I have a feeling that that there is something simple that I’m missing a step on. Up until sslforfree decided to make the changes that it made, I had been using their site to generate certificates for a couple of my projects because I had trouble getting certbot to work on my machine to upload them manually. I had no trouble getting the files downloaded and uploaded to the /.well-known folders that I needed them to be in to complete the process. It would download them as .bat or .dat files (I honestly forget which) and I’d take off the extension and the verification process would see them just fine after that.
I’ve successfully set up and gotten certbot working on my machine to replicate that process (macOS 10.15, latest version of certbot through homebrew), but for some reason when I am uploading a text file to the proper location for manual verification, I keep getting a 404 error.
I guess that is a long winded way of asking is there a specific format of file that the verification needs to be in and I’m just missing it?
Because of the way my host is set up, I can’t do things automatically (which is part of the reason I’m looking at moving once it’s renewal time) and I only have a couple that I have to worry about at any rate so it hasn’t been a big deal to do it manually every so often.
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
I upload the file to the same /.well-known/ I had been uploading the challenge files to when using sslforfree for the respective sites, but it doesn't work where it was working just fine with the files sslforfree had been generating.
I had a feeling that they were simple text files since I couldn't find anything in the documentation about specific needs. I'll try a different app to create the file in case something in BBEdit is causing it to not be recognized.
If something went haywire with the /.well-known/ directory, would it be a terrible idea to delete and then recreate it? I suspect it wouldn't hurt anything, but I thought I'd ask anyway.
I didn't think that it was the client since certbot and ssl4free both ultimately use Let's Encrypt anyway, but I didn't change any configuration options. So unless something was changed on my account by my host, I don't know what would have changed to cause this to not work.
That is the IP that shows up when I'm looking at Control Panel.
The roots, to the best of my knowledge, are the same. There isn't an application that I have going that changes anything. At one point I had to uncomment the .htaccess file in order to get it to serve the SSL, but commenting out those lines again appears to have no effect on it.
Huh. That's.... strange. It should just be showing a white page with "Nothing to see here," written on it and did when I started this thread. I'm actually quite confused as to what that is all about (the zone5hosting bit specifically). Nowhere that I can see has a redirect set up, let alone for anything remotely like that. Unless deleting the expired certificate did something to open that up, but I would anticipate that would just give me a warning about privacy or invalid certificates. There is literally nothing on this domain right now except for a placeholder page so that's a bit of investigative work I need to figure out now...
Awesome. I don't know what was going on, but I removed files from the directory and reuploaded the basic files that were there. I'm glad that it's working for someone other than myself.
I suspect that I had a garbage file in there from who knows when and for what purpose that was causing the zone5hosting thing.
I just remembered that my host did something to the server the other day that had downtime. I don’t know if they were upgrading Apache or not. I’m going to reach out to them and see if there’s something that changed on their end that is causing this and report back.
Okay, so at the outset I thought I was missing something simple and, as it turns out, I was partly right.
After bringing in tech support on my hosting side, the issue (other than that zone5 nonsense) ended up being the dot in the middle of the challenge content. I was removing the .txt extension from the challenge file I uploaded, but completely missing the “.” in the middle of the string.
I’m going to attribute it to a lack of experience with this working method and me being too close to the problem.
Thank you, @JuergenAuer for your help in getting me down the right path and thank you @Rip for the screenshot verification.