Updating challenge for acme gives error code 403


I hope you can help.
I've issued many certificates over the years. At least 50. And I haven't had a problem like this.
I tried to issue a certificate with the cPanel LE plugin, but I just kept getting an error message.

My domain is:

I ran this command:
I used the Let's Encrypt cPanel Plugin version: 0.19.9, to issue a certificate for cikoriehaven.dk and www.cikoriehaven.dk via http-01

It produced this output:

My web server is (include version):
Apache Version: 2.4.54
PHP Version: 7.4.30
cPanel Version: 100.0 (build 11)
Perl Version 5.16.3

The operating system my web server runs on is (include version):

I can login to a root shell on my machine (yes or no, or I don't know):
I don't know

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
cPanel Version 100.0 (build 11)

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
don't know

Welcome to the community @goehler

It looks like Varnish is rejecting requests to the acme challenge URL. Check those rules to ensure it passes thru to your server.

curl -6I  www.cikoriehaven.dk/.well-known/acme-challenge/Test123

HTTP/1.1 403 Forbidden
Date: Thu, 07 Jul 2022 14:10:15 GMT
Server: Varnish
X-Varnish: 441887759
Content-Type: text/html; charset=utf-8
Content-Length: 7
Connection: keep-alive

You also have inconsistent DNS setup for your apex and www subdomain. I see your www redirects to the apex so this will be a problem (probably).

nslookup www.cikoriehaven.dk
Address: 2a02:2350:5:102:80a2:8aac:62e4:df73

nslookup cikoriehaven.dk

I ordered a certificate without www, and that worked - so there's definitely an issue with the DNS. I'll get that fixed. Thanks :slight_smile:


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.