Unauthorized - Invalid response

My domain is:


I ran these commands:

certbot --apache
certbot -a webroot -i apache -w /var/www/html/ -d ead.ibad.com.br -d www.ead.ibad.com.br
certbot certonly -a apache -w /var/www/html/ -d ead.ibad.com.br -d www.ead.ibad.com.br

It produced this output:

Failed authorization procedure. ead.ibad.com.br (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response fromB92lFw7cDyZwwSHPsI6YqTBUww []: "\n<html itemscope itemtype=“http://schema.org/WebPage” lang=“pt-BR”>\n\n\t<meta charset=“UTF-8”


My web server is (include version):

Apache 2.4.7

The operating system my web server runs on is (include version):

Ubuntu 14.04.5 LTS

My hosting provider is:


I can login to a root shell on my machine (yes or no, or I don’t know):


I’m using a control panel to manage my site:


The version of my client is:

certbot 0.28.0

Additional Information:

It’s a wordpress site. There’s two plugins that might affect the result:

  • one for forcing https;
  • and another one for links redirection.

I tried disabling them but I still got the same problem.

I have created two files in:


Using Chrome both non-www links redirect to https and both www remains http.
Using Firefox all links remains in http.
Both browsers open the files instead of downloading them.

I also tested “Let’s Debug” and everything seems to be fine.


And also “Check Your Website Server”

But I am not sure what should I be looking for. I notice that I get “RemoteCertificateNameMismatch” when trying to access the well-known through www, which probably explains why I can’t access https, and also the non-www which returns nothing.

Here is the Transparency logs:


What should I do?



Hi @ibad

what’s the complete path of that test file?

That should work with


is a mix - if you use -a apache, the -w parameter isn’t used.

But I don’t understand your output. Is this the output of the webroot version?

Because your last check ( https://check-your-website.server-daten.de/?q=ead.ibad.com.br )

has redirects http + /.well-known/acme-challenge to https, your output doesn’t have a https answer.

Hello, JuergenAuer. Thanks for the quick response!

The complete path to the test file is:


Thanks for pointing it out for me!

Yes it is. Sorry for not pointing it out.

If I run certbot --apache I get this result:

Failed authorization procedure. ead.ibad.com.br (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://ead.ibad.com.br/.well-known/acme-challenge/_fgVhWoDe1zos17MLZ0UOjC396SL8dwSxFE4aAIJwZg []: "\n<html itemscope itemtype=“http://schema.org/WebPage” lang=“pt-BR”>\n\n\t<meta charset=“UTF-8”>\n\t<meta name=“v”


I am a bit confused but, taking a look now at the output from certbot --apache command I forgot to put, I could see the https. Is this what you are referring to?

1 Like

If this

works, then that


is your webroot. So try it with that webroot.

1 Like

Hello @JuergenAuer!

I ran the command:

certbot -a webroot -i apache -w /var/www/html/ead.ibad.com.br -d ead.ibad.com.br -d www.ead.ibad.com.br

And it worked!

Thank you so much for all your support!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.