Can't renew certificate; redirect loop detected

Auhrii · August 6, 2021, 4:41pm

A quick preface: I've had certbot renew in my crontab working perfectly fine for the past 6 months, and I haven't changed anything since - my website was up yesterday, and it seems my certificate was unable to renew for reasons I apparently can't even begin to understand.

My domain is auhrii.dev
I ran certbot renew --dry-run

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Processing /etc/letsencrypt/renewal/auhrii.dev.conf

Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator standalone, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for www.auhrii.dev
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/FvgAtZBJEi_czxsAVwKyhtkCPYVlNuuyFrZg5cwJrFc: Redirect loop detected. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)

** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)

All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)

1 renew failure(s), 0 parse failure(s)

My web server is Nginx 1.14.2, and the operating system my web server runs on is Raspbian GNU/Linux 10 (buster) - I am self-hosting. I can login to a root shell on my machine; I'm not using a control panel to manage my site. My client version is Certbot 0.31.0

griffin · August 6, 2021, 5:25pm

Welcome to the Let's Encrypt Community

This is likely due to a conflict in your nginx configuration.

What are the outputs of:

sudo nginx -T
sudo ls -lRa /etc/nginx
sudo ls -lRa /etc/letsencrypt
sudo certbot certificates

Please put 3 backticks above and below each output, like this:

```
output
```

Auhrii · August 6, 2021, 5:39pm

Thank you!

I should probably preface this reply by saying that I changed absolutely nothing, and the problem seems to have vanished as mysteriously as it appeared. Usually I'd just attribute this to a one-off problem, but the cron job renew failing at the start of the week and me being unable to renew manually today has me confused. Here are my outputs, if it helps shed light on what happened at least:

nginx -T

(I snipped the other two site configs as certbot stumbled on the first one - they're more of the same anyway)

# Default server configuration

server {
	listen [::]:80;
	listen 80;
	server_name auhrii.dev www.auhrii.dev;
	return 301 https://$host$request_uri;
}

server {
	listen [::]:443 ssl http2;
	listen 443 ssl http2;
	ssl on;
	ssl_certificate /etc/letsencrypt/live/auhrii.dev/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/auhrii.dev/privkey.pem;
	server_name auhrii.dev www.auhrii.dev;
	root /mediaserver/html;
	index index.php;
	error_log /mediaserver/public_error.log;
	
	error_page 404 /404.php;
	
	add_header X-Frame-Options "SAMEORIGIN" always;
	add_header X-Content-Type-Options "nosniff" always;
	add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
	add_header Content-Security-Policy "default-src 'self' cdnjs.cloudflare.com code.jquery.com; base-uri *.auhrii.dev;" always;
	
	location ~ \.php$ {
		try_files $uri =404;
                fastcgi_pass 127.0.0.1:9000;
                fastcgi_index index.php;
                include fastcgi.conf;
        }

        location / {
                if ($request_uri ~ ^/(.*)\.html) {
                        return 302 /$1;
                }
                if ($request_uri ~ ^/(.*)\.php) {
                        return 302 /$1;
                }
		
                try_files $uri $uri/ $uri.html $uri.php;
        }
	
	location ~ /\. {
		deny all;
	}
	
	location ^~ /.well-known/acme-challenge/ {
		allow all;
		root /mediaserver/html;
	}
}

ls -lRa /etc/nginx

/etc/nginx:
total 84
drwxr-xr-x   8 root root  4096 Aug  6 16:34 .
drwxr-xr-x 129 root root 12288 Aug  6 17:03 ..
drwxr-xr-x   2 root root  4096 Aug 13  2019 conf.d
-rw-r--r--   1 root root  1077 Aug 13  2019 fastcgi.conf
-rw-r--r--   1 root root  1007 Aug 13  2019 fastcgi_params
-rw-r--r--   1 root root  2837 Aug 13  2019 koi-utf
-rw-r--r--   1 root root  2223 Aug 13  2019 koi-win
-rw-r--r--   1 root root  3957 Aug 13  2019 mime.types
drwxr-xr-x   2 root root  4096 Aug 13  2019 modules-available
drwxr-xr-x   2 root root  4096 Jul 30  2020 modules-enabled
-rw-r--r--   1 root root  1704 Nov  3  2020 nginx.conf
-rw-r--r--   1 root root  1529 Oct 22  2020 nginx.conf.save
-rw-r--r--   1 root root   180 Aug 13  2019 proxy_params
-rw-r--r--   1 root root   636 Aug 13  2019 scgi_params
drwxr-xr-x   2 root root  4096 Aug  6 17:12 sites-available
drwxr-xr-x   2 root root  4096 May  6 20:06 sites-enabled
drwxr-xr-x   2 root root  4096 Sep  2  2020 snippets
-rw-r--r--   1 root root   664 Aug 13  2019 uwsgi_params
-rw-r--r--   1 root root  3071 Aug 13  2019 win-utf

/etc/nginx/conf.d:
total 8
drwxr-xr-x 2 root root 4096 Aug 13  2019 .
drwxr-xr-x 8 root root 4096 Aug  6 16:34 ..

/etc/nginx/modules-available:
total 8
drwxr-xr-x 2 root root 4096 Aug 13  2019 .
drwxr-xr-x 8 root root 4096 Aug  6 16:34 ..

/etc/nginx/modules-enabled:
total 24
drwxr-xr-x 2 root root 4096 Jul 30  2020 .
drwxr-xr-x 8 root root 4096 Aug  6 16:34 ..
lrwxrwxrwx 1 root root   57 Jul 30  2020 50-mod-http-auth-pam.conf -> /usr/share/nginx/modules-available/mod-http-auth-pam.conf
lrwxrwxrwx 1 root root   56 Jul 30  2020 50-mod-http-dav-ext.conf -> /usr/share/nginx/modules-available/mod-http-dav-ext.conf
lrwxrwxrwx 1 root root   53 Jul 30  2020 50-mod-http-echo.conf -> /usr/share/nginx/modules-available/mod-http-echo.conf
lrwxrwxrwx 1 root root   54 Jul 30  2020 50-mod-http-geoip.conf -> /usr/share/nginx/modules-available/mod-http-geoip.conf
lrwxrwxrwx 1 root root   61 Jul 30  2020 50-mod-http-image-filter.conf -> /usr/share/nginx/modules-available/mod-http-image-filter.conf
lrwxrwxrwx 1 root root   60 Jul 30  2020 50-mod-http-subs-filter.conf -> /usr/share/nginx/modules-available/mod-http-subs-filter.conf
lrwxrwxrwx 1 root root   62 Jul 30  2020 50-mod-http-upstream-fair.conf -> /usr/share/nginx/modules-available/mod-http-upstream-fair.conf
lrwxrwxrwx 1 root root   60 Jul 30  2020 50-mod-http-xslt-filter.conf -> /usr/share/nginx/modules-available/mod-http-xslt-filter.conf
lrwxrwxrwx 1 root root   48 Jul 30  2020 50-mod-mail.conf -> /usr/share/nginx/modules-available/mod-mail.conf
lrwxrwxrwx 1 root root   50 Jul 30  2020 50-mod-stream.conf -> /usr/share/nginx/modules-available/mod-stream.conf

/etc/nginx/sites-available:
total 20
drwxr-xr-x 2 root root 4096 Aug  6 17:12 .
drwxr-xr-x 8 root root 4096 Aug  6 16:34 ..
-rw-r--r-- 1 root root 1443 Aug  6 16:22 default
-rw-r--r-- 1 root root 1624 Aug  6 16:22 personal
-rw-r--r-- 1 root root 1610 Aug  6 16:23 second-life

/etc/nginx/sites-enabled:
total 8
drwxr-xr-x 2 root root 4096 May  6 20:06 .
drwxr-xr-x 8 root root 4096 Aug  6 16:34 ..
lrwxrwxrwx 1 root root   34 Jul 31  2020 default -> /etc/nginx/sites-available/default
lrwxrwxrwx 1 root root   35 Aug 26  2020 personal -> /etc/nginx/sites-available/personal
lrwxrwxrwx 1 root root   38 May  6 20:06 second-life -> /etc/nginx/sites-available/second-life

/etc/nginx/snippets:
total 16
drwxr-xr-x 2 root root 4096 Sep  2  2020 .
drwxr-xr-x 8 root root 4096 Aug  6 16:34 ..
-rw-r--r-- 1 root root  423 Aug 13  2019 fastcgi-php.conf
-rw-r--r-- 1 root root  217 Aug 13  2019 snakeoil.conf

ls -lRa /etc/letsencrypt

/etc/letsencrypt:
total 48
drwxr-xr-x   9 root root  4096 Aug  6 18:18 .
drwxr-xr-x 129 root root 12288 Aug  6 17:03 ..
drwxr-xr-x   4 root root  4096 Jul 31  2020 accounts
drwx------   3 root root  4096 Jul 31  2020 archive
-rw-r--r--   1 root root   121 May 26  2018 cli.ini
drwxr-xr-x   2 root root  4096 Aug  6 18:18 csr
drwx------   2 root root  4096 Aug  6 18:18 keys
drwx------   3 root root  4096 Jul 31  2020 live
drwxr-xr-x   2 root root  4096 Aug  6 18:18 renewal
drwxr-xr-x   5 root root  4096 Jul 30  2020 renewal-hooks

