Certbot - Invalid response 403, Type unauthorized

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
cloud.zin.tl

I ran this command:
certbot

It produced this output:
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: cloud.zin.tl
Type: unauthorized
Detail: 87.169.127.141: Invalid response from Login – Nextcloud "\n<html class="ng-csp" data-placeholder-focus="false" lang="en" data-locale="en" >\n\t<head\n data-requesttoken="eUm6"

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details

My web server is (include version):
Apache 2.4.52

The operating system my web server runs on is (include version):
ubtuntu 22.04.1

My hosting provider, if applicable, is:
selfhosted

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
both ssh and webadmin 2.010

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
1.21.0

letsdebug found no problems Let's Debug

2

Show us your virtualhost file.

1 Like
3

This is my active webadmin config @ /etc/apache2/sites-available
Edit2: my nextcloud files are in /var/www/html/

<VirtualHost cloud.zin.tl:*>
    DocumentRoot "/var/www/html"
    <Directory "/var/www/html">
        Options None
        Require all granted
    </Directory>
</VirtualHost>
4

please use this button:
image

4 Likes
5

sorry, fixed the formatting

6

That's the whole log from certbot:

2022-11-29 08:41:05,656:DEBUG:certbot._internal.main:certbot version: 1.21.0
2022-11-29 08:41:05,657:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2022-11-29 08:41:05,657:DEBUG:certbot._internal.main:Arguments: ['--apache', '-m', 'testmail@zin.tl']
2022-11-29 08:41:05,657:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#>2022-11-29 08:41:05,664:DEBUG:certbot._internal.log:Root logging level set at 30
2022-11-29 08:41:05,665:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache
2022-11-29 08:41:05,719:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.52
2022-11-29 08:41:05,866:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: Installer, Authenticator, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7fcb1636bc10>
Prep: True
2022-11-29 08:41:05,866:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_apache._internal.override_debian>2022-11-29 08:41:05,866:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator apache, Installer apache
2022-11-29 08:41:05,908:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, con>2022-11-29 08:41:05,908:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2022-11-29 08:41:05,910:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2022-11-29 08:41:06,409:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 659
2022-11-29 08:41:06,410:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 29 Nov 2022 08:41:06 GMT
Content-Type: application/json
Content-Length: 659
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "Qyu5ObqNt64": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2022-11-29 08:41:08,634:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for cloud.zin.tl
2022-11-29 08:41:08,903:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0005_key-certbot.pem
2022-11-29 08:41:08,906:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0005_csr-certbot.pem
2022-11-29 08:41:08,908:DEBUG:acme.client:Requesting fresh nonce
2022-11-29 08:41:08,908:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2022-11-29 08:41:09,070:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 02022-11-29 08:41:09,071:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 29 Nov 2022 08:41:08 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: F977ikAU9h0GcYzbZ3ELJvtwHGOvYGLlSYs8e7WaJXR2bKQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2022-11-29 08:41:09,071:DEBUG:acme.client:Storing nonce: F977ikAU9h0GcYzbZ3ELJvtwHGOvYGLlSYs8e7WaJXR2bKQ
2022-11-29 08:41:09,071:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "cloud.zin.tl"\n    }\n  ]\n}'
2022-11-29 08:41:09,073:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODM2NzgxNzI3IiwgIm>  "signature": "BFBXZjqm4KGs_50MSx0KlpxIqOQwuHvx0XRzbU9eBXPvZ36Hi1NeOj-vJ8k6ec6gdQMw4p17v78mlNXcPf0zsg9RRTLFWVn3G2qvX3PpEEh1ICKduu>  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNsb3VkLnppbi50bCIKICAgIH0KICBd>}
2022-11-29 08:41:09,281:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 >2022-11-29 08:41:09,282:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Tue, 29 Nov 2022 08:41:09 GMT
Content-Type: application/json
Content-Length: 337
Connection: keep-alive
Boulder-Requester: 836781727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/836781727/148614674747
Replay-Nonce: A5FEau04_BHxXq_fxPVsPdWRMg1VBzRaHqYSnIiq-r4dK8E
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "pending",
  "expires": "2022-12-06T08:41:09Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "cloud.zin.tl"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/181811452687"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/836781727/148614674747"
}
2022-11-29 08:41:09,282:DEBUG:acme.client:Storing nonce: A5FEau04_BHxXq_fxPVsPdWRMg1VBzRaHqYSnIiq-r4dK8E
2022-11-29 08:41:09,282:DEBUG:acme.client:JWS payload:
b''
2022-11-29 08:41:09,284:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/181811452687:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODM2NzgxNzI3IiwgIm>  "signature": "hDYH5WkSfZRWRTwx5GapJEphgV08rXbcl71PzVCgnmGQZkUtXeIAQQlBlNOwDUjiVz3t4Q_4mJM5YiHTvVlWxivBcB-FuB1wK0Iw8sUEKKbcC_mcaE>  "payload": ""
}
2022-11-29 08:41:09,448:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/181811452687 HT>2022-11-29 08:41:09,448:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 29 Nov 2022 08:41:09 GMT
Content-Type: application/json
Content-Length: 796
Connection: keep-alive
Boulder-Requester: 836781727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: A5FE3vF_V40votE4HNlxaR0890z9Xn3SWbwJJHKAE4iZPo4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "cloud.zin.tl"
  },
  "status": "pending",
  "expires": "2022-12-06T08:41:09Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/w-pu_w",
      "token": "nHi-aCEXqSxvOl3YftlCWZWMa1j3Ma9uThkDzrQFQZ8"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/VYhF5w",
      "token": "nHi-aCEXqSxvOl3YftlCWZWMa1j3Ma9uThkDzrQFQZ8"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/InkXUw",
      "token": "nHi-aCEXqSxvOl3YftlCWZWMa1j3Ma9uThkDzrQFQZ8"
    }
  ]
}
2022-11-29 08:41:09,448:DEBUG:acme.client:Storing nonce: A5FE3vF_V40votE4HNlxaR0890z9Xn3SWbwJJHKAE4iZPo4
2022-11-29 08:41:09,449:INFO:certbot._internal.auth_handler:Performing the following challenges:
2022-11-29 08:41:09,449:INFO:certbot._internal.auth_handler:http-01 challenge for cloud.zin.tl
2022-11-29 08:41:09,453:DEBUG:certbot_apache._internal.http_01:Adding a temporary challenge validation Include for name: cloud.zin>2022-11-29 08:41:09,453:DEBUG:certbot_apache._internal.http_01:writing a pre config file with text:
         RewriteEngine on
        RewriteRule ^/\.well-known/acme-challenge/([A-Za-z0-9-_=]+)$ /var/lib/letsencrypt/http_challenges/$1 [END]

