Cannot renew certificate ubuntu 16.04 error

Please fill out the fields below so we can help you better.

My domain

I ran this command: certbot-auto certonly -a webroot --webroot-path=/usr/share/nginx/html -d -d

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Cert is due for renewal, auto-renewing…
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for
Using the webroot path /usr/share/nginx/html for all unmatched domains.
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from "

404 Not Found

404 Not Found



My operating system is (include version): ubuntu 16.04

My web server is (include version): nginx

My hosting provider, if applicable, is: ovh

I can login to a root shell on my machine (yes or no, or I don’t know):
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

Has your webroot directory or any other configuration changed since you set this up originally? - and are you sure you’re using the same command? Note that certbot renew should usually work, you shouldn’t need to use certonly with all the parameters again. Also you specified -d twice; was one of those supposed to have a www. in it perhaps?

Anyway, to debug this, you can try creating a text file in the directory /usr/share/nginx/html/.well-known/acme-challenge/ (create it if it doesn’t exist) and check that you can access the file with a web browser. Also try a text file without any .txt extension, as that’s what certbot will try to create. If you can’t access the file, maybe you’re using the wrong webroot or you need to change something in your nginx configuration. Once you’ve got that working, try running certbot again.

Note that if you try multiple times and it doesn’t work, you might run into the new “Failed Validation” rate limit (as it seems you did according to your other thread). If that happens, wait an hour before you try again.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.