here comes the --debug-log:
2017-01-24 21:14:22,926:DEBUG:acme.client:Storing nonce: mvskioa7MgGBegzURMeao71m5_OC381maYNEILh6G5w
2017-01-24 21:14:22,927:DEBUG:acme.client:JWS payload:
{
“identifier”: {
“type”: “dns”,
“value”: “wiki.fairtragen.de”
},
“resource”: “new-authz”
}
2017-01-24 21:14:22,944:DEBUG:root:Sending POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz:
{
“header”: {
“alg”: “RS256”,
“jwk”: {
“e”: “AQAB”,
“kty”: “RSA”,
“n”: “tt5p3OzB7LZp12OTnWQ4o3W7QfO-ub8mhrWefKBRrmN4g6rC3-WVfC5hY7msEOIY966DJl90PZEEgJOF9FH9HwyW5Ya0LX4px7YBwRn82fRw04zzz5AbtQNPR8UYG6M7ES1_6GcW_MZsso9PP-A6sWl9ctpJkpu-FF9DBxgfsnQuljxUa1hmJgx16xdDlLUxIDkClTHS_n9PZP4cnKRz6OzTUnwWJm9WOrQYhKKr6WeLyDG2iRsdF85edQEJDb-WEyjw6ZlhtZxDRCLINapLt_Y45F5zUlYKlvzVQsUv5AjtnTiM87wQH5lvEexGOR3S61Oiqq7W5uqS3zrw9DFjxQ”
}
},
“protected”: “eyJub25jZSI6ICJtdnNraW9hN01nR0JlZ3pVUk1lYW83MW01X09DMzgxbWFZTkVJTGg2RzV3In0”,
“payload”: “ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAid2lraS5mYWlydHJhZ2VuLmRlIgogIH0sIAogICJyZXNvdXJjZSI6ICJuZXctYXV0aHoiCn0”,
“signature”: “gDrEwz-jSlzWbkFUCPNFYnFQC6euYRVFLMfGvEqQcjWrcRlvfKaPK-ejB_xfGxU7Pi5GC5YHFJUh5hgg5rD66Dth1thBULKDwOneskqprrr1fTv7ER5yxHq3IaHC_Q9vAQBA4bAOH2nWjNom6O2Wl1DkGjNUWOss5auVafFtFP72q5TcXZdM0ZTMiAMl2ahQ8I9frGuME9sfKG9lE4ioFWMq0eEUo36od4tA1XIoET6-aDv5wkvRp5kOIRqimf8bEZvePzpnB5x_VexCLiMmbMdM6_k59ZLEHG9Il8v4vxVkXXFN1KRbac99NF_u-zKb9t_6AdSj-QkbFTUBjIfntA”
}
2017-01-24 21:14:23,162:DEBUG:requests.packages.urllib3.connectionpool:https://acme-staging.api.letsencrypt.org:443 “POST /acme/new-authz HTTP/1.1” 201 1012
2017-01-24 21:14:23,163:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 1012
Boulder-Request-Id: XnklO52dqJnLe4npnXdfSCjuSnDXFH3MkgWzD0Gl_hg
Boulder-Requester: 474184
Link: https://acme-staging.api.letsencrypt.org/acme/new-cert;rel="next"
Location: https://acme-staging.api.letsencrypt.org/acme/authz/qnhSzrzw_r1693qgOg-jYjl9HahxESfcv1tGZdkuxtk
Replay-Nonce: hLT4CxS5oyOANPj8lwkRTkw1NOBjMzLHiJN__fajdjQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Tue, 24 Jan 2017 21:14:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 24 Jan 2017 21:14:23 GMT
Connection: keep-alive
{
“identifier”: {
“type”: “dns”,
“value”: “wiki.fairtragen.de”
},
“status”: “pending”,
“expires”: “2017-01-31T21:14:23.062067108Z”,
“challenges”: [
{
“type”: “dns-01”,
“status”: “pending”,
“uri”: “https://acme-staging.api.letsencrypt.org/acme/challenge/qnhSzrzw_r1693qgOg-jYjl9HahxESfcv1tGZdkuxtk/23456537”,
“token”: “69rrVN-boFKro3G9uhuEn0xoRQx8_pmbotTkNFkuGdY”
},
{
“type”: “http-01”,
“status”: “pending”,
“uri”: “https://acme-staging.api.letsencrypt.org/acme/challenge/qnhSzrzw_r1693qgOg-jYjl9HahxESfcv1tGZdkuxtk/23456538”,
“token”: “RN2fy8sEew1CEpeLpwanayIMzeUhPXbWBYynlp_ZS3A”
},
{
“type”: “tls-sni-01”,
“status”: “pending”,
“uri”: “https://acme-staging.api.letsencrypt.org/acme/challenge/qnhSzrzw_r1693qgOg-jYjl9HahxESfcv1tGZdkuxtk/23456539”,
“token”: “VyNMRFWCGi7Yx0L_7mI8rIAWKD9cmYvukqNlbF2xcno”
}
],
