Can't recieve a certificates


#1

Can’t recieve a certificates. Site works on nginx + gunicorn + flask. Please help!

My domain is: example.com

I ran this command: sudo certbot certonly --dry-run -d example.com -d www.example.com

It produced this output:
sudo certbot certonly --dry-run -d example.com -d www.example.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?
-------------------------------------------------------------------------------
1: Nginx Web Server plugin - Alpha (nginx)
2: Spin up a temporary webserver (standalone)
3: Place files in webroot directory (webroot)
-------------------------------------------------------------------------------
Select the appropriate number [1-3] then [enter] (press 'c' to cancel): 3
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for example.com
http-01 challenge for www.example.com
Input the webroot for example.com: (Enter 'c' to cancel): /home/user/sites/example.com/flask_app/templates/

Select the webroot for www.example.com:
-------------------------------------------------------------------------------
1: Enter a new webroot
2: /home/user/sites/example.com/flask_app/templates
-------------------------------------------------------------------------------
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. example.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://example.com/.well-known/acme-challenge/NH912sc6hNewbFACRoQmJ_IxH0IRjyzsS8D3mHbPNpA: "\ufeff<!DOCTYPE html>
<meta charset="utf-8">
<html lang="ru">
<head>
    <title>\u041e\u0410\u041e \xab\u0411\u0430\u0437\u043e\u0432\u044b\u0435 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0438\xbb ", www.example.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.example.com/.well-known/acme-challenge/r_FLE80UGSWGAXtE2H8T0DHigJ1tRKB1zA0I489xDcE: "\ufeff<!DOCTYPE html>
<meta charset="utf-8">
<html lang="ru">
<head>
    <title>\u041e\u0410\u041e \xab\u0411\u0430\u0437\u043e\u0432\u044b\u0435 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0438\xbb "

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: example.com
   Type:   unauthorized
   Detail: Invalid response from
   http://example.com/.well-known/acme-challenge/NH912sc6hNewbFACRoQmJ_IxH0IRjyzsS8D3mHbPNpA:
   "<!DOCTYPE html>
   <meta charset="utf-8">
   <html lang="ru">
   <head>
       <title>Welcome to"

   Domain: www.example.com
   Type:   unauthorized
   Detail: Invalid response from
   http://www.example.com/.well-known/acme-challenge/r_FLE80UGSWGAXtE2H8T0DHigJ1tRKB1zA0I489xDcE:
   "<!DOCTYPE html>
   <meta charset="utf-8">
   <html lang="ru">
   <head>
       <title>Welcome to"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

My web server is (include version):
nginx/1.10.3 (Ubuntu)

The operating system my web server runs on is (include version):
Ubuntu

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):
yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no


#2

When your server was asked for http://btlabs.ru/.well-known/acme-challenge/NH912sc6hNewbFACRoQmJ_IxH0IRjyzsS8D3mHbPNpA, instead of returning the contents of that file, it returned an HTML page. This is often due to some web application set up on your web server that intercepts these requests. In this case, it looks like Flask. I’m not familiar enough to know how to make flask ignore a directory and allow it to return files directly, but that’s what you’ll need to do here.

An easy test is to place a test.txt file in /home/hyperbot/sites/btlabs.ru/flask_app/templates/.well-known/acme-challenge and see if you can get to that by going to http://btlabs.ru/.well-known/acme-challenge.


#3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.