We have moved an app from one place with an ip: app.c2.domain.net with ip a.b.c.d
We are now moving the app to a new place, new name, new ip: app.domain.net with ip e.f.g.h
There was an originally an “app.domain.net” running in AWS and we have changed the ip address to a new ip.
When the new server was built, letsencrypt was generically installed and the letsencrypt folder from the old nginx server was copied over top on the new server since the apps were brought over as they were originally but with new ip’s and so the certs would still be valid. So basically the app.c2.domain.net in AWS is shutoff and it’s domain records changed to the new IP addresses as they are now being hosted onsite. The original sites with app.domain.net in AWS have been changed to app.c1.domain.net and changed IP addresses. The app.domain.net records now point to the same ip addresses as the app.c2.domain.net ip’s.
However, now that we are ready to change the website names to just app.domain.net rather than app.c2.domain.net, the certbot running on the new server sees the websites in nginx, as the files in the /etc/nginx/sites-available have been created and the links to the /etc/nginx/sites-enabled have been created, but when we run certbot and choose one of the new websites, we’re getting something like the following:
Failed authorization procedure. app.domain.net (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://app.domain.net/.well-known/acme-challenge/kGL2q4m1YJY77qmxn9ggj1wpd2GWQOLx4zaDo50naR0 [5.195.5.197]: “<html lang=“en”><meta charset=“utf-8”><meta http-equiv=“X-UA-Compatible” content=“IE=edge”>Oops, can”
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: app.domain.net
Type: unauthorized
Detail: Invalid response from
https://app.domain.net/.well-known/acme-challenge/kGL2q4m1YJY77qmxn9ggj1wpd2GWQOLx4zaDo50naR0
[A.B.C.D: “<html lang=“en”><meta
charset=“utf-8”><meta http-equiv=“X-UA-Compatible”
content=“IE=edge”>Oops, can”To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
we have already changed the DNS A records from the old ip address to the new IP address.
I cannot figure out what needs to be done to recreate all new certs for the new websites other than taking a down time, backing up the nginx files and letsencrypt files then uninstall nginx and letsencrypt, then install them from scratch again, reconfigure nginx with the new websites, and then try to run certbot to create the new certs for the three new websites.
Is there anyway to get this to work without having to uninstall everything and reinstall, since it’s not guaranteed to fix the issue and then I would just have to restore the old files back???
I need to get this fixed ASAP!!!
Any help would greatly be appreciated.