Hi Schoen
I apologize for this late reply as I have health issues. I would first like to explain that the domain dv2019.org is hosted on this IP 162.244.93.241:443. As I understand my client would also like to host it on another. Is this really feasible? If so, then are there some other things that I should do before I execute the certbot command?
The other config files in the sites-enabled directory are I think too lengthy to post here as there are many.
The latest LE log i got is this> (sorry this is quite lengthy and I had to truncate the first few lines as there is a limit. I can email you the whole file if you wish)
2017-03-31 16:09:57,852:DEBUG:acme.jose.json_util:Omitted empty fields: status=None, combinations=None, expires=None, challenges=None
2017-03-31 16:09:57,853:DEBUG:acme.client:Serialized JSON: {“identifier”: {“type”: “dns”, “value”: “www.dv2019.org”}, “resource”: “new-authz”}
2017-03-31 16:09:57,860:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), crit=(), typ=None, jku=None, cty=None, x5t=None, alg=None, x5tS256=None, x5u=None, kid=None, jwk=None
2017-03-31 16:09:57,869:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), crit=(), typ=None, jku=None, nonce=None, cty=None, x5t=None, kid=None, x5tS256=None, x5u=None
2017-03-31 16:09:57,870:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {‘data’: ‘{“header”: {“alg”: “RS256”, “jwk”: {“e”: “AQAB”, “kty”: “RSA”, “n”: “uN5OsLGXXCsBUSQyIjSClK55MvKqN_VcrBLAfhc7dQpWv0P04LseBoM87ohPQsV2-eIH3KCdIwhjDQzUcGL__FsO4CKa7eN0xf1_hpr6WVc7e30zmkWcOWfazNo1xQDLlWnde2pJjnHMKahR3mEaNSmymrNshDtyXTTtn8SyUvNHKmkHJ3lui2Y1Z47jXdjL2WcQ8Ste1cHF7zRwK280IK6TH-V_Jy_VNC3TmVsHYCjutjGBX-gvWg0MpkqZSWB2S88r8rgMY0s9pjhALOmr-Wkbl9or_Upn6pyEdW4HdkmYpzD4ceV3Yn0jIULXH5PM2aNvIjiBNtpO9E64R0XxJw”}}, “protected”: “eyJub25jZSI6ICJSS3R4WXRMZnVxY21ETmFCQklmZ0JEb2FQZEczRDlqY3RIR0pWeGg1Z3dnIn0”, “payload”: “eyJpZGVudGlmaWVyIjogeyJ0eXBlIjogImRucyIsICJ2YWx1ZSI6ICJ3d3cuZHYyMDE5Lm9yZyJ9LCAicmVzb3VyY2UiOiAibmV3LWF1dGh6In0”, “signature”: “r1REFJ3q9WLEnaLlhipzqjimCmL8HkNs5UH_jwWeECJVlx2wAIIhr3bI-PKYNf19rZ9kPL63e5cEb7FtnUiMOAIKTIRQI_m9UM_0KQh82dXX2pHXCO6vxSs1jqJpByPXRVkPX2s6hq5A0XD3Pd4y7ejqjHv5BjIvhkgc29X0CtoM5OYIR_WX82fmf1MxpM8WCqPdevVhUuRm8xY5A5MijUrGc6LavDF4fZPtav3KIsSOI5lmo_M17ew_Xu1Gie5uv8suRqcgLeew3pVNME8OsbQXXzbSh7xzrYFs5wYSq93sHXKUadW9gXtS1VmfSGtuVnC5yZ_Lp5Cnn5tO-ZXu-w”}’}
2017-03-31 16:09:57,943:DEBUG:requests.packages.urllib3.connectionpool:“POST /acme/new-authz HTTP/1.1” 201 999
2017-03-31 16:09:57,945:DEBUG:root:Received <Response [201]>. Headers: {‘Content-Length’: ‘999’, ‘Expires’: ‘Fri, 31 Mar 2017 16:09:57 GMT’, ‘Boulder-Request-Id’: ‘gEOl-ssxFFRTtdEC15Im48cr-sQjhbH1NjHvF8cNNoQ’, ‘Strict-Transport-Security’: ‘max-age=604800’, ‘Server’: ‘nginx’, ‘Cache-Control’: ‘max-age=0, no-cache, no-store’, ‘Connection’: ‘keep-alive’, ‘Link’: ‘https://acme-v01.api.letsencrypt.org/acme/new-cert;rel=“next”’, ‘Location’: ‘https://acme-v01.api.letsencrypt.org/acme/authz/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0’, ‘Pragma’: ‘no-cache’, ‘Boulder-Requester’: ‘7917407’, ‘Date’: ‘Fri, 31 Mar 2017 16:09:57 GMT’, ‘X-Frame-Options’: ‘DENY’, ‘Content-Type’: ‘application/json’, ‘Replay-Nonce’: ‘fHiCBG6h-8sKS2fPwv8k6VtNvasYACD1ecp6jlHKFBE’}. Content: '{\n “identifier”: {\n “type”: “dns”,\n “value”: “www.dv2019.org”\n },\n “status”: “pending”,\n “expires”: “2017-04-07T16:09:57.887227976Z”,\n “challenges”: [\n {\n “type”: “tls-sni-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0/924063876”,\n “token”: “3hWyIGctBZ7y9rnZ3r7CNLfWpZlpPYKSwgZgOQWcjVE”\n },\n {\n “type”: “dns-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0/924063877”,\n “token”: “0EsGYFLejCanjVswdHyvLiVUq9Ul5-OtKXt8MiR6KIY”\n },\n {\n “type”: “http-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0/924063878”,\n “token”: “qJTTZPXH05hFxeB5uchBKDojKLHLmLclp11ItZjAZko”\n }\n ],\n “combinations”: [\n [\n 2\n ],\n [\n 1\n ],\n [\n 0\n ]\n ]\n}'
2017-03-31 16:09:57,945:DEBUG:acme.client:Storing nonce: '|x\x82\x04n\xa1\xfb\xcb\nKg\xcf\xc2\xff$\xe9[M\xbd\xab\x18\x00 \xf5y\xcaz\x8eQ\xca\x14\x11’
2017-03-31 16:09:57,946:DEBUG:acme.client:Received response <Response [201]> (headers: {‘Content-Length’: ‘999’, ‘Expires’: ‘Fri, 31 Mar 2017 16:09:57 GMT’, ‘Boulder-Request-Id’: ‘gEOl-ssxFFRTtdEC15Im48cr-sQjhbH1NjHvF8cNNoQ’, ‘Strict-Transport-Security’: ‘max-age=604800’, ‘Server’: ‘nginx’, ‘Cache-Control’: ‘max-age=0, no-cache, no-store’, ‘Connection’: ‘keep-alive’, ‘Link’: ‘https://acme-v01.api.letsencrypt.org/acme/new-cert;rel=“next”’, ‘Location’: ‘https://acme-v01.api.letsencrypt.org/acme/authz/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0’, ‘Pragma’: ‘no-cache’, ‘Boulder-Requester’: ‘7917407’, ‘Date’: ‘Fri, 31 Mar 2017 16:09:57 GMT’, ‘X-Frame-Options’: ‘DENY’, ‘Content-Type’: ‘application/json’, ‘Replay-Nonce’: ‘fHiCBG6h-8sKS2fPwv8k6VtNvasYACD1ecp6jlHKFBE’}): '{\n “identifier”: {\n “type”: “dns”,\n “value”: “www.dv2019.org”\n },\n “status”: “pending”,\n “expires”: “2017-04-07T16:09:57.887227976Z”,\n “challenges”: [\n {\n “type”: “tls-sni-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0/924063876”,\n “token”: “3hWyIGctBZ7y9rnZ3r7CNLfWpZlpPYKSwgZgOQWcjVE”\n },\n {\n “type”: “dns-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0/924063877”,\n “token”: “0EsGYFLejCanjVswdHyvLiVUq9Ul5-OtKXt8MiR6KIY”\n },\n {\n “type”: “http-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0/924063878”,\n “token”: “qJTTZPXH05hFxeB5uchBKDojKLHLmLclp11ItZjAZko”\n }\n ],\n “combinations”: [\n [\n 2\n ],\n [\n 1\n ],\n [\n 0\n ]\n ]\n}'
2017-03-31 16:09:57,948:INFO:certbot.auth_handler:Performing the following challenges:
2017-03-31 16:09:57,980:INFO:certbot.auth_handler:tls-sni-01 challenge for dv2019.org
2017-03-31 16:09:58,013:INFO:certbot.auth_handler:tls-sni-01 challenge for www.dv2019.org
2017-03-31 16:09:59,165:DEBUG:certbot_apache.tls_sni_01:Adding Include /etc/apache2/le_tls_sni_01_cert_challenge.conf to /files/etc/apache2/apache2.conf
2017-03-31 16:09:59,166:DEBUG:certbot_apache.tls_sni_01:writing a config file with text:
<VirtualHost *:443>
ServerName c62f6e124a0809e3c7d981317f649a9b.007edb3abcf441efa883d99eb82f6958.acme.invalid
UseCanonicalName on
SSLStrictSNIVHostCheck on
LimitRequestBody 1048576
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /var/lib/letsencrypt/lVV3PrZOH6KRGla3k8y0EznUZYK7hpo8y4sjUhwciFI.crt
SSLCertificateKeyFile /var/lib/letsencrypt/lVV3PrZOH6KRGla3k8y0EznUZYK7hpo8y4sjUhwciFI.pem
DocumentRoot /var/lib/letsencrypt/tls_sni_01_page/
<VirtualHost *:443>
ServerName 37f383e2da576617da4b049ce1d05067.5783a0ff3ac6439c557a65866b20d4a2.acme.invalid
UseCanonicalName on
SSLStrictSNIVHostCheck on
LimitRequestBody 1048576
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /var/lib/letsencrypt/3hWyIGctBZ7y9rnZ3r7CNLfWpZlpPYKSwgZgOQWcjVE.crt
