DNSSEC and installation of Let's Encrypt SSL certificate

user12329 · April 20, 2025, 8:15pm

What is the name of the domain?

What is the error number?

403 Forbidden Error [Regarding a request of installation of Let’s Encrypt SSL certificate]

What is the error message?

Failed validation. Error: 2606:4700:3033::6815:e42: Invalid response from http://www.endoscholar.com/.well-known/acme-challenge/OlmfN8TdEBfBt8uU0kI-A8zyiovGNLSxuKkQJ5BQoKE: 403 Domain www.endoscholar.com has failed verification (status code 200). All verifications failed All verifications failedAll verifications failedyakko:letsencrypt->Full_signup(32048830): Verification failed!

What is the issue you’re encountering

I tried to install a Let’s Encrypt SSL certificate for ENDOSCHOLAR.COM but it failed.

What steps have you taken to resolve the issue?

The hosting company advised to “pause Cloudflare” ,what I did. Then they pushed the installation of the certificate at their end which was eventually successful.

What are the steps to reproduce the issue?

The reason for bringing this issue to your attention is because prior to the request of SSL certificate I enabled at Cloudflare the three options quoted below. The issue at stake is that this is the first time I have problem in installing an SSL certificate. Therefore, I inferred that the fact of enabling the three options could have originated some type of conflict for the installation of the SSL certificate. What I did was de-pausing Cloudflare once the certificate was issued and also disabled the three options which are as follows:

I’m under attack mode.
Replace insecure JavaScript libraries»
DNSSEC was enabled.

My feeling is that it was the DNSSEC activation that caused the problem but I am not sure of this because according to what I have read it seems that enabling DNSSEC is highly recommended. For the record, please find attached a screenshot of the DNS configuration for ENDOSCHOLAR.COM. I cannot show you a screenshot of the error because the details were provided to me by the hosting company.

SPECIFIC QUERY: Should I refrain from enabling the three options above to avoid conflict with SSL creation? Or to put it differently, would it a better idea to enable them AFTER the SSL certificate has been successfully installed, and not before?

Screenshot of the error

DarkDeviL · April 20, 2025, 9:06pm

This mode may cause issues with the certificate request from your hosting provider, and cause the “403 Forbidden” error you see.

That mode is only recommended as a last resort, while your website appears to be under attack.

It cannot be recommended to keep that mode enabled all the time.

user12329 · April 21, 2025, 1:02am

Thank you very much

system · April 23, 2025, 1:02am

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
I am not able to install an SSL Certificate on my Plesk Server Security	11	258	November 13, 2024
Forgot to Disable DNSSEC - Domains Now Stuck and Cloudflare Support Not Responding Registrar	11	3318	February 1, 2022
I cannot reinstal my SSL certificate Security	2	2305	August 13, 2021
Issue with Lets encrypt SLL Security	8	71	November 17, 2024
ERR_SSL_VERSION OR CIPHER_MISMATCH error Security	16	1834	July 3, 2022