Please help "install free sll certificate wordpress" Challenge error failed for domain

langtoi · March 15, 2019, 4:31pm

I made a guide to run this command: https://www.onepagezen.com/free-ssl-certert-wordpress-google-cloud-click-to-deploy/

It knocked out: 2 red lines "Challenge failed for domain hieucredit.com
Challenge failed for domain www.hieucredit.com "

My web server is (included version): worpdress for vps google cloud

Your hardware and your software

My hosting provider, if any, is:

I can not eat, can only use the original part (yes or no, I do not know):

Our part (my website)

I have 2 websites that are running like that but have no errors

JuergenAuer · March 15, 2019, 4:41pm

Hi @langtoi

you use Cloudflare.

Host	T	IP-Address	is auth.	∑ Queries	∑ Timeout
hieucredit.com	A	104.27.190.197	yes	1	0
	A	104.27.191.197	yes	1	0
	AAAA	2606:4700:30::681b:bec5	yes
	AAAA	2606:4700:30::681b:bfc5	yes
www.hieucredit.com	A	104.27.190.197	yes	1	0
	A	104.27.191.197	yes	1	0
	AAAA	2606:4700:30::681b:bec5	yes
	AAAA	2606:4700:30::681b:bfc5	yes

But your domain doesn't have a valid certificate, so Cloudflare blocks with a http status 521.

Error 521 Ray ID: 4b7fe7f61bf42d95 • 2019-03-15 16:36:24 UTC Web server is down You Browser Working Berlin Cloudflare Working www.hieucredit.com Host Error What happened? The web server is not returning a connection. As a result, the web page is not displaying. What can I do? If you are a visitor of this website: Please try again in a few minutes. If you are the owner of this website: Contact your hosting provider letting them know your web server is not responding. Additional troubleshooting information . Cloudflare Ray ID: 4b7fe7f61bf42d95 • Your IP : 2a01:238:301b::1229 • Performance & security by Cloudflare

So

if I know it correct, there is an integrated Cloudflare solution you can use (or)
remove Cloudflare, then create a certificate, then activate Cloudflare again.

schoen · March 15, 2019, 5:59pm

To expand on this:

If you tell Cloudflare that your site requires a valid certificate, your site must already have one. Otherwise, you've done this in the wrong order. Enforcing the certificate validity when the certificate doesn't exist prevents you from issuing the certificate.

The integrated solution that @JuergenAuer mentioned is CloudFlare Origin CA; this is at least as secure as a Let's Encrypt certificate in this setting and more convenient, as long as you don't ever need to disable Cloudflare (if you do, you'll need to replace the certificate).

langtoi · March 16, 2019, 1:04am

How do I make my website work again, I use namsilo domain name and wordpress vps at google cloud, now I just want my website to work, not the sll certificate. can you help me thank you

JuergenAuer · March 16, 2019, 10:28am

Now your website looks better (but not good enough - https://check-your-website.server-daten.de/?q=hieucredit.com ):

You have removed the Cloudflare - ips:

Host	T	IP-Address	is auth.	∑ Queries	∑ Timeout
hieucredit.com	A	35.241.89.149	yes	2	0
	AAAA		yes
www.hieucredit.com	C	hieucredit.com	yes	1	0
	A	35.241.89.149	yes

And you have a new Letsencrypt certificate:

CN=hieucredit.com
	16.03.2019
	14.06.2019
expires in 90 days	hieucredit.com - 1 entry

But your certificate has only one domain name, so your www version is insecure.

In your screenshot, you have used both domains

-d hieucredit.com -d www.hieucredit.com

So do that again to create one certificate with both domain names. Then recheck your domain to check if both domains use that certificate.

And there is a wrong link to a script that doesn't exist - http status 404.

system · April 15, 2019, 10:28am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.