Invalid Response, Not 404


#1

Please fill out the fields below so we can help you better.

My domain is:
forums.mc-sabotage.com

I ran this command:
letsencrypt certonly -a webroot --webroot-path=/var/www/html -d forums.mc-sabotage.com

It produced this output:
Domain: forums.mc-sabotage.com
Type: unauthorized
Detail: Invalid response from http://forums.mc-sabotage.com/.well-
known/acme-challenge/Jo6wBGjW0EgDIeskFWE5-1l9IxOG-nmoL727lqdOIWg:
"!DOCTYPE html>
html lang=“en”>
head>
meta charset=“utf-8”>
title>MC Sabotage » Forum
meta name=“description”

^^ I took away the ‘<’ at the beginning of each line because Discourse is removing them.

My operating system is (include version):
Ubuntu 16.04

My web server is (include version):
I think NGINX (Unsure of the versio)

My hosting provider, if applicable, is:
SoYouStart/OVH

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No

Additional Info: I was able to get my certificate for the original domain, mc-sabotage.com, using this method.


#2

Hi @Lavabird,

Next time, paste the text, select it and click on the button </> so no characters would be removed.

Could you please paste the nginx conf for your domain forums.mc-sabotage.com? Please, paste both server blocks, the one for port 80 where you should have a return directive and the one for port 443.

Cheers,
sahsanu


#3

Is this what you are looking for?

server {
    listen 80;
    server_name forums.mc-sabotage.com;
    return 301 https://forums.mc-sabotage.com$request_uri;
}

server {
    listen 443 ssl spdy;
    server_name forums.mc-sabotage.com;
    ssl_certificate /etc/letsencrypt/live/forums.mc-sabotage.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/forums.mc-sabotage.com/privkey.pem;
    location / {
        proxy_set_header X_FORWARDED_PROTO https;
        proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header  Host $http_host;
        proxy_set_header  X-Url-Scheme $scheme;
        proxy_redirect    off;
        proxy_max_temp_file_size 0;
        proxy_pass https://forums.mc-sabotage.com:8092/;
        proxy_read_timeout 120;
    }
}

#4

Yes :wink:

Ok, first, make a backup of the file that you are going to modify… just in case ;)…change your server block for port 80 from this:

server {
    listen 80;
    server_name forums.mc-sabotage.com;
    return 301 https://forums.mc-sabotage.com$request_uri;
}

to this:

server {
    listen 80;
    server_name forums.mc-sabotage.com;   
    location /.well-known/acme-challenge {
        default_type "text/plain";
        alias   /var/www/html/.well-known/acme-challenge;
    }
    location / {
        return 301 https://forums.mc-sabotage.com$request_uri;
    }
}

Once the new conf is saved, reload nginx:

service nginx reload

or

systemctl reload nginx

And try again to issue the certificate with the same command:

letsencrypt certonly -a webroot --webroot-path=/var/www/html -d forums.mc-sabotage.com

If the new cert is issued pay attention to the last message where letsencrypt will tell you where is the cert saved. Check that your ssl_certificate and ssl_certificate_key directives point to the same dir and reload again nginx.

I hope this helps.

Cheers,
sahsanu


#5

Thanks so much! It worked perfectly :smiley:


#6

Glad you get it working :wink:


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.