Unauthorized error Help!


#1

I have read other posts, but i haven’t been able to solve it. Thank you!

My domain is:
pythoncheatsheet.org

I ran this command:
sudo certbot certonly --webroot -w /home/wilfredinni/pysheetBlog/app/static -d pythoncheatsheet.org

It produced this output:
- The following errors were reported by the server:

Domain: pythoncheatsheet.org
Type: unauthorized
Detail: Invalid response from
http://pythoncheatsheet.org/.well-known/acme-challenge/HhEu7wcHnlVRsk1x6_SMX-67Qcbx-R89x9-Y8JWLcPI:
"

<title"

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

My web server is:
nginx

The operating system my web server runs on is (include version):
ubuntu 16.04

My hosting provider, if applicable, is:
digitalocean

I can login to a root shell on my machine (yes or no, or I don’t know):
yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no


#2

Hi,

It seems you are using an cms system, which redirect the query to an 404 page.
You might want to use webroot authrncator and Apache installer.

For webroot, specify an directory else than your website directory’s to avoid redirection caused by your Nginx config.

Thank you


#3

Hello @wilfredinni

the page is redirected from http to https. But this doesn’t work because there is a self-signed certificate.

So you should temporarily disable the 301 - redirect from http to https.

Later, when you have installed a correct and valide Letsencrypt-Certificate, this may work.


#4

This isn’t a correct diagnosis of the problem in this case, because the Let’s Encrypt CA specifically ignores certificate validation errors resulting from a 301 redirection from HTTP to HTTPS when verifying HTTP-01 challenges. As a result, the behavior of the challenge URL in an ordinary browser isn’t exactly reflective of what the CA will decide.


#5

But if the CMS is redirecting all queries, then there is no other directory that could be specified with -w. An exception in the CMS redirection would need to be added to allow the contents of /.well-known/acme-challenge to be served as static files.


#6

Ah, thanks for your correction. Good to know.


#7

However, since he is using nginx, cms would add redirection on Nginx vHost rather than htaccess (which is Apache ). If using webroot, it will avoid the vHost(if I remembered correctly)

Thank you


#8

Solved. Finally did a txt record and uploaded them manually


#9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.