Question

Sub domain Lets-Encrypt challenge failed

Posted July 7, 2021 458 views
Security

Hi. Brand new to DO. I just installed NextCloud in my first droplet using a self signed SSL cert on the server IP address. All works as expected. :)

Now, I have added a sub domain on my (external to DO) web hosting company (VentraIP) and set the A record there to point to the DO IP address. It works fine, resolving to the DO Nextcloud server instance as above.

So… now I want to use Lets-Encrypt to make it secure. When I follow the instructions to setup the SSL

sudo nextcloud.enable-https lets-encrypt

I get the error:

Domain: cloud.mydomain.com.au
Type: unauthorized
Detail: During secondary validation: Invalid response from
http://cloud.mydomain.com.au/.well-known/acme-challenge/8jH3_HtiUcMwEn1yJ9nQQ21TON6tApEBmw-44h3unas

(where cloud.mydomain.com.au == my real subdomain name)

The subdomain is listed in the Trusted Domains.

The firewall port is openned.

What have I missed, do you think?
Thanks,
Murray

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

Hi there,

Right after the Invalid response from line, do you get any other output? Usually, right after that line, there should be a more detailed message with the exact response and reason why Let’s Encrypt is failing to validate the domain name.

In most cases, it is due to the A record of the domain not matching the server IP address.

Regards,
Bobby

  • Thanks so much for replying Bobby. It turns out I was trying to use a subdomain where the name server was on a different host! Doh! There was a warning message about that earlier in the guide I was following which, in my newness, didn’t register when I read it.

    So, I used another domain where the name server and subdomain were on the same server and it all worked perfectly.

    Thanks again for getting back to me.

    Best wishes,
    Murray