Hi,
I am getting this error while I am trying to install an SSL certificate on my server. It is my application server and it runs on Apache.
root@*:~# sudo certbot --apache -d ..com.au Saving debug log to /var/log/letsencrypt/letsencrypt.log Requesting a certificate for ..com.au
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
** Domain: ..com.au**
** Type: unauthorized**
** Detail: ...: Invalid response from http://..com.au/.well-known/acme-challenge/ccQP1NAp4PnYVauC5QH9CGO3wCMvEn6EE8wjp6chJfQ: 403**
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.
Some challenges have failed. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
Ports 80 and 443 are open on the firewall and the application is accessible through the web. The main file of the application is located at usr/share/zabbix/
I moved your question to the Help section. Had you posted there first you would have been shown a form for info we need to give specific advice. Please answer as much as you can
=========================
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Besides the questionnaire above to start with: what's "Debian 4.19.194-3"? I'm hoping you're not running a Debian release with an end of life date of 2010-02-15?
(I'm guessing it's the kernel version, but not sure where I'd need that info for )
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.
Some challenges have failed. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
My web server is (include version): apache
The operating system my web server runs on is (include version): Debian 10
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.7.3
You do realise your entire website or whatever Zabbix is supposed to be is entire non-functional at http://zabbix.host24.com.au/?
The error is: "This site has been blocked by the Host24 network administrator." with details "Block reason: Gateway GEO-IP Filter Alert"
You need to disable any geo-IP filtering, as Let's Encrypt validates from all over the world. At least for the path /.well-known/acme-challenge/ if that's possible.
)