letsencrypt.sh 403 forbidden error

wtptrs

Verified User
Joined
Jul 13, 2015
Messages
74
I'm receiving the following error when trying to create a Let's Encrypt certificate for a specific domain:

Code:
Requesting new certificate order...
Processing authorization for domain.tld...
Waiting for domain verification...
Trying again...
1..2..3..4..5..
Challenge status: invalid. Challenge error: "type": "http-01",  "status": "invalid",  "error": {    "type": "urn:ietf:params:acme:error:unauthorized",    "detail": "Invalid response from http://domain.tld/.well-known/acme-challenge/xKTSTUll_dTkxgZuih2QZwC2K5li0ZtKx6narEsH8Bk: \"\u003c!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"\u003e\n\u003chtml\u003e\u003chead\u003e\n\u003ctitle\u003e403 Forbidden\u003c/title\u003e\n\u003c/head\u003e\u003cbody\u003e\n\u003ch1\u003eForbidden\u003c/h1\u003e\n\u003cp\"",    "status": 403  . Exiting...
www.domain.tld is working fine. Anyone have any idea what to look for?
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
9,095
Location
LT, EU
I'd suggest creating a ticket with the real domain name at tickets.directadmin.com. There must be a problem with the domain itself :) (for example, not pointing where it should)
 

wtptrs

Verified User
Joined
Jul 13, 2015
Messages
74
I'd suggest creating a ticket with the real domain name at tickets.directadmin.com. There must be a problem with the domain itself :) (for example, not pointing where it should)
Thanks smtalk. This has been solved, the cause was an AAAA-record for the main domain, conflicting with the A-record and thus "not pointing where it should" :)
 

Omines

Verified User
Joined
Dec 17, 2007
Messages
47
Thanks smtalk. This has been solved, the cause was an AAAA-record for the main domain, conflicting with the A-record and thus "not pointing where it should" :)
Thanks for posting the solution, found it via Google after being stumped for an hour on an identical case where a client had accidentally left the default AAAA around.
 
Top