Issuance error "There was a problem processing your request"


#1

Please I have this error message while trying to issue certificate on my domain.

I have WHM/CP linked to my VPS on Digital Ocean,

I have installed the lets encrypt on the server, but when i try to issue certificate i encounter this error message.

Error issuing certificate
Failed to issue certificate
Updating challenge for example.com: acme: error code 403 > “urn:ietf:params:acme:error:unauthorized”: Invalid response from http://example.com/.well-known/acme-challenge/EcvtEpwTymwLXJpTqBIvTo8YZ8v3BbsFdZjzUlcOROw: “\n<html lang=“en”>\n\n<meta http-equiv=“Content-Type” content=“text/html; charset=utf-8” />\n404 Not Fou” (order URL: https://acme-v02.api.letsencrypt.org/acme/order/51433791/313971378)

Any suggestion of how I get this fixed


#2

Hi @alabius

we need some informations. Please answer the following questions:


Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):


#3

Hi @alabius,

How is your cPanel server configured?

Requests to your server give a very atypical server banner and redirect:

$ curl -X GET -I <redacted>
HTTP/1.1 302 Found
Date: Wed, 13 Feb 2019 19:49:12 GMT
Server: Apache/2.4.18 (Ubuntu)
Location: http://<redacted>:80/

While it does appear to be a cPanel server, I’ve never seen anything like it. Ubuntu? cPanel can’t run on Ubuntu. Same with the redirect, not typical at all.

The way the cPanel plugin works is not complicated - It drops a file in your webroot (at least, what the cPanel server thinks your webroot is) and then an HTTP request is made to it.

If you are the root administrator, you can check in /usr/local/cpanel/logs/error_log to see what directory the challenge file was written to.


#4

My domain is: ruffntumblekids.org

I ran this command: not clear. The process was initiated from cpanel

It produced this output: Above error

My web server is (include version): Apache

The operating system my web server runs on is (include version): Use Centos7 and Ubuntu 16.04 on my docker container

My hosting provider, if applicable, is: I run VPS

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): I use Cpanel 76.0.20 but have docker container

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): not sure


#5

You are right. Changed the Port from 8080 to 80 because i had to use the port 80 with my docker container. But i have reverted it to 80. The server is using Centos7 while the ubuntu from your report is my docker container.


#6

That may be incompatible.

Your main config looks ok ( https://check-your-website.server-daten.de/?q=ruffntumblekids.org ):

Domainname Http-Status redirect Sec. G
http://ruffntumblekids.org/
167.99.135.89 200 0.033 H
http://ruffntumblekids.org:81/ 200 1.030 H
http://www.ruffntumblekids.org/
167.99.135.89 200 0.047 H
https://ruffntumblekids.org/
167.99.135.89 302 http://ruffntumblekids.org:81/ 1.280 N
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
https://www.ruffntumblekids.org/
167.99.135.89 302 http://ruffntumblekids.org:81/ 1.280 N
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
http://ruffntumblekids.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
167.99.135.89 404 0.046 A
Not Found
http://www.ruffntumblekids.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
167.99.135.89 404 0.030 A
Not Found

Port 80 is open, /.well-known/acme-challenge sends the expected http status 404, if the file is unknown.

But:

A Info: Different Server-Headers found

http has only

Server: Apache

as header, http / port 81 and https have

Server: Apache/2.4.18 (Ubuntu)

cPanel is a closed world. So it may be impossible to create a certificate via cPanel if cPanel doesn’t manage port 80 / http and the there-running webserver.


#7

Yes, but i have changed the Apache port to 80 now.

Have even tried to install the Lets Encrypt on the docker container itself, but had the same issue
see error log below

IMPORTANT NOTES:

#8

There answers your cPanel with a http status 404.

These are different worlds.