Solved: “Challenge request failed for domain” error while renewing the Lets encrypt SSL certificate

Many of you who already followed our post on how to enable free SSL on your website will know that we are using “WP encrypt” plugin to renew our Let’s Encrypt SSL certificates in every 90 days.

But after 90 days when it was time for renewal the plugin didn’t work as expected. And we got the below error even when we tried to regenerate the certificate manually.

Challenge request failed for domain cloudvedas.com.

This was a big problem as the traffic to the site suddenly got impacted. People coming to the site started seeing the standard “unsafe” warning from the browsers.

We tried to look for a solution and after some googling, we were able to identify how to fix it. Below we will discuss the solution we used.

The easiest solution we found was to change the site redirection from https to http, generate new certificate and again change the redirection from http to https.

Let’s look at the steps in detail.

  • First step is to modify the httpd-prefix.conf as it had https entries. Keep copies of all the current files as they will be used again.
cp -p /opt/bitnami/apps/wordpress/conf/httpd-prefix.conf  /opt/bitnami/apps/wordpress/conf/httpd-prefix.conf.https

Once you have kept the copy of the file safely, comment/remove the following lines in the httpd-prefix.conf file and save the file.

#RewriteEngine On
#RewriteCond %{HTTPS} !=on
#RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]

Keep a copy of this file also as it will be useful next time after 90 days.

cp -p /opt/bitnami/apps/wordpress/conf/httpd-prefix.conf  /opt/bitnami/apps/wordpress/conf/httpd-prefix.conf.http
  • Next keep a copy of the file wp-config.php.
cp -p /opt/bitnami/apps/wordpress/htdocs/wp-config.php /opt/bitnami/apps/wordpress/htdocs/wp-config.php.https

After keeping the copy of wp-config.php, modify it.  Change the below two entries from https to http.

define('WP_HOME','http://cloudvedas.com');
define('WP_SITEURL','http://cloudvedas.com');

Keep a copy of this file also as it will be useful next time after 90 days.

cp -p /opt/bitnami/apps/wordpress/htdocs/wp-config.php /opt/bitnami/apps/wordpress/htdocs/wp-config.php.http
  • Restart the LAMP stack
sudo /opt/bitnami/ctlscript.sh restart
  • Go to your wordpress dashboard and click on “Generate certificate”. This time the certificate should generate without error.

  • Once you get the new certificates put everything back from http to https. Copy the backup files we created earlier, back to the main files.
cp -p /opt/bitnami/apps/wordpress/conf/httpd-prefix.conf.https  /opt/bitnami/apps/wordpress/conf/httpd-prefix.conf
cp -p /opt/bitnami/apps/wordpress/htdocs/wp-config.php.https /opt/bitnami/apps/wordpress/htdocs/wp-config.php
  • Restart the LAMP stack
sudo /opt/bitnami/ctlscript.sh restart

This should get you back in business!

We have informed “WP encrypt” plugin creators about this problem. But , till they fix it you can use this solution. We are also working on automating the above steps on our side and will let you once we are ready.

For now our suggestion is that you execute these steps again after next 85-88 days manually when you have lowest load on your site. Since you have already kept copies of both http and https version of files so it will be less than a 5 minute job.

Do let us know if you have any query while following the above guide or if you have a better solution.

Solved: How to enable free SSL on your website.

HTTPS is now becoming a necessity and google is giving more importance to https site in comparison to http sites in indexing.

So how do you get an https secure site?

You need to buy an SSL certificate from third party. Even though you know your site is secure it needs verification from a third party which says “Yeah I confirm this site is secure”. For this the third party charges a fees anywhere from $10 to $150 per year .

Continue reading “Solved: How to enable free SSL on your website.”