Certbot renew not working

Help
5

/var/www/html - I also disabled the redirect

Look here is what I do:

  1. I run the following and wait until it prompts me to Press Enter to continue:

sudo certbot run --debug-challenges -v -a webroot -i apache -w /var/www/html -d skargeth.at -d www.skargeth.at
Root logging level set at 10
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requested authenticator webroot and installer apache
Apache version is 2.4.33
Single candidate plugin: * apache
Description: Apache Web Server plugin - Beta
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: apache = certbot_apache.entrypoint:ENTRYPOINT
Initialized: <certbot_apache.override_debian.DebianConfigurator object at 0x7f17f2f95a58>
Prep: True
Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0x7f17eeebfa58>
Prep: True
Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7f17eeebfa58> and installer <certbot_apache.override_debian.DebianConfigurator object at 0x7f17f2f95a58>
Plugins selected: Authenticator webroot, Installer apache
Picked account: <Account(RegistrationResource(body=Registration(key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7f17eed935c0>)>), contact=('mailto:martin@skargeth.at',), agreement='https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf', status=None, terms_of_service_agreed=None, only_return_existing=None), uri='https://acme-v01.api.letsencrypt.org/acme/reg/7831957', new_authzr_uri='https://acme-v01.api.letsencrypt.org/acme/new-authz', terms_of_service='https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf'), 244bbca5f5432601c9d5b1756fd5694e, Meta(creation_dt=datetime.datetime(2016, 12, 29, 8, 28, 52, tzinfo=), creation_host='SKA-WEB01'))>
Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 658
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 23 Nov 2018 18:55:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 23 Nov 2018 18:55:32 GMT
Connection: keep-alive

{
"KaW3Jac5Rzk": "Adding random entries to the directory",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
Should renew, less than 30 days before certificate expiry 2018-12-06 20:16:29 UTC.
Cert is due for renewal, auto-renewing...
Renewing an existing certificate
Generating key (2048 bits): /etc/letsencrypt/keys/0369_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0372_csr-certbot.pem
Requesting fresh nonce
Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-order.
https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-order HTTP/1.1" 405 0
Received response:
HTTP 405
Server: nginx
Content-Type: application/problem+json
Content-Length: 103
Allow: POST
Replay-Nonce: Vd1eVsa2Yx7eOadTIrH5IRYQiMSLIwGV4kBPij_78p0
Expires: Fri, 23 Nov 2018 18:55:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 23 Nov 2018 18:55:32 GMT
Connection: keep-alive

Storing nonce: Vd1eVsa2Yx7eOadTIrH5IRYQiMSLIwGV4kBPij_78p0
JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "skargeth.at"\n },\n {\n "type": "dns",\n "value": "www.skargeth.at"\n }\n ],\n "status": "pending",\n "resource": "new-order"\n}'
Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDEuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL3JlZy83ODMxOTU3IiwgIm5vbmNlIjogIlZkMWVWc2EyWXg3ZU9hZFRJckg1SVJZUWlNU0xJd0dWNGtCUGlqXzc4cDAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9",
"signature": "bSPbONx1-cSr3FY-Yo3oPrHQDjYtu1n0vq4l0_BXeaFGXOS_r82VrQOi5wXNmJnk7HShNHnBRm69EDwnPRnsvFzBebOCr8okGdF3uM0AaUOImozKqEX6HwIKEfGDVQ3zVacIbqSM7iU9g2TTvNPLB7vizFkChq42k8X_2vKqJyONy2YgHf9L3b5u76iKyPBtAYvQnEsCury6RVX2vQ96waPhqhg4b_APJzEw9A2qzpXg4bbS_2nArTW_aB44v3iWKjFzfiHVXb6DZyE09MNEpsGULHZx-x-KBZnjBDDsHURrCge8ItlMKswGmgjecU53CVZooE5lblJ0Beqb8qTRWQ",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInNrYXJnZXRoLmF0IgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy5za2FyZ2V0aC5hdCIKICAgIH0KICBdLAogICJzdGF0dXMiOiAicGVuZGluZyIsCiAgInJlc291cmNlIjogIm5ldy1vcmRlciIKfQ"
}
https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 525
Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 525
Boulder-Requester: 7831957
Location: https://acme-v02.api.letsencrypt.org/acme/order/7831957/188739252
Replay-Nonce: EzlTkZDLIFhB472n36qghj7adDGQSfJtaqeCWHSeGYI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 23 Nov 2018 18:55:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 23 Nov 2018 18:55:32 GMT
Connection: keep-alive

{
"status": "pending",
"expires": "2018-11-30T18:55:15Z",
"identifiers": [
{
"type": "dns",
"value": "skargeth.at"
},
{
"type": "dns",
"value": "www.skargeth.at"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw",
"https://acme-v02.api.letsencrypt.org/acme/authz/N7GPQoMCIhoGgnkyZeHlV7IrxEN0uH-p_yyDBwmyicc"
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/7831957/188739252"
}
Storing nonce: EzlTkZDLIFhB472n36qghj7adDGQSfJtaqeCWHSeGYI
Sending GET request to https://acme-v02.api.letsencrypt.org/acme/authz/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw.
https://acme-v02.api.letsencrypt.org:443 "GET /acme/authz/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw HTTP/1.1" 200 1155
Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1155
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 23 Nov 2018 18:55:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 23 Nov 2018 18:55:32 GMT
Connection: keep-alive

