LetsEncrypt certificate not authenticating


#1

I have been liaising with LetsEncrypt engineers over a problem with my domain authentication. The following curl command should read the contents of test.txt but instead it shows some html originating from cloudflare.

curl http://www.bell-computing.com/.well-known/acme-challenge/test.txt

Just a moment... html, body {width: 100%; height: 100%; margin: 0; padding: 0;} body {background-color: #ffffff; font-family: Helvetica, Arial, sans-serif; font-size: 100%;} h1 {font-size: 1.5em; color: #404040; text-align: center;} p {font-size: 1em; color: #404040; text-align: center; margin: 10px 0 0 0;} #spinner {margin: 0 auto 30px auto; display: block;} .attribution {margin-top: 20px;} @-webkit-keyframes bubbles { 33%: { -webkit-transform: translateY(10px); transform: translateY(10px); } 66% { -webkit-transform: translateY(-10px); transform: translateY(-10px); } 100% { -webkit-transform: translateY(0); transform: translateY(0); } } @keyframes bubbles { 33%: { -webkit-transform: translateY(10px); transform: translateY(10px); } 66% { -webkit-transform: translateY(-10px); transform: translateY(-10px); } 100% { -webkit-transform: translateY(0); transform: translateY(0); } } .bubbles { background-color: #404040; width:15px; height: 15px; margin:2px; border-radius:100%; -webkit-animation:bubbles 0.6s 0.07s infinite ease-in-out; animation:bubbles 0.6s 0.07s infinite ease-in-out; -webkit-animation-fill-mode:both; animation-fill-mode:both; display:inline-block; }
<script type="text/javascript">

//

Please turn JavaScript on and reload the page.

<div>
  <div class="bubbles"></div>
  <div class="bubbles"></div>
  <div class="bubbles"></div>
</div>
<h1><span data-translate="checking_browser">Checking your browser before accessing</span> bell-computing.com.</h1>

<p data-translate="process_is_automatic">This process is automatic. Your browser will redirect to your requested content shortly.</p>
<p data-translate="allow_5_secs">Please allow up to 5 seconds&hellip;</p>
      <div class="attribution">
        <a href="https://www.cloudflare.com/5xx-error-landing?utm_source=iuam" target="_blank" style="font-size: 12px;">DDoS protection by Cloudflare</a>
        <br>
        Ray ID: 3b5f4480e71e6dba
      </div>
  </td>
 
</tr>

#2

That’s a Cloudflare Security Challenge. I’d add a Page Rule for http://www.bell-computing.com/.well-known* to Disable Security and set Security Level to Essentially Off. I believe the Security Level should be enough, but I’d add both just to be sure.

EDIT: Just to be clear, make sure there’s a star after well-known so it will wildcard match everything in .well-known


#3

Do I need to do this with and without the www?


#4

If you’re getting certs for both, then I’d Page Rule for *bell-computing… That leading star will match http, https, www, and non-www. That should handle everything.