Certbot Nginx plugin fail?

My domain is:
renge.io

I ran this command:

sudo certbot --nginx --rsa-key-size 4096 -v --dry-run --test-cert renew

It produced this output:
full output

...
http-01 challenge for mail.renge.io
http-01 challenge for mongo.renge.io
http-01 challenge for renge.io
http-01 challenge for revbdpan.renge.io
...
Waiting for verification...
...
Challenge failed for domain mail.renge.io
Challenge failed for domain mongo.renge.io
Challenge failed for domain renge.io
Challenge failed for domain revbdpan.renge.io
...

...
  Domain: mail.renge.io
  Type:   unauthorized
  Detail: 195.154.240.190: Invalid response from https://mail.renge.io/sso/login: "\n<!doctype html>\n<html lang=\"\" data-static=\"/static/\">\n  <head>\n    <meta charset=\"utf-8\">\n    <meta name=\"viewport\" content=\"wi"

  Domain: mongo.renge.io
  Type:   unauthorized
  Detail: 195.154.240.190: Invalid response from https://mongo.renge.io/.well-known/acme-challenge/CO6-1hGmgM-ZF-Z5XTMZZdIaR6t0MZUbi4Je7vL6HbM: 401

  Domain: renge.io
  Type:   unauthorized
  Detail: 195.154.240.190: Invalid response from https://renge.io/.well-known/acme-challenge/RNFkGJgebBMubP6yynHScNF5iRMJr1Sa8ogRhS-K7nE: 404

  Domain: revbdpan.renge.io
  Type:   unauthorized
  Detail: 195.154.240.190: Invalid response from https://revbdpan.renge.io/.well-known/acme-challenge/J0Y35xpzhOza7C8F9acYufeyvRGV3ZplP0BZDERx7ps: 500
...

My web server is (include version):

nginx version: nginx/1.21.6

The operating system my web server runs on is (include version):

Arch Linux, 5.18.7-arch1-1

My hosting provider, if applicable, is:

oneprovider

I can login to a root shell on my machine (yes or no, or I don't know):

yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

certbot 1.28.0

It seems that Certbot failed to apply temporary nginx configuration to nginx.

mail is a webapp so it redirected to login page;
mongo is a mongodb compass webui so it return 401 asked for authentication
the main site is a simple webserver so obviously it return 404
revbdpan is a dead reverse proxy so it return 500

I ran certbot successfully before(my site certification is signed by lets encrypt), but it fail when I try to renew it this time.

The renew command will repeat the previous certificate request using whatever configuration was used at the time, so if you didn't use --nginx when you first requested the cert that could be the problem?

2 Likes

actually I want to add new site

I use renew just because --dry-run(for testing, failed in normal mode) option require renew or certonly mode

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.