SSL Certificate Challenge 3 failed


#1

My domain is:http://codecrew.cf

My web server is :byethost.com

SSL Verification fail

Domain “www.codecrew.cf” challenge3 failed. Response from “https://acme-v02.api.letsencrypt.org/acme/challenge/dID_puA5BfHQrwnkPsEAqCpE_krETpZ_KxMMzWBs4WI/5610367101” was:

Error: Invalid response from http://www.codecrew.cf/.well-known/acme-challenge/ir-4Q2rhMTKa46bkUbcdjuhNHhCIXQQ_lHa-C6nxKEU: “function toNumbers(d){var e=[];d.replace(/(…)/g,func”

Full Error: { “type”: “http-01”, “status”: “invalid”, “error”: { “type”: “urn:ietf:params:acme:error:unauthorized”, “detail”: “Invalid response from http://www.codecrew.cf/.well-known/acme-challenge/ir-4Q2rhMTKa46bkUbcdjuhNHhCIXQQ_lHa-C6nxKEU: “\u003chtml\u003e\u003cbody\u003e\u003cscript type=“text/javascript” src=”/aes.js” \u003e\u003c/script\u003e\u003cscript\u003efunction toNumbers(d){var e=[];d.replace(/(…)/g,func"", “status”: 403 }, “url”: “https://acme-v02.api.letsencrypt.org/acme/challenge/dID_puA5BfHQrwnkPsEAqCpE_krETpZ_KxMMzWBs4WI/5610367101”, “token”: “ir-4Q2rhMTKa46bkUbcdjuhNHhCIXQQ_lHa-C6nxKEU”, “validationRecord”: [ { “url”: “http://www.codecrew.cf/.well-known/acme-challenge/ir-4Q2rhMTKa46bkUbcdjuhNHhCIXQQ_lHa-C6nxKEU”, “hostname”: “www.codecrew.cf”, “port”: “80”, “addressesResolved”: [ “185.27.134.126” ], “addressUsed”: “185.27.134.126” } ] }


#2

How did you try to issue the certificate?


#3

Automatic FTP Verification


#4

OK, so you mean sslforfree.com :slight_smile: .

How this works is that sslforfree.com logs into your server and copies the challenge files into your website’s web root. Only problem is, your website gives a 403 for any request. You’d need to configure nginx to allow requests for /.well-known/acme-challenge/* to be served from the directory where sslforfree uploads the challenge files.

It might be simpler at this time for you to use the DNS Validation method, or possibly install Certbot and allow the Certbot --nginx plugin to handle this all for you.


#5

Byethost uses some “security” software that blocks the Let’s Encrypt validation requests.

See, for example, this StackOverflow post:

You need to (get them to) disable it, or whitelist the /.well-known/acme-challenge/ path, or use DNS validation.


#6

DNS txt record option does not exist in my cpanel


#7

Oh, that sucks, it means your host disabled the Advanced Zone Editor feature in your package.

I think you’re stuck in that case, unless you change DNS hosts or web hosts.


#8

Means i have to change my web host


#9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.