“combinations”: [
[
2
],
[
1
],
[
0
]
]
}
2017-01-24 21:14:23,164:DEBUG:acme.client:Storing nonce: hLT4CxS5oyOANPj8lwkRTkw1NOBjMzLHiJN__fajdjQ
2017-01-24 21:14:23,165:INFO:certbot.auth_handler:Performing the following challenges:
2017-01-24 21:14:23,165:INFO:certbot.auth_handler:http-01 challenge for wiki.fairtragen.de
2017-01-24 21:14:23,165:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /usr/share/moin/.well-known/acme-challenge
2017-01-24 21:14:23,171:DEBUG:certbot.plugins.webroot:Attempting to save validation to /usr/share/moin/.well-known/acme-challenge/RN2fy8sEew1CEpeLpwanayIMzeUhPXbWBYynlp_ZS3A
2017-01-24 21:14:23,171:INFO:certbot.auth_handler:Waiting for verification…
2017-01-24 21:14:23,172:DEBUG:acme.client:JWS payload:
{
“keyAuthorization”: “RN2fy8sEew1CEpeLpwanayIMzeUhPXbWBYynlp_ZS3A.snprLb5Eu_rbykeg9W6JBV2JxMVQVN1xTSGNP4brPFU”,
“type”: “http-01”,
“resource”: “challenge”
}
2017-01-24 21:14:23,189:DEBUG:root:Sending POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/qnhSzrzw_r1693qgOg-jYjl9HahxESfcv1tGZdkuxtk/23456538:
{
“header”: {
“alg”: “RS256”,
“jwk”: {
“e”: “AQAB”,
“kty”: “RSA”,
“n”: “tt5p3OzB7LZp12OTnWQ4o3W7QfO-ub8mhrWefKBRrmN4g6rC3-WVfC5hY7msEOIY966DJl90PZEEgJOF9FH9HwyW5Ya0LX4px7YBwRn82fRw04zzz5AbtQNPR8UYG6M7ES1_6GcW_MZsso9PP-A6sWl9ctpJkpu-FF9DBxgfsnQuljxUa1hmJgx16xdDlLUxIDkClTHS_n9PZP4cnKRz6OzTUnwWJm9WOrQYhKKr6WeLyDG2iRsdF85edQEJDb-WEyjw6ZlhtZxDRCLINapLt_Y45F5zUlYKlvzVQsUv5AjtnTiM87wQH5lvEexGOR3S61Oiqq7W5uqS3zrw9DFjxQ”
}
},
“protected”: “eyJub25jZSI6ICJoTFQ0Q3hTNW95T0FOUGo4bHdrUlRrdzFOT0JqTXpMSGlKTl9fZmFqZGpRIn0”,
“payload”: “ewogICJrZXlBdXRob3JpemF0aW9uIjogIlJOMmZ5OHNFZXcxQ0VwZUxwd2FuYXlJTXplVWhQWGJXQll5bmxwX1pTM0Euc25wckxiNUV1X3JieWtlZzlXNkpCVjJKeE1WUVZOMXhUU0dOUDRiclBGVSIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9”,
“signature”: “D4C_IzMeVcg4xjAB-z-Xm7lsIZMZ4x63xuOXgphImkrs7MOw0feIn524QkEMfle9pqijgfHpJDYDyAO61CGZJxJQp-RgSmiHwXp_rCHsjLnkQK08FJ50DTXHnqTwFwps0ihxvO-jazAQNgfWHleXKxlqGEfXMh6kZdXJ_f-B-tQl1FbBPyn4MOvjJaMMwd9E-73vTAEl1egQvGIp74KHa1kXv3ohQGujrseN4h1_X5NejaTdw33sjT_ZZb83Cb8NAD9zxdXPMQen_tdXqWRgvMgEZd72jcizwnNdPwZFQVPoLmHlW6T7BNElehWQv0SIrxd3MEzD5zwkaTlrKqvS4g”
}
2017-01-24 21:14:23,399:DEBUG:requests.packages.urllib3.connectionpool:https://acme-staging.api.letsencrypt.org:443 “POST /acme/challenge/qnhSzrzw_r1693qgOg-jYjl9HahxESfcv1tGZdkuxtk/23456538 HTTP/1.1” 202 338
2017-01-24 21:14:23,401:DEBUG:acme.client:Received response:
HTTP 202
Server: nginx
Content-Type: application/json
Content-Length: 338
Boulder-Request-Id: hZ1kkEqCy6QS1pEqZP9J2z9ckWYuvjvbYsonxnv7RfU
Boulder-Requester: 474184
Link: https://acme-staging.api.letsencrypt.org/acme/authz/qnhSzrzw_r1693qgOg-jYjl9HahxESfcv1tGZdkuxtk;rel="up"
Location: https://acme-staging.api.letsencrypt.org/acme/challenge/qnhSzrzw_r1693qgOg-jYjl9HahxESfcv1tGZdkuxtk/23456538
Replay-Nonce: nEE3w28O4Ds6popEWXvaBUwNlH4cCf8Vht0NF8hqfnc
Expires: Tue, 24 Jan 2017 21:14:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 24 Jan 2017 21:14:23 GMT
