Unable to Genrate SSl

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: yoursoftwarefriend.com

I ran this command: I Clicked genrate ssl

It produced this output: Domain “yoursoftwarefriend.com” challenge3 failed. Response from “https://acme-v01.api.letsencrypt.org/acme/challenge/GEsTKWScg3ntUVRAd_DRo12yecuTVRRzj1UVCBv14gM/2438882727” was: { “type”: “http-01”, “status”: “invalid”, “error”: { “type”: “urn:acme:error:unauthorized”, “detail”: “Invalid response from http://yoursoftwarefriend.com/.well-known/acme-challenge/K8NG8wok7q4a-cQQ9khIy24Bp4eU2wKRT22tLwqh-Ok: “\u003chtml\u003e\u003cbody\u003e\u003cscript type=“text/javascript” src=”/aes.js” \u003e\u003c/script\u003e\u003cscript\u003efunction toNumbers(d){var e=[];d.replace(/(…)/g,func"", “status”: 403 }, “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/GEsTKWScg3ntUVRAd_DRo12yecuTVRRzj1UVCBv14gM/2438882727”, “token”: “K8NG8wok7q4a-cQQ9khIy24Bp4eU2wKRT22tLwqh-Ok”, “keyAuthorization”: “K8NG8wok7q4a-cQQ9khIy24Bp4eU2wKRT22tLwqh-Ok.LTdanBiuvIg3LeDFsPm2D-Db7vlTwDRHxqK4khi15oc”, “validationRecord”: [ { “url”: “http://yoursoftwarefriend.com/.well-known/acme-challenge/K8NG8wok7q4a-cQQ9khIy24Bp4eU2wKRT22tLwqh-Ok”, “hostname”: “yoursoftwarefriend.com”, “port”: “80”, “addressesResolved”: [ “185.27.134.137” ], “addressUsed”: “185.27.134.137”, “addressesTried”: [] } ] }

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: Infinityfree.net

I can login to a root shell on my machine (yes or no, or I don’t know): i don’t know

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

i really don’t know much i am new to this things . but issue is my web hosting server think you as a bad bot and reject the domain validation request is there any way i can do this. my web host is not providing solution for this please help. i want a good simple and free ssl for my web site not cloudflare because it interfare in my word press theme and make them unavailable.

please provide solution

Hi @420tushar,

It looks like the problem is that your site is serving some kind of script to check that visitors support JavaScript (instead of directly serving the content of the page). That doesn’t work for the Let’s Encrypt client because it is not a web browser and does not support JavaScript.

In order to issue you a certificate, the Let’s Encrypt certificate authority has to confirm that you really control the domain names that are listed in the certificate. That requires checking that you have the ability to make publicly-visible changes to the site. Those changes will be checked by an automated connection (a “bot”, if you want to call it that). This process is 100% automated, and that’s why it’s free of charge. If there were human beings involved in the verification process, Let’s Encrypt would have to charge money for certificates.

It might be possible to fix things by getting rid of whatever the script is, to ensure that the content of pages is served directly without the interstitial JavaScript. I don’t know whether this script is something that you set up or something that your host set up, and whether you have the ability to remove it.

Since you said you clicked on a button, I guess you are using some kind of control panel to administer your site. If the control panel is provided by your host, you should ask your host to fix whatever is preventing it from being able to issue a certificate.

There are other ways to prove control of a site in order to get a certificate from Let’s Encrypt, but they are effectively more technically complex: they won’t work from within your control panel but will require you to install additional software (and probably require you to have the option to import externally-obtained certificates). If you do have that ability and want to pursue other options, we’ll be happy to explain some of them to you.

In general, we don’t have the ability to work around hosting providers’ uncooperative behavior. If hosting providers don’t want their customers to use Let’s Encrypt certificates or don’t want to make it easy, we can’t force them; we can just encourage people to use hosts that are more Let’s Encrypt-friendly, of which there are now many!

1 Like

it would be so easy if there is a method of domain validation by domain email. if it is possible

It would be so easy if hosting providers didn't do stupid crap. If your provider's being stupid (and serving Javascript when the client is asking for a bare text file is being stupid), ask them to fix it. If they won't, there are a ton of providers who directly support Let's Encrypt--consider moving to a host who isn't stupid.

i know i really hate my hosting provider but i have to stick with it i am very new at website and still at learning phase and not able to afford hosting that is why i am stucked up with infinity free .

This really is something you should discuss with your hoster. As far as I see it, they offer Let’s Encrypt certificates. On their site they advertise “Free SSL on all websites”, you obviously pressed the “Genrate SSl” [sic] button on the “VistaPanel” control panel and it’s not working for some reason.

Your hosting provider offers shared hosting. Therefore, there’s really not much you can do to get a certificate, besides using the control panel.

Therefore, I would recommend you contact your hosting provider and tell them their “Free SSL on all websites” button is broken on your site and how to fix it.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.