Solved: “Challenge request failed for domain” error while renewing the Lets encrypt SSL certificate

Many of you who already followed our post on how to enable free SSL on your website will know that we are using “WP encrypt” plugin to renew our Let’s Encrypt SSL certificates in every 90 days.

But after 90 days when it was time for renewal the plugin didn’t work as expected. And we got the below error even when we tried to regenerate the certificate manually.

Challenge request failed for domain cloudvedas.com.

This was a big problem as the traffic to the site suddenly got impacted. People coming to the site started seeing the standard “unsafe” warning from the browsers.

We tried to look for a solution and after some googling, we were able to identify how to fix it. Below we will discuss the solution we used.

The easiest solution we found was to change the site redirection from https to http, generate new certificate and again change the redirection from http to https.

Let’s look at the steps in detail.

  • First step is to modify the httpd-prefix.conf as it had https entries. Keep copies of all the current files as they will be used again.
cp -p /opt/bitnami/apps/wordpress/conf/httpd-prefix.conf  /opt/bitnami/apps/wordpress/conf/httpd-prefix.conf.https

Once you have kept the copy of the file safely, comment/remove the following lines in the httpd-prefix.conf file and save the file.

#RewriteEngine On
#RewriteCond %{HTTPS} !=on
#RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]

Keep a copy of this file also as it will be useful next time after 90 days.

cp -p /opt/bitnami/apps/wordpress/conf/httpd-prefix.conf  /opt/bitnami/apps/wordpress/conf/httpd-prefix.conf.http
  • Next keep a copy of the file wp-config.php.
cp -p /opt/bitnami/apps/wordpress/htdocs/wp-config.php /opt/bitnami/apps/wordpress/htdocs/wp-config.php.https

After keeping the copy of wp-config.php, modify it.  Change the below two entries from https to http.

Enjoy the gift of learning! Find your next course for as low as $11.99
define('WP_HOME','http://cloudvedas.com');
define('WP_SITEURL','http://cloudvedas.com');

Keep a copy of this file also as it will be useful next time after 90 days.

cp -p /opt/bitnami/apps/wordpress/htdocs/wp-config.php /opt/bitnami/apps/wordpress/htdocs/wp-config.php.http

 

  • Restart the LAMP stack
sudo /opt/bitnami/ctlscript.sh restart

 

  • Go to your wordpress dashboard and click on “Generate certificate”. This time the certificate should generate without error.

  • Once you get the new certificates put everything back from http to https. Copy the backup files we created earlier, back to the main files.
cp -p /opt/bitnami/apps/wordpress/conf/httpd-prefix.conf.https  /opt/bitnami/apps/wordpress/conf/httpd-prefix.conf
cp -p /opt/bitnami/apps/wordpress/htdocs/wp-config.php.https /opt/bitnami/apps/wordpress/htdocs/wp-config.php
  • Restart the LAMP stack
sudo /opt/bitnami/ctlscript.sh restart

This should get you back in business!

We have informed “WP encrypt” plugin creators about this problem. But , till they fix it you can use this solution. We are also working on automating the above steps on our side and will let you once we are ready.

For now our suggestion is that you execute these steps again after next 85-88 days manually when you have lowest load on your site. Since you have already kept copies of both http and https version of files so it will be less than a 5 minute job.

Do let us know if you have any query while following the above guide or if you have a better solution.

7 Replies to “Solved: “Challenge request failed for domain” error while renewing the Lets encrypt SSL certificate”

  1. Pls ignore my previous comment. My issue is resolved. I saw an error in the apache error log accessing the wp-config.php file.

    Changed the file group ownership to daemon (like the original), restarted services – and the site is up on https.

    Related q:
    Can I not just set up a cron job to run /usr/bin/certbot renew to take care of it vs. using the wp encrpt plugin which errors out for renewals?

  2. Hi, Thanks for the instructions. I followed it exactly and regenerating the certificate worked fine.

    However, after restarting the services when I go to the website all I get is a blank page.

    I put the http ver of the files back and restarted services – blank
    I put the https ver of the files and restarted services – still blank

    Both the web page and the wp-admin pages are blank.

    Any pointers or help you can provide would be appreciated. My site is currently unavailable 🙁

  3. Hey Sagu Thank you very much for the tutorial!

    Really helped!

    I found two issues in your tutorial. I am not sure if it happened to the others but just wanted to comment it.
    1. “cp -p /opt/bitnami/apps/wordpress/htdocs/wp-config.php.https /opt/bitnami/apps/wordpress/htdocs/wp-config.php”. Do you notice that wp-config.php.https? I am not sure if that was on purpose but in the step before that were you create the initial https wp-config copy it is called “wp-config.https”.

    2. In my case it did not work first because the permissions were not set right after creating the copy of wp-config.php. I had to do sudo chmod 644 wp-config.php

Leave a Reply

Your email address will not be published. Required fields are marked *