My subdomains are: ok.domain.com, partage.domain.com
I ran this command:
certbot certonly --dns-cloudflare --dns-cloudflare-credentials ./cloudflare.ini -d ok.domain.com -d partage.domain.com --dry-run
because without dry-run, it failed without showing the malform:
There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/
With dry-run, it produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator dns-cloudflare, Installer None
Obtaining a new certificate
An unexpected error occurred:
The request message was malformed :: Method not allowed
Please see the logfiles in /var/log/letsencrypt for more details.
/var/log/letsencrypt/letsencrypt.log doesn’t ship more information
cloudflare.ini is:
dns_cloudflare_api_token = <token>
<token>
is issued by cloudflare with Permission: Zone.DNS, domain.com
- DNS:Edit
My web server is (include version):
nginx 1.10.3 on docker
it was working fine for weeks for partage.domain.com
and I used http for ok.domain.com
with the same nginx server, but since many browsers and links redirect http to https (fr good reasons), "ok
was sometimes redirected to partage
content" (weird!) and these websites don’t have the same content but are served by the same nginx server.
I need SSL on 2 subdomains for my nginx container.
(Root of domain is static website on github, its SSL is not related to these 2 subdomains)
I changed nginx setup to be easy for certbot to find where to write files:
server {
listen 80;
server_name ok.domain.com;
location / {
root /var/www/public/;
}
same for other subdomain, 80 and 443.
and reloaded nginx of course.
There’s no index.html though, so nginx throws a 403, but known static files are accessible.
The operating system my web server runs on is (include version):
Ubuntu 19.10
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
0.28.0
It hope I can solve it fast, it was running non-profit services to help anxious people during this quarantine.
Thank you for your help.