Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: snap.feedontario.ca
I ran this command: sudo certbot certonly --webroot
It produced this output:
Input the webroot for snap.feedontario.ca: (Enter 'c' to cancel): cert
Waiting for verification...
Challenge failed for domain snap.feedontario.ca
http-01 challenge for snap.feedontario.ca
Cleaning up challenges
Some challenges have failed.
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): ubuntu 18.04
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): Yes
Bad request. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner.
If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.
Once you get Cloudfront working again, you should be able to request the certificate.
Per the video I sent, there's a big difference between a 403 Forbidden and a 404 Not Found. The first is a permissional problem while the second is a missing content problem.
No,I haven't add snap.feedontario.ca domain in CNAME of cloudfront distribution setting, because its giving certificate issue.
"com.amazonaws.services.cloudfront.model.InvalidViewerCertificateException: The certificate that is attached to your distribution doesn't cover the alternate domain name (CNAME) that you're trying to add. For more details, see: Using Custom URLs for Files by Adding Alternate Domain Names (CNAMEs) - Amazon CloudFront (Service: AmazonCloudFront; Status Code: 400; Error Code: InvalidViewerCertificate; Request ID: f7fd0e21-a13f-4cba-955c-02dd17507657; Proxy: null)"