Centova Technologies Inc.

Products and Services

Centova Cast
Customer Support
Centova Technologies

Centova Technologies Forum

Author Topic: Problem with generating Let's Encrypt certificate  (Read 154 times)


  • Newbie
  • *
  • Posts: 3
Problem with generating Let's Encrypt certificate
« on: May 28, 2018, 12:19:48 pm »
Hello everyone,

I\m trying to generate Let's Encrypt certificates. Symlinks are created and everything works fine until I perform:

Code: [Select]
/usr/local/centovacast/sbin/setssl letsencrypt my_domain_name.pl
which produces an error:

Code: [Select]
2018-05-28 15:11:59 ERROR 403: Forbidden.
  > Download error details:
  > --2018-05-28 15:11:59--  http://my_domain_name.pl/.well-known/acme-challenge/test-1527534719.21341.txt
  > Resolving my_domain_name.pl...
  > Connecting to my_domain_name.pl||:80... connected.
  > HTTP request sent, awaiting response... 403 Forbidden
  > 2018-05-28 15:11:59 ERROR 403: Forbidden.
Challenge URI is not accessible.

The "Let's Encrypt" certificate authority requires a web server to be listening
on my_domain_name.pl port 80.  This means that you either need to configure
Centova Cast to listen on port 80, or (if you are using another web server on this
server) configure that web server to serve the files required to prove to "Let's
Encrypt" that you own this domain.

Refer to the following article for instructions on configuring your server
correctly for use with "Let's Encrypt":

From what I've observed, performing

Code: [Select]
/usr/local/centovacast/sbin/setssl letsencrypt my_domain_name.pl
changes permissions of

Code: [Select]
so that the generated txt file cannot be viewed in a browser and produces an 403 error.

Any way to fix this?


  • Centova Staff
  • *
  • Posts: 380
Re: Problem with generating Let's Encrypt certificate
« Reply #1 on: May 29, 2018, 05:22:28 pm »
Hello radioparanormalium,

If you're using a third-party web server to serve the challenge files, you'll need to add the user account under which your web server runs, to the system group "centovacast".

Either that, or simply edit setssl (line 111), and change "chmod 750" to "chmod 755".