That's the whole log from certbot:
2022-11-29 08:41:05,656:DEBUG:certbot._internal.main:certbot version: 1.21.0
2022-11-29 08:41:05,657:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2022-11-29 08:41:05,657:DEBUG:certbot._internal.main:Arguments: ['--apache', '-m', 'testmail@zin.tl']
2022-11-29 08:41:05,657:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#>2022-11-29 08:41:05,664:DEBUG:certbot._internal.log:Root logging level set at 30
2022-11-29 08:41:05,665:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache
2022-11-29 08:41:05,719:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.52
2022-11-29 08:41:05,866:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: Installer, Authenticator, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7fcb1636bc10>
Prep: True
2022-11-29 08:41:05,866:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_apache._internal.override_debian>2022-11-29 08:41:05,866:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator apache, Installer apache
2022-11-29 08:41:05,908:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, con>2022-11-29 08:41:05,908:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2022-11-29 08:41:05,910:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2022-11-29 08:41:06,409:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 659
2022-11-29 08:41:06,410:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 29 Nov 2022 08:41:06 GMT
Content-Type: application/json
Content-Length: 659
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"Qyu5ObqNt64": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2022-11-29 08:41:08,634:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for cloud.zin.tl
2022-11-29 08:41:08,903:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0005_key-certbot.pem
2022-11-29 08:41:08,906:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0005_csr-certbot.pem
2022-11-29 08:41:08,908:DEBUG:acme.client:Requesting fresh nonce
2022-11-29 08:41:08,908:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2022-11-29 08:41:09,070:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 02022-11-29 08:41:09,071:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 29 Nov 2022 08:41:08 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: F977ikAU9h0GcYzbZ3ELJvtwHGOvYGLlSYs8e7WaJXR2bKQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
2022-11-29 08:41:09,071:DEBUG:acme.client:Storing nonce: F977ikAU9h0GcYzbZ3ELJvtwHGOvYGLlSYs8e7WaJXR2bKQ
2022-11-29 08:41:09,071:DEBUG:acme.client:JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "cloud.zin.tl"\n }\n ]\n}'
2022-11-29 08:41:09,073:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODM2NzgxNzI3IiwgIm> "signature": "BFBXZjqm4KGs_50MSx0KlpxIqOQwuHvx0XRzbU9eBXPvZ36Hi1NeOj-vJ8k6ec6gdQMw4p17v78mlNXcPf0zsg9RRTLFWVn3G2qvX3PpEEh1ICKduu> "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNsb3VkLnppbi50bCIKICAgIH0KICBd>}
2022-11-29 08:41:09,281:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 >2022-11-29 08:41:09,282:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Tue, 29 Nov 2022 08:41:09 GMT
Content-Type: application/json
Content-Length: 337
Connection: keep-alive
Boulder-Requester: 836781727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/836781727/148614674747
Replay-Nonce: A5FEau04_BHxXq_fxPVsPdWRMg1VBzRaHqYSnIiq-r4dK8E
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"status": "pending",
"expires": "2022-12-06T08:41:09Z",
"identifiers": [
{
"type": "dns",
"value": "cloud.zin.tl"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/181811452687"
