On saturday, I upgraded my certbot from 0.6.4 to 0.7.0 and since my challenges aren't working anymore.
I use haproxy and send all challenges to my default apache site.
My domain is: trolliet.info
I ran this command: /usr/bin/dehydrated -c
The error on the challenge is here: Paste.Vulgarisons
My haproxy config: Paste.Vulgarisons
My default apache file: Paste.Vulgarisons
And my website file: Paste.Vulgarisons
Can you help me on this?
Thank you <3
You upgraded Dehydrated, not certbot!
If you place a test file in the "le" backend 127.0.0.1:8888 at /var/www/dehydrated can you browse to it using https://trolliet.info/.well-known/acme-challenge/test-file? That's pretty much what you're trying to get working.
Yes, I misswrote... I upgraded Dehydrated.
I can't access the file. But I didn't change the haproxy config or the /var/www/dehydrated directory.
edit: But I can access the Index of /.well-known/acme-challenge directory, which makes sens due to the followind line in my apache site configuration:
Alias /.well-known/acme-challenge /var/www/dehydrated
And there is an "old" file from 13.05.2023.
So now, I can access https://trolliet.info/.well-known/acme-challenge/test-file which is an empty file.
I can see your test file too on both IPv4 and IPv6 and both HTTP and HTTPS (Let's Encrypt favors IPv6 when present and as rg305 just noted will use HTTP)
And, I get the expected 404 response for a file that does not exist.
The error in your dehydrated log was
["error"] {"type":"urn:ietf:params:acme:error:unauthorized","detail":"2001:1600:4:8:f816:3eff:fed3:e131: Invalid response from http://gregory.trolliet.info/.well-known/acme-challenge/5uW-PWSlmEveGWkTHMcUEFugFs1TQR4oiTB5nalM73A: 404","status":403}
["url"] "https://acme-v02.api.letsencrypt.org/acme/chall-v3/259059277846/7ODAyA"
The 404 means the challenge file wasn't found.
Can you watch the folder to see if the file is created where you expect dehydrated to make it?
Those should be HTTP access:
https://trolliet.info/.well-known/acme-challenge/test-file
I think you're right. During the upgrade, I accepted some changes on the config file.
My dehydrated config is:
#############################################################
# This is the main config file for dehydrated #
# #
# This is the default configuration for the Debian package. #
# To see a more comprehensive example, see #
# /usr/share/doc/dehydrated/examples/config #
# #
# For details please read: #
# /usr/share/doc/dehydrated/README.Debian #
#############################################################
CONFIG_D=/etc/dehydrated/conf.d
BASEDIR=/var/lib/dehydrated
WELLKNOWN="${BASEDIR}/acme-challenges"
DOMAINS_TXT="/etc/dehydrated/domains.txt"
# Program or function called in certain situations
#
# After generating the challenge-response, or after failed challenge (in this case altname is empty)
# Given arguments: clean_challenge|deploy_challenge altname token-filename token-content
#
# After successfully signing certificate
# Given arguments: deploy_cert domain path/to/privkey.pem path/to/cert.pem path/to/fullchain.pem
#
# BASEDIR and WELLKNOWN variables are exported and can be used in an external program
# default: <unset>
HOOK=/etc/dehydrated/hook.sh
# E-mail to use during the registration (default: <unset>)
CONTACT_EMAIL=site.admin@trolliet.info
Do you have your old config file for reference? Because this:
Seems like it should point to /var/www/dehydrated because of this
I am not expert at dehydrated I am just making an experienced guess
Yes, that's what I did and everything is working fine.
Thank you for your help 
But doesn't experience remove the need for guessing ... ? ? ?
LOL
Your 
[crystal ball] is spot on today!
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.