SSLCertificateKeyFile /var/lib/letsencrypt/3hWyIGctBZ7y9rnZ3r7CNLfWpZlpPYKSwgZgOQWcjVE.pem
DocumentRoot /var/lib/letsencrypt/tls_sni_01_page/
2017-03-31 16:09:59,222:DEBUG:certbot.reverter:Creating backup of /etc/apache2/apache2.conf
2017-03-31 16:10:02,604:INFO:certbot.auth_handler:Waiting for verification…
2017-03-31 16:10:02,634:DEBUG:acme.client:Serialized JSON: {“keyAuthorization”: “lVV3PrZOH6KRGla3k8y0EznUZYK7hpo8y4sjUhwciFI._mAF3KZt4n2Yj9laHMV3jr88kOctrd-0N2_Eb-6QNj8”, “type”: “tls-sni-01”, “resource”: “challenge”}
2017-03-31 16:10:02,638:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), crit=(), typ=None, jku=None, cty=None, x5t=None, alg=None, x5tS256=None, x5u=None, kid=None, jwk=None
2017-03-31 16:10:02,662:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), crit=(), typ=None, jku=None, nonce=None, cty=None, x5t=None, kid=None, x5tS256=None, x5u=None
2017-03-31 16:10:02,663:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/Mzyxe_XChpoZAHh8-Kq-Rciz2U1yA4kPJXClteDaObA/924063865. args: (), kwargs: {‘data’: ‘{“header”: {“alg”: “RS256”, “jwk”: {“e”: “AQAB”, “kty”: “RSA”, “n”: “uN5OsLGXXCsBUSQyIjSClK55MvKqN_VcrBLAfhc7dQpWv0P04LseBoM87ohPQsV2-eIH3KCdIwhjDQzUcGL__FsO4CKa7eN0xf1_hpr6WVc7e30zmkWcOWfazNo1xQDLlWnde2pJjnHMKahR3mEaNSmymrNshDtyXTTtn8SyUvNHKmkHJ3lui2Y1Z47jXdjL2WcQ8Ste1cHF7zRwK280IK6TH-V_Jy_VNC3TmVsHYCjutjGBX-gvWg0MpkqZSWB2S88r8rgMY0s9pjhALOmr-Wkbl9or_Upn6pyEdW4HdkmYpzD4ceV3Yn0jIULXH5PM2aNvIjiBNtpO9E64R0XxJw”}}, “protected”: “eyJub25jZSI6ICJmSGlDQkc2aC04c0tTMmZQd3Y4azZWdE52YXNZQUNEMWVjcDZqbEhLRkJFIn0”, “payload”: “eyJrZXlBdXRob3JpemF0aW9uIjogImxWVjNQclpPSDZLUkdsYTNrOHkwRXpuVVpZSzdocG84eTRzalVod2NpRkkuX21BRjNLWnQ0bjJZajlsYUhNVjNqcjg4a09jdHJkLTBOMl9FYi02UU5qOCIsICJ0eXBlIjogInRscy1zbmktMDEiLCAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIn0”, “signature”: “dWMwMN-gb_72PLUL5T8qa8URgCFwOkxcrNxZaNRVNUY_JVtjcpW3Bdiy_I-JeJ5AMgF8zltqpM5Z8rdzmfEe2zIS2khVsbPoxNN1vE45kwE91Uq-Xd0bXdTGZF3b50-wGe0Hv9aFWCzxKjotUtuuQsuq5HNOZpj533ofuhQX1oW9zBhFhB7UE7Cyrzb3IqaEflo6d8y37j8OmPGVJOZwsb9EMzXCci0UXgWnrm56qWat0ipfGJz40YIfqzuLznhHRyUJ56Q6sccGMf9zfGz7a8LdGw-_OZ03d91xytyWaJ4FnRPS1_IjLVitqgCKrO9wqPwBCU8nsPz1mnJhIN60og”}’}
2017-03-31 16:10:02,916:DEBUG:requests.packages.urllib3.connectionpool:“POST /acme/challenge/Mzyxe_XChpoZAHh8-Kq-Rciz2U1yA4kPJXClteDaObA/924063865 HTTP/1.1” 202 338
2017-03-31 16:10:02,917:DEBUG:root:Received <Response [202]>. Headers: {‘Content-Length’: ‘338’, ‘Boulder-Request-Id’: ‘NOBUtjzaugeZsvQsSL6B53_Wj1K6x8GZB9XEaOaG3yI’, ‘Expires’: ‘Fri, 31 Mar 2017 16:10:02 GMT’, ‘Server’: ‘nginx’, ‘Cache-Control’: ‘max-age=0, no-cache, no-store’, ‘Connection’: ‘keep-alive’, ‘Link’: ‘https://acme-v01.api.letsencrypt.org/acme/authz/Mzyxe_XChpoZAHh8-Kq-Rciz2U1yA4kPJXClteDaObA;rel=“up”’, ‘Location’: ‘https://acme-v01.api.letsencrypt.org/acme/challenge/Mzyxe_XChpoZAHh8-Kq-Rciz2U1yA4kPJXClteDaObA/924063865’, ‘Pragma’: ‘no-cache’, ‘Boulder-Requester’: ‘7917407’, ‘Date’: ‘Fri, 31 Mar 2017 16:10:02 GMT’, ‘Content-Type’: ‘application/json’, ‘Replay-Nonce’: ‘-MYK8LSDr-MIHo3KJs0f_88HJk_JpaIrQGua3fab3Lw’}. Content: '{\n “type”: “tls-sni-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/Mzyxe_XChpoZAHh8-Kq-Rciz2U1yA4kPJXClteDaObA/924063865”,\n “token”: “lVV3PrZOH6KRGla3k8y0EznUZYK7hpo8y4sjUhwciFI”,\n “keyAuthorization”: “lVV3PrZOH6KRGla3k8y0EznUZYK7hpo8y4sjUhwciFI._mAF3KZt4n2Yj9laHMV3jr88kOctrd-0N2_Eb-6QNj8”\n}'