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/836781727/148614674747"
}
2022-11-29 08:41:09,282:DEBUG:acme.client:Storing nonce: A5FEau04_BHxXq_fxPVsPdWRMg1VBzRaHqYSnIiq-r4dK8E
2022-11-29 08:41:09,282:DEBUG:acme.client:JWS payload:
b''
2022-11-29 08:41:09,284:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/181811452687:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODM2NzgxNzI3IiwgIm> "signature": "hDYH5WkSfZRWRTwx5GapJEphgV08rXbcl71PzVCgnmGQZkUtXeIAQQlBlNOwDUjiVz3t4Q_4mJM5YiHTvVlWxivBcB-FuB1wK0Iw8sUEKKbcC_mcaE> "payload": ""
}
2022-11-29 08:41:09,448:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/181811452687 HT>2022-11-29 08:41:09,448:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 29 Nov 2022 08:41:09 GMT
Content-Type: application/json
Content-Length: 796
Connection: keep-alive
Boulder-Requester: 836781727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: A5FE3vF_V40votE4HNlxaR0890z9Xn3SWbwJJHKAE4iZPo4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "cloud.zin.tl"
},
"status": "pending",
"expires": "2022-12-06T08:41:09Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/w-pu_w",
"token": "nHi-aCEXqSxvOl3YftlCWZWMa1j3Ma9uThkDzrQFQZ8"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/VYhF5w",
"token": "nHi-aCEXqSxvOl3YftlCWZWMa1j3Ma9uThkDzrQFQZ8"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/InkXUw",
"token": "nHi-aCEXqSxvOl3YftlCWZWMa1j3Ma9uThkDzrQFQZ8"
}
]
}
2022-11-29 08:41:09,448:DEBUG:acme.client:Storing nonce: A5FE3vF_V40votE4HNlxaR0890z9Xn3SWbwJJHKAE4iZPo4
2022-11-29 08:41:09,449:INFO:certbot._internal.auth_handler:Performing the following challenges:
2022-11-29 08:41:09,449:INFO:certbot._internal.auth_handler:http-01 challenge for cloud.zin.tl
2022-11-29 08:41:09,453:DEBUG:certbot_apache._internal.http_01:Adding a temporary challenge validation Include for name: cloud.zin>2022-11-29 08:41:09,453:DEBUG:certbot_apache._internal.http_01:writing a pre config file with text:
RewriteEngine on
RewriteRule ^/\.well-known/acme-challenge/([A-Za-z0-9-_=]+)$ /var/lib/letsencrypt/http_challenges/$1 [END]
2022-11-29 08:41:09,454:DEBUG:certbot_apache._internal.http_01:writing a post config file with text:
<Directory /var/lib/letsencrypt/http_challenges>
Require all granted
</Directory>
<Location /.well-known/acme-challenge>
Require all granted
</Location>
2022-11-29 08:41:09,473:DEBUG:certbot.reverter:Creating backup of /etc/apache2/sites-enabled/000-default.conf
2022-11-29 08:41:12,603:DEBUG:acme.client:JWS payload:
b'{}'
2022-11-29 08:41:12,605:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/>{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODM2NzgxNzI3IiwgIm> "signature": "FuaIhz3ZGWLvJZAO6qAhJKBkotuWCW9u7_a7bD-PIJquIH1q3jZjuFVKv8pOjiJNgWPS5FNDOUbUMxHPo3pXBaYv-CzgCh0_Vg29SmibdGdBUMiopm> "payload": "e30"
}
2022-11-29 08:41:12,774:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/181811452687/w->2022-11-29 08:41:12,774:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 29 Nov 2022 08:41:12 GMT
Content-Type: application/json
Content-Length: 187
Connection: keep-alive
Boulder-Requester: 836781727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/1818114526>Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/w-pu_w
Replay-Nonce: F977HOCsgmjSWyEv1mexHMCPrHUFZdIEfHW-Pq9o9H_2iAM
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/w-pu_w",
"token": "nHi-aCEXqSxvOl3YftlCWZWMa1j3Ma9uThkDzrQFQZ8"
}
2022-11-29 08:41:12,774:DEBUG:acme.client:Storing nonce: F977HOCsgmjSWyEv1mexHMCPrHUFZdIEfHW-Pq9o9H_2iAM
2022-11-29 08:41:12,775:INFO:certbot._internal.auth_handler:Waiting for verification...
