Hi!
I’m trying to obtain a certificate for www.danhorton.net. I’m following the exact same procedures that work fine for about 10 other domains. The only thing that is different with this domain is that the DNS configuration changed on 28 June, but I would expect that by now every cache has expired.
I can create files in the /.well-known/acme-challenge/ directory and I can download them successfully (no surprise, because all this works for other domains). But when I try to obtain the certificate, there are no requests to my web server at all. Instead, I get the above-mentioned error.
My domain is:
www.danhorton.net
I ran this command:
sudo -u letsencrypt python bin/acme_tiny.py --account-key ./account.key --csr csrs/www.danhorton.net.csr --acme-dir /var/local/letsencrypt/challenges/ > /var/local/letsencrypt/certs/www.danhorton.net.pem
It produced this output:
Parsing account key…
Parsing CSR…
Registering account…
Already registered!
Signing certificate…
Traceback (most recent call last):
File “bin/acme_tiny.py”, line 198, in
main(sys.argv[1:])
File “bin/acme_tiny.py”, line 194, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca)
File “bin/acme_tiny.py”, line 161, in get_crt
raise ValueError(“Error signing certificate: {0} {1}”.format(code, result))
ValueError: Error signing certificate: 403 {
“type”: “urn:acme:error:unauthorized”,
“detail”: “Error creating new cert :: authorizations for these names not found or expired: www.danhorton.net”,
“status”: 403
}
My web server is (include version):
Apache 2.4.25
The operating system my web server runs on is (include version):
Debian stretch
I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No
Any ideas or hints what I might check?
Thanks a lot,
Hendrik