/etc/letsencrypt/accounts:
total 16
drwxr-xr-x 4 root root 4096 Jul 31  2020 .
drwxr-xr-x 9 root root 4096 Aug  6 18:18 ..
drwxr-xr-x 3 root root 4096 Jul 31  2020 acme-staging-v02.api.letsencrypt.org
drwxr-xr-x 3 root root 4096 Jul 30  2020 acme-v02.api.letsencrypt.org

/etc/letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org:
total 12
drwxr-xr-x 3 root root 4096 Jul 31  2020 .
drwxr-xr-x 4 root root 4096 Jul 31  2020 ..
drwx------ 3 root root 4096 Jul 31  2020 directory

/etc/letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org/directory:
total 12
drwx------ 3 root root 4096 Jul 31  2020 .
drwxr-xr-x 3 root root 4096 Jul 31  2020 ..
drwx------ 2 root root 4096 Jul 31  2020 ed1c19905cf6a7b6de8366301d862ff0

/etc/letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org/directory/ed1c19905cf6a7b6de8366301d862ff0:
total 20
drwx------ 2 root root 4096 Jul 31  2020 .
drwx------ 3 root root 4096 Jul 31  2020 ..
-rw-r--r-- 1 root root   71 Jul 31  2020 meta.json
-r-------- 1 root root 1632 Jul 31  2020 private_key.json
-rw-r--r-- 1 root root   86 Jul 31  2020 regr.json

/etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org:
total 12
drwxr-xr-x 3 root root 4096 Jul 30  2020 .
drwxr-xr-x 4 root root 4096 Jul 31  2020 ..
drwx------ 3 root root 4096 Jul 30  2020 directory

/etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory:
total 12
drwx------ 3 root root 4096 Jul 30  2020 .
drwxr-xr-x 3 root root 4096 Jul 30  2020 ..
drwx------ 2 root root 4096 Jul 30  2020 aafea92d412fe463b4c2f2667ba3b82a

/etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/aafea92d412fe463b4c2f2667ba3b82a:
total 20
drwx------ 2 root root 4096 Jul 30  2020 .
drwx------ 3 root root 4096 Jul 30  2020 ..
-rw-r--r-- 1 root root   71 Jul 30  2020 meta.json
-r-------- 1 root root 1632 Jul 30  2020 private_key.json
-rw-r--r-- 1 root root   78 Jul 30  2020 regr.json

/etc/letsencrypt/archive:
total 12
drwx------ 3 root root 4096 Jul 31  2020 .
drwxr-xr-x 9 root root 4096 Aug  6 18:18 ..
drwxr-xr-x 2 root root 4096 Aug  6 18:18 auhrii.dev

/etc/letsencrypt/archive/auhrii.dev:
total 144
drwxr-xr-x 2 root root 4096 Aug  6 18:18 .
drwx------ 3 root root 4096 Jul 31  2020 ..
-rw-r--r-- 1 root root 1899 Jul 31  2020 cert1.pem
-rw-r--r-- 1 root root 1948 Aug 26  2020 cert2.pem
-rw-r--r-- 1 root root 1944 Nov  3  2020 cert3.pem
-rw-r--r-- 1 root root 1879 Jan  3  2021 cert4.pem
-rw-r--r-- 1 root root 1879 Mar  4 00:04 cert5.pem
-rw-r--r-- 1 root root 1879 May  3 09:37 cert6.pem
-rw-r--r-- 1 root root 1899 May  6 19:58 cert7.pem
-rw-r--r-- 1 root root 1899 Aug  6 18:18 cert8.pem
-rw-r--r-- 1 root root 1647 Jul 31  2020 chain1.pem
-rw-r--r-- 1 root root 1647 Aug 26  2020 chain2.pem
-rw-r--r-- 1 root root 1647 Nov  3  2020 chain3.pem
-rw-r--r-- 1 root root 1586 Jan  3  2021 chain4.pem
-rw-r--r-- 1 root root 1586 Mar  4 00:04 chain5.pem
-rw-r--r-- 1 root root 1586 May  3 09:37 chain6.pem
-rw-r--r-- 1 root root 3750 May  6 19:58 chain7.pem
-rw-r--r-- 1 root root 3750 Aug  6 18:18 chain8.pem
-rw-r--r-- 1 root root 3546 Jul 31  2020 fullchain1.pem
-rw-r--r-- 1 root root 3595 Aug 26  2020 fullchain2.pem
-rw-r--r-- 1 root root 3591 Nov  3  2020 fullchain3.pem
-rw-r--r-- 1 root root 3465 Jan  3  2021 fullchain4.pem
-rw-r--r-- 1 root root 3465 Mar  4 00:04 fullchain5.pem
-rw-r--r-- 1 root root 3465 May  3 09:37 fullchain6.pem
-rw-r--r-- 1 root root 5649 May  6 19:58 fullchain7.pem
-rw-r--r-- 1 root root 5649 Aug  6 18:18 fullchain8.pem
-rw------- 1 root root 1704 Jul 31  2020 privkey1.pem
-rw------- 1 root root 1704 Aug 26  2020 privkey2.pem
-rw------- 1 root root 1704 Nov  3  2020 privkey3.pem
-rw------- 1 root root 1704 Jan  3  2021 privkey4.pem
-rw------- 1 root root 1708 Mar  4 00:04 privkey5.pem
-rw------- 1 root root 1704 May  3 09:37 privkey6.pem
-rw------- 1 root root 1708 May  6 19:58 privkey7.pem
-rw------- 1 root root 1704 Aug  6 18:18 privkey8.pem

