Dear community,
this question has been asked before and answered successfully for most. however, not for me.
I have not found a similar case where curl works and letsencrypt does not.
My domain is: die-schenks.dyndns.org, nextcloud.die-schenks.dyndns.org, owncloud.die-schenks.dyndns.org
I ran this command:
certbot certonly --webroot --webroot-path /var/www/html --agree-tos -w /etc/letsencrypt/ --expand -d die-schenks.dyndns.org,nextcloud.die-schenks.dyndns.org,owncloud.die-schenks.dyndns.org
It produced this output ( Ihad to garble http as the forum only allows 20 links?!)
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for die-schenks.dyndns.org
http-01 challenge for nextcloud.die-schenks.dyndns.org
http-01 challenge for owncloud.die-schenks.dyndns.org
Using the webroot path /etc/letsencrypt for all unmatched domains.
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. owncloud.die-schenks.dyndns.org (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from ht tp://owncloud.die-schenks.dyndns.org/.well-known/acme-challenge/iffIkpt-q7l6wBwT4AoG0O7rO4zGsps1npNwWLfnMjI [89.244.123.125]: “\n\n404 Not Found\n\n
Not Found
\n<p”, die-schenks.dyndns.org (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from ht tp://die-schenks.dyndns.org/.well-known/acme-challenge/PrAEJREkBydte9wa1J9uo08KGMvpBmwksn2HXSDbelE [89.244.123.125]: “\n\n404 Not Found\n\nNot Found
\n<p”, nextcloud.die-schenks.dyndns.org (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from ht tp://nextcloud.die-schenks.dyndns.org/.well-known/acme-challenge/9mYSfDEOX-aR9vECW4kRg26KZmX8I9XG4UzZssxxErU [89.244.123.125]: “\n\n404 Not Found\n\nNot Found
\n<p”IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: owncloud.die-schenks.dyndns.org
Type: unauthorized
Detail: Invalid response from
ht tp://owncloud.die-schenks.dyndns.org/.well-known/acme-challenge/iffIkpt-q7l6wBwT4AoG0O7rO4zGsps1npNwWLfnMjI
[89.244.123.125]: “\n\n404 Not
Found\n\nNot Found
\n<p”Domain: die-schenks.dyndns.org
Type: unauthorized
Detail: Invalid response from
ht tp://die-schenks.dyndns.org/.well-known/acme-challenge/PrAEJREkBydte9wa1J9uo08KGMvpBmwksn2HXSDbelE
[89.244.123.125]: “\n\n404 Not
Found\n\nNot Found
\n<p”Domain: nextcloud.die-schenks.dyndns.org
Type: unauthorized
Detail: Invalid response from
ht tp://nextcloud.die-schenks.dyndns.org/.well-known/acme-challenge/9mYSfDEOX-aR9vECW4kRg26KZmX8I9XG4UzZssxxErU
[89.244.123.125]: “\n\n404 Not
Found\n\nNot Found
\n<p”To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version):
Apache 2.4.38 ubuntu
The operating system my web server runs on is (include version):
NAME=“Ubuntu”
VERSION=“19.04 (Disco Dingo)”
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
0.31.0
if I test with curl it works:
curl -ikL4 ht tp://nextcloud.die-schenks.dyndns.org/.well-known/acme-challenge/nag
HTTP/1.1 200 OK
Date: Wed, 21 Aug 2019 21:09:15 GMT
Server: Apache/2.4.38 (Ubuntu)
Last-Modified: Wed, 21 Aug 2019 20:45:21 GMT
ETag: “b-590a6a6d1715b”
Accept-Ranges: bytes
Content-Length: 11
HalloHallo
I cannot find a hint what is going wrong. I read about an issue with ipv6 (which I dont have on my lan). I am using dyndns for name resolving and removed the ipv6 entry.
It looks like the request uses ipv4 as one can the in the response of letsencrypt.
The server is in the lan behind a fritz box router, which forwards the ports 443 and 80. The web server config is stripped down just to get letsencrypt on port 80 running. usually it is a reverse proxy on 443.
apache config:
<VirtualHost *:80>
ServerName die-schenks.dyndns.org
ServerAlias nextcloud.die-schenks.dyndns.org
ServerAlias owncloud.die-schenks.dyndns.org
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
I run all command as root.
Thanks for your help