Verification redirected to login

I ran this command: multiple ACME clients, but most recently CertifyTheWeb, they all produced the same error.

It produced this output: Invalid response from WEBSITE/login : “\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n<meta charset=“utf-8”>\r\n\t\t<meta http-equiv=“X-UA-Compatible” conten”

My web server is (include version): Tomcat 9

The operating system my web server runs on is (include version): Windows 10

My hosting provider, if applicable, is: -

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): version 4.1.6

I assume it’s because a login is required on my Website and it redirects the verification to the login page. I have no idea how to add an exception to that rule though.

If i try to reach a file in .well-known/acme-challenge while i’m logged in it works perfectly.

You would have to configure Tomcat such that the request to /.well-known/acme-challenge/* doesn’t go through your web application, but is served directly from the filesystem.

You can usually do this by adding a <Context> inside of the primary <Host> in Tomcat’s server.xml.


<Context docBase="C:\acme-directory" path="/.well-known/acme-challenge/" />
1 Like

Thank you for your fast response!

I tried adding a Context and now i’m no longer redirected to the login page, but i get a 404 missing page error from both, the ACME Client and when i try to access a file i put in there.

So creating C:\acme-directory\test.txt and accessing doesn’t work?

Just to be safe, docBase has to point towards ROOT.war and path is the subsequent path right?
My Context looks like this:
<Context docBase="C:\apache\tomcat9\webapps\" path="/.well-known/acme-challenge/"/>

The root file lies within the webapps folder.


I created myfile in:

And i could not reach it when i typed in:

I would not recommend doing that. It will expose all of your deployed code to the internet.

The idea in the extra Context is to direct Let's Encrypt-related requests to a completely unrelated directory, outside of Tomcat. (Such as literally using C:\acme-directory).

Then you tell Certify The Web to use that separate directory as your webroot.


Turns out this was exactly my error, i pointed the docbase directly to the ACME challenge and now it works like a charm and i got my certificate!

Thank you very much!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.