DEV Community

loading...
Cover image for Let's Encrypt Certbot/acme.sh and the "300 Multiple Choices" Error

Let's Encrypt Certbot/acme.sh and the "300 Multiple Choices" Error

c33s profile image Julian ・2 min read

If you want to use letsencrypt and can't get it working even if you have an absolute minimum configuration like that:

server {
  listen *:80;

  server_name           example.com;
  root /var/www/example.com;
}

it can be that your DNS A-Record is pointing to a different location than the AAAA-Record. this can easily happen if you have no direct access to the DNS interface and only the A-Record was changed.

for debian9 (stretch) install the certbot from backports. the shiped version is quite outdated and can lead to Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.

cerbot came up with the, for me, not so helpful error message 300 Multiple Choices and the acme.sh log file also contained only a code='400'

certbot error:

 - The following errors were reported by the server:

   Domain: example.com
   Type:   unauthorized
   Detail: Invalid response from
   http://example.com/.well-known/acme-challenge/TOKEN_REMOVED:
   "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
   <html><head>
   <title>300 Multiple Choices</title>
   </head><body>
   <h1>Multiple C"

acme.sh error:

[Mon May 28 17:37:26 CEST 2018] url='https://acme-staging.api.letsencrypt.org/acme/challenge/TOKEN_REMOVED/ID_REMOVED'
[Mon May 28 17:37:26 CEST 2018] payload='{"resource": "challenge", "keyAuthorization": "KEY_AUTH_REMOVED"}'
[Mon May 28 17:37:26 CEST 2018] POST
[Mon May 28 17:37:26 CEST 2018] _post_url='https://acme-staging.api.letsencrypt.org/acme/challenge/TOKEN_REMOVED/ID_REMOVED'
[Mon May 28 17:37:26 CEST 2018] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Mon May 28 17:37:27 CEST 2018] _ret='0'
[Mon May 28 17:37:27 CEST 2018] code='400'

Discussion (2)

pic
Editor guide
Collapse
Sloan, the sloth mascot
Comment deleted
Collapse
c33s profile image
Julian Author

can you please delete your comment. its simply advertisment for your article