Unable to use SSL certificate

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:http://stream.streamislam.com

I ran this command: certbot certonly --manual --preferred-challenges=http --manual-auth-hook MistUtilCertbot --deploy-hook MistUtilCertbot -d stream.streamislam.com -d streamislam.com

It produced this output:
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. stream.streamislam.com (http-01): urn:ietf:params:acme:error:unauthorized :: The cl ient lacks sufficient authorization :: Invalid response from http://stream.streamislam.com/.well-known/acme-challen ge/AjBXlJFJiBklzBNMQpBzNaM2Y9eqL_QwvwpzNR5lcJc [157.230.95.55]: 404, streamislam.com (http-01): urn:ietf:params:acm e:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://streamislam.com/. well-known/acme-challenge/rXFGzPi2PgapOtR2Y2YcEkDs_0dLntM5VTpLc-v9pIw [2606:4700:3031::ac43:8489]: " \n\n<!--[if IE 7]> <html class="n o-js "

IMPORTANT NOTES:

  • The following errors were reported by the server:

    Domain: stream.streamislam.com
    Type: unauthorized
    Detail: Invalid response from
    http://stream.streamislam.com/.well-known/acme-challenge/AjBXlJFJiBklzBNMQpBzNaM2Y9eqL_QwvwpzNR5lcJc
    [157.230.95.55]: 404

    Domain: streamislam.com
    Type: unauthorized
    Detail: Invalid response from
    http://streamislam.com/.well-known/acme-challenge/rXFGzPi2PgapOtR2Y2YcEkDs_0dLntM5VTpLc-v9pIw
    [2606:4700:3031::ac43:8489]: "\n<!--[if lt IE 7]>

    \n <html class=\"no-js "

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address.
    My web server is (include version):
    no web server only running mistserver (runnning on debian os)
    The operating system my web server runs on is (include version):
    mistserver (runnning on debian os)
    My hosting provider, if applicable, is:
    digitalocean
    I can login to a root shell on my machine (yes or no, or I don't know):
    yes
    I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
    no
    The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

2 Likes

With this domain, you need to fix its DNS record in Cloudflare to point to your real webserver, because at the moment it points back to Cloudflare, which creates an error: http://streamislam.com/ (" DNS points to prohibited IP")

What was the full output of Certbot? The MistUtilCertbot should produce some messages which appear earlier the output of Certbot.

2 Likes

Domain is http://stream.streamislam.com/ which does have dns records configured properly.

1 Like

I was able to fix the issue.
Actually my main domain was not pointing to right dns.
Thank you so much for support

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.