/etc/letsencrypt/csr:
total 588
drwxr-xr-x 2 root root 4096 Aug  6 18:18 .
drwxr-xr-x 9 root root 4096 Aug  6 18:18 ..
-rw-r--r-- 1 root root  940 Jul 30  2020 0000_csr-certbot.pem
-rw-r--r-- 1 root root  940 Jul 30  2020 0001_csr-certbot.pem
-rw-r--r-- 1 root root  940 Jul 30  2020 0002_csr-certbot.pem
-rw-r--r-- 1 root root  920 Jul 30  2020 0003_csr-certbot.pem
-rw-r--r-- 1 root root  920 Jul 30  2020 0004_csr-certbot.pem
-rw-r--r-- 1 root root  920 Jul 30  2020 0005_csr-certbot.pem
-rw-r--r-- 1 root root  920 Jul 31  2020 0006_csr-certbot.pem
-rw-r--r-- 1 root root  920 Jul 31  2020 0007_csr-certbot.pem
-rw-r--r-- 1 root root  920 Jul 31  2020 0008_csr-certbot.pem
-rw-r--r-- 1 root root  920 Jul 31  2020 0009_csr-certbot.pem
-rw-r--r-- 1 root root  920 Jul 31  2020 0010_csr-certbot.pem
-rw-r--r-- 1 root root  920 Jul 31  2020 0011_csr-certbot.pem
-rw-r--r-- 1 root root  920 Jul 31  2020 0012_csr-certbot.pem
-rw-r--r-- 1 root root  920 Jul 31  2020 0013_csr-certbot.pem
-rw-r--r-- 1 root root  920 Jul 31  2020 0014_csr-certbot.pem
-rw-r--r-- 1 root root  940 Jul 31  2020 0015_csr-certbot.pem
-rw-r--r-- 1 root root  940 Jul 31  2020 0016_csr-certbot.pem
-rw-r--r-- 1 root root  968 Aug 26  2020 0017_csr-certbot.pem
-rw-r--r-- 1 root root  968 Oct 25  2020 0018_csr-certbot.pem
-rw-r--r-- 1 root root  968 Oct 26  2020 0019_csr-certbot.pem
-rw-r--r-- 1 root root  968 Oct 26  2020 0020_csr-certbot.pem
-rw-r--r-- 1 root root  968 Oct 27  2020 0021_csr-certbot.pem
-rw-r--r-- 1 root root  968 Oct 27  2020 0022_csr-certbot.pem
-rw-r--r-- 1 root root  968 Oct 28  2020 0023_csr-certbot.pem
-rw-r--r-- 1 root root  968 Oct 28  2020 0024_csr-certbot.pem
-rw-r--r-- 1 root root  968 Oct 29  2020 0025_csr-certbot.pem
-rw-r--r-- 1 root root  968 Oct 29  2020 0026_csr-certbot.pem
-rw-r--r-- 1 root root  968 Oct 30  2020 0027_csr-certbot.pem
-rw-r--r-- 1 root root  968 Oct 30  2020 0028_csr-certbot.pem
-rw-r--r-- 1 root root  968 Oct 31  2020 0029_csr-certbot.pem
-rw-r--r-- 1 root root  968 Oct 31  2020 0030_csr-certbot.pem
-rw-r--r-- 1 root root  968 Nov  1  2020 0031_csr-certbot.pem
-rw-r--r-- 1 root root  968 Nov  1  2020 0032_csr-certbot.pem
-rw-r--r-- 1 root root  968 Nov  2  2020 0033_csr-certbot.pem
-rw-r--r-- 1 root root  968 Nov  2  2020 0034_csr-certbot.pem
-rw-r--r-- 1 root root  968 Nov  3  2020 0035_csr-certbot.pem
-rw-r--r-- 1 root root  968 Nov  3  2020 0036_csr-certbot.pem
-rw-r--r-- 1 root root  968 Nov  3  2020 0037_csr-certbot.pem
-rw-r--r-- 1 root root  968 Nov  3  2020 0038_csr-certbot.pem
-rw-r--r-- 1 root root  968 Nov  3  2020 0039_csr-certbot.pem
-rw-r--r-- 1 root root  968 Jan  3  2021 0040_csr-certbot.pem
-rw-r--r-- 1 root root  968 Mar  4 00:04 0041_csr-certbot.pem
-rw-r--r-- 1 root root  968 May  3 09:37 0042_csr-certbot.pem
-rw-r--r-- 1 root root  989 May  6 19:50 0043_csr-certbot.pem
-rw-r--r-- 1 root root  989 May  6 19:53 0044_csr-certbot.pem
-rw-r--r-- 1 root root  989 May  6 19:58 0045_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul  5 22:18 0046_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul  6 00:08 0047_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul  6 09:47 0048_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul  6 15:36 0049_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul  7 00:02 0050_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul  7 10:53 0051_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul  7 18:33 0052_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul  8 00:07 0053_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul  8 07:26 0054_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul  8 16:15 0055_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul  9 00:01 0056_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul  9 05:35 0057_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul  9 12:41 0058_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 10 00:04 0059_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 10 01:27 0060_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 10 17:32 0061_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 11 00:02 0062_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 11 02:44 0063_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 11 14:40 0064_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 12 00:02 0065_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 12 03:22 0066_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 12 20:43 0067_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 13 00:05 0068_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 13 11:10 0069_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 13 23:31 0070_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 14 00:01 0071_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 14 01:51 0072_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 14 19:54 0073_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 15 00:05 0074_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 15 10:21 0075_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 15 16:44 0076_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 16 00:03 0077_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 16 11:51 0078_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 16 17:44 0079_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 17 00:01 0080_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 17 11:16 0081_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 17 13:20 0082_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 18 00:03 0083_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 18 06:40 0084_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 18 14:42 0085_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 19 00:04 0086_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 19 06:09 0087_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 19 19:31 0088_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 20 00:07 0089_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 20 06:34 0090_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 20 15:44 0091_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 21 00:05 0092_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 21 00:50 0093_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 21 18:10 0094_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 22 00:03 0095_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 22 07:09 0096_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 22 22:23 0097_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 23 00:06 0098_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 23 10:34 0099_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 23 20:16 0100_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 24 00:07 0101_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 24 09:52 0102_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 24 21:42 0103_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 25 00:03 0104_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 25 09:36 0105_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 25 16:47 0106_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 26 00:02 0107_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 26 05:24 0108_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 26 18:14 0109_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 27 00:00 0110_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 27 05:21 0111_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 27 20:07 0112_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 28 00:00 0113_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 28 00:34 0114_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 28 23:00 0115_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 29 00:05 0116_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 29 08:06 0117_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 29 17:59 0118_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 30 00:02 0119_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 30 03:07 0120_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 30 15:27 0121_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 31 00:05 0122_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 31 04:17 0123_csr-certbot.pem
-rw-r--r-- 1 root root  989 Jul 31 18:00 0124_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  1 00:01 0125_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  1 10:23 0126_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  1 23:06 0127_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  2 00:04 0128_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  2 08:06 0129_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  2 23:45 0130_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  3 00:07 0131_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  3 11:33 0132_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  3 20:56 0133_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  4 00:03 0134_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  4 10:06 0135_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  4 16:04 0136_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  5 00:05 0137_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  5 10:42 0138_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  5 14:58 0139_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  6 00:03 0140_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  6 01:12 0141_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  6 14:36 0142_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  6 14:44 0143_csr-certbot.pem
-rw-r--r-- 1 root root  989 Aug  6 18:18 0144_csr-certbot.pem

