SSL Cert installation Invalid response

Hello,

I have problem with generating letsencrypt certificate.

Details below.
Please for help

My domain is:
http://katelabrosse.pl

I ran this command:
sudo certbot-auto certonly -a webroot --webroot-path=/opt/lampp/htdocs/ -d katelabrosse.pl -d www.katelabrosse.pl

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for katelabrosse.pl
http-01 challenge for www.katelabrosse.pl
Using the webroot path /opt/lampp/htdocs for all unmatched domains.
Waiting for verification…
Challenge failed for domain katelabrosse.pl
Challenge failed for domain www.katelabrosse.pl
http-01 challenge for katelabrosse.pl
http-01 challenge for www.katelabrosse.pl
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: katelabrosse.pl
  Type: unauthorized
  Detail: Invalid response from
  http://katelabrosse.pl/.well-known/acme-challenge/03TZmwBkudgSi0agEKtwhfLgKlSoT9K9Y6VZqVQ5_IQ
  [109.241.177.212]: "<?xml version=“1.0”
  encoding=“UTF-8”?>\n<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0
  Strict//EN”\n “http://www.w3.org/TR/xhtml1/D”

  Domain: www.katelabrosse.pl
  Type: unauthorized
  Detail: Invalid response from
  http://www.katelabrosse.pl/.well-known/acme-challenge/XMEIAsYUl9lA41WD_vn3q2uFOdFC7r6Ixxjm6otYHY8
  [109.241.177.212]: "<?xml version=“1.0”
  encoding=“UTF-8”?>\n<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0
  Strict//EN”\n “http://www.w3.org/TR/xhtml1/D”

  To fix these errors, please make sure that your domain name was
  entered correctly and the DNS A/AAAA record(s) for that domain
  contain(s) the right IP address.
  root@sklep:/var/log/letsencrypt#

My web server is (include version):
root@sklep:/opt/lampp/bin# ./httpd -v
Server version: Apache/2.4.37 (Unix)
Server built: Dec 8 2018 12:27:50
root@sklep:/opt/lampp/bin#

The operating system my web server runs on is (include version):
Ubuntu 18.04.4 LTS

My hosting provider, if applicable, is:
Own server

I can login to a root shell on my machine (yes or no, or I don’t know):
yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 1.3.0

Additional info:

root@sklep:/opt/lampp/htdocs/.well-known/acme-challenge# curl -ikl http://katelabrosse.pl/.well-known/acme-challenge/test
HTTP/1.1 200 OK
Date: Fri, 10 Apr 2020 17:57:42 GMT
Server: Apache/2.4.37 (Unix) OpenSSL/1.0.2q PHP/7.0.33 mod_perl/2.0.8-dev Perl/v5.16.3
Last-Modified: Fri, 10 Apr 2020 14:19:57 GMT
ETag: “16-5a2f06d917681”
Accept-Ranges: bytes
Content-Length: 22

Testing acme-challengeroot@sklep:/opt/lampp/htdocs/.well-known/acme-challenge#

Log in /var/log/letsencrypt

To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
2020-04-10 19:56:47,317:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/auth_handler.py”, line 91, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/auth_handler.py”, line 180, in _poll_authorizations
raise errors.AuthorizationError(‘Some challenges have failed.’)
AuthorizationError: Some challenges have failed.

2020-04-10 19:56:47,317:DEBUG:certbot._internal.error_handler:Calling registered functions
2020-04-10 19:56:47,317:INFO:certbot._internal.auth_handler:Cleaning up challenges
2020-04-10 19:56:47,318:DEBUG:certbot._internal.plugins.webroot:Removing /opt/lampp/htdocs/.well-known/acme-challenge/03TZmwBkudgSi0agEKtwhfLgKlSoT9K9Y6VZqVQ5_IQ
2020-04-10 19:56:47,319:DEBUG:certbot._internal.plugins.webroot:Removing /opt/lampp/htdocs/.well-known/acme-challenge/XMEIAsYUl9lA41WD_vn3q2uFOdFC7r6Ixxjm6otYHY8
2020-04-10 19:56:47,320:DEBUG:certbot._internal.plugins.webroot:All challenges cleaned up
2020-04-10 19:56:47,320:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/bin/letsencrypt”, line 11, in
sys.exit(main())
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py”, line 15, in main
return internal_main.main(cli_args)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/main.py”, line 1347, in main
return config.func(config, plugins)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/main.py”, line 1233, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/main.py”, line 121, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/client.py”, line 410, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/client.py”, line 344, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/client.py”, line 391, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/auth_handler.py”, line 91, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/auth_handler.py”, line 180, in _poll_authorizations
raise errors.AuthorizationError(‘Some challenges have failed.’)
AuthorizationError: Some challenges have failed.

This may work from where you tested, but it fails from the Internet:

curl -ikl http://katelabrosse.pl/.well-known/acme-challenge/test
HTTP/1.1 400 Bad Request
Date: Fri, 10 Apr 2020 18:21:08 GMT
Server: Apache/2.4.37 (Unix) OpenSSL/1.0.2q PHP/7.0.33 mod_perl/2.0.8-dev Perl/v5.16.3
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Connection: close
Content-Type: text/html; charset=utf-8
Content-Language: en
Expires: Fri, 10 Apr 2020 18:21:08 GMT

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title>Bad request!</title>
<link rev="made" href="mailto:you@example.com" />
<style type="text/css"><!--/*--><![CDATA[/*><!--*/
    body { color: #000000; background-color: #FFFFFF; }
    a:link { color: #0000CC; }
    p, address {margin-left: 3em;}
    span {font-size: smaller;}
/*]]>*/--></style>
</head>

<body>
<h1>Bad request!</h1>
<p>


    Your browser (or proxy) sent a request that
    this server could not understand.

</p>
<p>
If you think this is a server error, please contact
the <a href="mailto:you@example.com">webmaster</a>.

</p>

<h2>Error 400</h2>
<address>
  <a href="/">www.example.com</a><br />
  <span>Apache/2.4.37 (Unix) OpenSSL/1.0.2q PHP/7.0.33 mod_perl/2.0.8-dev Perl/v5.16.3</span>
</address>
</body>
</html>

You have to be certain (and test) this is the exact and correct document root path.

It gave me no peace and I just managed it.
I had wrong redirection settings on the router.
We can close the ticket.

Best regards