macOS Server and multiple domains

I have a mac mini running macOS 10.12.4 and 5.3 hosting 6 different websites.

I followed the instructions, to setup LE on the default domain, it worked fabulously well!

However, when I went to add a certificate for a second domain, I got an error:

Failed authorization procedure. (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from

I tried changing ownership for the webroot to the same as the Default site but that didn't seem to help.

It was impressive how quickly the first site was processed without issue. When I try to load the site,, it forwards to the Default domain's SSL site

Thanks for any help!


Hi @dennispipper,

I guess you have different directories from which the content of each of your six different web sites is served? If so, did you specify the correct one with -w when requesting your second certificate?

The error that you saw is often a symptom of specifying an incorrect directory as the webroot with -w.

Thanks for the reply, @schoen !

Yes, for my default server site, I issued the following:

sudo letsencrypt certonly --webroot -w /Library/Server/Web/Data/Sites/Default -d -d

After everything succeeded, I then went to the second site, I entered:

sudo letsencrypt certonly --webroot -w /Library/Server/Web/Data/Sites/anchorliving -d -d

My other sites are all in directories off of the main /Sites directory as listed

If you put a file text.txt into /Library/Server/Web/Data/Sites/anchorliving/.well-known/acme-challenge, does it then become visible on the web at

Sorry for the late reply, but there is no acme-challenge folder in the .well-known directory


Could you create one with mkdir, and then try the experiment?

If I create the directory and the test text file with sudo the URL resolves to the Text file.

Hi @dennispipper, thank you for trying this test. It turned up something useful! Namely, there is a discrepancy between and

The former works perfectly, while the latter returns an error!

This must have something to do with your web server configuration. If you could get both of these to work in the same way, the certificate issuance should be able to proceed.

It looks as though the multiple domains I have on the server do the same thing. When I enter, it loads fine. When I add it forwards to the default domain on the server, which is the domain that currently has the cert that works - it’s very odd.

You could probably work around this problem by using -w /Library/Server/Web/Data/Sites/anchorliving -d -w /Library/Server/Web/Data/Sites/Default -d (which uses a different webroot for each domain, but will generate a single certificate at the end). However, this isn’t a very nice solution because it doesn’t address the underlying problem of why is actually serving different content from

The issue was with the way I configured my website in I ended up having to add the www. to the domain configuration in within macOS

Thanks for the help, it now works on all my domains!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.