I created a remote server
I enabled a platform on the remote server
I enabled a site on the remote platform on the remote server
I tried to enable ssl but I got errors:

Running: /var/aegir/config/letsencrypt/script --cron --accept-terms --config /var/aegir/config/letsencrypt/config       [notice]
--out /var/aegir/config/letsencrypt.d --domain insiteapps.socialnicheguru.com --domain
www.insiteapps.socialnicheguru.com [5.62 sec, 29.23 MB]
Executing: /var/aegir/config/letsencrypt/script --cron --accept-terms --config /var/aegir/config/letsencrypt/config --out /var/aegir/config/letsencrypt.d --domain insiteapps.socialnicheguru.com --domain www.myurl.com
  # INFO: Using main config file /var/aegir/config/letsencrypt/config
  Processing insiteapps.socialnicheguru.com with alternative names: www.insiteapps.socialnicheguru.com
   + Signing domains...
   + Generating private key...
   + Generating signing request...
   + Requesting challenge for myurl.com...
   + Requesting challenge for www.myurl.com...
   + Responding to challenge for myurl.com...
   + Responding to challenge for www.myurl.com...
  ERROR: Challenge is invalid! (returned: invalid) (result: {
    "type": "http-01",
    "status": "invalid",
    "error": {
      "type": "urn:acme:error:unauthorized",
      "detail": "Invalid response from http://www.myurl.com/.well-known/acme-challenge/TzYcVMmc3hj9rI1sbQVkMsXCB4fw_t3HPTH2mqgxTbo: \"\u003c!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"\u003e\n\u003chtml\u003e\u003chead\u003e\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\n\u003c/head\u003e\u003cbody\u003e\n\u003ch1\u003eNot Found\u003c/h1\u003e\n\u003cp\"",
      "status": 403
    },
    "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/J0OQnsfMI6XhHl2tVk7FtF8bZ6iIvctLbM5DrRSsj5s/3037328900",
    "token": "TzYcVMmc3hj9rI1sbQVkMsXCB4fw_t3HPTH2mqgxTbo",
    "keyAuthorization": "TzYcVMmc3hj9rI1sbQVkMsXCB4fw_t3HPTH2mqgxTbo.jyRB7cmpB502yvt9ZZvunlzBIUNuWJT_klSumXpr4Rg",
    "validationRecord": [
      {
        "url": "http://www.myurl.com/.well-known/acme-challenge/TzYcVMmc3hj9rI1sbQVkMsXCB4fw_t3HPTH2mqgxTbo",
        "hostname": "www.myurl.com",
        "port": "80",
        "addressesResolved": [
          "45.79.212.137"
        ],
        "addressUsed": "ip-address",
        "addressesTried": []
      }
    ]
  })

Comments

SocialNicheGuru created an issue. See original summary.

helmo’s picture

helmo commented

Was the remote site verified and usable before turning on SSL? (It should work either way but would rule out some possible causes)

To test the validation dir you can:
Create a file e.g. called `index.html` on the remote server in `/var/aegir/config/letsencrypt.d/well-known/acme-challenge/` and test if you can access it over http via http://www.example.com/.well-known/acme-challenge/index.html

If your request is redirected to a *https* url then that could pose a problem when the certificate there is either invalid or expired. Try to remove the redirects.

helmo’s picture

helmo commented
Status: Active » Postponed (maintainer needs more info)
socialnicheguru’s picture

socialnicheguru commented

no there are no redirects happening
If I add the index.html file as outlined above, I can reach it.

socialnicheguru’s picture

socialnicheguru commented
Status: Postponed (maintainer needs more info) » Active
socialnicheguru’s picture

socialnicheguru commented

Yes it was verified and usable.