[Solved] Can't renew or create new certs: Fetching URL appears to be wrong

It appears at first glance that the URL it’s attempting to fetch verification from is wrong:

It’s showing “Fetching https://partner-search.isolvedhcm.com.well-known/…” but it should be “Fetching https://partner-search.isolvedhcm.com/well-known/…”

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:
sudo certbot certonly --dry-run -d partner-search.isolvedhcm.com -d www.partner-search.isolvedhcm.com --webroot --webroot-path /var/www/partner-search.isolvedhcm.com/public/

It produced this output:
Failed authorization procedure. www.partner-search.isolvedhcm.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://partner-search.isolvedhcm.com.well-known/acme-challenge/OXZ67akra-y-2WcA6q_987-6jkkOr0V8vWb-RcmPBq8: Error getting validation data, partner-search.isolvedhcm.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://partner-search.isolvedhcm.com.well-known/acme-challenge/SN_o8obyNT-Gxu4qVdw2qBHCTTektb2PiDlFXusdcL0: Error getting validation data

My web server is (include version):
Apache/2.4.18 (Ubuntu)

The operating system my web server runs on is (include version):
Ubuntu v16.04 (Xenial)

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

Looks like a missing / in the redirect from http to https to me.

See for yourself: http://partner-search.isolvedhcm.com/test


Check for an Apache setting like “Redirect / https://example.com”. It needs to be “Redirect / https://example.com/” with a “/” at the end.


For more info, see https://httpd.apache.org/docs/2.4/mod/mod_alias.html#redirect


Derp. Thanks a ton for looking into this. This isn’t the first time I’ve encountered this problem with an Apache redirect so you think I would have checked there first, but for some reason I was convinced it was a certbot problem. I was looking for a missing slash in all of the renewal config files, but didn’t think to check Apache’s config files. This solved the problem, thanks to you both!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.