Redirect Loop Detected with CertSage

Trying to add and SSL to my website hosting at godaddy cpanel. I tried running the CertSage but get a loop error. I tried correcting it but am not seeing anything. Is there something else on this end I can do?
Thank you.

My domain is: http://drstevensukinurology.com

I ran this command: Using the CertSage

It produced this output: urn:ietf:params:acme:error:connection
160.153.90.65: Fetching drstevensukinurology.com: Redirect loop detected

My web server is (include version):Godaddy |Hosting Package|Deluxe|
| --- | --- |
|Server Name|p3plcpnl0947|
|cPanel Version|94.0 (build 19)|
|Apache Version|2.4.53|
|PHP Version|7.4.28|
|MySQL Version|5.6.51-cll-lve|
|Architecture|x86_64|
|Operating System|linux|
|Shared IP Address|160.153.90.65|
|Path to Sendmail|/usr/sbin/sendmail|
|Path to Perl|/usr/bin/perl|
|Perl Version|5.10.1|
|Kernel Version|2.6.32-954.3.5.lve1.4.87.el6.x86_64|

My hosting provider, if applicable, is: Godaddy

I can login to a root shell on my machine (yes or no, or I don't know): I dont Know

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): I dont know

Update. I removed the .htacess from the site and generated a new one. That error went away. Now just says authorization pending after 10 attempts. Hopefully it will work...

Before your server went completely down on port 80, I could do a little bit of testing. It seems when requesting a path with /.well-known/acme-challenge/test, your server redirects with:

Location: drstevensukinurology.com

Which is a rather odd redirect.

Maybe it was caused by that .htaccess you've removed (no clue, I don't know the contents), but for me, the site is still completely down. And if I can't access it, chances are Let's Encrypt can't either.

Well that is odd... I am able to pull up the site.
I dont have a well-know folder. I can add that.

I am new to all this and trying to piece it together. Thank you for your help

Now, I can connect and send requests, but the website doesn't answer... Weird.

I can get a response for http://drstevensukinurology.com/ but when I try http://drstevensukinurology.com/test, it did absolutely nothing.

However, now I'm getting the Location: drstevensukinurology.com redirect again, so removing the .htaccess was not the trick..

That shouldn't be necessary.

Edit: And now the site is dead again.. Ever considered moving hosting providers?

I do have 404 redirect plugin and W3 cache plugins. I could disable them

Temporarily disabling all non-essential plugins could be helpful, yes.

You also might want to file a ticket with GoDaddy that the shared hosting webserver is rather unresponsive from Europe. Even when I just connect to the IP address, I'm getting timeouts.. Great webhost

I know.. i wish I could.. hosting with godaddy was not my choice..
But I have disabled the plugins and reset the htacess again..
Is it better?

Unless someone else can connect to your webserver, I have no idea I'd have to wait until the host becomes reachable again to test it out.

Thank you for trying, i will check back in a bit.

It seems your weird redirect is gone at the moment. Probably caused by your 404 redirect plugin. My advice? Leave this one off and try to find a better one. This one is just terrible from the looks of it.

Ok great. I tried to rerun the Certsage I get this:

urn:ietf:params:acme:error:unauthorized
160.153.90.65: Invalid response from http://drstevensukinurology.com/.well-known/acme-challenge/AmJrA2X6omGlxcuNyVLHo1Zdk1MMtp5eCYimZcG0a9k: 404

I don't have experience with CertSage, so to tackle this (and perhaps further) issue(s), let's ask @griffin as he developed CertSage.

I am assume that I use it to get a cert for the site or am I missing something?

If not, please tell me what I can do to get the cert for the site... then I again, assume, I load it in to the cpanel...?

thank you

CertSage is an ACME client to get a certificate, yes.

Looks to me like there's still an Apache redirect occurring:

http://drstevensukinurology.com/.well-known/acme-challenge/AmJrA2X6omGlxcuNyVLHo1Zdk1MMtp5eCYimZcG0a9k
301 Moved Permanently
http://drstevensukinurology.com
200 OK

I'm suspecting there's an .htaccess file in front turning "pretty" URLs into specific parameters/files for a PHP-based app. There needs to be an exception added to the rewrite rules for /.well-known/.

Something isn't right.

% curl -IL http://drstevensukinurology.com/.well-known/acme-challenge/AmJrA2X6omGlxcuNyVLHo1Zdk1MMtp5eCYimZcG0a9k     
HTTP/1.1 404 Not Found
Date: Wed, 27 Apr 2022 23:42:33 GMT
Server: Apache
X-Powered-By: PHP/7.4.28
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://drstevensukinurology.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

this is the code in the htacess

RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

I do have this code in the 404.php of the theme.

are these an issue?

Also.. i am new to doing this.. I created a folder called .well-known and a folder in it called acme-challenge. there is currently nothing in the folder, should there be?
is that right?

You could place a test text file there to ensure it can be reached from the Internet.
Otherwise, it can remain empty [and will be used by the ACME software during HTTP authentication].