Certbot --dry works, without --dry it does not work

My domain is:
e-motional-experience.de

I ran this command:
certbot.main:Arguments: [’–dry’, ‘-a’, ‘webroot’, ‘–webroot-path=/home/www/dromedar’, ‘-d’, ‘e-motional-experience.de’, ‘-d’, ‘cloud6.hamatoma.de’, ‘-d’, ‘helfertag.f-r-e-i.de’, ‘-d’, ‘testtag.f-r-e-i.de’, ‘-d’, ‘wiki.hamatoma.de’, ‘-d’, ‘cloud.hamatoma.de’, ‘-d’, ‘git.hamatoma.de’, ‘-d’, ‘stern.f-r-e-i.de’, ‘-d’, ‘v2winfothek.hamatoma.de’, ‘-d’, ‘winfothek.hamatoma.de’, ‘-d’, ‘kurs-blog.f-r-e-i.de’, ‘-d’, ‘zimmer.f-r-e-i.de’, ‘-d’, ‘public.hamatoma.de’, ‘-d’, ‘www.e-motional-experience.de’, ‘-d’, ‘www.cloud6.hamatoma.de’, ‘-d’, ‘www.helfertag.f-r-e-i.de’, ‘-d’, ‘www.testtag.f-r-e-i.de’]
=== the same command without --dry does the error for wiki.hamatoma.de

It produced this output:
The client lacks sufficient authorization :: Invalid response from http://wiki.hamatoma.de/.well-known/acme-challenge/v7tBWYJ_fV5sljLRsk6LW2BZ9Vfza7jRWhUsl8WJefc [173.212.231.221]: "\r\n404 Not Found\r\n<body bgcolor=“white”>\r\n

404 Not Found

\r\n

My web server is (include version):
nginx 1.14.2-2+deb10u1

The operating system my web server runs on is (include version):
Debian GNU/Linux 10 (buster)

My hosting provider, if applicable, is:
contabo.de

I can login to a root shell on my machine (yes or no, or I don’t know):
yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.31.0

Note: logs are available if needed. Not included because of the size.

One of the quirks of --dry-run is that it caches previous successful authorizations. (Technically, Let’s Encrypt is caching the successful authorization, not Certbot). So you can get a false positive result.

Based on your Certbot arguments, Certbot expects that when it creates the file /home/www/dromedar/.well-known/acme-challenge/test , that file will be acessible from each of those domains at http://$DOMAIN/.well-known/acme-challenge/test . Does that sound right to you?

Could you try this?

echo "Hello World" > /home/www/dromedar/.well-known/acme-challenge/test
curl -i http://wiki.hamatoma.de/.well-known/acme-challenge/test
1 Like

Thanks for the quick help. I had to change the configuration and now it works.
You made my day!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.