Search code examples
ubuntusslsshvpslets-encrypt

Can't install SSL on my website with Let's Encrypt

I'm trying to install SSL on my website following this guide https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-20-04

As you can guess, I use ubuntu 20.04, and I'm stock on fourth step, after I press enter (or write 1) on question Which names would you like to activate HTTPS for? There's this output:

Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: sugacards.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for sugacards.com
Enabled Apache rewrite module
Waiting for verification...

Challenge failed for domain sugacards.com
http-01 challenge for sugacards.com
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: sugacards.com
   Type:   unauthorized
   Detail: Invalid response from
   http://sugacards.com/.well-known/acme-challenge/FA0pB7nMEk0_VIaeQPJStKNlXKX5kTqcvHmUi5ESVJ0
   [31.220.55.52]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
   2.0//EN\">\n<html><head>\n<title>404 Not
   Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

How can I fix this? It's my first time I install SSL on vps, so it's maybe a dumb question, but still, would be grateful to any answers :)

Solution

  • They need to verify that you in fact own that domain since SSL certificates are based on trust. For them to keep trust, they need to make sure they never issue certificates to individuals who are not the owners of a specific domain. The way they do that is by giving you a challenge file which you need to host on your website at:

    http://sugacards.com/.well-known/acme-challenge/FA0pB7nMEk0_VIaeQPJStKNlXKX5kTqcvHmUi5ESVJ0

    Once that file is hosted there, they will do a request to that address to verify that you in fact own that website. All you need to do is host that file on that route. The way you would do that would depend on how your website is hosted.

    If you provide more details on how your website is hosted I could edit this answer and give more details on how to do that.