Invalid response ".well-known"

rg305 · January 22, 2019, 9:55pm

That could have been clearer/cleaner/less problematic for any future changes as:

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    root /var/www/html;
    server_name  example.com www.example.com;

    # Redirect non-https traffic to https
    if ($scheme != "https") {
        return 301 https://$host$request_uri;
    } # managed by Certbot
}
server {
    listen 443 ssl; # managed by Certbot
    root /var/www/html;
    server_name  example.com www.example.com;

    # RSA certificate
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot

    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
}

sundrik · January 22, 2019, 10:01pm

I guess that example is what it is because Certbot is making the changes. Therfore that is what the nginx conf will look like after the automatet changes are made.

Anyway. I have a fully functional port 80 way into my server. I can reach it. But I get 404 error when trying to create the cert.

Maybe the Certbot is trying to create the file in wrong path?

rg305 · January 22, 2019, 10:06pm

The logs can show what it did.

We can also try using --webroot method:
Where you replace --nginx from the command with:
--webroot -w /var/www/html
[NOTE: webroot MUST USE THE SAME root FOLDER AS IN YOUR CONFIG FILE]
[so change that path to match your actual path]

sundrik · January 22, 2019, 10:11pm

It says
Saving debug log to /var/log/letsencrypt/letsencrypt.log

But there is no log file there. I even tried running certbot command with sudo administartor user.
Strange.

I don’t have the nginx config in ‘var’. it’s in ‘etc’.

rg305 · January 22, 2019, 10:13pm

Look for the line with “root” in your config that listens on port 8004
That is the path you need to use with --webroot

sundrik · January 22, 2019, 10:15pm

I posted my full config above. I don’t have a ‘root’. Except from the line I added for .well-known

Edit// I used the root I added with .well-known and it looks like it passed. I’ll try to add all new lines manually now. Fingers crossed

rg305 · January 22, 2019, 10:22pm

If you followed the guide, then you have:

Does that path exist?
If so, then it can be used in the command:
sudo certbot --nginx -d example.com -d www.example.com
as
sudo certbot certonly --webroot -w /var/www/html -d example.com -d www.example.com

[change the domains to match your need]

rg305 · January 22, 2019, 10:25pm

Did it say “Congratulations…” ?
Check your certs with:
sudo certbot certificates

sundrik · January 24, 2019, 7:54am

Yes I finally got Congratulations. Now I’m looking into why I still can’t connect to my webserver via https. But I want to struggle some before asking about this.

rg305 · January 24, 2019, 7:56am

Why struggle?
Just ask…

Roxeth · January 27, 2019, 6:51pm

I cannot give better advice than to ask your hosting provider to supply a PLESK management console.
With that it is as simple as ABC. If your hosting provider cannot help you, change your hosting provider!

system · February 26, 2019, 7:06pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Invalid response from .well-known/acme-challenge Help	32	9145	January 23, 2022
Cant generate or renew ssl certificates (Invalid response from .well-known/acme-challenge/) Help	77	1741	October 25, 2023
Invalid response from .well-known/acme-challenge Help	8	1972	January 26, 2019
Certbot: Invalid response http://www.example.org/.well-known/acme-challenge Help	52	1238	July 30, 2023
Invalid response from wellknown request while it's working actually Help	6	1633	May 31, 2019

Invalid response ".well-known"

Related topics