I’m trying to run certbot --apache on my ubuntu, but always getting this error:
Type: unauthorized
Detail: Invalid response from …
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
Well, my domain is wrsat.com.br and it’s on a Plesk machine in another computer, I’m trying to activate lets encrypt on my subdomain mysubdomain.wrsat.com.br (that is our system to work, and it is on another machine than the public site wrsat.com.br)
I have 3 subdomains to activate let’s encrypt on, when running command I can see that the file is created on folder well-known but when the error occurs it is deleted, but if I create this folder manually and put a file in there, then I can acess from everywhere by mysubdomain.wrsat.com.br/.well-known/etc… (file) with no problems.
The DNS are set correctly, all subdomains I can acess from anywhere.
Is there any solution? Is this problem caused because my main domain wrsat.com.br is in a server and subdomains in another server?
Are you running the --apache command directly on the mysubdomain.wrst.com.br system?
Does the subdomain have an IPv6 AAAA record, or only an IPv4 A record?
It would be helpful to know what version of Certbot you’re using, and what the exact error message with the “Invalid response” was. The certificate authority should have indicated exactly how your machine responded to the challenge, which might provide clues to what’s going wrong.
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for sistema.wrsat.com.br
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. sistema.wrsat.com.br (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://sistema.wrsat.com.br/.well-known/acme-challenge/4QbKDNiECUi0dplhGqp9wNow8Qr4gDgR30_BRzz5euk: "
<html"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
That does appear to have an AAAA record, which seems to be incorrect. I don't know if that's the cause of this problem (if so, the error message is a little surprising) but it's probably worth fixing anyway.