Long story short, I have tried numerous times to use certbot and it cannot find what it wants. This is my first time attempting to set up any server accessible outside my home network and I am very frustrated.
Steps I have taken:
- Set up accounts, domain name, installed dynamic update client from no-ip, yada yada. That should all be fine.
- Verified calibre server works across local network and this has always been reliable at every step.
- Set up port-forwarding on router to send external :80 traffic to local :80 port and same with :443.
- Set up firewall rules allowing inbound/outbound on 80/443. Currently disabled while not testing, I re-enable right before testing. Hasn't seemed to help any.
5. Checked Let's Debug, successful results
Test result for fennelserver.hopto.org using http-01
DEBUG
Requests made to the domain
Request to: fennelserver.hopto.org/161.38.146.13, Result: [Address=161.38.146.13,Address Type=IPv4,Server=,HTTP Status=404], Issue:
Trace:
@0ms: Making a request to http://fennelserver.hopto.org/.well-known/acme-challenge/letsdebug-test (using initial IP 161.38.146.13)
@0ms: Dialing 161.38.146.13
@89ms: Server response: HTTP 404 Not Found
DEBUG
A and AAAA records found for this domain
fennelserver.hopto.org. 0 IN A 161.38.146.13
DEBUG
Challenge update failures for fennelserver.hopto.org in order https://acme-staging-v02.api.letsencrypt.org/acme/order/5751349/1895308868
acme: error code 403 "urn:ietf:params:acme:error:unauthorized": Invalid response from http://fennelserver.hopto.org/.well-known/acme-challenge/vgKjYauYcGi40T_cFRiYZafGAn5zveeHqzom4uZeRYs [161.38.146.13]: 404
DEBUG
The IANA public suffix is the TLD of the Registered Domain
The TLD for fennelserver.hopto.org is: org
DEBUG
The current status.io status for Let's Encrypt
Operational
- Tried check your website with these results
- Torn my hair out because I don't get what the problem is. Tell me everything.
Questions I have:
- Is it a problem that I require authentication on the Calibre server? It gives you nothing but a login page if you are not logged in.
- Should port 443 matter at all for just getting a certificate? I'm very confused on this.
- Do prefixes like www. and so on matter? I have not been putting those at any step in this process. I'm just honestly so darn confused.
My domain is:fennelserver.hopto.org (via noip)
I ran this command: certbot certonly --standalone
It produced this output: Brief log then full log below that:
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: fennelserver.hopto.org
Type: unauthorized
8oVje_AunCAk [161.38.146.13]: 404
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserverSome challenges have failed.
Full Log
2022-02-27 08:32:52,130:DEBUG:certbot._internal.main:certbot version: 1.23.0
2022-02-27 08:32:52,131:DEBUG:certbot._internal.main:Location of certbot entry point: C:\Program Files (x86)\Certbot\bin\certbot.exe
2022-02-27 08:32:52,131:DEBUG:certbot._internal.main:Arguments: ['--standalone', '--preconfigured-renewal']
2022-02-27 08:32:52,131:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2022-02-27 08:32:52,174:DEBUG:certbot._internal.log:Root logging level set at 30
2022-02-27 08:32:52,178:DEBUG:certbot._internal.plugins.selection:Requested authenticator standalone and installer None
2022-02-27 08:32:52,181:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * standalone
Description: Spin up a temporary webserver
Interfaces: Authenticator, Plugin
Entry point: standalone = certbot._internal.plugins.standalone:Authenticator
Initialized: <certbot._internal.plugins.standalone.Authenticator object at 0x0504EBC8>
Prep: True
2022-02-27 08:32:52,181:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.standalone.Authenticator object at 0x0504EBC8> and installer None
