Hi,
we are using LetsEncrypt in combination with certbot on Ubuntu 16.04 - so far everything worked fine.
But after upgrading to 0.21.1 it’s no more possible to get new certs.
I usually use
certbot --apache certonly --cert-name xyz.com
Worked fine so far without any problems, but after the update I got only an error:
Detail: Invalid response from
A look in Apache Logfiles says:
AH01797: client denied by server configuration:
/var/lib/letsencrypt/http_challenges
Is DocumentRoot in the VirtualHost Container ignored? /var/lib/letsencrypt is NOT my webroot. Or is is overwritten while authentication ?
Nevertheless I tried to change permission for /var/lib/letsencrypt/ in apache2.conf - and this errormsg vanished but nevertheless no new cert is available, there’s a new error message:
Failed authorization procedure. xyz.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from …
I don’t know what’s going wrong - changed nothing in server configuration and everything worked fine until the last update.
Any help would be appreciated. Thank you very much in advance
Hi @djack, the colon there is part of the error output from Certbot, not part of the filename. So that apparent discrepancy isn't the reason for your error.
I’ve just tried again and it is working now so I wonder if there was something network-wise giving problems.
Can I suggest modifying the certbot error reporting output to make it clear what the actual requested URL was? That colon caused me a great deal of confusion.
@joohoi, if you happen to look in on this, I’m afraid we’ve gotten two separate issues mixed up in this thread but I’m still curious about the original issue with certonly --apachefailing and the default run --apache succeeding.