Connection: keep-alive
{
“type”: “http-01”,
“status”: “pending”,
“uri”: “https://acme-staging.api.letsencrypt.org/acme/challenge/qnhSzrzw_r1693qgOg-jYjl9HahxESfcv1tGZdkuxtk/23456538”,
“token”: “RN2fy8sEew1CEpeLpwanayIMzeUhPXbWBYynlp_ZS3A”,
“keyAuthorization”: “RN2fy8sEew1CEpeLpwanayIMzeUhPXbWBYynlp_ZS3A.snprLb5Eu_rbykeg9W6JBV2JxMVQVN1xTSGNP4brPFU”
}
2017-01-24 21:14:23,401:DEBUG:acme.client:Storing nonce: nEE3w28O4Ds6popEWXvaBUwNlH4cCf8Vht0NF8hqfnc
2017-01-24 21:14:26,403:DEBUG:root:Sending GET request to https://acme-staging.api.letsencrypt.org/acme/authz/qnhSzrzw_r1693qgOg-jYjl9HahxESfcv1tGZdkuxtk.
2017-01-24 21:14:26,599:DEBUG:requests.packages.urllib3.connectionpool:https://acme-staging.api.letsencrypt.org:443 “GET /acme/authz/qnhSzrzw_r1693qgOg-jYjl9HahxESfcv1tGZdkuxtk HTTP/1.1” 200 2230
2017-01-24 21:14:26,602:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
ontent-Type: application/json
Boulder-Request-Id: AXaDsfy3hoRH57l2Wj1823OpSFP19n-SP5zyuDukXNE
Link: https://acme-staging.api.letsencrypt.org/acme/new-cert;rel="next"
Replay-Nonce: -tSls7oug9d1kH5HJEe0hW6c0rZa_m2s26m4Z1Zjedw
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Content-Length: 2230
Expires: Tue, 24 Jan 2017 21:14:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 24 Jan 2017 21:14:26 GMT
Connection: keep-alive
{
“identifier”: {
“type”: “dns”,
“value”: “wiki.fairtragen.de”
},
“status”: “invalid”,
“expires”: “2017-01-31T21:14:23Z”,
“challenges”: [
{
“type”: “dns-01”,
“status”: “pending”,
“uri”: “https://acme-staging.api.letsencrypt.org/acme/challenge/qnhSzrzw_r1693qgOg-jYjl9HahxESfcv1tGZdkuxtk/23456537”,
“token”: “69rrVN-boFKro3G9uhuEn0xoRQx8_pmbotTkNFkuGdY”
},
{
“type”: “http-01”,
“status”: “invalid”,
“error”: {
“type”: “urn:acme:error:unauthorized”,
“detail”: "Invalid response from http://wiki.fairtragen.de/.well-known/acme-challenge/RN2fy8sEew1CEpeLpwanayIMzeUhPXbWBYynlp_ZS3A: “\u003c!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.01//EN” “http://www.w3.org/TR/html4/strict.dtd”\u003e\n\u003chtml\u003e\n\u003chead\u003e\n\u003cmeta http-equiv=“Conte””,
“status”: 403
},
“uri”: “https://acme-staging.api.letsencrypt.org/acme/challenge/qnhSzrzw_r1693qgOg-jYjl9HahxESfcv1tGZdkuxtk/23456538”,
“token”: “RN2fy8sEew1CEpeLpwanayIMzeUhPXbWBYynlp_ZS3A”,
“keyAuthorization”: “RN2fy8sEew1CEpeLpwanayIMzeUhPXbWBYynlp_ZS3A.snprLb5Eu_rbykeg9W6JBV2JxMVQVN1xTSGNP4brPFU”,
“validationRecord”: [
{
“url”: “http://wiki.fairtragen.de/.well-known/acme-challenge/RN2fy8sEew1CEpeLpwanayIMzeUhPXbWBYynlp_ZS3A”,
“hostname”: “wiki.fairtragen.de”,
“port”: “80”,
“addressesResolved”: [
“85.214.139.246”
],
“addressUsed”: “85.214.139.246”
},
{
“url”: “https://wiki.fairtragen.de/usr/share/moin/.well-known/acme-challenge/RN2fy8sEew1CEpeLpwanayIMzeUhPXbWBYynlp_ZS3A”,
“hostname”: “wiki.fairtragen.de”,
“port”: “443”,
“addressesResolved”: [
“85.214.139.246”
],
“addressUsed”: “85.214.139.246”
}
]
},
{
