Sslforfree.com fails to verify the uploaded files

Hi All,

I am using sslforfree.com to get the certificate. However they are asking me to create 2 folder in my domain name.

These 2 steps below -

1.Create a folder in your domain named “.well-known” if it does not already exist. If you use Windows you may have to add a dot at the end of the folder name in order to create a folder with a dot at the beginning.
2.Create another folder in your domain under “.well-known” named “acme-challenge” if it does not already exist

I created it at home but it didn’t work, nor did it work when I create it in the Public_html folder, even tried it at etc/mydomain.com, but no luck.

My Challenge is I cannot find the folder of my Domain name, where do I save these folder to get the below links working.

Verify successful upload by visiting the following links in your browser
1.http://www.mydomain.com/.well-known/acme-challenge/Bgu6LgULKe1fcK3G-122RcLIHT9Ia51d9y0ilDhg_cE
2.http://thelilbirdy.com/.well-known/acme-challenge/UW9HkW8QZe4128787PhrDcZTc4mKyi6BephE6-H2CUg

I have the files but just don’t know the path where to save it on my domain.

Thank you for your help in advance.

Warm regards,
Hashem Moolla

hi @Hash_hmm

SSLforFree is an external client and manages LetsEncrypt it’s own way.

Below is a section for help

Andrei

Hey Andrei,

Their ‘Need Help’ is a support e-mail id, which I did try and they asked me to check with the hosting company.

Raised a ticket with Blue Host, but no clear reply from them yet.

Warm regards,
Hashem

Can you make files in general at arbitrary locations on your web site? If you wanted to make a file called http://thelilbirdy.com/hello.txt, would you be able to do that?

Hey Schoen,

Thanks for the simple tip. Worked perfectly.

I created the hello.txt file, put it few folder one at a time and bingo, worked with one of the folders.

Considering that as my root folder, put the files from sslforfree.com and generated the certificate.

Than, visited the cPanel -> SSL/TLS

Click on Manage SSL Sites

Selected my Domain Name

Copy and Past Certificate (CRT)
Copy and Paste Private Key (KEY)
Copy and Past Certificate Authority Bundle

unselect checkbox for "Enable SNI for Mail Services"
Click Install Certificate and Done.

Now I opened the browser and typed thelilbirdy.com (even tried https://thelilbirdy.com) and no lock or secure sign.

Now I am wondering, did I miss something out?

Warm regards,
Hashem Moolla

Hi Hashem, what you’re seeing now isn’t a certificate problem but a mixed-content problem, where insecure resources are used inside of a secure page. You can diagnose this using

https://www.whynopadlock.com/

Hey Schoen,

Thanks for the site to diagnose the issue.

While testing the url, I get only one insecure item found url below:-

Insecure URL: http://thelilbirdy.com/wp/wp-content/uploads/2017/02/cropped-cropped-IMG_20170216_202031_991.jpg

I tried removing this .jpeg from back end file manager, but still i get the same insecure item while diagnosing.

I even tried removing this file from WordPress admin view but still doesn’t solve the issue.

Don’t know what else to do. This is driving me nuts.

Currently it looks like your WordPress installation is broken and hence the padlock does appear properly. I can’t see what it would normally look like until WordPress is fixed.

WordPress is up and running now, but not as expected. The About the Blog page is not working at all.

Finally, after lot of research and trouble. I got all greens when I checked at whynopadlock.

The issue was with a plugin which was calling an image. Stopped calling the image and we went all green.

Still for some reason, I cannot customize the theme. (an issue for some other time)

Anyways, whenever, I type my websites name in the url, the padlock doesn’t show up automatically.

But when I prefix it with https:// it works fine. Still doesn’t work for all the sections of the website.

Dont know what it is.

This is because browsers stlil default to HTTP instead of HTTPS. You can address this by configuring your web server to redirect the HTTP site to the HTTPS site.

Since I am not a developer, I have to research everything.

Didnt know how to redirect from HTTP to HTTPS. So did a little research and found some help in the below link:-

https://www.34sp.com/kb/152/how-to-force-https-using-the-htaccess-file

However, tried that code, even checked it in a htaccess validator for errors in my code but no luck.

I even tried placing the code in the beginning, than in the middle and than even tried in the end, but still nothing. Any Ideas where can I get some help regarding this?

I keep getting the below error

"Forbidden

You don’t have permission to access / on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request."

You can learn about what caused this error by looking at the error log, probably in /var/log/apache2/error.log or a similar location.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.