Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: sarasotasailingsquadron.org

I ran this command: sudo certbot --apache -d sarasotasailingsquadron.org -d imap.sarasotasailingsquadron.org -d smtp.sarasotasailingsquadron.org -d webmail.sarasotasailingsquadron.org -d luffinglassies.org

It produced this output: Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter ‘c’ to
cancel): webmaster@sarasotasailingsquadron.org

---

Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory

---

(A)gree/©ancel: A

---

Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let’s Encrypt project and the non-profit
organization that develops Certbot? We’d like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.

---

(Y)es/(N)o: N
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for imap.sarasotasailingsquadron.org
http-01 challenge for luffinglassies.org
http-01 challenge for sarasotasailingsquadron.org
http-01 challenge for smtp.sarasotasailingsquadron.org
http-01 challenge for webmail.sarasotasailingsquadron.org
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. smtp.sarasotasailingsquadron.org (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://smtp.sarasotasailingsquadron.org/.well-known/acme-challenge/pjl-SurmvA5XYBZ84FErL_aBST_n6H2_kxlWVMbM7Ds [192.241.184.30]: “\n\n403 Forbidden\n\n

Forbidden

\n<p”, imap.sarasotasailingsquadron.org (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://imap.sarasotasailingsquadron.org/.well-known/acme-challenge/Pl-dHqkrcJtz19DOAyjOhW14JNMTRjAVh4v6XPgLMns [192.241.184.30]: “\n\n403 Forbidden\n\n

Forbidden

\n<p”, luffinglassies.org (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://luffinglassies.org/.well-known/acme-challenge/FxGAvOapNwJFKrhP3-6-4YNs4071c9X3lvghew_Gc [91.195.240.117]: “<html lang=“en” data-adblockkey=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWX”

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: smtp.sarasotasailingsquadron.org
  Type: unauthorized
  Detail: Invalid response from
  http://smtp.sarasotasailingsquadron.org/.well-known/acme-challenge/pjl-SurmvA5XYBZ84FErL_aBST_n6H2_kxlWVMbM7Ds
  [192.241.184.30]: “\n\n403
  Forbidden\n\n

  Forbidden

  \n<p”

  Domain: imap.sarasotasailingsquadron.org
  Type: unauthorized
  Detail: Invalid response from
  http://imap.sarasotasailingsquadron.org/.well-known/acme-challenge/Pl-dHqkrcJtz19DOAyjOhW14JNMTRjAVh4v6XPgLMns
  [192.241.184.30]: “\n\n403
  Forbidden\n\n

  Forbidden

  \n<p”

  Domain: luffinglassies.org
  Type: unauthorized
  Detail: Invalid response from
  http://luffinglassies.org/.well-known/acme-challenge/FxGAvOapNwJFKrhP3-6-4YNs4071c9X3lvghew_Gc
  [91.195.240.117]: “<html lang=“en”
  data-adblockkey=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWX”

  To fix these errors, please make sure that your domain name was
  entered correctly and the DNS A/AAAA record(s) for that domain
  contain(s) the right IP address.

• Your account credentials have been saved in your Certbot
  configuration directory at /etc/letsencrypt. You should make a
  secure backup of this folder now. This configuration directory will
  also contain certificates and private keys obtained by Certbot so
  making regular backups of this folder is ideal.

My web server is (include version): apache 2.4.18

The operating system my web server runs on is (include version): Ubuntu 16.04

My hosting provider, if applicable, is: DigitalOcean

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.31.0letsencrypt.txt (63.2 KB)

Are you aware that luffinglassies.org expired a few weeks ago and is currently parked?

Yes I am. But that is not the reason for the failure, right?

It’s the reason for for 1 of the 3 failures. To resolve that one, don’t include the expired domain on your certificate request.

The remaining 2 failures are for smtp.sarasotasailingsquadron.org and imap.sarasotasailingsquadron.org. I’m not too sure about that one. It will probably have something to do with your virtual host setup.

apachectl -t -D DUMP_VHOSTS

Additionally, can you post the port 80 virtualhost config for either of those domains?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.