SSL-certification fail

Shaqu · May 25, 2023, 9:16am

Hello. I need help getting an SSL certificate as this is my first time and I've never dealt with this before.
I need to get a certificate to transfer A/V integration to Foundry VTT.
I used this guide SSL and HTTPS | Foundry Virtual Tabletop
But I don't understand what is the problem.
Thanks in advance for any help.

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:caxaka.online

I ran this command: certbot certonly --standalone -d caxaka.online

It produced this output: Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: caxaka.online
Type: unauthorized
Detail: 2a00:f940:2:2:1:1:0:110: Invalid response from http://caxaka.online/.well-known/acme-challenge/Q00hv8RIIOqu1kp6MeA8gQhGYNLzcAk-kLWimXgTXH4: 404

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: reg.ru

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

_az · May 25, 2023, 9:33am

The guide you are following says you need:

A Domain name

A Port Forwarding rule configured to direct traffic on port 80 and 443 to the computer on which you are hosting FVTT

You have a domain name, but it is pointing at a reg.ru domain parking page.

The domain needs to point to the public IP address of the computer where you are going to run VTT, and you need to have the port forwarding set up as well.

Once those two things are done, you can try Certbot.

Shaqu · May 25, 2023, 9:50am

I have domain name caxaka.ru, but i get this message:

Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: caxaka.ru
Type: unauthorized
Detail: 176.215.178.209: Invalid response from http://caxaka.ru/.well-known/acme-challenge/DRjQ-NP6wJVnVEBywTtKupjzXsX99D4VajPAiPFjZsg: 403

Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile C:\Certbot\log\letsencrypt.log or re-run Certbot with -v for more details.

Also, i have already open ports 80 and 443, and linked the domain to the IP address.

rg305 · May 25, 2023, 1:55pm

Hi @Shaqu, and welcome to the LE community forum

This doesn't look like IIS:

curl -Ii 176.215.178.209
HTTP/1.1 403 Forbidden
Server: Web server
Date: Thu, 25 May 2023 13:54:08 GMT
Content-Type: text/html
Content-Length: 151
Connection: keep-alive
X-Detail: 0x1210, insufficient security level

What web server are you using?
Do the logs show any HTTP connections to your web server?