acme/autocert: unable to satisfy acme challenges for domain: no viable challenge type found

Question

I trying to obtain a TLS certificate from Let's Encrypt in order to serve content over HTTPS.

After I run the code on the server in the VM instance on GCP, and tried to connect to it from my browser, the following error message is shown acme/autocert: unable to satisfy "https://acme-v02.api.letsencrypt.org/acme/authz-v3/..." for domain "www.mydomain.com": no viable challenge type found

Then I followed the acme-v02.api link shown in the terminal, and the following is shown:

{
  "identifier": {
    "type": "dns",
    "value": "www.mydomain.com"
  },
  "status": "deactivated",
  "expires": "2022-06-01T12:37:05Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/...",
      "token": "..."
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/...",
      "token": "..."
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/...",
      "token": "..."
    }
  ]
}

Note: the ... is used to obscure the values as I don't think the information is necessary to solve the problem. Please let me know if they are needed.

Answer 1

I had the same problem until I realized my DNS server didn't have a CAA record entry for my host that would have allowed Let's Encrypt. I could have sworn I used to have it as my setup had worked last year. But either I made a mistake or my DNS service lost track of that record. Whatever the cause, the error message wasn't very helpful. Also, from what I see online, there are many other causes for this same failure so take my solution with a grain of salt.

Answer 2

The problem was that I have configured a redirect from my domain name to my server by mistake.