2017-03-31 16:10:02,917:DEBUG:acme.client:Storing nonce: '\xf8\xc6\n\xf0\xb4\x83\xaf\xe3\x08\x1e\x8d\xca&\xcd\x1f\xff\xcf\x07&O\xc9\xa5\xa2+@k\x9a\xdd\xf6\x9b\xdc\xbc’
2017-03-31 16:10:02,918:DEBUG:acme.client:Received response <Response [202]> (headers: {‘Content-Length’: ‘338’, ‘Boulder-Request-Id’: ‘NOBUtjzaugeZsvQsSL6B53_Wj1K6x8GZB9XEaOaG3yI’, ‘Expires’: ‘Fri, 31 Mar 2017 16:10:02 GMT’, ‘Server’: ‘nginx’, ‘Cache-Control’: ‘max-age=0, no-cache, no-store’, ‘Connection’: ‘keep-alive’, ‘Link’: ‘https://acme-v01.api.letsencrypt.org/acme/authz/Mzyxe_XChpoZAHh8-Kq-Rciz2U1yA4kPJXClteDaObA;rel=“up”’, ‘Location’: ‘https://acme-v01.api.letsencrypt.org/acme/challenge/Mzyxe_XChpoZAHh8-Kq-Rciz2U1yA4kPJXClteDaObA/924063865’, ‘Pragma’: ‘no-cache’, ‘Boulder-Requester’: ‘7917407’, ‘Date’: ‘Fri, 31 Mar 2017 16:10:02 GMT’, ‘Content-Type’: ‘application/json’, ‘Replay-Nonce’: ‘-MYK8LSDr-MIHo3KJs0f_88HJk_JpaIrQGua3fab3Lw’}): '{\n “type”: “tls-sni-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/Mzyxe_XChpoZAHh8-Kq-Rciz2U1yA4kPJXClteDaObA/924063865”,\n “token”: “lVV3PrZOH6KRGla3k8y0EznUZYK7hpo8y4sjUhwciFI”,\n “keyAuthorization”: “lVV3PrZOH6KRGla3k8y0EznUZYK7hpo8y4sjUhwciFI._mAF3KZt4n2Yj9laHMV3jr88kOctrd-0N2_Eb-6QNj8”\n}'
2017-03-31 16:10:02,918:DEBUG:acme.client:Serialized JSON: {“keyAuthorization”: “3hWyIGctBZ7y9rnZ3r7CNLfWpZlpPYKSwgZgOQWcjVE._mAF3KZt4n2Yj9laHMV3jr88kOctrd-0N2_Eb-6QNj8”, “type”: “tls-sni-01”, “resource”: “challenge”}
2017-03-31 16:10:02,920:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), crit=(), typ=None, jku=None, cty=None, x5t=None, alg=None, x5tS256=None, x5u=None, kid=None, jwk=None
2017-03-31 16:10:02,926:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), crit=(), typ=None, jku=None, nonce=None, cty=None, x5t=None, kid=None, x5tS256=None, x5u=None
2017-03-31 16:10:02,930:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0/924063876. args: (), kwargs: {‘data’: ‘{“header”: {“alg”: “RS256”, “jwk”: {“e”: “AQAB”, “kty”: “RSA”, “n”: “uN5OsLGXXCsBUSQyIjSClK55MvKqN_VcrBLAfhc7dQpWv0P04LseBoM87ohPQsV2-eIH3KCdIwhjDQzUcGL__FsO4CKa7eN0xf1_hpr6WVc7e30zmkWcOWfazNo1xQDLlWnde2pJjnHMKahR3mEaNSmymrNshDtyXTTtn8SyUvNHKmkHJ3lui2Y1Z47jXdjL2WcQ8Ste1cHF7zRwK280IK6TH-V_Jy_VNC3TmVsHYCjutjGBX-gvWg0MpkqZSWB2S88r8rgMY0s9pjhALOmr-Wkbl9or_Upn6pyEdW4HdkmYpzD4ceV3Yn0jIULXH5PM2aNvIjiBNtpO9E64R0XxJw”}}, “protected”: “eyJub25jZSI6ICItTVlLOExTRHItTUlIbzNLSnMwZl84OEhKa19KcGFJclFHdWEzZmFiM0x3In0”, “payload”: “eyJrZXlBdXRob3JpemF0aW9uIjogIjNoV3lJR2N0Qlo3eTlyblozcjdDTkxmV3BabHBQWUtTd2daZ09RV2NqVkUuX21BRjNLWnQ0bjJZajlsYUhNVjNqcjg4a09jdHJkLTBOMl9FYi02UU5qOCIsICJ0eXBlIjogInRscy1zbmktMDEiLCAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIn0”, “signature”: “oSiC1M1JvKI5ueH0j-71cJMBrfe1Mac53pqP61BEkO5B0Pxlui9VkNmox38bWjOA9Y2NJk_5xdJiHzpRuYsIVgMM9Q7-vHY646gQgMVD8z39HxA2dS29yieqCcI6GLWOSLYRkx-7ys6gf48bB6GW1tpMjVrFSV6txxEU-mgCCrI6QVoqxY3DpSSrkGLwNgIjkAC6frTMhktgeRrCBPv_7Kx9UHmVvirfX38pu-U0K4fir5HL8AVk4aUrGhFWBqBCFuGloA1k9PwJ2fGXpojBenn8WRuseXPOcPuixc-txABB8Npjulb4jzKjki9SHgsUPLwKIdccfsqTt5Gx3mgTiw”}’}
2017-03-31 16:10:03,269:DEBUG:requests.packages.urllib3.connectionpool:“POST /acme/challenge/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0/924063876 HTTP/1.1” 202 338
