"Certbot failed to authenticate some domains (authenticator: nginx)..."

Here's my full /etc/nginx/sites-available/nextjs-app file:

server {
    listen 80;
    listen [::]:80;

    root /var/www/html;
    index index.html index.htm index.nginx-debian.html;

    server_name abacus.academy www.abacus.academy;

    location / {
        proxy_pass http://localhost:3000;
        proxy_buffering off;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }

    location ~ /.well-known {
        allow all;
    }
}

And here's the result of running certbot:

~$ sudo certbot --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Which names would you like to activate HTTPS for?
We recommend selecting either all domains, or all domains in a VirtualHost/server block.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: abacus.academy
2: www.abacus.academy
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Requesting a certificate for abacus.academy and www.abacus.academy

Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
  Domain: abacus.academy
  Type:   unauthorized
  Detail: 75.8.100.149: Invalid response from http://abacus.academy/.well-known/acme-challenge/nNDTK3q3Mm_PBi3zxY5Kzjuv0pU11PP6O8bxWWxBSB0: 404

  Domain: www.abacus.academy
  Type:   unauthorized
  Detail: 75.8.100.149: Invalid response from http://www.abacus.academy/.well-known/acme-challenge/sN-Xb3hSTXxGs1rKlsNryBz9Mjg6nakywiZ5d_vpJ4w: 404

Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.

I don't know what these files it's trying to find are or why it can't find them. I'm on certbot 2.11.0 and nginx 1.22.1, and am running a NextJS app.

Hi @abacus, and welcome to the LE community forum :slight_smile:

You are showing the ningx config.
But the responding service is Next.js:

curl -Ii4 abacus.academy
HTTP/1.1 200 OK
Vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
X-Powered-By: Next.js       <<<<<<<<<<<<<<<<<<<<<<<<<<<< NOT NGINX
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Content-Type: text/html; charset=utf-8
Date: Mon, 02 Sep 2024 11:43:49 GMT
Connection: keep-alive
Keep-Alive: timeout=5
3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.