Can't sign first certificate

Trying to configure my Yunohost on a Raspberry, got several things on the network, but it doesn’t seem to be able to create the files necessary to Let’s Encrypt as it returns a 404 in the logs, anyone could help?

**Info:** Now attempting install of certificate for domain!

**Info:** Parsing account key...

**Info:** Parsing CSR...

**Info:** Found domains:,

**Info:** Getting directory...

**Info:** Directory found!

**Info:** Registering account...

**Info:** Already registered!

**Info:** Creating new order...

**Info:** Order created!

**Info:** Verifying

**Error:** Challenge did not pass for {u'status': u'invalid', u'challenges': [{u'status': u'invalid', u'validationRecord': [{u'url': u'', u'hostname': u'', u'addressUsed': u'', u'port': u'80', u'addressesResolved': [u'']}], u'url': u'', u'token': u'eg29qwVDuE6eYiqSTLPyKMjiMWTvAKUrvGwfeMIsyxo', u'error': {u'status': 403, u'type': u'urn:ietf:params:acme:error:unauthorized', u'detail': u' Invalid response from 404'}, u'validated': u'2022-11-08T16:36:08Z', u'type': u'http-01'}], u'identifier': {u'type': u'dns', u'value': u''}, u'expires': u'2022-11-15T16:31:19Z'}

**Error:** Certificate installation for failed !

Exception: Could not sign the new certificate

**Info:** The operation 'Install a Let's Encrypt certificate on '' domain' could not be completed. Please share the full log of this operation using the command 'yunohost log display --share' to get help

**Error:** Please consider checking the 'DNS records' (basic) and 'Web' categories of the diagnosis to check for possible issues that may prevent installing a Let's Encrypt certificate on domain

Seems my Synology reverse proxy is bothering Let’s Encrypt in a way or the other, but I don’t get why as it forwards the ports 80 & 443 from this domain to the Raspberry :

Sounds like your reverse proxy maybe forwards domain.tld, but not xmpp-upload.domain.tld ?


Seems like even redirecting 80 & 443 through the Synology was blocked I don’t know why :slight_smile: I solved it by temporary redirecting them to the Pi hosting Yunohost, then switched back, everything works fine!

1 Like