2022-02-27 08:32:52,181:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator standalone, Installer None
2022-02-27 08:32:52,202:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/421875960', new_authzr_uri=None, terms_of_service=None), b67bc298385f184b194375224708d620, Meta(creation_dt=datetime.datetime(2022, 2, 23, 12, 40, 9, tzinfo=), creation_host='Battlestation', register_to_eff='prometheus720@protonmail.com'))>
2022-02-27 08:32:52,219:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2022-02-27 08:32:52,221:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2022-02-27 08:32:52,372:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
2022-02-27 08:32:52,372:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 27 Feb 2022 14:32:50 GMT
Content-Type: application/json
Content-Length: 658
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"2DbAETBuLdI": "Adding random entries to the directory",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2022-02-27 08:32:52,372:DEBUG:certbot.display.ops:No installer, picking names manually
2022-02-27 08:32:57,299:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for fennelserver.hopto.org
2022-02-27 08:32:57,434:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): C:\Certbot\keys\0013_key-certbot.pem
2022-02-27 08:32:57,446:DEBUG:certbot.crypto_util:Creating CSR: C:\Certbot\csr\0013_csr-certbot.pem
2022-02-27 08:32:57,446:DEBUG:acme.client:Requesting fresh nonce
2022-02-27 08:32:57,446:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2022-02-27 08:32:57,495:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2022-02-27 08:32:57,495:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 27 Feb 2022 14:32:55 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: 0102fXVcRvTIVsl9l56hciFF1eYcBZ-qlNQegrME4aTGHi8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
2022-02-27 08:32:57,495:DEBUG:acme.client:Storing nonce: 0102fXVcRvTIVsl9l56hciFF1eYcBZ-qlNQegrME4aTGHi8
2022-02-27 08:32:57,496:DEBUG:acme.client:JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "fennelserver.hopto.org"\n }\n ]\n}'
2022-02-27 08:32:57,500:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDIxODc1OTYwIiwgIm5vbmNlIjogIjAxMDJmWFZjUnZUSVZzbDlsNTZoY2lGRjFlWWNCWi1xbE5RZWdyTUU0YVRHSGk4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
"signature": "JafzQ7ewEiXy3Nu5wi531bsfbAFlMeP503GSbD5wie3nV8oNlD0ppyJnmRvcVgZ037EHSYZhT3NwM3k20C4Mhl7f9_DmB8ytPpNNlrhZPKPZAH5WT8PEgHs01QPWuC1Tstdpvt12xFHvSMOO9I6piXHOH7ShNI455xU2dVvqUx62x-_0bsn5rhDBK7YYEMJkWqqjUj7DvYyawiqCCh9A946t5jQ2Er4lWvhlGPeYyNTCk7cOpdBZASV4pzC-MX01rEeaDuCIiu-qA1kq9GRaxF6CH5DLjZi0z7q4dfE2xcNJb0ltjdpTI1ZjQ37KUFhqI0wlPKae_W5kPgRUbCbPKw",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImZlbm5lbHNlcnZlci5ob3B0by5vcmciCiAgICB9CiAgXQp9"
}
2022-02-27 08:32:57,874:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 345
2022-02-27 08:32:57,874:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Sun, 27 Feb 2022 14:32:56 GMT
Content-Type: application/json
Content-Length: 345
Connection: keep-alive
Boulder-Requester: 421875960
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/421875960/67364575750
Replay-Nonce: 0101-LCm8k25GqqkEyUe9_ac1fUsb5kfLM50hE729Rn2lwY
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"status": "pending",
"expires": "2022-03-06T14:32:56Z",
"identifiers": [
{
"type": "dns",
"value": "fennelserver.hopto.org"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/82649468160"
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/421875960/67364575750"
}
2022-02-27 08:32:57,874:DEBUG:acme.client:Storing nonce: 0101-LCm8k25GqqkEyUe9_ac1fUsb5kfLM50hE729Rn2lwY
2022-02-27 08:32:57,875:DEBUG:acme.client:JWS payload:
b''