/etc/letsencrypt/keys:
total 588
drwx------ 2 root root 4096 Aug  6 18:18 .
drwxr-xr-x 9 root root 4096 Aug  6 18:18 ..
-rw------- 1 root root 1704 Jul 30  2020 0000_key-certbot.pem
-rw------- 1 root root 1704 Jul 30  2020 0001_key-certbot.pem
-rw------- 1 root root 1704 Jul 30  2020 0002_key-certbot.pem
-rw------- 1 root root 1708 Jul 30  2020 0003_key-certbot.pem
-rw------- 1 root root 1704 Jul 30  2020 0004_key-certbot.pem
-rw------- 1 root root 1704 Jul 30  2020 0005_key-certbot.pem
-rw------- 1 root root 1704 Jul 31  2020 0006_key-certbot.pem
-rw------- 1 root root 1704 Jul 31  2020 0007_key-certbot.pem
-rw------- 1 root root 1708 Jul 31  2020 0008_key-certbot.pem
-rw------- 1 root root 1704 Jul 31  2020 0009_key-certbot.pem
-rw------- 1 root root 1704 Jul 31  2020 0010_key-certbot.pem
-rw------- 1 root root 1704 Jul 31  2020 0011_key-certbot.pem
-rw------- 1 root root 1704 Jul 31  2020 0012_key-certbot.pem
-rw------- 1 root root 1704 Jul 31  2020 0013_key-certbot.pem
-rw------- 1 root root 1704 Jul 31  2020 0014_key-certbot.pem
-rw------- 1 root root 1704 Jul 31  2020 0015_key-certbot.pem
-rw------- 1 root root 1704 Jul 31  2020 0016_key-certbot.pem
-rw------- 1 root root 1704 Aug 26  2020 0017_key-certbot.pem
-rw------- 1 root root 1704 Oct 25  2020 0018_key-certbot.pem
-rw------- 1 root root 1704 Oct 26  2020 0019_key-certbot.pem
-rw------- 1 root root 1704 Oct 26  2020 0020_key-certbot.pem
-rw------- 1 root root 1708 Oct 27  2020 0021_key-certbot.pem
-rw------- 1 root root 1708 Oct 27  2020 0022_key-certbot.pem
-rw------- 1 root root 1704 Oct 28  2020 0023_key-certbot.pem
-rw------- 1 root root 1704 Oct 28  2020 0024_key-certbot.pem
-rw------- 1 root root 1704 Oct 29  2020 0025_key-certbot.pem
-rw------- 1 root root 1704 Oct 29  2020 0026_key-certbot.pem
-rw------- 1 root root 1704 Oct 30  2020 0027_key-certbot.pem
-rw------- 1 root root 1704 Oct 30  2020 0028_key-certbot.pem
-rw------- 1 root root 1704 Oct 31  2020 0029_key-certbot.pem
-rw------- 1 root root 1704 Oct 31  2020 0030_key-certbot.pem
-rw------- 1 root root 1704 Nov  1  2020 0031_key-certbot.pem
-rw------- 1 root root 1704 Nov  1  2020 0032_key-certbot.pem
-rw------- 1 root root 1708 Nov  2  2020 0033_key-certbot.pem
-rw------- 1 root root 1708 Nov  2  2020 0034_key-certbot.pem
-rw------- 1 root root 1708 Nov  3  2020 0035_key-certbot.pem
-rw------- 1 root root 1704 Nov  3  2020 0036_key-certbot.pem
-rw------- 1 root root 1704 Nov  3  2020 0037_key-certbot.pem
-rw------- 1 root root 1704 Nov  3  2020 0038_key-certbot.pem
-rw------- 1 root root 1704 Nov  3  2020 0039_key-certbot.pem
-rw------- 1 root root 1704 Jan  3  2021 0040_key-certbot.pem
-rw------- 1 root root 1708 Mar  4 00:04 0041_key-certbot.pem
-rw------- 1 root root 1704 May  3 09:37 0042_key-certbot.pem
-rw------- 1 root root 1704 May  6 19:50 0043_key-certbot.pem
-rw------- 1 root root 1708 May  6 19:53 0044_key-certbot.pem
-rw------- 1 root root 1708 May  6 19:58 0045_key-certbot.pem
-rw------- 1 root root 1708 Jul  5 22:18 0046_key-certbot.pem
-rw------- 1 root root 1704 Jul  6 00:08 0047_key-certbot.pem
-rw------- 1 root root 1704 Jul  6 09:47 0048_key-certbot.pem
-rw------- 1 root root 1704 Jul  6 15:36 0049_key-certbot.pem
-rw------- 1 root root 1704 Jul  7 00:02 0050_key-certbot.pem
-rw------- 1 root root 1704 Jul  7 10:53 0051_key-certbot.pem
-rw------- 1 root root 1704 Jul  7 18:33 0052_key-certbot.pem
-rw------- 1 root root 1704 Jul  8 00:07 0053_key-certbot.pem
-rw------- 1 root root 1708 Jul  8 07:26 0054_key-certbot.pem
-rw------- 1 root root 1704 Jul  8 16:15 0055_key-certbot.pem
-rw------- 1 root root 1704 Jul  9 00:01 0056_key-certbot.pem
-rw------- 1 root root 1704 Jul  9 05:35 0057_key-certbot.pem
-rw------- 1 root root 1708 Jul  9 12:41 0058_key-certbot.pem
-rw------- 1 root root 1704 Jul 10 00:04 0059_key-certbot.pem
-rw------- 1 root root 1704 Jul 10 01:27 0060_key-certbot.pem
-rw------- 1 root root 1704 Jul 10 17:32 0061_key-certbot.pem
-rw------- 1 root root 1708 Jul 11 00:02 0062_key-certbot.pem
-rw------- 1 root root 1704 Jul 11 02:44 0063_key-certbot.pem
-rw------- 1 root root 1708 Jul 11 14:40 0064_key-certbot.pem
-rw------- 1 root root 1708 Jul 12 00:02 0065_key-certbot.pem
-rw------- 1 root root 1704 Jul 12 03:22 0066_key-certbot.pem
-rw------- 1 root root 1704 Jul 12 20:43 0067_key-certbot.pem
-rw------- 1 root root 1708 Jul 13 00:05 0068_key-certbot.pem
-rw------- 1 root root 1708 Jul 13 11:10 0069_key-certbot.pem
-rw------- 1 root root 1708 Jul 13 23:31 0070_key-certbot.pem
-rw------- 1 root root 1704 Jul 14 00:01 0071_key-certbot.pem
-rw------- 1 root root 1704 Jul 14 01:51 0072_key-certbot.pem
-rw------- 1 root root 1704 Jul 14 19:54 0073_key-certbot.pem
-rw------- 1 root root 1704 Jul 15 00:05 0074_key-certbot.pem
-rw------- 1 root root 1704 Jul 15 10:21 0075_key-certbot.pem
-rw------- 1 root root 1708 Jul 15 16:44 0076_key-certbot.pem
-rw------- 1 root root 1704 Jul 16 00:03 0077_key-certbot.pem
-rw------- 1 root root 1704 Jul 16 11:51 0078_key-certbot.pem
-rw------- 1 root root 1704 Jul 16 17:44 0079_key-certbot.pem
-rw------- 1 root root 1704 Jul 17 00:01 0080_key-certbot.pem
-rw------- 1 root root 1704 Jul 17 11:16 0081_key-certbot.pem
-rw------- 1 root root 1704 Jul 17 13:20 0082_key-certbot.pem
-rw------- 1 root root 1704 Jul 18 00:03 0083_key-certbot.pem
-rw------- 1 root root 1704 Jul 18 06:40 0084_key-certbot.pem
-rw------- 1 root root 1704 Jul 18 14:42 0085_key-certbot.pem
-rw------- 1 root root 1704 Jul 19 00:04 0086_key-certbot.pem
-rw------- 1 root root 1704 Jul 19 06:09 0087_key-certbot.pem
-rw------- 1 root root 1704 Jul 19 19:31 0088_key-certbot.pem
-rw------- 1 root root 1704 Jul 20 00:07 0089_key-certbot.pem
-rw------- 1 root root 1708 Jul 20 06:34 0090_key-certbot.pem
-rw------- 1 root root 1704 Jul 20 15:44 0091_key-certbot.pem
-rw------- 1 root root 1704 Jul 21 00:05 0092_key-certbot.pem
-rw------- 1 root root 1704 Jul 21 00:50 0093_key-certbot.pem
-rw------- 1 root root 1704 Jul 21 18:10 0094_key-certbot.pem
-rw------- 1 root root 1704 Jul 22 00:03 0095_key-certbot.pem
-rw------- 1 root root 1708 Jul 22 07:09 0096_key-certbot.pem
-rw------- 1 root root 1704 Jul 22 22:23 0097_key-certbot.pem
-rw------- 1 root root 1708 Jul 23 00:06 0098_key-certbot.pem
-rw------- 1 root root 1704 Jul 23 10:34 0099_key-certbot.pem
-rw------- 1 root root 1704 Jul 23 20:16 0100_key-certbot.pem
-rw------- 1 root root 1704 Jul 24 00:07 0101_key-certbot.pem
-rw------- 1 root root 1704 Jul 24 09:52 0102_key-certbot.pem
-rw------- 1 root root 1704 Jul 24 21:42 0103_key-certbot.pem
-rw------- 1 root root 1704 Jul 25 00:03 0104_key-certbot.pem
-rw------- 1 root root 1704 Jul 25 09:36 0105_key-certbot.pem
-rw------- 1 root root 1708 Jul 25 16:47 0106_key-certbot.pem
-rw------- 1 root root 1708 Jul 26 00:02 0107_key-certbot.pem
-rw------- 1 root root 1708 Jul 26 05:24 0108_key-certbot.pem
-rw------- 1 root root 1708 Jul 26 18:14 0109_key-certbot.pem
-rw------- 1 root root 1708 Jul 27 00:00 0110_key-certbot.pem
-rw------- 1 root root 1704 Jul 27 05:21 0111_key-certbot.pem
-rw------- 1 root root 1704 Jul 27 20:07 0112_key-certbot.pem
-rw------- 1 root root 1704 Jul 28 00:00 0113_key-certbot.pem
-rw------- 1 root root 1704 Jul 28 00:34 0114_key-certbot.pem
-rw------- 1 root root 1704 Jul 28 23:00 0115_key-certbot.pem
-rw------- 1 root root 1704 Jul 29 00:05 0116_key-certbot.pem
-rw------- 1 root root 1704 Jul 29 08:06 0117_key-certbot.pem
-rw------- 1 root root 1704 Jul 29 17:59 0118_key-certbot.pem
-rw------- 1 root root 1704 Jul 30 00:02 0119_key-certbot.pem
-rw------- 1 root root 1704 Jul 30 03:07 0120_key-certbot.pem
-rw------- 1 root root 1704 Jul 30 15:27 0121_key-certbot.pem
-rw------- 1 root root 1704 Jul 31 00:05 0122_key-certbot.pem
-rw------- 1 root root 1704 Jul 31 04:17 0123_key-certbot.pem
-rw------- 1 root root 1704 Jul 31 18:00 0124_key-certbot.pem
-rw------- 1 root root 1704 Aug  1 00:01 0125_key-certbot.pem
-rw------- 1 root root 1708 Aug  1 10:23 0126_key-certbot.pem
-rw------- 1 root root 1704 Aug  1 23:06 0127_key-certbot.pem
-rw------- 1 root root 1704 Aug  2 00:04 0128_key-certbot.pem
-rw------- 1 root root 1708 Aug  2 08:06 0129_key-certbot.pem
-rw------- 1 root root 1704 Aug  2 23:45 0130_key-certbot.pem
-rw------- 1 root root 1708 Aug  3 00:07 0131_key-certbot.pem
-rw------- 1 root root 1704 Aug  3 11:33 0132_key-certbot.pem
-rw------- 1 root root 1704 Aug  3 20:56 0133_key-certbot.pem
-rw------- 1 root root 1704 Aug  4 00:03 0134_key-certbot.pem
-rw------- 1 root root 1704 Aug  4 10:06 0135_key-certbot.pem
-rw------- 1 root root 1704 Aug  4 16:04 0136_key-certbot.pem
-rw------- 1 root root 1704 Aug  5 00:05 0137_key-certbot.pem
-rw------- 1 root root 1704 Aug  5 10:42 0138_key-certbot.pem
-rw------- 1 root root 1708 Aug  5 14:58 0139_key-certbot.pem
-rw------- 1 root root 1704 Aug  6 00:03 0140_key-certbot.pem
-rw------- 1 root root 1708 Aug  6 01:12 0141_key-certbot.pem
-rw------- 1 root root 1704 Aug  6 14:36 0142_key-certbot.pem
-rw------- 1 root root 1704 Aug  6 14:44 0143_key-certbot.pem
-rw------- 1 root root 1704 Aug  6 18:18 0144_key-certbot.pem

/etc/letsencrypt/live:
total 16
drwx------ 3 root root 4096 Jul 31  2020 .
drwxr-xr-x 9 root root 4096 Aug  6 18:18 ..
drwxr-xr-x 2 root root 4096 Aug  6 18:18 auhrii.dev
-rw-r--r-- 1 root root  740 Jul 31  2020 README

