My Discourse server is pretty obviously feeding its index.html to certbot but I can’t figure out why. The WWW subdomain with the same exact DNS entry has no issue.
My domain is: dallaskf.com (specifically referencing forum.dallaskf.com)
I ran this command: sudo certbot certonly --standalone -d dallaskf.com -d www.dallaskf.com -d forum.dallaskf.com --non-interactive --agree-tos --email postmaster@forum.dallaskf.com --http-01-port=8800
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for forum.dallaskf.com
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. forum.dallaskf.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://forum.dallaskf.com/.well-known/acme-challenge/5fVXU27dIMqrZ12b4uUcZYXyEzhtMEck6MSPF435HDY [76.201.5.146]: "\n<html lang=“en-US”>\n\n <meta charset=“utf-8”>\n DallasKF.com Rust\n <meta name=“description”
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: forum.dallaskf.com
\n DallasKF.com Rust\n <meta name=\"description"
Type: unauthorized
Detail: Invalid response from
http://forum.dallaskf.com/.well-known/acme-challenge/5fVXU27dIMqrZ12b4uUcZYXyEzhtMEck6MSPF435HDY
[76.201.5.146]: "\n<html lang=“en-US”>\n\nTo fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): Apache2 and Discourse behind haproxy. All latest stable
The operating system my web server runs on is (include version): Ubuntu 18.04
My hosting provider, if applicable, is: homelab (namecheap DNS)
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot): 0.31.0