It produced the following error messages when generating a new SSL certificate

My domain is:
bilab.pro

My system: Win10 + xampp + Wordpress + WP Force SSL PRO
I can navigate the acme-channenge from some other system, but LetsEncrypt cannot access it.
It produced the following error messages when generating a new SSL certificate.

[2023-10-24 17:42:37] LetsEncrypt: Authorizations could not be verified. Please check that bilab.pro/.well-known/acme-challenge/86koU8u9Ur0lbBUgaXa-k_SDa6bSIvNQmk5iADCwGns is publicly accessible

[2023-10-24 17:42:37] LetsEncrypt: Recheck for pending authorizations

[2023-10-24 17:42:25] LetsEncrypt: Verify challenge

[2023-10-24 17:42:25] LetsEncrypt: Creating challenge file C:\xampp\htdocs/.well-known/acme-challenge/86koU8u9Ur0lbBUgaXa-k_SDa6bSIvNQmk5iADCwGns

[2023-10-24 17:42:25] LetsEncrypt: Pending authorization HTTP challenges found

[2023-10-24 17:42:25] LetsEncrypt: Checking for pending authorizations

[2023-10-24 17:42:20] LetsEncrypt: Requesting certificate order

[2023-10-24 17:42:15] User agreed to Let's Encrypt terms

[2023-10-24 17:42:15] User email valid

[2023-10-24 17:42:08] Asking for user information

[2023-10-24 17:42:08] Requirements passed

[2023-10-24 17:42:08] .htaccess for certificate directory C:\xampp\htdocs/wp-content/wf_force_ssl_certificates created successfully

[2023-10-24 17:42:08] Certificate directory C:\xampp\htdocs/wp-content/wf_force_ssl_certificates created successfully

[2023-10-24 17:42:08] ACME Challenge directory C:\xampp\htdocs/.well-known/acme-challenge created succesfully

[2023-10-24 17:42:08] PHP version OK

[2023-10-24 17:42:07] Checking Requirements

[2023-10-24 17:42:07] Start certificate generation

Hello @meson, welcome to the Let's Encrypt community.

Which of the Challenge Types - Let's Encrypt are you trying to use?
I see this for the DNS, and the TXT Record seems wrong.

image1167×520 6.85 KB

And https://letsdebug.net/bilab.pro/1649715 shows

ANotWorking
Error
bilab.pro has an A (IPv4) record (120.113.70.24) but a request to this address over port 80 did not succeed. Your web server must have at least one working IPv4 or IPv6 address.
A timeout was experienced while communicating with bilab.pro/120.113.70.24: Get "http://bilab.pro/.well-known/acme-challenge/letsdebug-test": context deadline exceeded

Trace:
@0ms: Making a request to http://bilab.pro/.well-known/acme-challenge/letsdebug-test (using initial IP 120.113.70.24)
@0ms: Dialing 120.113.70.24
@10000ms: Experienced error: context deadline exceeded 

IssueFromLetsEncrypt
Error
A test authorization for bilab.pro to the Let's Encrypt staging service has revealed issues that may prevent any certificate for this domain being issued.
120.113.70.24: Fetching http://bilab.pro/.well-known/acme-challenge/vKnFejMAlJL80h_auPVbmfuEVIFN2xYUP-_3mGvj_to: Timeout during connect (likely firewall problem) 

Unless you are using DNS-01 Challenge, access to Ports 80 and/or 443 are required; both are filtered.

$ nmap -Pn -p80,443 bilab.pro
Starting Nmap 7.80 ( https://nmap.org ) at 2023-10-24 18:04 UTC
Nmap scan report for bilab.pro (120.113.70.24)
Host is up.

PORT    STATE    SERVICE
80/tcp  filtered http
443/tcp filtered https

Nmap done: 1 IP address (1 host up) scanned in 5.33 seconds

Hi @meson, and welcome to the LE community forum

If the "a" in "xampp" is for Apache, then we should begin with checking for name:port overlaps.
Please show the output of:
sudo apachectl -t -D DUMP_VHOSTS
OR
In the case of Windows:
httpd.exe -t -D DUMP_VHOSTS

http-01 as that's the only challenge using the http://.../.well-known/acme-challenge/ path.

@meson I agree with Bruce in that your webserver is not reachable from the public internet. This is a requirement for all challenges except for the dns-01 challenge. But your setup is using the http-01 challenge, thus your webserver requires to be accessible from the public internet.

I agree , but I had curiosity regarding the TXT records with "acme-challenge" in it.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.