/etc/letsencrypt/live/auhrii.dev:
total 12
drwxr-xr-x 2 root root 4096 Aug  6 18:18 .
drwx------ 3 root root 4096 Jul 31  2020 ..
lrwxrwxrwx 1 root root   34 Aug  6 18:18 cert.pem -> ../../archive/auhrii.dev/cert8.pem
lrwxrwxrwx 1 root root   35 Aug  6 18:18 chain.pem -> ../../archive/auhrii.dev/chain8.pem
lrwxrwxrwx 1 root root   39 Aug  6 18:18 fullchain.pem -> ../../archive/auhrii.dev/fullchain8.pem
lrwxrwxrwx 1 root root   37 Aug  6 18:18 privkey.pem -> ../../archive/auhrii.dev/privkey8.pem
-rw-r--r-- 1 root root  692 Jul 31  2020 README

/etc/letsencrypt/renewal:
total 12
drwxr-xr-x 2 root root 4096 Aug  6 18:18 .
drwxr-xr-x 9 root root 4096 Aug  6 18:18 ..
-rw-r--r-- 1 root root  494 Aug  6 18:18 auhrii.dev.conf

/etc/letsencrypt/renewal-hooks:
total 20
drwxr-xr-x 5 root root 4096 Jul 30  2020 .
drwxr-xr-x 9 root root 4096 Aug  6 18:18 ..
drwxr-xr-x 2 root root 4096 Jul 30  2020 deploy
drwxr-xr-x 2 root root 4096 Jul 30  2020 post
drwxr-xr-x 2 root root 4096 Jul 30  2020 pre

/etc/letsencrypt/renewal-hooks/deploy:
total 8
drwxr-xr-x 2 root root 4096 Jul 30  2020 .
drwxr-xr-x 5 root root 4096 Jul 30  2020 ..

/etc/letsencrypt/renewal-hooks/post:
total 8
drwxr-xr-x 2 root root 4096 Jul 30  2020 .
drwxr-xr-x 5 root root 4096 Jul 30  2020 ..

/etc/letsencrypt/renewal-hooks/pre:
total 8
drwxr-xr-x 2 root root 4096 Jul 30  2020 .
drwxr-xr-x 5 root root 4096 Jul 30  2020 ..

certbot certificates

Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Found the following certs:
  Certificate Name: auhrii.dev
    Domains: auhrii.dev personal.auhrii.dev sl.auhrii.dev www.auhrii.dev
    Expiry Date: 2021-11-04 16:18:26+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/auhrii.dev/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/auhrii.dev/privkey.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Edit: Found a certbot certificates output from before I successfully renewed in another terminal window:

certbot certificates 2: electric boogaloo

Saving debug log to /var/log/letsencrypt/letsencrypt.log
OCSP check failed for /etc/letsencrypt/live/auhrii.dev/cert.pem (are we offline?)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Found the following certs:
  Certificate Name: auhrii.dev
    Domains: auhrii.dev personal.auhrii.dev sl.auhrii.dev www.auhrii.dev
    Expiry Date: 2021-08-04 17:58:57+00:00 (INVALID: EXPIRED)
    Certificate Path: /etc/letsencrypt/live/auhrii.dev/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/auhrii.dev/privkey.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

rg305 · August 6, 2021, 10:30pm

Do you normally stop nginx when renewing the cert?

rg305 · August 6, 2021, 10:32pm

It's always best to show all of the output.

Auhrii · August 6, 2021, 10:37pm

I do, yes. The full command I use in my crontab is sudo systemctl stop nginx && sudo certbot renew --renew-hook "sudo systemctl start nginx"

I thought as much, though certbot aborted before it even processed the other site files. Only real difference between the site configs is the other two have noindex headers:

Full nginx -T output

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# configuration file /etc/nginx/nginx.conf:
user root;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
	worker_connections 768;
	# multi_accept on;
}

http {

	##
	# Basic Settings
	##

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;
	server_tokens off;
	
	#add_header X-Frame-Options "SAMEORIGIN" always;
	#add_header X-Content-Type-Options "nosniff" always;
	#add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
	#add_header Content-Security-Policy "default-src 'self' *.auhrii.dev" always;

	# server_names_hash_bucket_size 64;
	# server_name_in_redirect off;

	include /etc/nginx/mime.types;
	default_type text/html;

	##
	# SSL Settings
	##

	ssl_protocols TLSv1.2 TLSv1.3;
	ssl_prefer_server_ciphers on;

	##
	# Logging Settings
	##

	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	##
	# Gzip Settings
	##

	gzip on;

	# gzip_vary on;
	# gzip_proxied any;
	# gzip_comp_level 6;
	# gzip_buffers 16 8k;
	# gzip_http_version 1.1;
	# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

	##
	# Virtual Host Configs
	##

	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;
}


#mail {
#	# See sample authentication script at:
#	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
# 
#	# auth_http localhost/auth.php;
#	# pop3_capabilities "TOP" "USER";
#	# imap_capabilities "IMAP4rev1" "UIDPLUS";
# 
#	server {
#		listen     localhost:110;
#		protocol   pop3;
#		proxy      on;
#	}
# 
#	server {
#		listen     localhost:143;
#		protocol   imap;
#		proxy      on;
#	}
#}

# configuration file /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf:
load_module modules/ngx_http_auth_pam_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf:
load_module modules/ngx_http_dav_ext_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-http-echo.conf:
load_module modules/ngx_http_echo_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-http-geoip.conf:
load_module modules/ngx_http_geoip_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-http-image-filter.conf:
load_module modules/ngx_http_image_filter_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf:
load_module modules/ngx_http_subs_filter_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf:
load_module modules/ngx_http_upstream_fair_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf:
load_module modules/ngx_http_xslt_filter_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-mail.conf:
load_module modules/ngx_mail_module.so;

# configuration file /etc/nginx/modules-enabled/50-mod-stream.conf:
load_module modules/ngx_stream_module.so;

# configuration file /etc/nginx/mime.types:

types {
    text/html                             html htm shtml;
    text/css                              css;
    text/xml                              xml;
    image/gif                             gif;
    image/jpeg                            jpeg jpg;
    application/javascript                js;
    application/atom+xml                  atom;
    application/rss+xml                   rss;

    text/mathml                           mml;
    text/plain                            txt;
    text/vnd.sun.j2me.app-descriptor      jad;
    text/vnd.wap.wml                      wml;
    text/x-component                      htc;

    image/png                             png;
    image/tiff                            tif tiff;
    image/vnd.wap.wbmp                    wbmp;
    image/x-icon                          ico;
    image/x-jng                           jng;
    image/x-ms-bmp                        bmp;
    image/svg+xml                         svg svgz;
    image/webp                            webp;

    application/font-woff                 woff;
    application/java-archive              jar war ear;
    application/json                      json;
    application/mac-binhex40              hqx;
    application/msword                    doc;
    application/pdf                       pdf;
    application/postscript                ps eps ai;
    application/rtf                       rtf;
    application/vnd.apple.mpegurl         m3u8;
    application/vnd.ms-excel              xls;
    application/vnd.ms-fontobject         eot;
    application/vnd.ms-powerpoint         ppt;
    application/vnd.wap.wmlc              wmlc;
    application/vnd.google-earth.kml+xml  kml;
    application/vnd.google-earth.kmz      kmz;
    application/x-7z-compressed           7z;
    application/x-cocoa                   cco;
    application/x-java-archive-diff       jardiff;
    application/x-java-jnlp-file          jnlp;
    application/x-makeself                run;
    application/x-perl                    pl pm;
    application/x-pilot                   prc pdb;
    application/x-rar-compressed          rar;
    application/x-redhat-package-manager  rpm;
    application/x-sea                     sea;
    application/x-shockwave-flash         swf;
    application/x-stuffit                 sit;
    application/x-tcl                     tcl tk;
    application/x-x509-ca-cert            der pem crt;
    application/x-xpinstall               xpi;
    application/xhtml+xml                 xhtml;
    application/xspf+xml                  xspf;
    application/zip                       zip;

    application/octet-stream              bin exe dll;
    application/octet-stream              deb;
    application/octet-stream              dmg;
    application/octet-stream              iso img;
    application/octet-stream              msi msp msm;

    application/vnd.openxmlformats-officedocument.wordprocessingml.document    docx;
    application/vnd.openxmlformats-officedocument.spreadsheetml.sheet          xlsx;
    application/vnd.openxmlformats-officedocument.presentationml.presentation  pptx;

    audio/midi                            mid midi kar;
    audio/mpeg                            mp3;
    audio/ogg                             ogg;
    audio/x-m4a                           m4a;
    audio/x-realaudio                     ra;

    video/3gpp                            3gpp 3gp;
    video/mp2t                            ts;
    video/mp4                             mp4;
    video/mpeg                            mpeg mpg;
    video/quicktime                       mov;
    video/webm                            webm;
    video/x-flv                           flv;
    video/x-m4v                           m4v;
    video/x-mng                           mng;
    video/x-ms-asf                        asx asf;
    video/x-ms-wmv                        wmv;
    video/x-msvideo                       avi;
}

