Certbot failed to authenticate some domains

Hi all,

This is all apparently over my head. Installed OMV, omvextras, unionfs, snapraid, docker, portainer.

Trying to install next cloud. Followed technodad's (?) instructions and getting an error when trying to get the certificate. To my knowledge i have forwarded port 80 and 443. I have checked and it seems 443 isn't forwarded correctly. Am using an USG-3P with a Unifi AC-LR and AC-Lite. the computer my OMV is on is using an ethernet cable and has a static IP. If there is an easier/different/better way to access files remotely from my omv i'd love to hear it as well.

pls help >.<

My domain is: lsmnas.duckdns.org

I ran this command:

It produced this output:

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-envfile: executing... 
[cont-init.d] 01-envfile: exited 0.
[cont-init.d] 10-adduser: executing... 

-------------------------------------
          _         ()
         | |  ___   _    __
         | | / __| | |  /  \
         | | \__ \ | | | () |
         |_| |___/ |_|  \__/


Brought to you by linuxserver.io
-------------------------------------

To support the app dev(s) visit:
Certbot: https://supporters.eff.org/donate/support-work-on-certbot

To support LSIO projects visit:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------

User uid:    1001
User gid:    100
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing... 
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing... 
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing... 
Variables set:

1
PGID=100
TZ=America/Chicago
URL=lsmnas.duckdns.org
SUBDOMAINS=www,
EXTRA_DOMAINS=
ONLY_SUBDOMAINS=false
VALIDATION=http
CERTPROVIDER=
DNSPLUGIN=
EMAIL=patricksaez@gmail.com
STAGING=

Using Let's Encrypt as the cert provider
SUBDOMAINS entered, processing
SUBDOMAINS entered, processing
Sub-domains processed are:  -d www.lsmnas.duckdns.org
E-mail address entered: patricksaez@gmail.com
http validation is selected
Different validation parameters entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created
Generating new certificate
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Account registered.
Requesting a certificate for lsmnas.duckdns.org and www.lsmnas.duckdns.org

Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
  Domain: lsmnas.duckdns.org
  Type:   unauthorized
  Detail: Invalid response from http://lsmnas.duckdns.org/.well-known/acme-challenge/3VbVVuX6ytvTnI74B0OJXcog8f0FBP7PvlxKd9bPyqU [98.199.151.160]: "<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<title>openmediavault - HTTP 404 error</title>\n\t\t<meta charset=\"UTF-8\">\n\t\t<meta http-equiv=\"X-U"

  Domain: www.lsmnas.duckdns.org
  Type:   unauthorized
  Detail: Invalid response from http://www.lsmnas.duckdns.org/.well-known/acme-challenge/0zvNhVzJz5fnpOHPe4fVRb-wcsDYVrwKE5GlFEOpD5c [98.199.151.160]: "<!DOCTYPE html>\n<html>\n\t<head>\n\t\t<title>openmediavault - HTTP 404 error</title>\n\t\t<meta charset=\"UTF-8\">\n\t\t<meta http-equiv=\"X-U"

Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: duckdns

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Screenshot 2021-12-27 214639

Just curious but are you using a proxy for your public IP? I'm using Cloudflare and with proxy turned on the bot can't renew but if I turn it off, it works just fine. Wonder if its related to my issue as well. See my post.

Is that the even right system?
Is that where you run the ACME client?

2 Likes

What do you mean by right system? When i type my domain without https, it points to my omv. When i use https it fails

Ok so my process

Go to internal ip for omv, login
Navigate to omv extras
Launch portainer
Followed directions here :

https://forum.openmediavault org/index.php?thread/28216-how-to-nextcloud-with-swag-letsencrypt-using-omv-and-docker-compose/

I used the composer in portainer and also did it via ssh when it didn't work the first time. Pretty much getting the same error

Also i forgot to mention i also have PiHole running. i just thought about that possibly messing things up.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.