Letsencrypt error Invalid response from

Under some circumstances you may encounter an error while getting a certificate from Letsencrypt with Type: unauthorized and Detail: Invalid response from

Most often it happens when website’s root is different from webserver’s root. Good example are Laravel based applications where website’s root is often in /public subfolder. In such case ACME challenges will be redirected to /public resulting in the error:

We can see that Certbot gets a website itself (note the HTML markup tags) instead of the generated file.

And a few lines below we can see where Certbot expects the challenge string to be:

Here is Laravel’s .htaccess file in public_html folder:

As we can see all URIs that don’t start with “public” are redirected to /public via rewrite rule.

So in fact


request becomes


and that’s why we can see HTML tags of the actual website in the Letsencrypt log.

To allow Letsencrypt challenges in .htaccess add a separate rule, before all others, that effectively disables rewriting for files in the directory, like this:

You may wish to add a file existence check immediately before the rule so your custom error response page is shown rather than the server’s default:

On an Apache 2.4 vhost without a document root, it’s may be needed to add a slash after the ^ as follows: RewriteRule ^/\.well-known/.+ - [END]

So the .htaccess that fixes Letsencrypt error “Invalid response from” will be as follows:

Good luck!

Want me to do this for you? Drop me a line: itgalaxyzzz {at} gmail [dot] com