# configuration file /etc/nginx/sites-enabled/default:
# Default server configuration

server {
	listen [::]:80;
	listen 80;
	server_name auhrii.dev www.auhrii.dev;
	return 301 https://$host$request_uri;
}

server {
	listen [::]:443 ssl http2;
	listen 443 ssl http2;
	ssl on;
	ssl_certificate /etc/letsencrypt/live/auhrii.dev/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/auhrii.dev/privkey.pem;
	server_name auhrii.dev www.auhrii.dev;
	root /mediaserver/html;
	index index.php;
	error_log /mediaserver/public_error.log;
	
	error_page 404 /404.php;
	
	add_header X-Frame-Options "SAMEORIGIN" always;
	add_header X-Content-Type-Options "nosniff" always;
	add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
	add_header Content-Security-Policy "default-src 'self' cdnjs.cloudflare.com code.jquery.com; base-uri *.auhrii.dev;" always;
	
	location ~ \.php$ {
		try_files $uri =404;
                fastcgi_pass 127.0.0.1:9000;
                fastcgi_index index.php;
                include fastcgi.conf;
        }

        location / {
                if ($request_uri ~ ^/(.*)\.html) {
                        return 302 /$1;
                }
                if ($request_uri ~ ^/(.*)\.php) {
                        return 302 /$1;
                }
		
                try_files $uri $uri/ $uri.html $uri.php;
        }
	
	location ~ /\. {
		deny all;
	}
	
	location ^~ /.well-known/acme-challenge/ {
		allow all;
		root /mediaserver/html;
	}
}

# configuration file /etc/nginx/fastcgi.conf:

fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  REQUEST_SCHEME     $scheme;
fastcgi_param  HTTPS              $https if_not_empty;

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

# configuration file /etc/nginx/sites-enabled/personal:
# Personal subdomain

server {
	listen [::]:80;
	listen 80;
	server_name personal.auhrii.dev;
	return 301 https://$host$request_uri;
}

server {
	listen [::]:443 ssl http2;
	listen 443 ssl http2;
	ssl on;
	ssl_certificate /etc/letsencrypt/live/auhrii.dev/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/auhrii.dev/privkey.pem;
	server_name personal.auhrii.dev;
	root /mediaserver/personal;
	index index.php;
	error_log /mediaserver/personal_error.log;
	
	error_page 404 /404.php;
	
	add_header X-Robots-Tag "noindex" always;
	add_header X-Frame-Options "SAMEORIGIN" always;
	add_header X-Content-Type-Options "nosniff" always;
	add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
	add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' cdnjs.cloudflare.com code.jquery.com data: blob:; base-uri *.auhrii.dev;" always;
	
	client_max_body_size 32M;
	
	location ~ \.php$ {
		try_files $uri =404;
                fastcgi_pass 127.0.0.1:9000;
                fastcgi_index index.php;
                include fastcgi.conf;
		#add_header X-Robots-Tag "noindex" always;
        }

        location / {
		#add_header X-Robots-Tag "noindex" always;
		
                if ($request_uri ~ ^/(.*)\.html) {
                        return 302 /$1;
                }
                if ($request_uri ~ ^/(.*)\.php) {
                        return 302 /$1;
                }
		
                try_files $uri $uri/ $uri.html $uri.php;
        }
	
	location ~ /\. {
		deny all;
	}
	
	location ^~ /.well-known/acme-challenge/ {
		allow all;
		root /mediaserver/personal;
	}
}

# configuration file /etc/nginx/sites-enabled/second-life:
# Personal subdomain

server {
	listen [::]:80;
	listen 80;
	server_name sl.auhrii.dev;
	return 301 https://$host$request_uri;
}

server {
	listen [::]:443 ssl http2;
	listen 443 ssl http2;
	ssl on;
	ssl_certificate /etc/letsencrypt/live/auhrii.dev/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/auhrii.dev/privkey.pem;
	server_name sl.auhrii.dev;
	root /mediaserver/secondlife;
	index index.php;
	error_log /mediaserver/sl_error.log;
	
	error_page 404 /404.php;
	
	add_header X-Robots-Tag "noindex" always;
	add_header X-Frame-Options "SAMEORIGIN" always;
	add_header X-Content-Type-Options "nosniff" always;
	add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
	add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' cdnjs.cloudflare.com code.jquery.com data: blob:; base-uri *.auhrii.dev;" always;
	
	client_max_body_size 32M;
	
	location ~ \.php$ {
		try_files $uri =404;
                fastcgi_pass 127.0.0.1:9000;
                fastcgi_index index.php;
                include fastcgi.conf;
		#add_header X-Robots-Tag "noindex" always;
        }

        location / {
		#add_header X-Robots-Tag "noindex" always;
		
                if ($request_uri ~ ^/(.*)\.html) {
                        return 302 /$1;
                }
                if ($request_uri ~ ^/(.*)\.php) {
                        return 302 /$1;
                }
		
                try_files $uri $uri/ $uri.html $uri.php;
        }
	
	location ~ /\. {
		deny all;
	}
	
	location ^~ /.well-known/acme-challenge/ {
		allow all;
		root /mediaserver/secondlife;
	}
}

rg305 · August 6, 2021, 10:42pm

I can see why you had to stop the nginx server.
But there are ways to use nginx instead of stopping it and then restarting it.
[if you have any interest in that, we can explore it after we fix this problem]

~~Please stop nginx~~
~~Run certbot with added -vv parameter~~
~~[restart nginx]~~
~~Then post the related LE logs file entries~~
~~[Saving debug log to /var/log/letsencrypt/letsencrypt.log]~~

rg305 · August 6, 2021, 10:47pm

Sorry, you already renewed the cert today:
crt.sh | 4994962512
I don't think we will see any new errors, so don't run certbot again.
Just post the log file entries while the problem occured.

Auhrii · August 6, 2021, 11:00pm

This is a rather large log and I'm having difficulty finding where each dry run attempt begins and ends. Would it be okay for me to post the entire log file?

And yeah, not sure what happened that suddenly allowed me to renew - I did all sorts of poking around and the successful attempt was, of course, the one that had me back at my starting configuration with absolutely zero changes from my initial attempt.

griffin · August 6, 2021, 11:02pm

You can just upload the log (as a txt file) rather than posting it.

rg305 · August 6, 2021, 11:02pm

The entries are timestamped.

Sure, if too big here, then you can use any public site like paste.bin

griffin · August 6, 2021, 11:03pm

Try uploading here as txt first though. It prevents formatting destruction due to web presentation.

I spent two hours earlier today repairing a bunch of posted configuration files with nbsp's and other garbage in them due to reinterpretation of the text by Discourse. Uploading files preserves their original contents including any odd characters that might be causing issues.

Auhrii · August 6, 2021, 11:05pm

Here it is, in all its glory. The successful renew attempt was at around 2021-08-06 18:17, but that's all I can really tell you. Thank you both!

letsencrypt.txt (1017.4 KB)

griffin · August 6, 2021, 11:07pm

As a side note, we've had configuration files "magically" repaired by having them posted in the community then pasted into a utf-8 text editor. This "filtration" process masked the original cause of the problem.

A pox on the invention of the tab character!

rg305 · August 6, 2021, 11:10pm

A quick search on that file returns:

