Verify error: Invalid Response from

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:sstire.com

I ran this command:/home/mdabney/acme.sh/acme.sh --issue --apache -d sstire.com -d www.sstire.com -d cp.sstire.com --force --debug 2

It produced this output:
Would not allow me to past log
Error - sstire.com:Verify error:Invalid response from https://ssl-purchase.wpengine.io/acme-challenge/KoeAyoCYD0B4_k2McaUUdngEaHYY14-PIO1XAighXeo [54.165.51.142]: 404

My web server is (include version): Apache 2.2.17

The operating system my web server runs on is (include version): OpenSuse11.4

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): YES

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): NO

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): using acme.sh.

Hi @mdabney918

checking your domain there is an interesting redirect ( https://check-your-website.server-daten.de/?q=sstire.com )

It's the same in your error message. If you use http-01 validation, the client creates a file in /.well-known/acme-challenge, Letsencrypt checks that file.

But there is a redirect to ssl-purchase.wpengine.io.

It this a redirect of your provider?

ssl-purchase.wpengine.io has a valid Letsencrypt certificate:

CN=ssl-purchase.wpengine.io
	25.02.2019
	26.05.2019
expires in 51 days	ssl-purchase.wpengine.io - 1 entry

Is there an option to remove that redirect? But I see, you don't use a control panel.

I don’t know what that redirect is, unless it is something from the 3rd party who hosts our external website. Everything else is in house.

It blocks the /.well-known/acme-challenge subdirectory. So you can't use http-01 validation.

Is it possible to use dns-01 validation?

Or ask the 3rd party why why there is a redirect.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.