Certbot get certificate for webroot fails


#1

Hi,

I want to generate a https cert for my site, which runs on port 40250. It doesn’t use apache, it uses express js, and I use the noip dyndns service to map my dynamic ip to a hostname.

What options do I have to make this work?
My domain is: …

I ran this command:

sudo certbot certonly --standalone -d myhost.ddns.net

It produced this output:

sudo certbot certonly --standalone -d myhost.ddns.net
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mybox.ddns.net
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. mybox.ddns.net (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://mybox.ddns.net/.well-known/acme-challenge/vY2t_soI-D8dX4-4DhmQcSsSCZO0ALMRYLRb4t74GiE: “\n\n404 Not Found\n\n

Not Found

\n<p”

IMPORTANT NOTES:

My web server is (include version):express js

The operating system my web server runs on is (include version): RHEL 7.4

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):certbot 0.31.0.dev0


#2

You appear to have redacted your real domain. It’s hard to give any helpful advice without being able to test how your real domain responds.

My guess would be that you already have some kind of webserver serving traffic for your domain on port 80 (like Apache or nginx), so the standalone server used by Certbot doesn’t get an opportunity to serve the challenge response.


#3

That’s exactly what it was! I actually discovered a webserver i didn’t even know was running on port 80! All fixed now :slight_smile:

I stopped that webserver and the command worked. Thanks!