I have a MacOS X (v14.0) with a Webmin & Let's Encrypt that I use as web server.
I have used Let's Encrypt to get a certificate for 4 virtual sites with no problem.
Then I wanted to add a 5th virtual site to the certificate. My 5th site was of the form www5.mydomain.gr (similar to another one named ar3d.mydomain.gr)
I copied the apache config from ar3d.mydomain.gr to www5.mydomain.gr (i.e. all the settings are equal except of course the ar3d that was changed to www5) and did the same for the DNS entries. So ALL the configurations for the 2 names are identical!
The www5.mydomain.gr site works fine, both as http (80) and as https (443).
But, when I try to add the www5.mydomain.gr to the Let's Encrypt Webmin tab, to get a certificate for it, I got the following error:
ValueError: Challenge did not pass for www5.mydomain.gr: {'identifier': {'type': 'dns', 'value': 'www5.mydomain.gr'}, 'status': 'invalid', 'expires': '2023-11-01T09:44:35Z', 'challenges': [{'type': 'http-01', 'status': 'invalid', 'error': {'type': 'urn:ietf:params:acme:error:unauthorized', 'detail': '83.174.157.166: Invalid response from http://www5.mydomain.gr/.well-known/acme-challenge/mi7d8-d6lOgSNaZ05ZPyESBZAlIexz6QV30i2dDFZdU: 404', 'status': 403}, 'url': 'https://acme-v02.api.letsencrypt.org/acme/chall-v3/277249378426/3SIjpA', 'token': 'mi7d8-d6lOgSNaZ05ZPyESBZAlIexz6QV30i2dDFZdU', 'validationRecord': [{'url': 'http://www5.mydomain.gr/.well-known/acme-challenge/mi7d8-d6lOgSNaZ05ZPyESBZAlIexz6QV30i2dDFZdU', 'hostname': 'www5.mydomain.gr', 'port': '80', 'addressesResolved': ['XXX.XXX.XXX.166'], 'addressUsed': 'XXX.XXX.XXX.166'}], 'validated': '2023-10-25T09:44:58Z'}]}
What can I do? Since all entries are identical I guessed that all it should work like the other 4 did...
(note: no .htaccess files in any virtual server - if that has any reference...)
I found the error and it was hidden deep inside the apache conf...
I had a virtual server defined as: www*.mydomain.gr so I guess it was taking precedence over the www5.mydomain.gr, although the https://www5.mydomain.gr would answer correctly with the www5.mydomain.gr site.
So although apache was answering correctly, the Let's encrypt job was finding the "other" site and was giving the error.
Weird...