The Lets Encrypt ACME server unable to reach http://www.mysite.nl/.well-known/acme-challenge/{some guid}

jvanrijt · November 15, 2017, 10:11am

Hi I have an Azure web app and I want to install the https certificate on it.

I followed these steps to do it: https://gooroo.io/GoorooTHINK/Article/16420/Lets-Encrypt-Azure-Web-Apps-the-Free-and-Easy-Way/21872#.WgwMGUriaUn

Bu now I’m stuck at installing the certificatie (#3 in the url above). When I select a hostname and click install after a while I get this error:

The Lets Encrypt ACME server was probably unable to reach http://www.mysite.nl/.well-known/acme-challenge/G65zg-yumQBNW21XIoBbcq1SK7hYVEiTXIeobMMBIc8 view error report from Lets Encrypt at https://acme-v01.api.letsencrypt.org/acme/authz/U9MeCyr-vlpYluDTjYArQAZHOrD1UZC9OQcze3WxyA4 for more information.

In the error report I get this:

“type”: “http-01”,
“status”: “invalid”,
“error”: {
“type”: “urn:acme:error:unauthorized”,
“detail”: “Invalid response from http://smaakcheck.nl/.well-known/acme-challenge/G65zg-yumQBNW21XIoBbcq1SK7hYVEiTXIeobMMBIc8 [2a03:3c00:a002:198::100c]: 404”,
“status”: 403

Can anyone tell me what the problem is?
I’m logged in as administrator so I was suprised to see the unauthorized error.

bytecamp · November 15, 2017, 10:25am

Is the webserver’s configuration for ipv4 and ipv6 identical? The acme server tries to access the challenge file via ipv6, the webserver is unable to present it (404).

jvanrijt · November 15, 2017, 10:34am

It’s an Azure web application I don’t know how to check that in Azure.

bytecamp · November 15, 2017, 10:43am

I would ask my provider if I were you, they must have some insight on that.

jvanrijt · November 15, 2017, 11:38am

As I said, my web application is hosted in Azure, in the cloud, there is no provider involved.

bytecamp · November 15, 2017, 12:01pm

of course there is, at least the cloud servers and the datacenter have to be operated by someone. Your domain is delegated to some nameservers which are also run by a third party. The problem could be fixed by disabling the AAAA record for your domain, but I don't know if you setup this record intentionally.

jvanrijt · November 15, 2017, 12:04pm

The AAAA record cannot me disables unfortunately.

schoen · November 15, 2017, 10:15pm

In that case, you’ll need to configure the site to work properly in both IPv4 and IPv6.

system · December 15, 2017, 10:15pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
The Lets Encrypt ACME server was probably unable to reach (Let’s Encrypt with Azure PaaS + Umbraco CMS) Help	3	2935	January 5, 2018
Unable to perform http-01 challenge and create a certificate Help	6	365	May 26, 2024
SSL Certificate not applying Help	4	1400	June 16, 2020
The lets encrypt acme server was probably unable to reach Help	2	1136	January 2, 2019
Help i can't download the cert Help	12	3647	February 17, 2017

The Lets Encrypt ACME server unable to reach http://www.mysite.nl/.well-known/acme-challenge/{some guid}

Related topics