Hi, I’m going a little bit crazy trying to renew a certificate. I have a server hosting about 10 sites and one of them failed it’s renewal (it was working without any problems). Never had a problem (and just tried adding a certificate to another site hosted in my server) but for this one I get a 502 proxy error. What could the problem be?
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
tumu.mx
I ran this command:
Tried running it through webmin.
It produced this output:
Traceback (most recent call last):
File “/usr/share/webmin/webmin/acme_tiny.py”, line 198, in
main(sys.argv[1:])
File “/usr/share/webmin/webmin/acme_tiny.py”, line 194, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca, disable_check=args.disable_check, directory_url=args.directory_url, contact=args.contact)
File “/usr/share/webmin/webmin/acme_tiny.py”, line 149, in get_crt
raise ValueError(“Challenge did not pass for {0}: {1}”.format(domain, authorization))
ValueError: Challenge did not pass for tumu.mx: {‘status’: ‘invalid’, ‘expires’: ‘2020-08-25T23:22:17Z’, ‘identifier’: {‘value’: ‘tumu.mx’, ‘type’: ‘dns’}, ‘challenges’: [{‘token’: ‘eONDWuDbIj5LVSS88NihtM89N6oKwa9C0V6XIAVS8rs’, ‘status’: ‘invalid’, ‘url’: ‘https://acme-v02.api.letsencrypt.org/acme/chall-v3/6625577523/d_7pgQ’, ‘error’: {‘status’: 403, ‘type’: ‘urn:ietf:params:acme:error:unauthorized’, ‘detail’: ‘Invalid response from http://tumu.mx/.well-known/acme-challenge/eONDWuDbIj5LVSS88NihtM89N6oKwa9C0V6XIAVS8rs [167.99.111.111]: “\n\n502 Proxy Error\n\n
Proxy Error</h1”’}, ‘validationRecord’: [{‘hostname’: ‘tumu.mx’, ‘url’: ‘http://tumu.mx/.well-known/acme-challenge/eONDWuDbIj5LVSS88NihtM89N6oKwa9C0V6XIAVS8rs’, ‘addressesResolved’: [‘167.99.111.111’], ‘port’: ‘80’, ‘addressUsed’: ‘167.99.111.111’}], ‘type’: ‘http-01’}]}
My web server is (include version):
Apache 2.4.25
The operating system my web server runs on is (include version):
Debian 9
My hosting provider, if applicable, is:
Digital Ocean
I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
Yes, webmin (1.954) and virtualmin (6.11)
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
Not sure, because I am doing this through virtualmin.