Invalid Respose .well-known/acme-challenge

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: digiajay.com

I ran this command: /etc/letsencrypt/certbot-auto renew

It produced this output:

Cleaning up challenges
Attempting to renew cert (.com) from /etc/letsencrypt/renewal/.com.conf produced an unexpected error: Some challenges have failed.. Skipping.

Processing /etc/letsencrypt/renewal/www.______.com.conf

Cert not yet due for renewal
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/______.com/fullchain.pem (failure)

The following certs are not due for renewal yet:
/etc/letsencrypt/live/www..com/fullchain.pem expires on 2021-04-29 (skipped)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/.com/fullchain.pem (failure)

1 renew failure(s), 0 parse failure(s)

IMPORTANT NOTES:

  • The following errors were reported by the server:

    Domain: .com
    Type: unauthorized
    Detail: Invalid response from
    https://www.    .com/.well-known/acme-challenge/uASGjaegJ1XJB-uiDNmPAue3GM4j5L3cbqZ4jEL0FE8
    [104.154.xx.xx]: "\n<html
    lang="en-US">\n\n<meta charset="UTF-8">\n<meta
    name="viewport" content="width=device-width, initial-sca"

    Domain: www..com
    Type: unauthorized
    Detail: Invalid response from
    https://www.    .com/.well-known/acme-challenge/8SgdHQ89BhoRtQpmsZueWC8prO5EwVtaMITLM5tp8BE
    [104.154.62.33]: "\n<html
    lang="en-US">\n\n<meta charset="UTF-8">\n<meta
    name="viewport" content="width=device-width, initial-sca"

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address.

My web server is (include version): Bitnami (Apache)

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: Bitnami WordPress 4.9.1-0

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.9.0

2

Hi @digiajay

why is there a www.com - answer if your domain is digiajay.com?

Same there. What's the content of that config file?

If you use Bitnami, you should use the Bitnami integrated SSL solution, not an own Certbot.

So starting Certbot may not work because it's a Bitnami.

3

Hi..

The content of config file is

# renew_before_expiry = 30 days
version = 1.9.0
archive_dir = /etc/letsencrypt/archive/digiajay.com
cert = /etc/letsencrypt/live/digiajay.com/cert.pem
privkey = /etc/letsencrypt/live/digiajay.com/privkey.pem
chain = /etc/letsencrypt/live/digiajay.com/chain.pem
fullchain = /etc/letsencrypt/live/digiajay.com/fullchain.pem

# Options used in the renewal process
[renewalparams]
authenticator = webroot
account = 9dd73ecb03e9686f7f967f101582bac6
server = https://acme-v02.api.letsencrypt.org/directory
webroot_path = /var/www/html,
[[webroot_map]]
www.digiajay.com = /var/www/html
digiajay.com = /var/www/html
4

The result is expected.

If you use Bitnami, that's

normally not your webroot.

Bitnami has it's own rules.

So may be find your correct Bitnami webroot.

5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.