Get alerted when assets are down, slow, or vulnerable to SSL attacks—all free for a month. Learn more

Question

SSL Certificate Invalid

I’m hoping someone out there can shed some light on an issue I’m facing. I created droplet via the marketplace (Wordpress 1-click install). The steps I’m taking are as follows

  • Domain is hosted in Google Domains, so I’m using Digital Ocean custom name servers there.
  • Created a droplet using the WordPress-1-Click from the Marketplace
  • Created 2 A records in Digital Ocean control panel that point to the new droplets IP address
  • SSH’d into the server answered the script prompts. During the Let’s Encrypt section of the script I get some red text that the challenge has failed and some detail below it. (The IP address in brackets below is not what I have listed in my A records in digital ocean. The error was altered for privacy)
Domain: mysitename.dev
   Type:   unauthorized
   Detail: Invalid response from
   https://mysitename.dev/.well-known/acme-challenge/r8PzLOEgnfbHr0eBfIPO09ctTPSFadfD-hKdU4qAQ3E
   [198.111.74.66]: 404
  • The script completes and instructs me to go to my website in the browser to complete the set up, but I’m blocked by the browser because the certificate is invalid.

Can anyone tell me what is going on here? I’ve attempted destroying/recreating the droplet about 5 times.

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Bobby IlievMarch 26, 2022

Hello,

What I could suggest is checking your DNS records and making sure that the are the correct ones that you’ve specified in your DigitalOcean DNS zone:

https://www.whatsmydns.net/

If the records do not match the ones that you have in your DigitalOcean DNS this mostlikely means that your name servers are not set to the DigitalOcean ones. What I could suggest is is just double-checking the following:

  • Make sure that your nameservers are set to the DigitalOcean ones by following the steps here:

https://support.google.com/domains/answer/3290309?hl=en

  • Then if the nameservers are correct, I could suggest going to your DigitalOcean DNS zone and making sure that you do not have multiple A records for your root/@ domain

Once you make the DNS change give it another try.

Basically in order for Let’s Encrypt to verify your domain name, the A record of your domain needs to match the server IP address.

Regards,

Bobby

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up