SSL Certificate is not trusted

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:
Requesting a certificate for,, from Let’s Encrypt …
Trying to get VPS server site working after transfer of site
It produced this output: challenge did not pass: Invalid response from []: “\n\n403 Forbidden\n\n


\n<p” challenge did not pass: DNS problem: NXDOMAIN looking up TXT for

Current SSL certificate details
SSL certificate file /home/rccooke/ssl.cert
SSL private key file /home/rccooke/ssl.key
Web server hostname *, emailAddress = Organization Online Shopping Site, CN = *, emailAddress =
Issuer name *, emailAddress = Issuer organization Online Shopping Site, CN = *, emailAddress =
Expiry date Apr 16 04:06:42 2024 GMT Certificate type Self-signed
Other domain names
Download certificate PEM formatPKCS12 format
Download private key PEM formatPKCS12 format

This SSL certificate is already being used by : Webmin (, Webmin, Usermin (host

My web server is (include version):
CPU Cores 4
Total CPU Speed 7.2Ghz
Memory 3Gb
Disk Space 60Gb
Bandwidth 3000Gb
The operating system my web server runs on is (include version):
Ubuntu 18.04 64bit
My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):
I don’t know

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
Webmin/Virtualmin LAMP

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
No Clue where to find that info.

1 Like

Hi @rccooke

checking your domain via there is no older certificate.

So it's your first certificate.

You have a Webmin, so you should use the integrated solution.

But you see the problem: /.well-known/acme-challenge is blocked - http status 403, Forbidden.

Checking a not existing file in that directory a http status 404 - Not Found is expected.

So change the permissions of these directories.

Find your webroot. If the two subdirectories don't exist, create these:


there a file (file name 1234), then try to load that file via

or use the online tool to check that file. Then, a http status 200 is expected.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.