I previously used the DNS challenge to setup my first SSL with Certbot. But now that I want to use the HTTP one to take advantage of the auto-renew possibilities, the command sudo certbot --apache --debug-challenge seems to not work. The acme-challenge folder files are accessible. Here is an example, https://salvomag.com/.well-known/acme-challenge/G28T9ScQU1szGFOZWGRyZhl5jIoWziBarr8MxreQDok
My domain is: salvomag.com
I ran this command: sudo certbot --apache --debug-challenge
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: salvomag.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter âcâ to cancel): 1 2
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for salvomag.com
http-01 challenge for www.salvomag.com
Waiting for verificationâŚ
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Challenges loaded. Press continue to submit to CA. Pass â-vâ for more info about
challenges.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue
Cleaning up challenges
Failed authorization procedure. salvomag.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://salvomag.com/.well-known/acme-challenge/i5A8wcpKIh-X09bvFNvpLEty0WousJdXI8fWhy5f_Cs [167.99.158.70]: â<!doctype html>\n<html class=âno-jsâ lang=âenâ>\n <head>\n <meta charset=âutf-8â />\n <meta name=âviewportâ contentâ, www.salvomag.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://www.salvomag.com/.well-known/acme-challenge/cNlc3bzilIDKL87xosBf_GY545IND3aGcxuK0BQt3nA [167.99.158.70]: â<!doctype html>\n<html class=âno-jsâ lang=âenâ>\n <head>\n <meta charset=âutf-8â />\n <meta name=âviewportâ contentâ
IMPORTANT NOTES:
-
- The following errors were reported by the server:*
Domain: salvomag.com
Type: unauthorized
Detail: Invalid response from
https://salvomag.com/.well-known/acme-challenge/i5A8wcpKIh-X09bvFNvpLEty0WousJdXI8fWhy5f_Cs
[167.99.158.70]: "<!doctype html>\n<html class=âno-jsâ
lang=âenâ>\n <head>\n <meta charset=âutf-8â />\n
<meta name=âviewportâ content"
Domain: www.salvomag.com
Type: unauthorized
Detail: Invalid response from
https://www.salvomag.com/.well-known/acme-challenge/cNlc3bzilIDKL87xosBf_GY545IND3aGcxuK0BQt3nA
[167.99.158.70]: "<!doctype html>\n<html class=âno-jsâ
lang=âenâ>\n <head>\n <meta charset=âutf-8â />\n
<meta name=âviewportâ content"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): Apache2
The operating system my web server runs on is (include version): Ubuntu 16.04.6 LTS
My hosting provider, if applicable, is: Digital Ocean
I can login to a root shell on my machine (yes or no, or I donât know): Yes
Iâm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if youâre using Certbot): certbot 0.28.0