2017-03-31 16:10:03,270:DEBUG:root:Received <Response [202]>. Headers: {‘Content-Length’: ‘338’, ‘Boulder-Request-Id’: ‘ED3TwdjhX2-cNmwLOCe81uFcRwxSrL-vi8sIIxu3qBs’, ‘Expires’: ‘Fri, 31 Mar 2017 16:10:03 GMT’, ‘Server’: ‘nginx’, ‘Cache-Control’: ‘max-age=0, no-cache, no-store’, ‘Connection’: ‘keep-alive’, ‘Link’: ‘https://acme-v01.api.letsencrypt.org/acme/authz/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0;rel=“up”’, ‘Location’: ‘https://acme-v01.api.letsencrypt.org/acme/challenge/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0/924063876’, ‘Pragma’: ‘no-cache’, ‘Boulder-Requester’: ‘7917407’, ‘Date’: ‘Fri, 31 Mar 2017 16:10:03 GMT’, ‘Content-Type’: ‘application/json’, ‘Replay-Nonce’: ‘gbxxI2Yv7cVxvHQUb7VIlQtiqGk3ISKJ6Tqpi4LEb3A’}. Content: '{\n “type”: “tls-sni-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0/924063876”,\n “token”: “3hWyIGctBZ7y9rnZ3r7CNLfWpZlpPYKSwgZgOQWcjVE”,\n “keyAuthorization”: “3hWyIGctBZ7y9rnZ3r7CNLfWpZlpPYKSwgZgOQWcjVE._mAF3KZt4n2Yj9laHMV3jr88kOctrd-0N2_Eb-6QNj8”\n}'
2017-03-31 16:10:03,270:DEBUG:acme.client:Storing nonce: '\x81\xbcq#f/\xed\xc5q\xbct\x14o\xb5H\x95\x0bb\xa8i7!"\x89\xe9:\xa9\x8b\x82\xc4op’
2017-03-31 16:10:03,271:DEBUG:acme.client:Received response <Response [202]> (headers: {‘Content-Length’: ‘338’, ‘Boulder-Request-Id’: ‘ED3TwdjhX2-cNmwLOCe81uFcRwxSrL-vi8sIIxu3qBs’, ‘Expires’: ‘Fri, 31 Mar 2017 16:10:03 GMT’, ‘Server’: ‘nginx’, ‘Cache-Control’: ‘max-age=0, no-cache, no-store’, ‘Connection’: ‘keep-alive’, ‘Link’: ‘https://acme-v01.api.letsencrypt.org/acme/authz/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0;rel=“up”’, ‘Location’: ‘https://acme-v01.api.letsencrypt.org/acme/challenge/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0/924063876’, ‘Pragma’: ‘no-cache’, ‘Boulder-Requester’: ‘7917407’, ‘Date’: ‘Fri, 31 Mar 2017 16:10:03 GMT’, ‘Content-Type’: ‘application/json’, ‘Replay-Nonce’: ‘gbxxI2Yv7cVxvHQUb7VIlQtiqGk3ISKJ6Tqpi4LEb3A’}): '{\n “type”: “tls-sni-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0/924063876”,\n “token”: “3hWyIGctBZ7y9rnZ3r7CNLfWpZlpPYKSwgZgOQWcjVE”,\n “keyAuthorization”: “3hWyIGctBZ7y9rnZ3r7CNLfWpZlpPYKSwgZgOQWcjVE._mAF3KZt4n2Yj9laHMV3jr88kOctrd-0N2_Eb-6QNj8”\n}'
2017-03-31 16:10:06,274:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/Mzyxe_XChpoZAHh8-Kq-Rciz2U1yA4kPJXClteDaObA. args: (), kwargs: {}
2017-03-31 16:10:06,808:DEBUG:requests.packages.urllib3.connectionpool:“GET /acme/authz/Mzyxe_XChpoZAHh8-Kq-Rciz2U1yA4kPJXClteDaObA HTTP/1.1” 200 1712
2017-03-31 16:10:06,810:DEBUG:root:Received <Response [200]>. Headers: {‘Content-Length’: ‘1712’, ‘Expires’: ‘Fri, 31 Mar 2017 16:10:06 GMT’, ‘Boulder-Request-Id’: ‘aS8JO-eZBPiNn9Ycjt-Y_T6xOj9gqeHU6zAwkK7wnvg’, ‘Strict-Transport-Security’: ‘max-age=604800’, ‘Server’: ‘nginx’, ‘Connection’: ‘keep-alive’, ‘Link’: ‘https://acme-v01.api.letsencrypt.org/acme/new-cert;rel=“next”’, ‘Pragma’: ‘no-cache’, ‘Cache-Control’: ‘max-age=0, no-cache, no-store’, ‘Date’: ‘Fri, 31 Mar 2017 16:10:06 GMT’, ‘X-Frame-Options’: ‘DENY’, ‘Content-Type’: ‘application/json’, ‘Replay-Nonce’: ‘XuKfpGJ3-GsrwscbKVkeZ_Bs3bbKWGSNEeX__wmNx0M’}. Content: '{\n “identifier”: {\n “type”: “dns”,\n “value”: “dv2019.org”\n },\n “status”: “invalid”,\n “expires”: “2017-04-07T16:09:57Z”,\n “challenges”: [\n {\n “type”: “dns-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/Mzyxe_XChpoZAHh8-Kq-Rciz2U1yA4kPJXClteDaObA/924063864”,\n “token”: “dB9RR5z5ZyskesBFBDbapm4rwxP_s_zvXpE0R5Ofp9A”\n },\n {\n “type”: “tls-sni-01”,\n “status”: “invalid”,\n “error”: {\n “type”: “urn:acme:error:unauthorized”,\n “detail”: “Incorrect validation certificate for TLS-SNI-01 challenge. Requested c62f6e124a0809e3c7d981317f649a9b.007edb3abcf441efa883d99eb82f6958.acme.invalid from 162.244.93.241:443. Received 2 certificate(s), first certificate had names \“ayyoda.com, www.ayyoda.com\””,\n “status”: 403\n },\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/Mzyxe_XChpoZAHh8-Kq-Rciz2U1yA4kPJXClteDaObA/924063865”,\n “token”: “lVV3PrZOH6KRGla3k8y0EznUZYK7hpo8y4sjUhwciFI”,\n “keyAuthorization”: “lVV3PrZOH6KRGla3k8y0EznUZYK7hpo8y4sjUhwciFI._mAF3KZt4n2Yj9laHMV3jr88kOctrd-0N2_Eb-6QNj8”,\n “validationRecord”: [\n {\n “hostname”: “dv2019.org”,\n “port”: “443”,\n “addressesResolved”: [\n “162.244.93.241”\n ],\n “addressUsed”: “162.244.93.241”\n }\n ]\n },\n {\n “type”: “http-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/Mzyxe_XChpoZAHh8-Kq-Rciz2U1yA4kPJXClteDaObA/924063866”,\n “token”: “nEIAex6_XdTnUn_SqwOPkNKIT4qQHpxbmdfDG_jN3Jc”\n }\n ],\n “combinations”: [\n [\n 0\n ],\n [\n 1\n ],\n [\n 2\n ]\n ]\n}'
2017-03-31 16:10:06,810:DEBUG:acme.client:Received response <Response [200]> (headers: {‘Content-Length’: ‘1712’, ‘Expires’: ‘Fri, 31 Mar 2017 16:10:06 GMT’, ‘Boulder-Request-Id’: ‘aS8JO-eZBPiNn9Ycjt-Y_T6xOj9gqeHU6zAwkK7wnvg’, ‘Strict-Transport-Security’: ‘max-age=604800’, ‘Server’: ‘nginx’, ‘Connection’: ‘keep-alive’, ‘Link’: ‘https://acme-v01.api.letsencrypt.org/acme/new-cert;rel=“next”’, ‘Pragma’: ‘no-cache’, ‘Cache-Control’: ‘max-age=0, no-cache, no-store’, ‘Date’: ‘Fri, 31 Mar 2017 16:10:06 GMT’, ‘X-Frame-Options’: ‘DENY’, ‘Content-Type’: ‘application/json’, ‘Replay-Nonce’: ‘XuKfpGJ3-GsrwscbKVkeZ_Bs3bbKWGSNEeX__wmNx0M’}): '{\n “identifier”: {\n “type”: “dns”,\n “value”: “dv2019.org”\n },\n “status”: “invalid”,\n “expires”: “2017-04-07T16:09:57Z”,\n “challenges”: [\n {\n “type”: “dns-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/Mzyxe_XChpoZAHh8-Kq-Rciz2U1yA4kPJXClteDaObA/924063864”,\n “token”: “dB9RR5z5ZyskesBFBDbapm4rwxP_s_zvXpE0R5Ofp9A”\n },\n {\n “type”: “tls-sni-01”,\n “status”: “invalid”,\n “error”: {\n “type”: “urn:acme:error:unauthorized”,\n “detail”: “Incorrect validation certificate for TLS-SNI-01 challenge. Requested c62f6e124a0809e3c7d981317f649a9b.007edb3abcf441efa883d99eb82f6958.acme.invalid from 162.244.93.241:443. Received 2 certificate(s), first certificate had names \“ayyoda.com, www.ayyoda.com\””,\n “status”: 403\n },\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/Mzyxe_XChpoZAHh8-Kq-Rciz2U1yA4kPJXClteDaObA/924063865”,\n “token”: “lVV3PrZOH6KRGla3k8y0EznUZYK7hpo8y4sjUhwciFI”,\n “keyAuthorization”: “lVV3PrZOH6KRGla3k8y0EznUZYK7hpo8y4sjUhwciFI._mAF3KZt4n2Yj9laHMV3jr88kOctrd-0N2_Eb-6QNj8”,\n “validationRecord”: [\n {\n “hostname”: “dv2019.org”,\n “port”: “443”,\n “addressesResolved”: [\n “162.244.93.241”\n ],\n “addressUsed”: “162.244.93.241”\n }\n ]\n },\n {\n “type”: “http-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/Mzyxe_XChpoZAHh8-Kq-Rciz2U1yA4kPJXClteDaObA/924063866”,\n “token”: “nEIAex6_XdTnUn_SqwOPkNKIT4qQHpxbmdfDG_jN3Jc”\n }\n ],\n “combinations”: [\n [\n 0\n ],\n [\n 1\n ],\n [\n 2\n ]\n ]\n}'
2017-03-31 16:10:06,812:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0. args: (), kwargs: {}
2017-03-31 16:10:07,185:DEBUG:requests.packages.urllib3.connectionpool:“GET /acme/authz/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0 HTTP/1.1” 200 1720
