Invalid response

Help
1

Getting this error. The cert was already issued and on renew I get this. Page is working OK.
nginx does not give any configuration errors.

http-01 challenge for www.01.ee
nginx: [warn] conflicting server name “www.01.ee” on 0.0.0.0:80, ignored
Waiting for verification…
Challenge failed for domain www.01.ee
http-01 challenge for www.01.ee
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

  • The following errors were reported by the server:

    Domain: www.01.ee
    Type: unauthorized
    Detail: Invalid response from https://www.01.ee/est/
    [188.92.162.229]: "\n<html
    "

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address.

2

What's causing that warning? Are there duplicate virtual hosts now? Is Certbot mistakenly adding a second one?

Can you fill out the questionnaire below? And provide the rest of Certbot's output?

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

1 Like
3

Debian 8.11
certbot is 1.4

root@# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

I do not know where from comes the error. As you can see ngonx sees no errors. The nginx config for 01.ee is same as for ox.ee, what works flawless.

Cert is due for renewal, auto-renewing…
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for 01.ee
http-01 challenge for www.01.ee
nginx: [warn] conflicting server name “www.01.ee” on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name “01.ee” on 0.0.0.0:80, ignored
Waiting for verification…
Challenge failed for domain 01.ee
Challenge failed for domain www.01.ee
http-01 challenge for 01.ee
http-01 challenge for www.01.ee
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

  • The following errors were reported by the server:

    Domain: 01.ee
    Type: unauthorized
    Detail: Invalid response from https://www.01.ee/est/
    [188.92.162.229]: "\n<html
    "

    Domain: www.01.ee
    Type: unauthorized
    Detail: Invalid response from https://www.01.ee/est/
    [188.92.162.229]: "\n<html
    "

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address.

nginx config

server {

server_name 01.ee www.01.ee;
    listen 443 ssl;

ssl on;

ssl_ciphers HIGH:!aNULL:!MD5;

root /ox/platform/htdocs;

client_max_body_size 60M;
keepalive_timeout 600;
fastcgi_read_timeout 600;

   include /etc/nginx/bots.d/ddos.conf;
   include /etc/nginx/bots.d/blockbots.conf;


location /fpm_status {
	allow 127.0.0.1;
	allow 188.95.212.8;
	deny all;
	include /etc/nginx/fastcgi_params;
	fastcgi_pass unix:/var/run/php7-fpm.ox.sock;
}

if ($http_user_agent ~ (Go-http-client)) {
	return 403;
}

location /b/ {
	expires 30d;

	gzip on;
	gzip_min_length 1100;
	gzip_buffers 64 8k;
	gzip_comp_level 3;
	gzip_http_version 1.1;
	gzip_proxied any;
	gzip_types text/plain application/javascript application/x-javascript text/javascript text/xml text/css;
}

location / {

	deny 37.75.193.93;
	deny 95.128.43.164;

	index index.php;

	if (!-f $request_filename) {
		  rewrite ^/(.*)$ /index.php last;
	}
}

location /crossdomain.xml {
	try_files $uri /index.html;
}

location ~ \.php$ {

	try_files $uri =404;

	include       /etc/nginx/fastcgi_params;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	fastcgi_pass  unix:/var/run/php7-fpm.ox.sock;
}	


ssl_certificate /etc/letsencrypt/live/01.ee-0002/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/01.ee-0002/privkey.pem; # managed by Certbot

}

server {
server_name 01.ee www.01.ee;
listen 80;
return 301 https://$host$request_uri;
}

4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.