2022-11-29 08:41:09,454:DEBUG:certbot_apache._internal.http_01:writing a post config file with text:
         <Directory /var/lib/letsencrypt/http_challenges>
            Require all granted
        </Directory>
        <Location /.well-known/acme-challenge>
            Require all granted
        </Location>

2022-11-29 08:41:09,473:DEBUG:certbot.reverter:Creating backup of /etc/apache2/sites-enabled/000-default.conf
2022-11-29 08:41:12,603:DEBUG:acme.client:JWS payload:
b'{}'
2022-11-29 08:41:12,605:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/>{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODM2NzgxNzI3IiwgIm>  "signature": "FuaIhz3ZGWLvJZAO6qAhJKBkotuWCW9u7_a7bD-PIJquIH1q3jZjuFVKv8pOjiJNgWPS5FNDOUbUMxHPo3pXBaYv-CzgCh0_Vg29SmibdGdBUMiopm>  "payload": "e30"
}
2022-11-29 08:41:12,774:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/181811452687/w->2022-11-29 08:41:12,774:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 29 Nov 2022 08:41:12 GMT
Content-Type: application/json
Content-Length: 187
Connection: keep-alive
Boulder-Requester: 836781727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/1818114526>Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/w-pu_w
Replay-Nonce: F977HOCsgmjSWyEv1mexHMCPrHUFZdIEfHW-Pq9o9H_2iAM
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/w-pu_w",
  "token": "nHi-aCEXqSxvOl3YftlCWZWMa1j3Ma9uThkDzrQFQZ8"
}
2022-11-29 08:41:12,774:DEBUG:acme.client:Storing nonce: F977HOCsgmjSWyEv1mexHMCPrHUFZdIEfHW-Pq9o9H_2iAM
2022-11-29 08:41:12,775:INFO:certbot._internal.auth_handler:Waiting for verification...
2022-11-29 08:41:13,776:DEBUG:acme.client:JWS payload:
b''
2022-11-29 08:41:13,778:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/181811452687:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODM2NzgxNzI3IiwgIm>  "signature": "bNTru4ZmJ_vk9N0DEPDy3cQEztkpSGMynDRMLi1sMlSmUiZ4Y-JwnU4oU1NcnLrdS7j75DjXHLeYjQdGf7fgJcDliR0IsI68xUSADno2JZHxRQsnuf>  "payload": ""
}
2022-11-29 08:41:13,944:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/181811452687 HT>2022-11-29 08:41:13,944:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 29 Nov 2022 08:41:13 GMT
Content-Type: application/json
Content-Length: 796
Connection: keep-alive
Boulder-Requester: 836781727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: C400HKGyH_cTLTIbwaK9mXLgp1dI0YQTEZOQ8uBDT2zikE8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "cloud.zin.tl"
  },
  "status": "pending",
  "expires": "2022-12-06T08:41:09Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/w-pu_w",
      "token": "nHi-aCEXqSxvOl3YftlCWZWMa1j3Ma9uThkDzrQFQZ8"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/VYhF5w",
      "token": "nHi-aCEXqSxvOl3YftlCWZWMa1j3Ma9uThkDzrQFQZ8"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/InkXUw",
      "token": "nHi-aCEXqSxvOl3YftlCWZWMa1j3Ma9uThkDzrQFQZ8"
    }
  ]
}
2022-11-29 08:41:13,945:DEBUG:acme.client:Storing nonce: C400HKGyH_cTLTIbwaK9mXLgp1dI0YQTEZOQ8uBDT2zikE8
2022-11-29 08:41:16,948:DEBUG:acme.client:JWS payload:
b''
2022-11-29 08:41:16,950:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/181811452687:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODM2NzgxNzI3IiwgIm>  "signature": "OTxXTRD2PVwTrforDLcNUr8qjki1qG6OBpoL1wXDTgPbEqIihCx2_My5SvXKzZq9xWS_iF8ufMcqJg4I33xmImTWdP-eOP99HLHJeVAnPjMa2blNUL>  "payload": ""
}
2022-11-29 08:41:17,116:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/181811452687 HT>2022-11-29 08:41:17,117:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 29 Nov 2022 08:41:17 GMT
Content-Type: application/json
Content-Length: 1389
Connection: keep-alive
Boulder-Requester: 836781727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: F97706GLFl6iQIC-hCL55_slCXgB92VyxZMBdeHufGzMNjU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "cloud.zin.tl"
