I have a Laravel project deployed with Laravel Forge in nginx. This application has several aliases. I am trying to issue ssl certificates for each aliases, but I get the following error:
ERROR: Challenge is invalid! (returned: invalid) (result: ["type"] "http-01"
["status"] "invalid"
["error","type"] "urn:ietf:params:acme:error:unauthorized"
["error","detail"] "Invalid response from example.com/.well-known/acme-challenge/xxxxxxxxxxxxxxx [xxx.xx.xxx.xx]: \"\u003c!DOCTYPE html PUBLIC \\\"-//W3C//DTD XHTML 1.0 Transitional//EN\\\" \\\"DTD/xhtml1-transitional.dtd\\\"\u003e\\n\u003chtml xmlns=\\\"http://www.w3.org/199\""
["error","status"] 403
["error"] {"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from example.com/.well-known/acme-challenge/xxxxxxxxxxxxxxx [xxx.xx.xxx.xx]: \"\u003c!DOCTYPE html PUBLIC \\\"-//W3C//DTD XHTML 1.0 Transitional//EN\\\" \\\"DTD/xhtml1-transitional.dtd\\\"\u003e\\n\u003chtml xmlns=\\\"http://www.w3.org/199\"","status":403}
["url"] "https://acme-v02.api.letsencrypt.org/acme/chall-v3/xxxxxxx/xxxxxx"
["token"] "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
["validationRecord",0,"url"] "example.com/.well-known/acme-challenge/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
["validationRecord",0,"hostname"] "example.com"
["validationRecord",0,"port"] "80"
["validationRecord",0,"addressesResolved",0] "xxx.xx.xxx.xx"
["validationRecord",0,"addressesResolved"] ["xxx.xx.xxx.xx"]
["validationRecord",0,"addressUsed"] "xxx.xx.xxx.xx"
["validationRecord",0] {"url":"example.com/.well-known/acme-challenge/xxxxxxxxxxxxxxx","hostname":"example.com","port":"80","addressesResolved":
["xxx.xx.xxx.xx"],"addressUsed":"xxx.xx.xxx.xx"}
["validationRecord"] [{"url":"example.com/.well-known/acme-challenge/xxxxxxxxxxxxxxxxxx","hostname":"example.com","port":"80","addressesResolved":["xxx.xx.xxx.xx"],"addressUsed":"xxx.xx.xxx.xx"}])
Thanks in advance for help.
Let's encrypt says that must send request via http (port 80), but cannot do it. Try this: Go to larave Forge site page, at the bottom, and edit nginx config file in this way:
Save and try again to issue your certificates.
Remember that after this, you must modify the configuration to allow https communications.
It worked for me.