Can't create a certificate


Hello, we have a domain and we use already Let’sEncrypt as certificates. My colleague did all the necessary configurations for other urls. Yet, is my turn now to do some things, since he is on holidays now.

The story is, I create a new linux (OpenSuse 42.3) server and install apache and certbot separately in order to use it as a reverse proxy, so I can expose to outside world a service like gitlab that I install locally.

So, I create firstly a cname ie and since it didnt work i change it to an A record with the same name (

I create in apache a vhost configuration, see below. My aim is to publish gitlab and been able to login remotetly outside of the local network.Yet I cannot create

I would appreciate any help, thank you

My domain is:

if its possible I dont want to write it down here, I can communicate it to you via email if there is a need

I ran this command:

certbot certonly --webroot -w /srv/www/htdocs/ -d

It produced this output:

Saving debug log to /var/log/certbot/letsencrypt.log
Starting new HTTPS connection (1):
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for
Using the webroot path /srv/www/htdocs/ for all unmatched domains.
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. (http-01): urn:acme:error:unauthorized :: The client lacks sufficin/acme-challenge/nRZoV3r_Loi4DcB8ntibaNu_3emGw2xUf-TirtB1g8Y: “<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<!DOCTYPE l1/D”


My web server is (include version):

Apache 2.4

The operating system my web server runs on is (include version):

opensuse 42.3 leap

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

<VirtualHost *:80>
DocumentRoot /srv/www/htdocs/
ErrorLog /var/log/apache2/
CustomLog /var/log/apache2/ combined

<Location “/.well-known/acme-challenge/”>
Options None
AllowOverride None
ForceType text/plain
RedirectMatch 404 “^(?!/.well-known/acme-challenge/[\w-]{43}$)”
Require all granted

RewriteEngine on

Redirect all http traffic to https

RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge [NC]
RewriteRule ^/.*$ https://%{SERVER_NAME}/ [redirect]

<VirtualHost *:443>
DocumentRoot /srv/www/htdocs/

ErrorLog /var/log/apache2/
CustomLog /var/log/apache2/ ssl_combined

SSLEngine on

SSLProtocol all -SSLv3
SSLHonorCipherOrder on
SSLCompression off


ProxyPass ""
ProxyPassReverse ""

<Proxy “”>
ProxySet connectiontimeout=60 timeout=300
RequestHeader set X-Forwarded-Proto “https”

<Directory “/srv/www/htdocs/”>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted


Try creating a file:


and see if you can access it at from outside your network. If not, try fixing that first, then run certbot again.


You may need to exclude the /.well-known/acme-challenge/ requests from being proxied.