What is the troubleshooting procedure for failed Let's Encrypt?

I am once again facing a Let’s Encrypt cert failure. I have tried figuring this out in the past without a lot of luck.

Traceback (most recent call last):
File “/usr/libexec/webmin/webmin/acme_tiny.py”, line 198, in
File “/usr/libexec/webmin/webmin/acme_tiny.py”, line 194, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca, disable_check=args.disable_check, directory_url=args.directory_url, contact=args.contact)
File “/usr/libexec/webmin/webmin/acme_tiny.py”, line 143, in get_crt
raise ValueError(“Wrote file to {0}, but couldn’t download {1}: {2}”.format(wellknown_path, wellknown_url, e))
ValueError: Wrote file to /home/domain/public_html/.well-known/acme-challenge/UKlAANWvDL0nYvSUWy_bD9kiadMz4GoeUgAFoydsFTE, but couldn’t download http://domain.com/.well-known/acme-challenge/UKlAANWvDL0nYvSUWy_bD9kiadMz4GoeUgAFoydsFTE: Error:
Url: http://domain.com/.well-known/acme-challenge/UKlAANWvDL0nYvSUWy_bD9kiadMz4GoeUgAFoydsFTE
Data: None
Response Code: None
Response: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)>

You’ve probably got a redirect or ProxyPass rule in your config or in your .htaccess file that doesn’t allow access to the .well-known directory.

This is on a friend’s server that I am helping. I did check the redirect through the GUI and found none but I didn’t think about checking the .htaccess file. I will do that now. I will also take a look at the directive.

You are correct, the .htaccess file is a mess. Not sure what happened there. Thanks for suggesting the .htaccess file.

If it didn’t work, you could apply this patch/work-around for now or simply install certbot package from the official distro repos.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.