“type”: “tls-sni-01”,
“status”: “pending”,
“uri”: “https://acme-staging.api.letsencrypt.org/acme/challenge/qnhSzrzw_r1693qgOg-jYjl9HahxESfcv1tGZdkuxtk/23456539”,
“token”: “VyNMRFWCGi7Yx0L_7mI8rIAWKD9cmYvukqNlbF2xcno”
}
],
“combinations”: [
[
2
],
[
1
],
[
0
]
]
}
2017-01-24 21:14:26,603:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
Domain: wiki.fairtragen.de
Type: unauthorized
Detail: Invalid response from http://wiki.fairtragen.de/.well-known/acme-challenge/RN2fy8sEew1CEpeLpwanayIMzeUhPXbWBYynlp_ZS3A: "
<meta http-equiv="Conte"
To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address.
2017-01-24 21:14:26,603:INFO:certbot.auth_handler:Cleaning up challenges
2017-01-24 21:14:26,605:DEBUG:certbot.plugins.webroot:Removing /usr/share/moin/.well-known/acme-challenge/RN2fy8sEew1CEpeLpwanayIMzeUhPXbWBYynlp_ZS3A
2017-01-24 21:14:26,605:INFO:certbot.plugins.webroot:Unable to clean up challenge directory /usr/share/moin/.well-known/acme-challenge
2017-01-24 21:14:26,606:DEBUG:certbot.plugins.webroot:Error was: [Errno 39] Directory not empty: '/usr/share/moin/.well-known/acme-challenge’
2017-01-24 21:14:26,606:DEBUG:certbot.plugins.webroot:Error was: [Errno 39] Directory not empty: '/usr/share/moin/.well-known/acme-challenge’
2017-01-24 21:14:26,606:WARNING:certbot.renewal:Attempting to renew cert from /etc/letsencrypt/renewal/wiki.fairtragen.de.conf produced an unexpected error: Failed authorization procedure. wiki.fairtragen.de (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://wiki.fairtragen.de/.well-known/acme-challenge/RN2fy8sEew1CEpeLpwanayIMzeUhPXbWBYynlp_ZS3A: "
<meta http-equiv="Conte". Skipping.
2017-01-24 21:14:26,649:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/renewal.py", line 390, in handle_renewal_request
main.obtain_cert(lineage_config, plugins, renewal_candidate)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 626, in obtain_cert
action, _ = _auth_from_available(le_client, config, domains, certname, lineage)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 103, in _auth_from_available
renewal.renew_cert(config, domains, le_client, lineage)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/renewal.py", line 273, in renew_cert
new_certr, new_chain, new_key, _ = le_client.obtain_certificate(domains)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py", line 262, in obtain_certificate
self.config.allow_subset_of_names)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 78, in get_authorizations
self._respond(resp, best_effort)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 135, in _respond
self._poll_challenges(chall_update, best_effort)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 199, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. wiki.fairtragen.de (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://wiki.fairtragen.de/.well-known/acme-challenge/RN2fy8sEew1CEpeLpwanayIMzeUhPXbWBYynlp_ZS3A: "
<meta http-equiv="Conte"