Type: unauthorized Detail: Invalid response from

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: topkeg.com

I ran this command: certbot certonly --webroot

It produced this output:
Domain: topkeg.com
Type: unauthorized
Detail: Invalid response from
http://topkeg.com/.well-known/acme-challenge/gA_jpTC6RUeXtyMfVkp9lz8J7ILhXVhjCB_fs5IwZaA
[45.35.4.101]: "\r\n<html
xmlns="http"

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

C:\Program Files (x86)\Certbot>

My web server is (include version):

The operating system my web server runs on is (include version): Windows server 2019 Standard

My hosting provider, if applicable, is: databasemart.com

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Windows remote control

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot-beta-installer-win32

I can see the file been saved to the acme-challenge folder and then deleted. Not sure why encountered with error.

Thanks for your help!

1 Like
2

Hi @kuochinwu and welcome to the LE community forum :slight_smile:

Are you sure you entered the right web root for that domain?
I would test to ensure that you have the right web root by:

  • create some test files in the expected web root path
    -- create a simple text file like "test.txt"
    -- create a more relevant test file like "test-1234" [without any extension]
  • test access to them from an Internet connected system via:
    -- http://topkeg.com/test.txt
    -- http://topkeg.com/test-1234
  • report back your findings
1 Like
3

Hello,

I just created a test.txt Check:
http://topkeg.com/test.txt
http://topkeg.com/.well-known/acme-challenge/test.txt

By the way, how to create test file without extension?

Thanks,

2 Likes
4

Use file explorer and rename the file to "file-name." [with a dot at the end]

The txt extension file is visible.
Now try the one without an extension:
http://topkeg.com/test-1234

1 Like
5

I created a file test-1234 without extension but then it cannot be shown and result error

http://topkeg.com/test-1234
Server Error

404 - File or directory not found.

What should I do or setup to make it worked?

Thanks,

2 Likes
6

Try this solution for getting IIS to serve files without an extension:

1 Like
7

If that fails, try it this way:

<?xml version="1.0" encoding="UTF-8"?>
 <configuration>
  <system.webServer>
   <staticContent>
    <mimeMap fileExtension=".*" mimeType="text/plain" />
    <mimeMap fileExtension="." mimeType="text/plain" />
   </staticContent>
  </system.webServer>
 </configuration>
1 Like
8

How do I edit or insert the file if I still like to keep the original configuration as below:

<?xml version="1.0" encoding="UTF-8"?>
1 Like
9

With any text editor???
[like notepad]

I think your post ATE your text.
You need to wrap it with 3 backticks (above and below it).

Like:

```
post
```

1 Like
10

Got it..learning..

The original web configuration is like:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <directoryBrowse enabled="false" />
        <defaultDocument>
            <files>
                <clear />
                <add value="Default.htm" />
                <add value="Default.asp" />
                <add value="index.html" />
                <add value="Default.aspx" />
            </files>
        </defaultDocument>
    </system.webServer>
</configuration>
1 Like
11

Try it this way:

<?xml version="1.0" encoding="UTF-8"?>
 <configuration>
  <system.webServer>
   <directoryBrowse enabled="false" />
   <defaultDocument>
    <files>
     <clear />
     <add value="Default.htm" />
     <add value="Default.asp" />
     <add value="index.html" />
     <add value="Default.aspx" />
    </files>
    <mimeMap fileExtension=".*" mimeType="text/plain" />
    <mimeMap fileExtension="." mimeType="text/plain" />
   </defaultDocument>
  </system.webServer>
 </configuration>
1 Like
12

It doesn't work..still same server error.

1 Like
13

Well...
Then I guess a forum about certs isn't the best place to get IIS control hints - LOL
I can only assume that files without extensions are blocked [elsewhere].
I tried :frowning:

You need to get that fixed before continuing with certbot.

1 Like
14

I am gonna try just like your configuration and seeing it worked!

2 Likes
15

Excellent ! ! ! !

We are winning!

Now to certbot.
Try it with --dry-run first.

1 Like
16

Yes now it works:
http://topkeg.com/test-1234

Guess I will do like this way first until the cert is done!

1 Like
17

You probably just need to better understand the syntax/ordering.
So that you can include all that is needed and then leave it alone.

1 Like
18

You mean to run?
certbot certonly --dry-run

1 Like
19

I mean to add --dry-run to whatever you ran before.

1 Like
20

Haha..I am really a beginner, if you could not make it then I have no chance LOL!

2 Likes