2022-02-27 08:32:57,879:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/82649468160:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDIxODc1OTYwIiwgIm5vbmNlIjogIjAxMDEtTENtOGsyNUdxcWtFeVVlOV9hYzFmVXNiNWtmTE01MGhFNzI5Um4ybHdZIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My84MjY0OTQ2ODE2MCJ9",
"signature": "FBA9Fyf3oaGNRuQ_hchH9Nib3efCeCLH0OtQu5OzevE4KtHv2HprWJ5fnsiFsv0xpBfqEvnpl1LZAC3uRSXStQzyT8Z6lGuXC4GsQbVMrmso90-WOl3dC0WsKsTEXsBjRzR73C1soqaETbhG0rxo3Haj6fzkImJSuwJOJCY9oIfdtpYG4JDN7FEHgKaGOsejlexj1W-QT878Ai4M_yBohU-LztT1JSBJEgfv-3LIXNqZveiGRKpK11pHFtMbdsdqbp_LcSfdBZAK8sFzDEcAm_9rgfOKsRWfThKFa-kg2jkRDGtlR3BGthl9cEAbakoO67XGpMIrUqme5ryqlWL7UA",
"payload": ""
}
2022-02-27 08:32:57,953:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/82649468160 HTTP/1.1" 200 803
2022-02-27 08:32:57,953:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 27 Feb 2022 14:32:56 GMT
Content-Type: application/json
Content-Length: 803
Connection: keep-alive
Boulder-Requester: 421875960
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: 0101pg30QJ4z35IWWq8yS1y5UL6axu72anw-cJ9lH6tuCT8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "fennelserver.hopto.org"
},
"status": "pending",
"expires": "2022-03-06T14:32:56Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/82649468160/BL76DQ",
"token": "PAFaxF2x5BliQzC6clQgijYt8ZKgFAr8oVje_AunCAk"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/82649468160/2E89Pg",
"token": "PAFaxF2x5BliQzC6clQgijYt8ZKgFAr8oVje_AunCAk"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/82649468160/Ua9dBQ",
"token": "PAFaxF2x5BliQzC6clQgijYt8ZKgFAr8oVje_AunCAk"
}
]
}
2022-02-27 08:32:57,953:DEBUG:acme.client:Storing nonce: 0101pg30QJ4z35IWWq8yS1y5UL6axu72anw-cJ9lH6tuCT8
2022-02-27 08:32:57,954:INFO:certbot._internal.auth_handler:Performing the following challenges:
2022-02-27 08:32:57,954:INFO:certbot._internal.auth_handler:http-01 challenge for fennelserver.hopto.org
2022-02-27 08:32:57,956:DEBUG:acme.standalone:Successfully bound to :80 using IPv6
2022-02-27 08:32:58,804:DEBUG:acme.standalone:Successfully bound to :80 using IPv4
2022-02-27 08:32:58,805:DEBUG:acme.client:JWS payload:
b'{}'
2022-02-27 08:32:58,809:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/82649468160/BL76DQ:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDIxODc1OTYwIiwgIm5vbmNlIjogIjAxMDFwZzMwUUo0ejM1SVdXcTh5UzF5NVVMNmF4dTcyYW53LWNKOWxINnR1Q1Q4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My84MjY0OTQ2ODE2MC9CTDc2RFEifQ",
"signature": "REDPKBkq8cVED19hukunPc10GFAxugfjXuZRk6Gziqwv6rUC6AogmtjA-u2dDGhprI7Xo8zBnVemDw6S4VqkycBk-vWN4wCMdyLzXC8PKAH3xmEE5Mf5WMJBds2ZsychNxk6CpqaqS1J3ODN5OhCXtY3m_ELlqkuOZLSMZ1KTCVT_z1z3onyojUCl5UfZSXSzEfZjwTJ6OwXPyoHAhSKsH3beoG9MmV1o-RAXf8zqYxk8rCjHP2JJEEBvuBCLPDQ713YaQSdy_rvBrZlmN9_YY7SpWUYnDZ6jfD4UmDGfgQnZZEmM44GZgH_3k7aMd0rAMKN4KDpcNjPZm3XEdRtvw",
"payload": "e30"
}
2022-02-27 08:32:58,887:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/82649468160/BL76DQ HTTP/1.1" 200 186
2022-02-27 08:32:58,887:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 27 Feb 2022 14:32:57 GMT
Content-Type: application/json
Content-Length: 186
Connection: keep-alive
Boulder-Requester: 421875960
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index", https://acme-v02.api.letsencrypt.org/acme/authz-v3/82649468160;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/82649468160/BL76DQ
Replay-Nonce: 0101UhQ1ueTNCyu00ykozWgPk-TSrqouU_x6Ll3jk8Y1fsg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/82649468160/BL76DQ",
"token": "PAFaxF2x5BliQzC6clQgijYt8ZKgFAr8oVje_AunCAk"
}
2022-02-27 08:32:58,887:DEBUG:acme.client:Storing nonce: 0101UhQ1ueTNCyu00ykozWgPk-TSrqouU_x6Ll3jk8Y1fsg
2022-02-27 08:32:58,888:INFO:certbot._internal.auth_handler:Waiting for verification...
