My domain is: www.adspatium.fr
I ran this command: certbot renew --cert-name www.adspatium.fr --dry-run (work)
certbot renew --cert-name www.adspatium.fr (not work)
It produced this output:
Domain: www.adspatium.fr
Type: unauthorized
Detail: Invalid response from
https://www.adspatium.fr/.well-known/acme-challenge/3aO_Tkd4Hhh6CYuBM2T0hPUzdg4Cg4rTchAE_1pOP94
[149.255.137.182]: "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0
Strict//EN\"
\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\r\n<html
xmlns=\"http"
My web server is (include version):
nginx -v
nginx version: nginx/1.16.1
The operating system my web server runs on is (include version):
cat /etc/redhat-release
CentOS Linux release 7.7.1908 (Core)
I can login to a root shell on my machine (yes or no, or I don’t know): YES
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
certbot --version
certbot 0.39.0
It looks like, the nginx module make change only on http vhost, and the check is made on http AND (maybe because of redirect) on https :
"validationRecord": [
{
"url": "http://www.adspatium.fr/.well-known/acme-challenge/3aO_Tkd4Hhh6CYuBM2T0hPUzdg4Cg4rTchAE_1pOP94",
"hostname": "www.adspatium.fr",
"port": "80",
"addressesResolved": [
"149.255.137.182"
],
"addressUsed": "149.255.137.182"
},
{
"url": "https://www.adspatium.fr/.well-known/acme-challenge/3aO_Tkd4Hhh6CYuBM2T0hPUzdg4Cg4rTchAE_1pOP94",
"hostname": "www.adspatium.fr",
"port": "443",
"addressesResolved": [
"149.255.137.182"
],
"addressUsed": "149.255.137.182"
}
]
With dry-run i get only :
"validationRecord": [
{
"url": "http://www.adspatium.fr/.well-known/acme-challenge/1wqBlbyyoCQDs0D4cfddnqvkNt-KNHArN7vuISMdRIk",
"hostname": "www.adspatium.fr",
"port": "80",
"addressesResolved": [
"149.255.137.182"
],
"addressUsed": "149.255.137.182"
}
]
What can I do to have the same behaviour between normal and dry-run ?