Let's Encrypt errors...I'm totally lost on this

Operating system:
Ubuntu 18.04
OS version:

Simply trying to add SSL via Let’s Encrypt like I have on any other virtual host. I get the following error, but I don’t know what it means.

Traceback (most recent call last):
  File "/usr/share/webmin/webmin/acme_tiny.py", line 198, in <module>
  File "/usr/share/webmin/webmin/acme_tiny.py", line 194, in main
    signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca, disable_check=args.disable_check, directory_url=args.directory_url, contact=args.contact)
  File "/usr/share/webmin/webmin/acme_tiny.py", line 149, in get_crt
    raise ValueError("Challenge did not pass for {0}: {1}".format(domain, authorization))
ValueError: Challenge did not pass for archives.jongriffith.com: {'identifier': {'type': 'dns', 'value': 'archives.jongriffith.com'}, 'status': 'invalid', 'expires': '2020-10-26T05:30:46Z', 'challenges': [{'type': 'http-01', 'status': 'invalid', 'error': {'type': 'urn:ietf:params:acme:error:unauthorized', 'detail': 'Invalid response from http://archives.jongriffith.com/.well-known/acme-challenge/Ude3CnCEryea7QApybqvXa9lQBWezXDQ-I0HDo_scJ8 []: "<!DOCTYPE HTML PUBLIC \\"-//IETF//DTD HTML 2.0//EN\\">\\n<html><head>\\n<title>404 Not Found</title>\\n</head><body>\\n<h1>Not Found</h1>\\n<p"', 'status': 403}, 'url': 'https://acme-v02.api.letsencrypt.org/acme/chall-v3/7993025485/xOnbcw', 'token': 'Ude3CnCEryea7QApybqvXa9lQBWezXDQ-I0HDo_scJ8', 'validationRecord': [{'url': 'http://archives.jongriffith.com/.well-known/acme-challenge/Ude3CnCEryea7QApybqvXa9lQBWezXDQ-I0HDo_scJ8', 'hostname': 'archives.jongriffith.com', 'port': '80', 'addressesResolved': [''], 'addressUsed': ''}]}]}

Uh? Why would this not work as it has on many other virtual hosts?

When I try to visit archives.jongriffith.com, I am redirected to the naked domain. It might be that this redirect is causing the failure of the SSL certificate application.

Oh wow…you’re right, it is redirected. Weird. So I’ve seen this before but I don’t recall how to fix it.

It’s redirecting to the first virtual host in the list (alphabetically sorted) of Virtual Servers.

If you visit https://archives.jongriffith.com the site loads but without a legit certificate. If you go to http://archives.jongriffith.com, it redirects to the top VS in the list.

It seems that the following line:
<VirtualHost *:80>
is the culprit. This was at the top of the conf file. I changed it to the server’s IP address and was able to retrieve the certificate for the site. Now, strangely, the site just takes forever to load if I use http and loads right up if I use https.

Anyway, thanks for the clue in. I wouldn’t have thought of that.

This topic was automatically closed 4 days after the last reply. New replies are no longer allowed.