Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

JillzTom's avatar

Problem installing SSL Certificate

I've the following error while trying to install SSL Certificate in Forge:

Creating well known challenge directory...
Installing LetsEncrypt client...
Cloning into 'letsencrypt1466456634'...
Configuring client...
Restarting Nginx...
Generating Certificate...
# INFO: Using main config file /root/letsencrypt1466456634/config
+ Generating account key...
+ Registering account key with letsencrypt...
Processing myapp.com with alternative names: www.myapp.com
 + Signing domains...
 + Creating new directory /root/letsencrypt1466456634/certs/myapp.com ...
 + Generating private key...
 + Generating signing request...
 + Requesting challenge for myapp.com...
 + Requesting challenge for www.myapp.com...
 + Responding to challenge for myapp.com...
ERROR: Challenge is invalid! (returned: invalid) (result: {
  "type": "http-01",
  "status": "invalid",
  "error": {
    "type": "urn:acme:error:unauthorized",
    "detail": "Invalid response from http://myapp.com/.well-known/acme-challenge/9nAg3E0zlCTUFH2Uh1OP-0wPvf1Wod4SuLHr-uAt_tQ: \"\u003c!DOCTYPE html\u003e\n\u003chtml\u003e\n\u003chead\u003e\n\u003ctitle\u003eFile Not Found\u003c/title\u003e\n\u003cmeta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\" \u003e\"",
    "status": 403
  },
  "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/Xya4Dz5YtglYEp2aPprUj8I7bi9mhd_NdTsr1v575wg/134009765",
  "token": "9nAg3E0zlCTUFH2Uh1OP-0wPvf1Wod4SuLHr-uAt_tQ",
  "keyAuthorization": "9nAg3E0zlCTUFH2Uh1OP-0wPvf1Wod4SuLHr-uAt_tQ.GWh435iNRgLVCjrJ695R2_qiDnkBtXykFAOdpcN5OFw",
  "validationRecord": [
    {
      "url": "http://myapp.com/.well-known/acme-challenge/9nAg3E0zlCTUFH2Uh1OP-0wPvf1Wod4SuLHr-uAt_tQ",
      "hostname": "myapp.com",
      "port": "80",
      "addressesResolved": [
        "192.186.252.xxx",
        "45.55.xxx.xxx"
      ],
      "addressUsed": "192.186.252.xxx"
    }
  ]

})

I cannot find out any solution anywhere!

0 likes
4 replies
samdevries's avatar

In case anyone runs into this.

Make sure all the relevant A records point to the forge server.

For example: If your DOMAIN.com A record points to forge, but www.DOMAIN.com does not, you may get this error. Also pointing www.DOMAIN.com and *.DOMAIN.com, etc to the forge server will fix the problem.

2 likes
Lordbedwetter's avatar

3 years later and still coming in clutch! Thank you! I've been trying to figure out this problem for literally DAYS

stueynet's avatar

@samdevries Any other reason this may happen? My DNS is all set up properly and always has been. I am trying to re-issue the certificate because for some reason forge decided not to automatically renew it ever week as it is supposed to.

1 like

Please or to participate in this conversation.