SSL Cert installation Invalid response

Hello,

I have problem with generating letsencrypt certificate.

Details below.
Please for help

My domain is:
http://katelabrosse.pl

I ran this command:
sudo certbot-auto certonly -a webroot --webroot-path=/opt/lampp/htdocs/ -d katelabrosse.pl -d www.katelabrosse.pl

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for katelabrosse.pl
http-01 challenge for www.katelabrosse.pl
Using the webroot path /opt/lampp/htdocs for all unmatched domains.
Waiting for verification…
Challenge failed for domain katelabrosse.pl
Challenge failed for domain www.katelabrosse.pl
http-01 challenge for katelabrosse.pl
http-01 challenge for www.katelabrosse.pl
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: katelabrosse.pl
  Type: unauthorized
  Detail: Invalid response from
  http://katelabrosse.pl/.well-known/acme-challenge/03TZmwBkudgSi0agEKtwhfLgKlSoT9K9Y6VZqVQ5_IQ
  [109.241.177.212]: "<?xml version=“1.0”
  encoding=“UTF-8”?>\n<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0
  Strict//EN”\n “http://www.w3.org/TR/xhtml1/D”

  Domain: www.katelabrosse.pl
  Type: unauthorized
  Detail: Invalid response from
  http://www.katelabrosse.pl/.well-known/acme-challenge/XMEIAsYUl9lA41WD_vn3q2uFOdFC7r6Ixxjm6otYHY8
  [109.241.177.212]: "<?xml version=“1.0”
  encoding=“UTF-8”?>\n<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0
  Strict//EN”\n “http://www.w3.org/TR/xhtml1/D”

  To fix these errors, please make sure that your domain name was
  entered correctly and the DNS A/AAAA record(s) for that domain
  contain(s) the right IP address.
  root@sklep:/var/log/letsencrypt#

My web server is (include version):
root@sklep:/opt/lampp/bin# ./httpd -v
Server version: Apache/2.4.37 (Unix)
Server built: Dec 8 2018 12:27:50
root@sklep:/opt/lampp/bin#

The operating system my web server runs on is (include version):
Ubuntu 18.04.4 LTS

My hosting provider, if applicable, is:
Own server

I can login to a root shell on my machine (yes or no, or I don’t know):
yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 1.3.0

Additional info:

root@sklep:/opt/lampp/htdocs/.well-known/acme-challenge# curl -ikl http://katelabrosse.pl/.well-known/acme-challenge/test
HTTP/1.1 200 OK
Date: Fri, 10 Apr 2020 17:57:42 GMT
Server: Apache/2.4.37 (Unix) OpenSSL/1.0.2q PHP/7.0.33 mod_perl/2.0.8-dev Perl/v5.16.3
Last-Modified: Fri, 10 Apr 2020 14:19:57 GMT
ETag: “16-5a2f06d917681”
Accept-Ranges: bytes
Content-Length: 22

Testing acme-challengeroot@sklep:/opt/lampp/htdocs/.well-known/acme-challenge#

Log in /var/log/letsencrypt

To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
2020-04-10 19:56:47,317:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/auth_handler.py”, line 91, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/auth_handler.py”, line 180, in _poll_authorizations
raise errors.AuthorizationError(‘Some challenges have failed.’)
AuthorizationError: Some challenges have failed.

2020-04-10 19:56:47,317:DEBUG:certbot._internal.error_handler:Calling registered functions
2020-04-10 19:56:47,317:INFO:certbot._internal.auth_handler:Cleaning up challenges
2020-04-10 19:56:47,318:DEBUG:certbot._internal.plugins.webroot:Removing /opt/lampp/htdocs/.well-known/acme-challenge/03TZmwBkudgSi0agEKtwhfLgKlSoT9K9Y6VZqVQ5_IQ
2020-04-10 19:56:47,319:DEBUG:certbot._internal.plugins.webroot:Removing /opt/lampp/htdocs/.well-known/acme-challenge/XMEIAsYUl9lA41WD_vn3q2uFOdFC7r6Ixxjm6otYHY8
2020-04-10 19:56:47,320:DEBUG:certbot._internal.plugins.webroot:All challenges cleaned up
2020-04-10 19:56:47,320:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/bin/letsencrypt”, line 11, in
sys.exit(main())
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py”, line 15, in main
return internal_main.main(cli_args)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/main.py”, line 1347, in main
return config.func(config, plugins)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/main.py”, line 1233, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/main.py”, line 121, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/client.py”, line 410, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/client.py”, line 344, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/client.py”, line 391, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/auth_handler.py”, line 91, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/auth_handler.py”, line 180, in _poll_authorizations
raise errors.AuthorizationError(‘Some challenges have failed.’)
AuthorizationError: Some challenges have failed.

This may work from where you tested, but it fails from the Internet:

curl -ikl http://katelabrosse.pl/.well-known/acme-challenge/test
HTTP/1.1 400 Bad Request
Date: Fri, 10 Apr 2020 18:21:08 GMT
Server: Apache/2.4.37 (Unix) OpenSSL/1.0.2q PHP/7.0.33 mod_perl/2.0.8-dev Perl/v5.16.3
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Connection: close
Content-Type: text/html; charset=utf-8
Content-Language: en
Expires: Fri, 10 Apr 2020 18:21:08 GMT

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title>Bad request!</title>
<link rev="made" href="mailto:you@example.com" />
<style type="text/css"><!--/*--><![CDATA[/*><!--*/
    body { color: #000000; background-color: #FFFFFF; }
    a:link { color: #0000CC; }
    p, address {margin-left: 3em;}
    span {font-size: smaller;}
/*]]>*/--></style>
</head>

<body>
<h1>Bad request!</h1>
<p>


    Your browser (or proxy) sent a request that
    this server could not understand.

</p>
<p>
If you think this is a server error, please contact
the <a href="mailto:you@example.com">webmaster</a>.

</p>

<h2>Error 400</h2>
<address>
  <a href="/">www.example.com</a><br />
  <span>Apache/2.4.37 (Unix) OpenSSL/1.0.2q PHP/7.0.33 mod_perl/2.0.8-dev Perl/v5.16.3</span>
</address>
</body>
</html>

You have to be certain (and test) this is the exact and correct document root path.

It gave me no peace and I just managed it.
I had wrong redirection settings on the router.
We can close the ticket.

Best regards

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.