Contents

5101 SSL - LetsEncrypt Challenge Invalid

The Issue

LetsEncrypt cannot validate the provided domain.

Possible Causes

  • The domain you're trying to use isn't pointed to your app's IP. JUMP
  • The domain provided for the certificate is not a valid domain. JUMP

Domain Isn't Pointed to Your App IP

LetsEncrypt requires that your domain be pointed to the server on which the certificate is being installed in order to validate domain ownership. If your domain isn't pointed to your app yet, LetsEncrypt won't be able to validate the domain and issue the certificate.

Steps to Take

Cancel the Sequence

While Nanobox will continue to hit the LetsEncrypt API, there's a change the domain status will not change. The best thing to do is to cancel the process. To cancel a process, click the "Cancel" button in the upper-right corner of the process viewer.

Cancel a Process

Point Your Domain to Your App

Make your domain is pointed to your app. For the provided app-name.gonano.io domains, this is done automatically, but if you're using your own custom domain, instructions are provided in the Using Custom Domains doc.

Keep in mind that changes to your domain do take time to propagate. To keep propagation times down, turn down your your domain's "Time to Live" (TTL) before updates.

Try it Again

Once your domain is routing to your live app, try to create the LetsEncrypt bundle again and it should succeed.

Invalid Domain

LetsEncrypt doesn't recognize the domain you provided when created your SSL/TLS certificate as a valid domain.

Steps to Take

Cancel the Sequence

The information provided for your certificate will not work and you need to cancel the currently running process. To cancel a process, click the "Cancel" button in the upper-right corner of the process viewer.

Cancel a Process

Delete the Erred Certificate

Once a certificate is created, the domain associated with that certificate can't be changed. You need to delete the certificate and create a new one. To delete the certificate, click on "Manage" next to your certificate, then click the "Delete" button.

Create a New Certificate

Create a new certificate using a valid domain.

Reach out to help@nanobox.io and we'll try to help.