2021-08-01 10:23:25,135:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-01 10:23:25,135:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-01 10:23:25,137:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-01 10:23:25,138:DEBUG:certbot.error_handler:Calling registered functions
2021-08-01 10:23:25,138:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-01 10:23:25,142:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-01 10:23:25,142:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-01 23:06:46,833:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-01 23:06:46,833:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-01 23:06:46,836:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-01 23:06:46,836:DEBUG:certbot.error_handler:Calling registered functions
2021-08-01 23:06:46,837:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-01 23:06:46,840:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-01 23:06:46,841:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-02 00:04:16,936:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-02 00:04:16,937:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-02 00:04:16,940:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-02 00:04:16,940:DEBUG:certbot.error_handler:Calling registered functions
2021-08-02 00:04:16,941:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-02 00:04:16,945:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-02 00:04:16,946:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-02 08:06:59,602:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-02 08:06:59,603:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-02 08:06:59,605:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-02 08:06:59,605:DEBUG:certbot.error_handler:Calling registered functions
2021-08-02 08:06:59,606:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-02 08:06:59,609:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-02 08:06:59,610:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-02 23:45:26,917:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-02 23:45:26,918:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-02 23:45:26,920:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-02 23:45:26,920:DEBUG:certbot.error_handler:Calling registered functions
2021-08-02 23:45:26,921:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-02 23:45:26,925:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-02 23:45:26,925:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-03 00:07:12,863:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-03 00:07:12,863:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-03 00:07:12,865:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-03 00:07:12,865:DEBUG:certbot.error_handler:Calling registered functions
2021-08-03 00:07:12,866:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-03 00:07:12,870:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-03 00:07:12,870:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-03 11:33:24,603:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-03 11:33:24,604:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-03 11:33:24,606:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-03 11:33:24,606:DEBUG:certbot.error_handler:Calling registered functions
2021-08-03 11:33:24,607:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-03 11:33:24,610:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-03 11:33:24,611:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-03 20:56:43,667:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-03 20:56:43,668:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-03 20:56:43,670:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-03 20:56:43,670:DEBUG:certbot.error_handler:Calling registered functions
2021-08-03 20:56:43,671:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-03 20:56:43,674:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-03 20:56:43,675:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-04 00:03:59,507:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-04 00:03:59,508:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-04 00:03:59,510:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-04 00:03:59,510:DEBUG:certbot.error_handler:Calling registered functions
2021-08-04 00:03:59,511:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-04 00:03:59,514:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-04 00:03:59,515:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-04 10:06:24,742:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-04 10:06:24,742:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-04 10:06:24,746:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-04 10:06:24,746:DEBUG:certbot.error_handler:Calling registered functions
2021-08-04 10:06:24,748:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-04 10:06:24,754:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-04 10:06:24,754:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-04 16:04:35,077:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-04 16:04:35,077:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-04 16:04:35,079:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-04 16:04:35,080:DEBUG:certbot.error_handler:Calling registered functions
2021-08-04 16:04:35,080:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-04 16:04:35,084:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-04 16:04:35,084:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-05 00:05:14,227:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-05 00:05:14,228:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-05 00:05:14,230:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-05 00:05:14,230:DEBUG:certbot.error_handler:Calling registered functions
2021-08-05 00:05:14,231:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-05 00:05:14,234:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-05 00:05:14,235:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-05 10:42:53,655:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-05 10:42:53,656:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-05 10:42:53,657:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-05 10:42:53,658:DEBUG:certbot.error_handler:Calling registered functions
2021-08-05 10:42:53,659:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-05 10:42:53,663:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-05 10:42:53,663:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-05 14:58:50,585:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-05 14:58:50,585:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-05 14:58:50,587:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-05 14:58:50,587:DEBUG:certbot.error_handler:Calling registered functions
2021-08-05 14:58:50,588:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-05 14:58:50,592:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-05 14:58:50,592:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-06 00:03:19,316:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-06 00:03:19,316:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-06 00:03:19,318:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-06 00:03:19,318:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 00:03:19,319:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-06 00:03:19,323:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 00:03:19,323:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-06 01:12:54,600:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-06 01:12:54,601:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-06 01:12:54,603:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-06 01:12:54,603:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 01:12:54,604:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-06 01:12:54,608:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 01:12:54,608:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-06 14:28:31,251:DEBUG:certbot.ocsp:Error while running openssl ocsp -no_nonce -issuer /etc/letsencrypt/live/auhrii.dev/chain.pem -cert /etc/letsencrypt/live/auhrii.dev/cert.pem -url http://r3.o.lencr.org -CAfile /etc/letsencrypt/live/auhrii.dev/chain.pem -verify_other /etc/letsencrypt/live/auhrii.dev/chain.pem -trust_other -header Host=r3.o.lencr.org.
Responder Error: unauthorized (6)
2021-08-06 14:28:31,251:INFO:certbot.ocsp:OCSP check failed for /etc/letsencrypt/live/auhrii.dev/cert.pem (are we offline?)
2021-08-06 14:36:24,924:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-06 14:36:24,924:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-06 14:36:24,926:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-06 14:36:24,927:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 14:36:24,928:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-06 14:36:24,931:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 14:36:24,931:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-06 14:38:18,155:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: The requested nginx plugin does not appear to be installed. Skipping.
    raise errors.PluginSelectionError(msg)
certbot.errors.PluginSelectionError: The requested nginx plugin does not appear to be installed
2021-08-06 14:38:18,161:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 14:38:18,162:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-06 14:39:22,398:DEBUG:certbot.ocsp:Error while running openssl ocsp -no_nonce -issuer /etc/letsencrypt/live/auhrii.dev/chain.pem -cert /etc/letsencrypt/live/auhrii.dev/cert.pem -url http://r3.o.lencr.org -CAfile /etc/letsencrypt/live/auhrii.dev/chain.pem -verify_other /etc/letsencrypt/live/auhrii.dev/chain.pem -trust_other -header Host=r3.o.lencr.org.
Responder Error: unauthorized (6)
2021-08-06 14:39:22,398:INFO:certbot.ocsp:OCSP check failed for /etc/letsencrypt/live/auhrii.dev/cert.pem (are we offline?)
2021-08-06 14:39:52,645:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: The requested nginx plugin does not appear to be installed. Skipping.
    raise errors.PluginSelectionError(msg)
certbot.errors.PluginSelectionError: The requested nginx plugin does not appear to be installed
2021-08-06 14:39:52,650:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 14:39:52,651:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
      "error": {
        "type": "urn:ietf:params:acme:error:connection",
2021-08-06 14:45:09,040:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2021-08-06 14:45:09,043:DEBUG:certbot.error_handler:Encountered exception:
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/KjSxDFCE3qYA4HQDML8ZJZuWuRevlzEUD8_DHZGHrrs: Connection refused
2021-08-06 14:45:09,044:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 14:45:09,091:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/KjSxDFCE3qYA4HQDML8ZJZuWuRevlzEUD8_DHZGHrrs: Connection refused. Skipping.
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/KjSxDFCE3qYA4HQDML8ZJZuWuRevlzEUD8_DHZGHrrs: Connection refused
2021-08-06 14:45:09,099:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 14:45:09,100:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
      "error": {
        "type": "urn:ietf:params:acme:error:connection",
2021-08-06 14:48:43,096:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2021-08-06 14:48:43,097:DEBUG:certbot.error_handler:Encountered exception:
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/hXm9Enndp5oGa3VWBFWX367CGTVe36Uu5ND1dwm0KSM: Redirect loop detected
2021-08-06 14:48:43,097:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 14:48:43,416:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/hXm9Enndp5oGa3VWBFWX367CGTVe36Uu5ND1dwm0KSM: Redirect loop detected. Skipping.
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/hXm9Enndp5oGa3VWBFWX367CGTVe36Uu5ND1dwm0KSM: Redirect loop detected
2021-08-06 14:48:43,420:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 14:48:43,420:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
      "error": {
        "type": "urn:ietf:params:acme:error:connection",
2021-08-06 14:51:17,210:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2021-08-06 14:51:17,212:DEBUG:certbot.error_handler:Encountered exception:
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/iAw9mjGi7rE01o6sr7GVav6i1TMs8GVvVzCkrcTceos: Redirect loop detected
2021-08-06 14:51:17,213:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 14:51:17,348:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/iAw9mjGi7rE01o6sr7GVav6i1TMs8GVvVzCkrcTceos: Redirect loop detected. Skipping.
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/iAw9mjGi7rE01o6sr7GVav6i1TMs8GVvVzCkrcTceos: Redirect loop detected
2021-08-06 14:51:17,354:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 14:51:17,355:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
