Certbot Nginx plugin fail?

My domain is:

I ran this command:

sudo certbot --nginx --rsa-key-size 4096 -v --dry-run --test-cert renew

It produced this output:
full output

http-01 challenge for mail.renge.io
http-01 challenge for mongo.renge.io
http-01 challenge for renge.io
http-01 challenge for revbdpan.renge.io
Waiting for verification...
Challenge failed for domain mail.renge.io
Challenge failed for domain mongo.renge.io
Challenge failed for domain renge.io
Challenge failed for domain revbdpan.renge.io

  Domain: mail.renge.io
  Type:   unauthorized
  Detail: Invalid response from https://mail.renge.io/sso/login: "\n<!doctype html>\n<html lang=\"\" data-static=\"/static/\">\n  <head>\n    <meta charset=\"utf-8\">\n    <meta name=\"viewport\" content=\"wi"

  Domain: mongo.renge.io
  Type:   unauthorized
  Detail: Invalid response from https://mongo.renge.io/.well-known/acme-challenge/CO6-1hGmgM-ZF-Z5XTMZZdIaR6t0MZUbi4Je7vL6HbM: 401

  Domain: renge.io
  Type:   unauthorized
  Detail: Invalid response from https://renge.io/.well-known/acme-challenge/RNFkGJgebBMubP6yynHScNF5iRMJr1Sa8ogRhS-K7nE: 404

  Domain: revbdpan.renge.io
  Type:   unauthorized
  Detail: Invalid response from https://revbdpan.renge.io/.well-known/acme-challenge/J0Y35xpzhOza7C8F9acYufeyvRGV3ZplP0BZDERx7ps: 500

My web server is (include version):

nginx version: nginx/1.21.6

The operating system my web server runs on is (include version):

Arch Linux, 5.18.7-arch1-1

My hosting provider, if applicable, is:


I can login to a root shell on my machine (yes or no, or I don't know):


I'm using a control panel to manage my site (no, or provide the name and version of the control panel):


The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

certbot 1.28.0

It seems that Certbot failed to apply temporary nginx configuration to nginx.

mail is a webapp so it redirected to login page;
mongo is a mongodb compass webui so it return 401 asked for authentication
the main site is a simple webserver so obviously it return 404
revbdpan is a dead reverse proxy so it return 500

I ran certbot successfully before(my site certification is signed by lets encrypt), but it fail when I try to renew it this time.

The renew command will repeat the previous certificate request using whatever configuration was used at the time, so if you didn't use --nginx when you first requested the cert that could be the problem?


actually I want to add new site

I use renew just because --dry-run(for testing, failed in normal mode) option require renew or certonly mode

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.