This article covers scenarios that lead to AutoSSL returning a 404 (not found) error when completing HTTP DCV.
Example error
Local HTTP DCV error (domain.tld): The system queried for a temporary
file at “http://domain.tld/.well-known/.well-known/pki-validation/C0929066B92E85D215CD309A63D21F36.txt”,
but the web server responded with the following error: 404 (Not Found).
A DNS (Domain Name System) or web server misconfiguration may exist.
Cause: 1:1 NAT with public IP added to the server: One of the major problems of this error, assuming that the domain correctly resolves to the correct around IP address, is that the server is behind NAT and has the public IP address added as a second interface. The article “Should the public IP for my NAT be on my server?” also explains that a public IP address should not be added to a server that is behind NAT.
Run the following command and check the internal IP address (How do I know if an IP address is internal or public?) mapped to a public IP address and another line where the same public IP address says “Unable to map,” this applies to the server.
/usr/local/cpanel/scripts/build_cpnat
Example (in this example, 203.0.113.0 represents the public IP):
# /usr/local/cpanel/scripts/build_cpnat
info [build_cpnat] 172.16.0.0 => 203.0.113.0
warn [build_cpnat] Unable to map 203.0.113.0
Methodical
- Navigate to WHM
- Select IP Functions
- Show or Delete Current IP Addresses
- Click Delete in the row that corresponds to the IP address that says “Not Routable.”
- Click Confirm Delete.
For more help with your hosting, visit our bodHOST Knowledgebase