2022-11-29 08:41:13,776:DEBUG:acme.client:JWS payload:
b''
2022-11-29 08:41:13,778:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/181811452687:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODM2NzgxNzI3IiwgIm> "signature": "bNTru4ZmJ_vk9N0DEPDy3cQEztkpSGMynDRMLi1sMlSmUiZ4Y-JwnU4oU1NcnLrdS7j75DjXHLeYjQdGf7fgJcDliR0IsI68xUSADno2JZHxRQsnuf> "payload": ""
}
2022-11-29 08:41:13,944:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/181811452687 HT>2022-11-29 08:41:13,944:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 29 Nov 2022 08:41:13 GMT
Content-Type: application/json
Content-Length: 796
Connection: keep-alive
Boulder-Requester: 836781727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: C400HKGyH_cTLTIbwaK9mXLgp1dI0YQTEZOQ8uBDT2zikE8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "cloud.zin.tl"
},
"status": "pending",
"expires": "2022-12-06T08:41:09Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/w-pu_w",
"token": "nHi-aCEXqSxvOl3YftlCWZWMa1j3Ma9uThkDzrQFQZ8"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/VYhF5w",
"token": "nHi-aCEXqSxvOl3YftlCWZWMa1j3Ma9uThkDzrQFQZ8"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/InkXUw",
"token": "nHi-aCEXqSxvOl3YftlCWZWMa1j3Ma9uThkDzrQFQZ8"
}
]
}
2022-11-29 08:41:13,945:DEBUG:acme.client:Storing nonce: C400HKGyH_cTLTIbwaK9mXLgp1dI0YQTEZOQ8uBDT2zikE8
2022-11-29 08:41:16,948:DEBUG:acme.client:JWS payload:
b''
2022-11-29 08:41:16,950:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/181811452687:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODM2NzgxNzI3IiwgIm> "signature": "OTxXTRD2PVwTrforDLcNUr8qjki1qG6OBpoL1wXDTgPbEqIihCx2_My5SvXKzZq9xWS_iF8ufMcqJg4I33xmImTWdP-eOP99HLHJeVAnPjMa2blNUL> "payload": ""
}
2022-11-29 08:41:17,116:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/181811452687 HT>2022-11-29 08:41:17,117:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 29 Nov 2022 08:41:17 GMT
Content-Type: application/json
Content-Length: 1389
Connection: keep-alive
Boulder-Requester: 836781727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: F97706GLFl6iQIC-hCL55_slCXgB92VyxZMBdeHufGzMNjU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "cloud.zin.tl"
},
"status": "invalid",
"expires": "2022-12-06T08:41:09Z",
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "87.169.127.141: Invalid response from http://cloud.zin.tl/login: \"\u003c!DOCTYPE html\u003e\\n\u003chtml class> "status": 403
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/w-pu_w",
"token": "nHi-aCEXqSxvOl3YftlCWZWMa1j3Ma9uThkDzrQFQZ8",
"validationRecord": [
{
"url": "http://cloud.zin.tl/.well-known/acme-challenge/nHi-aCEXqSxvOl3YftlCWZWMa1j3Ma9uThkDzrQFQZ8",
"hostname": "cloud.zin.tl",
"port": "80",
"addressesResolved": [
"87.169.127.141"
],
"addressUsed": "87.169.127.141"
},
{
"url": "http://cloud.zin.tl/login",
"hostname": "cloud.zin.tl",
"port": "80",
"addressesResolved": [
"87.169.127.141"
],
"addressUsed": "87.169.127.141"
}
],
"validated": "2022-11-29T08:41:12Z"
}
]
}
2022-11-29 08:41:17,117:DEBUG:acme.client:Storing nonce: F97706GLFl6iQIC-hCL55_slCXgB92VyxZMBdeHufGzMNjU
2022-11-29 08:41:17,118:INFO:certbot._internal.auth_handler:Challenge failed for domain cloud.zin.tl
2022-11-29 08:41:17,118:INFO:certbot._internal.auth_handler:http-01 challenge for cloud.zin.tl
2022-11-29 08:41:17,118:DEBUG:certbot._internal.display.obj:Notifying user:
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: cloud.zin.tl
Type: unauthorized
Detail: 87.169.127.141: Invalid response from http://cloud.zin.tl/login: "<!DOCTYPE html>\n<html class=\"ng-csp\" data-placehold>
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the liste>
2022-11-29 08:41:17,118:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2022-11-29 08:41:17,118:DEBUG:certbot._internal.error_handler:Calling registered functions
2022-11-29 08:41:17,118:INFO:certbot._internal.auth_handler:Cleaning up challenges
2022-11-29 08:41:17,258:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 33, in <module>
sys.exit(load_entry_point('certbot==1.21.0', 'console_scripts', 'certbot')())
File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main
return internal_main.main(cli_args)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1574, in main
return config.func(config, plugins)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1287, in run
new_lineage = _get_and_save_cert(le_client, config, domains,
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 459, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 389, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 439, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2022-11-29 08:41:17,258:ERROR:certbot._internal.log:Some challenges have failed.