Unauthorized during secondary validation

Help
1

My domain is: www.58dwell.com

I ran this command: certbot --apache

It produced this output:Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: 58dwell.com
Type: unauthorized
Detail: During secondary validation: [MY_IP]: Invalid response from http://58dwell.com/.well-known/acme-challenge/ja8WzvXTWr-3YloyiIGll3yy0Vu1uZ19Sn8c7JbN-t4: 403

My web server is (include version): Apache/2.4.52 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 22.04.1 LTS

My hosting provider, if applicable, is: self

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.21.0

Note: This is one of many domains I have had no problems with- last vhost issued with certbot about a year ago, this time it is not working. maybe dns (hostmonster) is not fully propogated worldwide yet- purchased domain and direct to my static IP a couple of hours ago.

2

Hi! Requests from many places worldwide get a 403 error when sending requests to your website:

Let's Encrypt validates ownership from multiple parts of the world, most of which must succeed for successful certificate issuance authorization. See this faq:

4 Likes
3

DNS Checker - DNS Check Propagation Tool shows that the domain name from hostmonster has propagated - still getting the error

4

It's not a DNS issue (Let's Encrypt queries your authoritative servers directly anyway), but that your server responds with a 403 Forbidden to requests, including requests for the challenge file proving that you control the domain. See the post from @Nekit, as well as this Let's Debug tool output showing what your web server is responding with:

5 Likes
5

Hi @wbingham, and welcome to the LE community forum :slight_smile:

Let's start with the output of:
sudo apachectl -t -D DUMP_VHOSTS

3 Likes