Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
pizbube.ch
I ran this command:
Automatic renewal: python -c 'import random; import time; time.sleep(random.random() * 3600)' && /usr/local/bin/certbot-auto renew -q
It produced this output:
Challenge failed for domain feed.pizbube.ch
Challenge failed for domain gate.pizbube.ch
Challenge failed for domain man.pizbube.ch
Challenge failed for domain mob.pizbube.ch
Challenge failed for domain pizbube.ch
Challenge failed for domain pod.pizbube.ch
Challenge failed for domain rest.pizbube.ch
Challenge failed for domain site.pizbube.ch
Challenge failed for domain stats.pizbube.ch
Challenge failed for domain www.pizbube.ch
Attempting to renew cert (pizbube.ch) from /etc/letsencrypt/renewal/pizbube.ch.conf produced an unexpected error: Some challenges have failed.. Skipping. All renewal attempts failed. The following certs could not be renewed: /etc/letsencrypt/live/pizbube.ch/fullchain.pem (failure) 1 renew failure(s), 0 parse failure(s)
In httpd-log i get this error:
[error] [client 52.28.236.88] (13)Permission denied: access to /.well-known/acme-challenge/IBvRwcKmVW6RaXEzzTdKisbsBPUI5y9_j0fL6gOq73g denied
namei -l /var/lib/letsencrypt/http_challenges
f: /var/lib/letsencrypt/http_challenges
dr-xr-xr-x root root /
drwxr-xr-x root root var
drwxr-xr-x root root lib
drwxr-xr-x root apache letsencrypt
drwxr-xr-x root root http_challenges
My web server is (include version):
Apache 2.2
The operating system my web server runs on is (include version):
CentOS 6.10
My hosting provider, if applicable, is: providing.ch
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):
certbot 1.10.1