2017-03-31 16:10:07,187:DEBUG:root:Received <Response [200]>. Headers: {‘Content-Length’: ‘1720’, ‘Expires’: ‘Fri, 31 Mar 2017 16:10:07 GMT’, ‘Boulder-Request-Id’: ‘Xtb48VrvWr74VDWLQPRFkA2sU6n0Lp-vP4f6eC8k-Xc’, ‘Strict-Transport-Security’: ‘max-age=604800’, ‘Server’: ‘nginx’, ‘Connection’: ‘keep-alive’, ‘Link’: ‘https://acme-v01.api.letsencrypt.org/acme/new-cert;rel=“next”’, ‘Pragma’: ‘no-cache’, ‘Cache-Control’: ‘max-age=0, no-cache, no-store’, ‘Date’: ‘Fri, 31 Mar 2017 16:10:07 GMT’, ‘X-Frame-Options’: ‘DENY’, ‘Content-Type’: ‘application/json’, ‘Replay-Nonce’: ‘fkeI2DhHacPVuafeihyrEepaBgRoeIWjnG1S5C7Y7t4’}. Content: '{\n “identifier”: {\n “type”: “dns”,\n “value”: “www.dv2019.org”\n },\n “status”: “invalid”,\n “expires”: “2017-04-07T16:09:57Z”,\n “challenges”: [\n {\n “type”: “tls-sni-01”,\n “status”: “invalid”,\n “error”: {\n “type”: “urn:acme:error:unauthorized”,\n “detail”: “Incorrect validation certificate for TLS-SNI-01 challenge. Requested 37f383e2da576617da4b049ce1d05067.5783a0ff3ac6439c557a65866b20d4a2.acme.invalid from 162.244.93.241:443. Received 2 certificate(s), first certificate had names \“ayyoda.com, www.ayyoda.com\””,\n “status”: 403\n },\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0/924063876”,\n “token”: “3hWyIGctBZ7y9rnZ3r7CNLfWpZlpPYKSwgZgOQWcjVE”,\n “keyAuthorization”: “3hWyIGctBZ7y9rnZ3r7CNLfWpZlpPYKSwgZgOQWcjVE._mAF3KZt4n2Yj9laHMV3jr88kOctrd-0N2_Eb-6QNj8”,\n “validationRecord”: [\n {\n “hostname”: “www.dv2019.org”,\n “port”: “443”,\n “addressesResolved”: [\n “162.244.93.241”\n ],\n “addressUsed”: “162.244.93.241”\n }\n ]\n },\n {\n “type”: “dns-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0/924063877”,\n “token”: “0EsGYFLejCanjVswdHyvLiVUq9Ul5-OtKXt8MiR6KIY”\n },\n {\n “type”: “http-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0/924063878”,\n “token”: “qJTTZPXH05hFxeB5uchBKDojKLHLmLclp11ItZjAZko”\n }\n ],\n “combinations”: [\n [\n 2\n ],\n [\n 1\n ],\n [\n 0\n ]\n ]\n}'
2017-03-31 16:10:07,187:DEBUG:acme.client:Received response <Response [200]> (headers: {‘Content-Length’: ‘1720’, ‘Expires’: ‘Fri, 31 Mar 2017 16:10:07 GMT’, ‘Boulder-Request-Id’: ‘Xtb48VrvWr74VDWLQPRFkA2sU6n0Lp-vP4f6eC8k-Xc’, ‘Strict-Transport-Security’: ‘max-age=604800’, ‘Server’: ‘nginx’, ‘Connection’: ‘keep-alive’, ‘Link’: ‘https://acme-v01.api.letsencrypt.org/acme/new-cert;rel=“next”’, ‘Pragma’: ‘no-cache’, ‘Cache-Control’: ‘max-age=0, no-cache, no-store’, ‘Date’: ‘Fri, 31 Mar 2017 16:10:07 GMT’, ‘X-Frame-Options’: ‘DENY’, ‘Content-Type’: ‘application/json’, ‘Replay-Nonce’: ‘fkeI2DhHacPVuafeihyrEepaBgRoeIWjnG1S5C7Y7t4’}): '{\n “identifier”: {\n “type”: “dns”,\n “value”: “www.dv2019.org”\n },\n “status”: “invalid”,\n “expires”: “2017-04-07T16:09:57Z”,\n “challenges”: [\n {\n “type”: “tls-sni-01”,\n “status”: “invalid”,\n “error”: {\n “type”: “urn:acme:error:unauthorized”,\n “detail”: “Incorrect validation certificate for TLS-SNI-01 challenge. Requested 37f383e2da576617da4b049ce1d05067.5783a0ff3ac6439c557a65866b20d4a2.acme.invalid from 162.244.93.241:443. Received 2 certificate(s), first certificate had names \“ayyoda.com, www.ayyoda.com\””,\n “status”: 403\n },\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0/924063876”,\n “token”: “3hWyIGctBZ7y9rnZ3r7CNLfWpZlpPYKSwgZgOQWcjVE”,\n “keyAuthorization”: “3hWyIGctBZ7y9rnZ3r7CNLfWpZlpPYKSwgZgOQWcjVE._mAF3KZt4n2Yj9laHMV3jr88kOctrd-0N2_Eb-6QNj8”,\n “validationRecord”: [\n {\n “hostname”: “www.dv2019.org”,\n “port”: “443”,\n “addressesResolved”: [\n “162.244.93.241”\n ],\n “addressUsed”: “162.244.93.241”\n }\n ]\n },\n {\n “type”: “dns-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0/924063877”,\n “token”: “0EsGYFLejCanjVswdHyvLiVUq9Ul5-OtKXt8MiR6KIY”\n },\n {\n “type”: “http-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/LbId8ibO_FsCfS4H-qj3_fIQa9FVr2L3cl3ipnvyGb0/924063878”,\n “token”: “qJTTZPXH05hFxeB5uchBKDojKLHLmLclp11ItZjAZko”\n }\n ],\n “combinations”: [\n [\n 2\n ],\n [\n 1\n ],\n [\n 0\n ]\n ]\n}'
2017-03-31 16:10:07,189:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
Domain: www.dv2019.org
Type: unauthorized
Detail: Incorrect validation certificate for TLS-SNI-01 challenge. Requested 37f383e2da576617da4b049ce1d05067.5783a0ff3ac6439c557a65866b20d4a2.acme.invalid from 162.244.93.241:443. Received 2 certificate(s), first certificate had names “ayyoda.com, www.ayyoda.com”
Domain: dv2019.org
Type: unauthorized
Detail: Incorrect validation certificate for TLS-SNI-01 challenge. Requested c62f6e124a0809e3c7d981317f649a9b.007edb3abcf441efa883d99eb82f6958.acme.invalid from 162.244.93.241:443. Received 2 certificate(s), first certificate had names “ayyoda.com, www.ayyoda.com”
To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address.
2017-03-31 16:10:07,189:INFO:certbot.auth_handler:Cleaning up challenges
2017-03-31 16:10:07,761:DEBUG:certbot.main:Exiting abnormally:
Traceback (most recent call last):
File “/usr/bin/certbot”, line 9, in
load_entry_point(‘certbot==0.9.3’, ‘console_scripts’, ‘certbot’)()
File “/usr/lib/python2.7/dist-packages/certbot/main.py”, line 776, in main
return config.func(config, plugins)
File “/usr/lib/python2.7/dist-packages/certbot/main.py”, line 563, in obtain_cert
action, _ = _auth_from_domains(le_client, config, domains, lineage)
File “/usr/lib/python2.7/dist-packages/certbot/main.py”, line 96, in _auth_from_domains
renewal.renew_cert(config, domains, le_client, lineage)
File “/usr/lib/python2.7/dist-packages/certbot/renewal.py”, line 238, in renew_cert
new_certr, new_chain, new_key, _ = le_client.obtain_certificate(domains)
File “/usr/lib/python2.7/dist-packages/certbot/client.py”, line 253, in obtain_certificate
self.config.allow_subset_of_names)
File “/usr/lib/python2.7/dist-packages/certbot/auth_handler.py”, line 78, in get_authorizations
self._respond(resp, best_effort)
File “/usr/lib/python2.7/dist-packages/certbot/auth_handler.py”, line 135, in _respond
self._poll_challenges(chall_update, best_effort)
File “/usr/lib/python2.7/dist-packages/certbot/auth_handler.py”, line 199, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. www.dv2019.org (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect validation certificate for TLS-SNI-01 challenge. Requested 37f383e2da576617da4b049ce1d05067.5783a0ff3ac6439c557a65866b20d4a2.acme.invalid from 162.244.93.241:443. Received 2 certificate(s), first certificate had names “ayyoda.com, www.ayyoda.com”, dv2019.org (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect validation certificate for TLS-SNI-01 challenge. Requested c62f6e124a0809e3c7d981317f649a9b.007edb3abcf441efa883d99eb82f6958.acme.invalid from 162.244.93.241:443. Received 2 certificate(s), first certificate had names “ayyoda.com, www.ayyoda.com”