Common Reasons Certificate Renewals Fail

SpinupWP automatically tries to renew HTTPS certificates for your sites but sometimes the renewal can fail. In this case, SpinupWP will send you an Error renewing your HTTPS certificate email with an explanation of what happened and the error output from the process.

Sometimes it’s not clear what the error means or how you can fix the issue. Below we’ve outlined some common errors that occur when trying to renew HTTPS certificates and how they can be resolved.

Connection problem

The server could not connect to the client to verify the domain

This normally happens when Let’s Encrypt can’t access the /.well-known file on the server. As part of the Let’s Encrypt validation process, it will generate a file on your server that is available to the public internet. The URL looks something like:

https://example.com/.well-known/acme-challenge/90lPeuTilxAzeUu6KObTaE7SGKUg4zv9KpUqRWi0aEU

Let’s Encrypt will then try to access this file to verify the domain points to the server.

This can happen when you have a redirect set up that is redirecting the request before it can access the file on the server. For example, when you use Cloudflare for your DNS and have “Always use HTTPS” enabled. The request is redirected from HTTP to HTTPS at the network level before it reaches the server.

To resolve this issue, check your Nginx configs for custom redirects that can override the request or check to see if WordPress is capturing the request and redirecting or blocking it. Also, check to see if there is something at the network level that might be redirecting or blocking requests.

Invalid response

Invalid response from …

This normally happens when something on your server is not working properly or Let’s Encrypt is being blocked for some reason. For example, if PHP is not running and Nginx returns a “504 Gateway Timeout” or Basic Authentication has been set up and is returning a “403 Forbidden” response.

To resolve this issue, make sure your site is working properly and that there are no custom Nginx configs that might be blocking Let’s Encrypt requests to the /.well-known file.

DNS Problem

DNS problem: NXDOMAIN looking up A

This normally happens when you’ve updated the DNS for a domain that you had previously added to a SpinupWP site. For example, if you have a site at example1.com and added example2.com as an Alternate Domain. Then, in the future, you’ve updated example2.com to point to another server but not removed the Alternate Domain from SpinupWP.

To resolve this issue, make sure the DNS records for all of your Primary and Additional domains are correctly pointing to your SpinupWP server or remove them from SpinupWP if they need to be removed.

Start Your 7-Day Free Trial

Start your SpinupWP journey today and spin up your first server within minutes.

Start Your Free Trial

No credit card required

Subscribe to get the latest news, updates and optimizations in performance and security.

Thanks for subscribing 👍

To receive awesome stuff, you'll need to head to your inbox and click on the verification link we sent you.
Make sure to check your "spam" folder or your "promotions" tab (if you have Gmail).
If you're still having trouble, then messages us at sudo@spinupwp.com.

You are already logged in

It looks like you are already logged in to SpinupWP.

Please log out of this account to continue.

Registration Successful

Thanks for registering for a new
SpinupWP account.

Before getting started, could you verify your email address by clicking on the link we just emailed to you?

SpinupWP

Free Trial

Start Your 7-Day Free Trial

No credit card required. All features included.

By signing up to SpinupWP, you agree to our Terms and Conditions.
For privacy related information, view our Privacy Policy.