  },
  "status": "invalid",
  "expires": "2022-12-06T08:41:09Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:unauthorized",
        "detail": "87.169.127.141: Invalid response from http://cloud.zin.tl/login: \"\u003c!DOCTYPE html\u003e\\n\u003chtml class>        "status": 403
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/181811452687/w-pu_w",
      "token": "nHi-aCEXqSxvOl3YftlCWZWMa1j3Ma9uThkDzrQFQZ8",
      "validationRecord": [
        {
          "url": "http://cloud.zin.tl/.well-known/acme-challenge/nHi-aCEXqSxvOl3YftlCWZWMa1j3Ma9uThkDzrQFQZ8",
          "hostname": "cloud.zin.tl",
          "port": "80",
          "addressesResolved": [
            "87.169.127.141"
          ],
          "addressUsed": "87.169.127.141"
        },
        {
          "url": "http://cloud.zin.tl/login",
          "hostname": "cloud.zin.tl",
	  "port": "80",
          "addressesResolved": [
            "87.169.127.141"
          ],
          "addressUsed": "87.169.127.141"
        }
      ],
      "validated": "2022-11-29T08:41:12Z"
    }
  ]
}
2022-11-29 08:41:17,117:DEBUG:acme.client:Storing nonce: F97706GLFl6iQIC-hCL55_slCXgB92VyxZMBdeHufGzMNjU
2022-11-29 08:41:17,118:INFO:certbot._internal.auth_handler:Challenge failed for domain cloud.zin.tl
2022-11-29 08:41:17,118:INFO:certbot._internal.auth_handler:http-01 challenge for cloud.zin.tl
2022-11-29 08:41:17,118:DEBUG:certbot._internal.display.obj:Notifying user:
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
  Domain: cloud.zin.tl
  Type:   unauthorized
  Detail: 87.169.127.141: Invalid response from http://cloud.zin.tl/login: "<!DOCTYPE html>\n<html class=\"ng-csp\" data-placehold>

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the liste>

2022-11-29 08:41:17,118:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

2022-11-29 08:41:17,118:DEBUG:certbot._internal.error_handler:Calling registered functions
2022-11-29 08:41:17,118:INFO:certbot._internal.auth_handler:Cleaning up challenges
2022-11-29 08:41:17,258:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/certbot", line 33, in <module>
    sys.exit(load_entry_point('certbot==1.21.0', 'console_scripts', 'certbot')())
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main
    return internal_main.main(cli_args)
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1574, in main
    return config.func(config, plugins)
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1287, in run
    new_lineage = _get_and_save_cert(le_client, config, domains,
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
  File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 459, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
  File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 389, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 439, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2022-11-29 08:41:17,258:ERROR:certbot._internal.log:Some challenges have failed.
7

Played around with the virtual host file and this worked for me:

<VirtualHost *:80>
     ServerAdmin testmail@zin.tl
     DocumentRoot /var/www/html/
     ServerName cloud.zin.tl
     ErrorLog /var/log/apache2/nextcloud-error.log
     CustomLog /var/log/apache2/nextcloud-access.log combined

    <Directory /var/www/html/>
        Options +FollowSymlinks
        AllowOverride All
        Require all granted
        SetEnv HOME /var/www/html/
        SetEnv HTTP_HOME /var/www/html/
        <IfModule mod_dav.c>
          Dav off
        </IfModule>
    </Directory>
RewriteEngine on
RewriteCond %{SERVER_NAME} =cloud.zin.tl
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
2 Likes
8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.