My domain is: foofighterslive.com
I ran this command: sudo certbot renew --dry-run
It produced this output:
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for 7corners.foofighterslive.com
http-01 challenge for foofighterslive.com
http-01 challenge for player.foofighterslive.com
http-01 challenge for www.foofighterslive.com
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (foofighterslive.com) from /etc/letsencrypt/renewal/foofighterslive.com.conf produced an unexpected error: Failed authorization procedure. www.foofighterslive.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://www.foofighterslive.com/.well-known/acme-challenge/FNg3ikPJU52sc3NjjEtOO3RqsDbf9AbzdDPzJTKvBic.well-known/acme-challenge/FNg3ikPJU52sc3NjjEtOO3RqsDbf9AbzdDPzJTKvBic [45.77.101.41]: "\n\n<html lang="en">\n\n\n\n\n\n Page Not Found - FooFightersLive.com\n\n\n\n <meta charset="UTF-8">\n\n", foofighterslive.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://www.foofighterslive.com/.well-known/acme-challenge/G_P7jKVPykXeOr8r64w7_VuliR5l1dnWIh3JvGgabik.well-known/acme-challenge/G_P7jKVPykXeOr8r64w7_VuliR5l1dnWIh3JvGgabik [45.77.101.41]: "\n\n<html lang="en">\n\n\n\n\n\n Page Not Found - FooFightersLive.com\n\n\n\n <meta charset="UTF-8">\n\n". Skipping.
The following certs could not be renewed:
/etc/letsencrypt/live/foofighterslive.com/fullchain.pem (failure)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)
The following certs were successfully renewed:
/etc/letsencrypt/live/player.foofighterslive.com/fullchain.pem (success)
The following certs could not be renewed:
/etc/letsencrypt/live/foofighterslive.com/fullchain.pem (failure)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: www.foofighterslive.com
Type: unauthorized
Detail: Invalid response from
https://www.foofighterslive.com/.well-known/acme-challenge/FNg3ikPJU52sc3NjjEtOO3RqsDbf9AbzdDPzJTKvBic.well-known/acme-challenge/FNg3ikPJU52sc3NjjEtOO3RqsDbf9AbzdDPzJTKvBic
[45.77.101.41]: "\n\n<html
lang="en">\n\n\n\n\n\n Page Not Found -
FooFightersLive.com\n\n\n\n <meta charset="UTF-8">\n\n"Domain: foofighterslive.com
Type: unauthorized
Detail: Invalid response from
https://www.foofighterslive.com/.well-known/acme-challenge/G_P7jKVPykXeOr8r64w7_VuliR5l1dnWIh3JvGgabik.well-known/acme-challenge/G_P7jKVPykXeOr8r64w7_VuliR5l1dnWIh3JvGgabik
[45.77.101.41]: "\n\n<html
lang="en">\n\n\n\n\n\n Page Not Found -
FooFightersLive.com\n\n\n\n <meta charset="UTF-8">\n\n"To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version):Apache/2.4.38 (Ubuntu)
The operating system my web server runs on is (include version): Ubuntu 16.04
My hosting provider, if applicable, is: Vultr
I can login to a root shell on my machine: yes
I'm using a control panel to manage my site): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): 0.28.0
I have read some similar questions regarding this but none of the solutions seem to have worked or applied to myself. I was able to create a test file at https://www.foofighterslive.com/.well-known/acme-challenge/test.txt which I can reach in a browser, but still a 404 on the acme-challenge.
I do not have any AAAA records on the domain and as you can see the problem only seems to be with the main foofighterslive.com domain, not any of the subdomains.
I thought it may be a redirect issue but I temporarily removed my entire .htaccess file with no joy. As far as I recall I have no made any major changes to the server config in recent months.
Thanks