      "error": {
        "type": "urn:ietf:params:acme:error:connection",
2021-08-06 15:11:58,091:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2021-08-06 15:11:58,093:DEBUG:certbot.error_handler:Encountered exception:
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/yddjre1-LJxQBeEOYZsjQDT26XVJvPy-NxnRhRGAs3M: Redirect loop detected
2021-08-06 15:11:58,093:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 15:11:58,250:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/yddjre1-LJxQBeEOYZsjQDT26XVJvPy-NxnRhRGAs3M: Redirect loop detected. Skipping.
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/yddjre1-LJxQBeEOYZsjQDT26XVJvPy-NxnRhRGAs3M: Redirect loop detected
2021-08-06 15:11:58,256:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 15:11:58,257:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-06 15:22:16,098:DEBUG:certbot.ocsp:Error while running openssl ocsp -no_nonce -issuer /etc/letsencrypt/live/auhrii.dev/chain.pem -cert /etc/letsencrypt/live/auhrii.dev/cert.pem -url http://r3.o.lencr.org -CAfile /etc/letsencrypt/live/auhrii.dev/chain.pem -verify_other /etc/letsencrypt/live/auhrii.dev/chain.pem -trust_other -header Host=r3.o.lencr.org.
Responder Error: unauthorized (6)
2021-08-06 15:22:16,098:INFO:certbot.ocsp:OCSP check failed for /etc/letsencrypt/live/auhrii.dev/cert.pem (are we offline?)
      "error": {
        "type": "urn:ietf:params:acme:error:connection",
2021-08-06 15:26:29,033:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2021-08-06 15:26:29,034:DEBUG:certbot.error_handler:Encountered exception:
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/Jtc2xVNmL5s_hQ9WLanLCAJBRqFmjCaHXZFtxy71_4A: Redirect loop detected
2021-08-06 15:26:29,034:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 15:26:29,178:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/Jtc2xVNmL5s_hQ9WLanLCAJBRqFmjCaHXZFtxy71_4A: Redirect loop detected. Skipping.
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/Jtc2xVNmL5s_hQ9WLanLCAJBRqFmjCaHXZFtxy71_4A: Redirect loop detected
2021-08-06 15:26:29,181:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 15:26:29,182:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-06 15:26:42,442:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: The requested nginx plugin does not appear to be installed. Skipping.
    raise errors.PluginSelectionError(msg)
certbot.errors.PluginSelectionError: The requested nginx plugin does not appear to be installed
2021-08-06 15:26:42,447:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 15:26:42,447:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-06 16:04:54,212:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-06 16:04:54,212:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-06 16:04:54,214:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-06 16:04:54,214:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 16:04:54,215:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-06 16:04:54,219:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 16:04:54,219:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
      "error": {
        "type": "urn:ietf:params:acme:error:connection",
2021-08-06 16:05:18,858:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2021-08-06 16:05:18,859:DEBUG:certbot.error_handler:Encountered exception:
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/ZhsDL-ag2s2KYnIeQFu6GXkmqUjLmHSNEk7Ff8wvFDE: Redirect loop detected
2021-08-06 16:05:18,859:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 16:05:19,007:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/ZhsDL-ag2s2KYnIeQFu6GXkmqUjLmHSNEk7Ff8wvFDE: Redirect loop detected. Skipping.
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/ZhsDL-ag2s2KYnIeQFu6GXkmqUjLmHSNEk7Ff8wvFDE: Redirect loop detected
2021-08-06 16:05:19,011:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 16:05:19,011:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
      "error": {
        "type": "urn:ietf:params:acme:error:connection",
2021-08-06 16:10:02,260:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2021-08-06 16:10:02,262:DEBUG:certbot.error_handler:Encountered exception:
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/5YBYyyUvEH75merB5lZ68hghse7AMB-sQLfIXhCB8GM: Redirect loop detected
2021-08-06 16:10:02,262:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 16:10:02,417:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/5YBYyyUvEH75merB5lZ68hghse7AMB-sQLfIXhCB8GM: Redirect loop detected. Skipping.
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/5YBYyyUvEH75merB5lZ68hghse7AMB-sQLfIXhCB8GM: Redirect loop detected
2021-08-06 16:10:02,423:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 16:10:02,424:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
      "error": {
        "type": "urn:ietf:params:acme:error:connection",
2021-08-06 16:18:16,691:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2021-08-06 16:18:16,693:DEBUG:certbot.error_handler:Encountered exception:
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/mtckkonOk4Bmhxd9_p6qfQBZcuD506A8cmvAevPWqNU: Redirect loop detected
2021-08-06 16:18:16,694:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 16:18:16,872:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/mtckkonOk4Bmhxd9_p6qfQBZcuD506A8cmvAevPWqNU: Redirect loop detected. Skipping.
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/mtckkonOk4Bmhxd9_p6qfQBZcuD506A8cmvAevPWqNU: Redirect loop detected
2021-08-06 16:18:16,876:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 16:18:16,876:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-06 17:04:15,015:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-06 17:04:15,016:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-06 17:04:15,018:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-06 17:04:15,018:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 17:04:15,019:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-06 17:04:15,022:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 17:04:15,023:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
      "error": {
        "type": "urn:ietf:params:acme:error:connection",
2021-08-06 17:04:42,505:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2021-08-06 17:04:42,507:DEBUG:certbot.error_handler:Encountered exception:
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/aUA87linfItlIgSHTSMTEpc4mNToLc-715poZOwyjN4: Redirect loop detected
2021-08-06 17:04:42,508:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 17:04:42,646:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/aUA87linfItlIgSHTSMTEpc4mNToLc-715poZOwyjN4: Redirect loop detected. Skipping.
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/aUA87linfItlIgSHTSMTEpc4mNToLc-715poZOwyjN4: Redirect loop detected
2021-08-06 17:04:42,652:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 17:04:42,652:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-06 17:31:20,721:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-06 17:31:20,722:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-06 17:31:20,724:DEBUG:certbot.error_handler:Encountered exception:
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-06 17:31:20,724:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 17:31:20,725:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Problem binding to port 80: Could not bind to IPv4 or IPv6.. Skipping.
    raise socket.error("Could not bind to IPv4 or IPv6.")
OSError: Could not bind to IPv4 or IPv6.
    _handle_perform_error(error)
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.
2021-08-06 17:31:20,728:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 17:31:20,729:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
      "error": {
        "type": "urn:ietf:params:acme:error:connection",
2021-08-06 17:31:39,297:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2021-08-06 17:31:39,300:DEBUG:certbot.error_handler:Encountered exception:
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/FvgAtZBJEi_czxsAVwKyhtkCPYVlNuuyFrZg5cwJrFc: Redirect loop detected
2021-08-06 17:31:39,301:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 17:31:39,416:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/FvgAtZBJEi_czxsAVwKyhtkCPYVlNuuyFrZg5cwJrFc: Redirect loop detected. Skipping.
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/FvgAtZBJEi_czxsAVwKyhtkCPYVlNuuyFrZg5cwJrFc: Redirect loop detected
2021-08-06 17:31:39,423:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 17:31:39,424:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-06 18:03:15,818:DEBUG:certbot.error_handler:Encountered exception:
    self._interaction_fail(message, cli_flag)
  File "/usr/lib/python3/dist-packages/certbot/display/util.py", line 469, in _interaction_fail
    raise errors.MissingCommandlineFlag(msg)
certbot.errors.MissingCommandlineFlag: Missing command line flag or config entry for this setting:
2021-08-06 18:03:15,819:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 18:03:15,820:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Missing command line flag or config entry for this setting:
    self._interaction_fail(message, cli_flag)
  File "/usr/lib/python3/dist-packages/certbot/display/util.py", line 469, in _interaction_fail
    raise errors.MissingCommandlineFlag(msg)
certbot.errors.MissingCommandlineFlag: Missing command line flag or config entry for this setting:
2021-08-06 18:03:15,823:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 18:03:15,824:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
      "error": {
        "type": "urn:ietf:params:acme:error:connection",
2021-08-06 18:03:59,508:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2021-08-06 18:03:59,509:DEBUG:certbot.error_handler:Encountered exception:
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/5D15WJDVQBPTDOAy-P6o_JNYuRcT1JLN6E4Lut85JBA: Redirect loop detected
2021-08-06 18:03:59,509:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 18:03:59,512:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/5D15WJDVQBPTDOAy-P6o_JNYuRcT1JLN6E4Lut85JBA: Redirect loop detected. Skipping.
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/5D15WJDVQBPTDOAy-P6o_JNYuRcT1JLN6E4Lut85JBA: Redirect loop detected
2021-08-06 18:03:59,515:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 18:03:59,516:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
      "error": {
        "type": "urn:ietf:params:acme:error:connection",
2021-08-06 18:05:36,944:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2021-08-06 18:05:36,946:DEBUG:certbot.error_handler:Encountered exception:
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/0SJM6IIAxZ6SsMfXFb5BlXhJVQA7VkV_I3uGU4MAbRM: Redirect loop detected
2021-08-06 18:05:36,946:DEBUG:certbot.error_handler:Calling registered functions
2021-08-06 18:05:37,109:WARNING:certbot.renewal:Attempting to renew cert (auhrii.dev) from /etc/letsencrypt/renewal/auhrii.dev.conf produced an unexpected error: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/0SJM6IIAxZ6SsMfXFb5BlXhJVQA7VkV_I3uGU4MAbRM: Redirect loop detected. Skipping.
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.auhrii.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://auhrii.dev/.well-known/acme-challenge/0SJM6IIAxZ6SsMfXFb5BlXhJVQA7VkV_I3uGU4MAbRM: Redirect loop detected
2021-08-06 18:05:37,115:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-08-06 18:05:37,115:ERROR:certbot.renewal:  /etc/letsencrypt/live/auhrii.dev/fullchain.pem (failure)
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
2021-08-06 18:17:37,796:DEBUG:certbot.error_handler:Calling registered functions

rg305 · August 6, 2021, 11:11pm

Binding errors imply that certbot was unable to run in --standalone mode - which implies that nginx wasn't stopped correctly (as expected).

Auhrii · August 6, 2021, 11:13pm

Yeah! Those are from the couple of times I forgot to stop nginx whilst fiddling around. The terminal gave me a clear enough error for that and I stopped nginx before re-attempting another dry run, which gave me a redirect loop error.

rg305 · August 6, 2021, 11:18pm

Did you modify the config to fix the redirection loop?

Auhrii · August 6, 2021, 11:22pm

I didn't modify any redirects in the config at any point - only added the IPv6 listeners. I did mess with a www to naked domain redirect on the DNS side, but that was hours before the successful attempt, with many failed attempts both before and after it.

rg305 · August 6, 2021, 11:27pm

There seems to be some of that left:

curl -Iki6 http://www.auhrii.dev/.well-known/acme-challenge/Test-File-1234
HTTP/1.1 301 Moved Permanently
Location: https://auhrii.dev/.well-known/acme-challenge/Test-File-1234