Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

Steady-Entertainment's avatar

SSL cerrtificate failed installation forge

Hello freinds,

My appplication is deployed on a forge server and runs perfectly under http

When I am trying to install a SSL cert via forge I get the following output

--2020-04-22 07:27:44--  https://forge-certificates.laravel.com/le/778224/1017796?env=production
Resolving forge-certificates.laravel.com (forge-certificates.laravel.com)... 104.26.12.100, 104.26.13.100, 2606:4700:20::681a:d64, ...
Connecting to forge-certificates.laravel.com (forge-certificates.laravel.com)|104.26.12.100|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: ‘letsencrypt_script1587540464’

     0K ..                                                     59.3M=0s

2020-04-22 07:27:44 (59.3 MB/s) - ‘letsencrypt_script1587540464’ saved [2267]

Cloning into 'letsencrypt1587540464'...
Can't load /root/.rnd into RNG
140467621254272:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:98:Filename=/root/.rnd
ERROR: Challenge is invalid! (returned: invalid) (result: {
  "type": "http-01",
  "status": "invalid",
  "error": {
    "type": "urn:ietf:params:acme:error:unauthorized",
    "detail": "Invalid response from http://www.offline.vision/.well-known/acme-challenge/t-JZvQtjusRpn0DwOUbsYQn1P7iapSwmiuznIBLuSms [62.2.92.66]: \"\u003c!DOCTYPE HTML PUBLIC \\"-//IETF//DTD HTML 2.0//EN\\"\u003e\n\u003chtml\u003e\u003chead\u003e\n\u003ctitle\u003e403 Forbidden\u003c/title\u003e\n\u003c/head\u003e\u003cbody\u003e\n\u003ch1\u003eForbidden\u003c/h1\u003e\n\u003cp\"",
    "status": 403
  },
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/4108807015/RmxfQQ",
  "token": "t-JZvQtjusRpn0DwOUbsYQn1P7iapSwmiuznIBLuSms",
  "validationRecord": [
    {
      "url": "http://www.offline.vision/.well-known/acme-challenge/t-JZvQtjusRpn0DwOUbsYQn1P7iapSwmiuznIBLuSms",
      "hostname": "www.offline.vision",
      "port": "80",
      "addressesResolved": [
        "62.2.92.66"
      ],
      "addressUsed": "62.2.92.66"
    }
  ]
})

Any ideas are appreaciated.

Side note: My port 443 is not opened yet but that shouldnt play a role

0 likes
1 reply
ElwinB's avatar

I had this exact same problem. In my case, disabling the firewall to port 80 and 443 (which where blocked) helped. No further issues after disabling the firewalls.

(remember to turn back on the firewall rules after getting the certificate!)

Please or to participate in this conversation.