesn't understand your config.

The main things are ok (checked with https://check-your-website.server-daten.de/?q=skybeast.de ):

Domainname Http-Status redirect Sec. G
http://skybeast.de/
134.255.240.45 200 0.293 H
https://skybeast.de/
134.255.240.45 -2 1.057 V
ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 134.255.240.45:443
http://skybeast.de/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
134.255.240.45 404 0.034 A
Not Found

There is no older certificate, so https doesn't work. But port 80 is open, /.well-known/acme-challenge has the correct http status 404.

So check your vHost to find your DocumentRoot, then use it:

certbot run -a webroot -i apache -w yourDocumentRoot -d skybeast.de
3

Your domain has this IP address, as shown in the error message:

skybeast.de.  300  A  134.255.240.45

The Server header is “Apache/2.4.10 (Debian)”.

http://skybeast.de/ includes an iframe for http://207.180.196.157 but every other path returns a 404 Not Found error.

It looks like the domain is using some sort of web forwarding service that has a design incompatible with ACME HTTP-01 validation.

If that’s what’s going on, you should change the A record to use your real IP address, or maybe switch to a forwarding service with a different design.

(Plus, does it support HTTPS?)

Edit: This post was totally rewritten.

4

134.255.240.45 is my Domainhoster (https://mc-host24.de/)

It is compatible

Not helped.

5

On which ip is certbot running?

If there is a dns entry skybeast.de -> 134.255.240.45, then Certbot must run on this ip address.

So Certbot can create a file under

http://134.255.240.45/.well-known/acme-challenge

so Letsencrypt fetches that file via

http://134.255.240.45/.well-known/acme-challenge
host: skybeast.de

If your dns entry points to another webspace, that can't work.

6

What are you using 134.255.240.45 for, anyway?

Apparently it's not.

Maybe some of their other services are, or it can be configured to be, but it isn't right now.

7

How can I find out? I have no idea about domain administration

What can i do now?

8

Run ifconfig to see your ip address

9

root@vmd32080:~# ifconfig
ens18: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 207.180.196.157 netmask 255.255.255.0 broadcast 207.180.196.255
ether 00:50:56:3c:45:9e txqueuelen 1000 (Ethernet)
RX packets 3535600510 bytes 320127099312 (320.1 GB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 175483990 bytes 26215189367 (26.2 GB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 303005637 bytes 106783010686 (106.7 GB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 303005637 bytes 106783010686 (106.7 GB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

10

There is your internet address. So it can't work if your dns entry has the ip 134.255.240.45.

Are you able to configure the webserver running 207.180.196.157?

So that you create a vHost with skybeast.de as ServerName.

But there is another problem: If this is only a frame, you can't use the certificate with your domain name, because you can't install the certificate.

11

When you say me how, i think yes.

12

This ip - there is an Apache ( https://check-your-website.server-daten.de/?q=207.180.196.157 ).

So check your Apache config file to see if there are vHosts. Something like

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Create a new file in /sites-available and add ServerName skybeast.de

looks good.

Last step: Change your dns entry your domain -> your new ip.

13

I did everything in the introduction, but I do not get the page from /var/www/skybeast.de/public_html open via skybeast.de

14

Your domain doesn't have an ip address:

Host T IP-Address is auth. ∑ Queries ∑ Timeout
skybeast.de A yes 1 0
AAAA yes
www.skybeast.de Name Error yes 1 0

You have removed the old address, but you have to add an A-entry with the 207 - ip address.

15

How i can made this?

16

Check your domain management, there you can create DNS entries.

There a new A record is required: skybeast.de -> ip address of your server.

17

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.