2022-02-27 08:32:59,896:DEBUG:acme.client:JWS payload:
b''
2022-02-27 08:32:59,901:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/82649468160:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDIxODc1OTYwIiwgIm5vbmNlIjogIjAxMDFVaFExdWVUTkN5dTAweWtveldnUGstVFNycW91VV94NkxsM2prOFkxZnNnIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My84MjY0OTQ2ODE2MCJ9",
"signature": "T6R_Dm5fFrsag6J-MT9CU7Rpu-fX_SJ3bRs2--tMA5874LCuHIdzG8JlIBOPFlQCQplNer3Hyty02TVW6TWzvJ-sV2lNJr_XJaIhhsxgGhqu0sv_ZWLiCSQCZ5PllJYC_gVfPed0zJkfnFyTdQ5lqtg9nYw8b8MGLGqNvjkk-i7oMzXBQ74g3LIDK57c1pxkhMYKmuCz9u5cLeaSOD-d5154q3JLcK0aSEu6PdX9dEq8l6-VhZiWSDZ1NQ0cXKP6Q4DsTNxrPxsA6bvdY3zNhY5u7qd8umEbBYq1HPyHj8d4_tuZOuPK_k1JaSvj5GhvODp9Aa1VWNo06tbHp-VkLw",
"payload": ""
}
2022-02-27 08:32:59,961:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/82649468160 HTTP/1.1" 200 1056
2022-02-27 08:32:59,962:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 27 Feb 2022 14:32:58 GMT
Content-Type: application/json
Content-Length: 1056
Connection: keep-alive
Boulder-Requester: 421875960
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: 0101IWzCpJhWZOnmGDjAGFIeQnGsHUJpuh7SmCfIu5JyHlA
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "fennelserver.hopto.org"
},
"status": "invalid",
"expires": "2022-03-06T14:32:56Z",
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "Invalid response from http://fennelserver.hopto.org/.well-known/acme-challenge/PAFaxF2x5BliQzC6clQgijYt8ZKgFAr8oVje_AunCAk [161.38.146.13]: 404",
"status": 403
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/82649468160/BL76DQ",
"token": "PAFaxF2x5BliQzC6clQgijYt8ZKgFAr8oVje_AunCAk",
"validationRecord": [
{
"url": "http://fennelserver.hopto.org/.well-known/acme-challenge/PAFaxF2x5BliQzC6clQgijYt8ZKgFAr8oVje_AunCAk",
"hostname": "fennelserver.hopto.org",
"port": "80",
"addressesResolved": [
"161.38.146.13"
],
"addressUsed": "161.38.146.13"
}
],
"validated": "2022-02-27T14:32:57Z"
}
]
}
2022-02-27 08:32:59,962:DEBUG:acme.client:Storing nonce: 0101IWzCpJhWZOnmGDjAGFIeQnGsHUJpuh7SmCfIu5JyHlA
2022-02-27 08:32:59,962:INFO:certbot._internal.auth_handler:Challenge failed for domain fennelserver.hopto.org
2022-02-27 08:32:59,962:INFO:certbot._internal.auth_handler:http-01 challenge for fennelserver.hopto.org
2022-02-27 08:32:59,962:DEBUG:certbot._internal.display.obj:Notifying user:
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: fennelserver.hopto.org
Type: unauthorized
Detail: Invalid response from http://fennelserver.hopto.org/.well-known/acme-challenge/PAFaxF2x5BliQzC6clQgijYt8ZKgFAr8oVje_AunCAk [161.38.146.13]: 404
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
2022-02-27 08:32:59,963:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "C:\Program Files (x86)\Certbot\pkgs\certbot_internal\auth_handler.py", line 106, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "C:\Program Files (x86)\Certbot\pkgs\certbot_internal\auth_handler.py", line 206, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2022-02-27 08:32:59,963:DEBUG:certbot._internal.error_handler:Calling registered functions
2022-02-27 08:32:59,963:INFO:certbot._internal.auth_handler:Cleaning up challenges
2022-02-27 08:32:59,963:DEBUG:certbot._internal.plugins.standalone:Stopping server at :::80...
2022-02-27 08:32:59,963:DEBUG:certbot._internal.plugins.standalone:Stopping server at 0.0.0.0:80...
2022-02-27 08:33:00,822:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "runpy.py", line 197, in _run_module_as_main
File "runpy.py", line 87, in run_code
File "C:\Program Files (x86)\Certbot\bin\certbot.exe_main.py", line 29, in
sys.exit(main())
File "C:\Program Files (x86)\Certbot\pkgs\certbot\main.py", line 19, in main
return internal_main.main(cli_args)
File "C:\Program Files (x86)\Certbot\pkgs\certbot_internal\main.py", line 1683, in main
return config.func(config, plugins)
File "C:\Program Files (x86)\Certbot\pkgs\certbot_internal\main.py", line 1538, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File "C:\Program Files (x86)\Certbot\pkgs\certbot_internal\main.py", line 139, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "C:\Program Files (x86)\Certbot\pkgs\certbot_internal\client.py", line 513, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
File "C:\Program Files (x86)\Certbot\pkgs\certbot_internal\client.py", line 441, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "C:\Program Files (x86)\Certbot\pkgs\certbot_internal\client.py", line 493, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "C:\Program Files (x86)\Certbot\pkgs\certbot_internal\auth_handler.py", line 106, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "C:\Program Files (x86)\Certbot\pkgs\certbot_internal\auth_handler.py", line 206, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2022-02-27 08:33:00,823:ERROR:certbot._internal.log:Some challenges have failed.
My web server is (include version): Calibre 5.37.0
The operating system my web server runs on is (include version): Windows 10
My hosting provider, if applicable, is: self-hosted, dynamic DNS via no-ip
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): I guess? Calibre is an ebook management software which allows users to access their libraries via a webserver over http or https. There is a settings panel inside Calibre as well as a CLI. Here is the manual page for the calibre server.
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): certbot 1.23.0