[solved] 1 domain issues, the other doesn't

lake · October 22, 2017, 11:35pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: nwbsf.com

I ran this command: sudo certbot certonly --manual -d nwbsf.com -d www.nwbsf.com

It produced this output:

The following errors were reported by the server:

Domain: nwbsf.com
Type: connection
Detail: Fetching
https://nwbsf.com.well-known/acme-challenge/fnOd2hKLi9BZHat1kJ3IudCEGlA5-HeIeRp0RkJlicw:
Error getting validation data

Domain: www.nwbsf.com
Type: connection
Detail: Fetching
https://nwbsf.com.well-known/acme-challenge/UExUGG1I8ujQx1_ylQUrr0gDMIUtczfk6x7iplfgjEo:
Error getting validation data

My web server is (include version): Apache/2.2.29 (Unix)

The operating system my web server runs on is (include version): macOS 10.8.5

My hosting provider, if applicable, is: N/A

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

I create the files as requested. One of them is:

https://nwbsf.com/.well-known/acme-challenge/UExUGG1I8ujQx1_ylQUrr0gDMIUtczfk6x7iplfgjEo

I have no problem accessing this file from the outside. Why do I get a verification error?

Also: why is there a missing slash in the error URL right before .well-known?

sahsanu · October 22, 2017, 11:58pm

Hi @lake,

Pay attention to the url, there is no / after your domain so the domain Let's Encrypt tries to reach is nwbsf.com.well-known which obviously doesn't exist.

Just an example:

$ curl -IkL http://nwbsf.com/.well-known/acme-challenge/fnOd2hKLi9BZHat1kJ3IudCEGlA5-HeIeRp0RkJlicw
HTTP/1.1 301 Moved Permanently
Date: Sun, 22 Oct 2017 23:54:02 GMT
Server: Apache/2.2.29 (Unix) DAV/2 PHP/5.3.29 mod_fastcgi/2.4.6 mod_ssl/2.2.29 OpenSSL/0.9.8zg
Location: https://nwbsf.com.well-known/acme-challenge/fnOd2hKLi9BZHat1kJ3IudCEGlA5-HeIeRp0RkJlicw
Content-Type: text/html; charset=iso-8859-1

curl: (6) Couldn't resolve host 'nwbsf.com.well-known'

You have a Redirect or RewriteRule redirecting http://nwbsf.com/whatever to https://nwbsf.comwhatever so you missed the trail slash in your redirect directive.

Something like this:

Redirect permanent / https://nwbsf.com

and you need to add a trailing slash

Redirect permanent / https://nwbsf.com/

Review your conf or .htaccess files.

Cheers,
sahsanu

lake · October 23, 2017, 12:13am

Don’t know whether to shoot myself or kiss you, but that was it. You rock @sahsanu !!

system · November 22, 2017, 12:13am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Domain won't verify due to missing "/" Help	3	743	May 16, 2018
Validation with wrong domain and slash before .well-known missing Help	5	1457	December 29, 2018
Invalid weryfication addres Help	3	1348	August 4, 2017
Unable to get validation data! Server	7	1314	April 14, 2018
[Solved] Can't renew or create new certs: Fetching URL appears to be wrong Help	5	1600	January 6, 2018

[solved] 1 domain issues, the other doesn't

Related topics