Some general advice with invalid response from domain

Help
1

My domain is:
yamspace.org

I ran this command:
certbot --nginx -d yamspace.org

It produced this output:
[root@srv ~]# certbot --nginx -d yamspace.org
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for yamspace.org
Waiting for verification…
Challenge failed for domain yamspace.org
http-01 challenge for yamspace.org
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: yamspace.org
   Type:   unauthorized
   Detail: Invalid response from
   http://yamspace.org/.well-known/acme-challenge/gsYDCE7bXWJ0QSXAR2g1fr__pVPIBqsmgH6F0I_2YxA
   [77.235.46.11]: "<html>\r\n<head><title>404 Not
   Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404
   Not Found</h1></center>\r\n<hr><center>"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

My web server is (include version):
nginx/1.12.2

The operating system my web server runs on is (include version):
CentOS-7

I can login to a root shell on my machine (yes or no, or I don’t know):
yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.36.0

Hey

I hope people dont mind me posting im reletivly new to using lets encrypt and certbot, above is the error I am getting back, I have tried a few things already based on some of the other topics I have read (checked dns etc) but so far no success, I am going to crack on reading some more posts but I thought it would be good to get something posted to try and get some further guidance on how to troubleshoot this problem

cheers

2

Hi,

Welcome to this community.

Since you are using Nginx plugin for certbot, could you please share your Nginx confg (virtual hosts) for your domain?

Your redirect doesn’t setup correctly.
When i visit your plain http site, the server redirects me to the “secure” (https) version. But when i visit your plain site with your .well-known folder, it doesn’t redirect.

Also, your Nginx version is not matching. You are saying that your Nginx server is running Nginx 1.12.2, but the actual output is saying that it’s running on Nginx 1.11.6

As a general practice, please try to put a dummy file under your domain and share us the links to that file.
(The file location should be under `/$your domain root folder/.well-known/acme-challenge/’)

Thank you

3

Good catch, @stevenzhu!

4

Hi @barundel

looks like you have found a solution.

Now there is a new certificate:

CN=forum.yamspace.org
	31.08.2019
	29.11.2019
expires in 90 days	
forum.yamspace.org, 
www.yamspace.org, yamspace.org - 3 entries

non-www and www uses that certificate, so both connections are secure. Grade E isn't optimal, but it's good, no critical error.

5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.