[solved] 1 domain issues, the other doesn't

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: nwbsf.com

I ran this command: sudo certbot certonly --manual -d nwbsf.com -d www.nwbsf.com

It produced this output:

My web server is (include version): Apache/2.2.29 (Unix)

The operating system my web server runs on is (include version): macOS 10.8.5

My hosting provider, if applicable, is: N/A

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

I create the files as requested. One of them is:

https://nwbsf.com/.well-known/acme-challenge/UExUGG1I8ujQx1_ylQUrr0gDMIUtczfk6x7iplfgjEo

I have no problem accessing this file from the outside. Why do I get a verification error?

Also: why is there a missing slash in the error URL right before .well-known?

Hi @lake,

Pay attention to the url, there is no / after your domain so the domain Let's Encrypt tries to reach is nwbsf.com.well-known which obviously doesn't exist.

Just an example:

$ curl -IkL http://nwbsf.com/.well-known/acme-challenge/fnOd2hKLi9BZHat1kJ3IudCEGlA5-HeIeRp0RkJlicw
HTTP/1.1 301 Moved Permanently
Date: Sun, 22 Oct 2017 23:54:02 GMT
Server: Apache/2.2.29 (Unix) DAV/2 PHP/5.3.29 mod_fastcgi/2.4.6 mod_ssl/2.2.29 OpenSSL/0.9.8zg
Location: https://nwbsf.com.well-known/acme-challenge/fnOd2hKLi9BZHat1kJ3IudCEGlA5-HeIeRp0RkJlicw
Content-Type: text/html; charset=iso-8859-1

curl: (6) Couldn't resolve host 'nwbsf.com.well-known'

You have a Redirect or RewriteRule redirecting http://nwbsf.com/whatever to https://nwbsf.comwhatever so you missed the trail slash in your redirect directive.

Something like this:

Redirect permanent / https://nwbsf.com

and you need to add a trailing slash

Redirect permanent / https://nwbsf.com/

Review your conf or .htaccess files.

Cheers,
sahsanu

2 Likes

Don’t know whether to shoot myself or kiss you, but that was it. You rock @sahsanu !!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.