Web-based validation Failed to request certificate in webmin virtualmin using subdomain

Help
1

My domain is: app.marketplaza.pe

I ran this command: I went to virtualmin chose server configuration then manage ssl certificate then generate certificate using let’s encrypt. I chose to apply certificate only to subdomain which has an A record pointing specifically only this subdomain to current webmin server.

It produced this output:

Requesting a certificate for app.marketplaza.pe from Let’s Encrypt …
… request failed : Web-based validation failed : Failed to request certificate :
Traceback (most recent call last):
File “/usr/libexec/webmin/webmin/acme_tiny.py”, line 198, in
main(sys.argv[1:])
File “/usr/libexec/webmin/webmin/acme_tiny.py”, line 194, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca, disable_check=args.disable_check, directory_url=args.directory_url, contact=args.contact)
File “/usr/libexec/webmin/webmin/acme_tiny.py”, line 149, in get_crt
raise ValueError(“Challenge did not pass for {0}: {1}”.format(domain, authorization))
ValueError: Challenge did not pass for app.marketplaza.pe: {u’status’: u’invalid’, u’challenges’: [{u’status’: u’invalid’, u’validationRecord’: [{u’url’: u’http://app.marketplaza.pe/.well-known/acme-challenge/XXTZO8eLKhoUK2YTTUr5vH3Ujk00Q0HqcYuIB3TkFFA’, u’hostname’: u’app.marketplaza.pe’, u’addressUsed’: u’165.227.54.45’, u’port’: u’80’, u’addressesResolved’: [u’165.227.54.45’]}], u’url’: u’https://acme-v02.api.letsencrypt.org/acme/chall-v3/6501963603/cSzYgw’, u’token’: u’XXTZO8eLKhoUK2YTTUr5vH3Ujk00Q0HqcYuIB3TkFFA’, u’error’: {u’status’: 403, u’type’: u’urn:ietf:params:acme:error:unauthorized’, u’detail’: u’Invalid response from http://app.marketplaza.pe/.well-known/acme-challenge/XXTZO8eLKhoUK2YTTUr5vH3Ujk00Q0HqcYuIB3TkFFA [165.227.54.45]: “\r\n\r\n\r\n <meta charset=\“utf-8\”>\r\n <meta http-equiv=\“X-UA-Compatible\” content=\“IE=edge\”>\r\n <tit”’}, u’type’: u’http-01’}], u’identifier’: {u’type’: u’dns’, u’value’: u’app.marketplaza.pe’}, u’expires’: u’2020-08-20T04:32:58Z’}
, DNS-based validation failed : Only the offical Let’s Encrypt client supports DNS-based validation

My web server is (include version): Apache versión 2.4.6

The operating system my web server runs on is (include version): Cent OS 7

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
Webmin 1.954 with Virtualmin
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

2

In brief:

From my test (below), I get the same error/problem:

curl -Iki http://app.marketplaza.pe/.well-known/acme-challenge/XXTZO8eLKhoUK2YTTUr5vH3Ujk00Q0HqcYuIB3TkFFA
HTTP/1.1 403 Forbidden
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset="utf-8"
Content-Length: 3006
Connection: Close

curl -Iki http://app.marketplaza.pe/
HTTP/1.1 403 Forbidden
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset="utf-8"
Content-Length: 2936
Connection: Close
3

Exact the same command - http status 200.

But checking in my browser - a

404 Page not found

is shown, but the http status is again http status 200, instead of 404.

Looks like your system has a lot of bugs.

4

Perhaps there is an unbalanced load-balancer in line
or maybe different “geolocation based” login requirements?
I still see only 403
You see 200

5

OK that got thinking maybe this me not him…
and yes:

image
image707×277 9.03 KB

I’m not being allowing access to his site.
So disregard my view from this thread - it does not accurately depict what LE sees.

6

Oh I didn’t know I had that activated. I installed webmin with virtualmin control panel and didn’t know there was an iP blocker. Thanks and I appreciate your support.

Sorry for that

7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.