Lets Encrypt SSL Error (Error: Let's Encrypt validation status 400 (domain.com). Details: 403:"MY-IP: Invalid response

An error occurs when creating a certificate:

image

I found an error link in the log:

after going through it , I received the following data:

letsdebug.net does not show errors (previously there was an ipv6 error, I deleted ipv6 error disappeared):

What could be the problem?

Does ngixn restart correctly

Such a warning and before that there was a comodo certificate, but it ends and I decided to replace it with Lets Encrypt

Did it solved the issue?

You should be able to visit the .well-known/xxxx/xxxx folder without any issue…

Do you use Cloudflare?

1 Like

I don’t use Cloudflare.
Where the folder is located .well-known?
I am concerned that domain duplication with aliases without is shown.


But the certificate from comodo works if you insert it in here:

Hello, I have the same problem… It seems to be that ngixn does not auto restart. I got it to work when I manually restart nginx during the process, either by the CLI or by opening the panel in another browser and restarting nginx continuously during the process.

My question has not been solved (NGINX will to restart when adding or changing web domains - #3 by lamnian)

ssl-issue

This error always occurs when enabling ssl in hestia cp, but after restarting ngnxi, ssl can be successfully enabled, and next time you want to enable ssl, you still need to restart ngnxi again. Hi, does anyone have any ideas on this?

Merged both topics…

We reload both proxy system ( Nginx)
And web system just before we request the certificate.

It should be more then enough…

Set: DEBUG_MODE to yes in /usr/local/hestia/conf/hestia.conf and try to request an ssl.

I made a fix in “v-add-letsencrypt-domain”, but it didn’t help.
The certificate itself is not issued for 1 main domain (the comodo certificate works on this domain), it works on subdomains and works on other domains.

You’ve an ipv6 record there, hestia doesnt support it rn, remove it and it should work. Has even it own section in our docs: SSL Certificates and Let's Encrypt — Hestia Control Panel documentation

Error page

Also:
http://xxx/.well-known/acme-challenge/weilCrdnHG1oaXkFtNW9eMBL7U2wm9LBmwyDgjlmgE

returns also an 404. So there must something be wrong with your nginx config.

Does not work:

it works:

Now it does. 5 min ago not. Now I also get a valid website:

I tried to issue a certificate via Certbot and the certificate was generated without an error

Validation process is different as in certbot, we do not support ipv6 (yet).

I deleted the AAAA record from IPV6, it doesn’t help

Run the command v-add-letsencrypt-domain user domain.com ‘www.domain.com’ in command line and test it out.

Or at least follow the instructions we have provided. We can’t guess…

1 Like

www.domain.com doesn’t work

Remove it form the alias list or check why it is not working properly

It looks like you are bind a nat server or something like that…