It produced this output:
blank to select all options shown (Enter ‘c’ to cancel): 4
Cert is due for renewal, auto-renewing…
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for www.bartvanderleck.nl
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. www.bartvanderleck.nl (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://www.bartvanderleck.nl.well-known/acme-challenge/LFVPAtu8DGQunJt9ztsLhYuhpJ2nH-tS1g6lw0oFC8c: dns :: DNS problem: NXDOMAIN looking up A for www.bartvanderleck.nl.well-known
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you’re using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
My web server is (include version):
Server version: Apache/2.4.18 (Ubuntu)
Server built: 2018-06-07T19:43:03
The operating system my web server runs on is (include version): Ubuntu 16.04
My hosting provider, if applicable, is: my own server in a rack with True.nl
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.28.0
I have a letsencrypt certificate on www.bartvanderleck.nl. It needs to be renewed, but I get an error on doing so. Until now, it would automatically renew every month. I have made no changes in the DNS.
The same is true for www.lizzyansingh.nl.
I also run www.amsterdamsejoffers.nl, for which there are no issues, they renew ok. These domains are all running on the same server on the same Apache2 instance.
Did something change in letsencrypt that I used to get certs renewed but it generates an error starting 2019?
I added a trailing / in the domain, makes no change. Also, there was no trailing slash before, and it did work until the last renew. Also, the www.amsterdamsejoffers.nl domain doesn’t have a / in the redirect either:
Redirect / https://www.amsterdamsejoffers.nl
I use certbot version 0.28, were changes made in certbot?
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for bartvanderleck.nl
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. bartvanderleck.nl (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://www.bartvanderleck.nl/.well-known/acme-challenge/IHq5XHk3_NG1Xgw6YkVLGs0EmF6c8q4Uhe2VCz2dtI0 [87.233.133.101]: “\n\n404 Not Found\n\n
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
This doesn’t explain why it worked until now. It also doesn’t explain how the other domains do get the right certificates.
Also, it seems Certbot will stop working on Ubuntu 16.04 a week from now. Rather than using the fix they made for that, I am considering upgrading to 18.04.