SniCertificate::CertificateNonvalidError: Unable to verify challenge for djunicode.in: Invalid response from http://djunicode.in/.well-known/acme-challenge/teo4A5l4rhc7Xp96RnFlvOR-qW_zuvF7JFa4Lm-COc8 [2001:4860:4802:34::15]: "<!DOCTYPE html>\n<html lang=en>\n <meta charset=utf-8>\n <meta name=viewport content="initial-scale=1, minimum-scale=1, width=dev"
We can’t renew your Let’s Encrypt certificate automatically until the issue is resolved. Check our troubleshooting guide for more information on how to fix the problem, and then renew the certificate.
The TLS certificate for www.ridealert.co will expire on Feb 24, 2022. We tried to renew it, but got this error message:
SniCertificate::CertificateNonvalidError: Unable to verify challenge for ridealert.co: Invalid response from https://ridealert.co/.well-known/acme-challenge/GfWW0XN2WE64_-rDlmPfGzK3Lf8RdfxVHoiJOW7QUCs [35.194.14.251]: "{\"code\":404,\"message\":\"Page not found: /.well-known/acme-challenge/GfWW0XN2WE64_-rDlmPfGzK3Lf8RdfxVHoiJOW7QUCs\",\"name\":\"NotFound"
Note, the ridealert.co root cert is managed outside of Netlify.
Hi, @jamesholcomb. Our service normally automatically pairs the apex domain (meaning ridealert.co) and the www subdomain (www.ridealert.co). However, the following sounds to me like you do not want to have the apex domain served by Netlify:
Note, the ridealert.co root cert is managed outside of Netlify.
Am I understanding that correctly? Also, the IP address for the apex domain is not one that Netlify controls:
ridealert.co. 300 IN A 35.194.14.251
Our support team can manually override this but I don’t show that has been done for this site. Would you like to use www.ridealert.co only for this site?
If so, I have already made that change and renewed the SSL certificate.
It is important to note that the change I made has a side effect. Now that I’ve made the override for the domain names in the SSL certificate, you cannot control the list of domains in the SSL certificate via the web UI for this site. However, our support team can still make changes to it.
To summarize, this site now has working SSL and will only use www.ridealert.co going forward. Netlify will never attempt to provide SSL for ridealert.co (the apex domain) until this change is rolled back.
If you do not want to keep this change or if you want to modify the list of domains the SSL certificate covers, please feel free to reply here or to make a new topic to let us know.
Hi, I am having the same issue and I’m not sure what to do. Please could someone help me?
SniCertificate::CertificateNonvalidError: Unable to verify challenge for djmelech.com: 94.136.40.82: Fetching http://94.136.40.51/djmelech.com/index.html: Invalid host in redirect target "94.136.40.51". Only domain names are supported, not IP addresses
We can’t renew your Let’s Encrypt certificate automatically until the issue is resolved. Check our troubleshooting guide for more information on how to fix the problem, and then renew the certificate.
Thanks for reaching out and welcome to Netlify’s Support Forums!
Looks like you have a second A Record for djmelech.com.
host djmelech.com
djmelech.com has address 94.136.40.82
djmelech.com has address 75.2.60.5
djmelech.com mail is handled by 0 smtp.secureserver.net.
djmelech.com mail is handled by 10 mailstore1.secureserver.net.
Could you remove that A Record so only the A Record pointing to 75.2.60.5 remains?
ok, I removed that other A Record in the DNS settings of my domain provider. I’ve noticed that I am still having the same issue though. Does it take a bit of time for the changes to come into action?
I see that the DNS configuration is correct, I’ve renewed the SSL Certificate and the process was successful. You can see the SSL Certificate here. Visiting the domain I’m no longer getting the SSL error.