{
"identifier": {
"type": "dns",
"value": "skargeth.at"
},
"status": "pending",
"expires": "2018-11-30T18:55:15Z",
"challenges": [
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155551",
"token": "W3mgQq8F4kGJEbr6acn9jEQeeIvFY1qmuLYMhFP3cyw"
},
{
"type": "tls-sni-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155552",
"token": "nCFD_IQOfOJ2_eVlxDNXxZVFjMQrcMhHVPw2XN0qvns"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155553",
"token": "wIiPBl40CjvwQieF2TNGNQRrFHbTdWLSXwb95iYwUt8"
},
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155555",
"token": "AMZCtl_FW6B1xLOhGePa5R8l35_eUsGj_RGnyZLNcWU"
}
]
}
Sending GET request to https://acme-v02.api.letsencrypt.org/acme/authz/N7GPQoMCIhoGgnkyZeHlV7IrxEN0uH-p_yyDBwmyicc.
https://acme-v02.api.letsencrypt.org:443 "GET /acme/authz/N7GPQoMCIhoGgnkyZeHlV7IrxEN0uH-p_yyDBwmyicc HTTP/1.1" 200 1159
Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1159
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 23 Nov 2018 18:55:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 23 Nov 2018 18:55:33 GMT
Connection: keep-alive

{
"identifier": {
"type": "dns",
"value": "www.skargeth.at"
},
"status": "pending",
"expires": "2018-11-30T18:55:15Z",
"challenges": [
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/N7GPQoMCIhoGgnkyZeHlV7IrxEN0uH-p_yyDBwmyicc/9579155566",
"token": "qMIKhsbEkI0CGdbqq5Hb8CXuK3dFJudOpPNCtPhtFZM"
},
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/N7GPQoMCIhoGgnkyZeHlV7IrxEN0uH-p_yyDBwmyicc/9579155568",
"token": "qaByQrmxOiIBmo3iKIcbMXkrlPn1BNT9wzdAT_skKSM"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/N7GPQoMCIhoGgnkyZeHlV7IrxEN0uH-p_yyDBwmyicc/9579155570",
"token": "ksm92EBsIvMUKS_q5k2tyqcXII-4NtLHy6nXrWmfZg0"
},
{
"type": "tls-sni-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/N7GPQoMCIhoGgnkyZeHlV7IrxEN0uH-p_yyDBwmyicc/9579155572",
"token": "R0E5RkVwu8f2jfaaN21Efr_NUNzkVnyDTQYcw31K-dk"
}
]
}
Performing the following challenges:
http-01 challenge for skargeth.at
http-01 challenge for www.skargeth.at
Using the webroot path /var/www/html for all unmatched domains.
Creating root challenges validation dir at /var/www/html/.well-known/acme-challenge
Creating root challenges validation dir at /var/www/html/.well-known/acme-challenge
Attempting to save validation to /var/www/html/.well-known/acme-challenge/AMZCtl_FW6B1xLOhGePa5R8l35_eUsGj_RGnyZLNcWU
Attempting to save validation to /var/www/html/.well-known/acme-challenge/qaByQrmxOiIBmo3iKIcbMXkrlPn1BNT9wzdAT_skKSM
Waiting for verification...

Challenges loaded. Press continue to submit to CA. Pass "-v" for more info about
challenges.

At this point i can access the file at: http://skargeth.at/.well-known/acme-challenge/qaByQrmxOiIBmo3iKIcbMXkrlPn1BNT9wzdAT_skKSM -> it's content is qaByQrmxOiIBmo3iKIcbMXkrlPn1BNT9wzdAT_skKSM.XUin-qerlRsOXMDLRYX5TYOyBKZoQ5yDq15IYuOMI_M

And for diagnostic reasons, here is the output after hitting enter:

JWS payload:
b'{\n "resource": "challenge",\n "keyAuthorization": "AMZCtl_FW6B1xLOhGePa5R8l35_eUsGj_RGnyZLNcWU.XUin-qerlRsOXMDLRYX5TYOyBKZoQ5yDq15IYuOMI_M",\n "type": "http-01"\n}'
Sending POST request to https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155555:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDEuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL3JlZy83ODMxOTU3IiwgIm5vbmNlIjogIkV6bFRrWkRMSUZoQjQ3Mm4zNnFnaGo3YWRER1FTZkp0YXFlQ1dIU2VHWUkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsZW5nZS9BZE5IQ0ZzdjE3aEF4MzVaODRwdkxrR29tTERqcW5qVW5laFFpNThaY0R3Lzk1NzkxNTU1NTUifQ",
"signature": "SnUeXm2On74m6lSstPqX6efaAGpiqqo03A5tLaHJPOEWLmVl8kg9UMb-p-UwErQcEXBInSjrBxjPmI_uNEwGwVGcD9tyhnm8iUNZ3lWOgcbfKYhAnGWTlKjjuQj5mHsYtxugXDrlXNI9Q2Dg6xFBLw-v1sKWkkGtUpaRsvRKtFaxA6H3TDzgt7-IJLBHy8hZs_YKZtyT2XacEG7mDTMh-xIQPcL_9ebniYb3_GLoT79R3qzLCQ6b1oth0iDYrOiA4XV58wYwaUdyeqdsDaXpkG3mqQtgAjiZiRtHfPXe-QnlKzng975GNqMmaPL9ofl-DStFACszcZBLTR6Opwf_rg",
"payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJrZXlBdXRob3JpemF0aW9uIjogIkFNWkN0bF9GVzZCMXhMT2hHZVBhNVI4bDM1X2VVc0dqX1JHbnlaTE5jV1UuWFVpbi1xZXJsUnNPWE1ETFJZWDVUWU95Qktab1E1eURxMTVJWXVPTUlfTSIsCiAgInR5cGUiOiAiaHR0cC0wMSIKfQ"
}
https://acme-v02.api.letsencrypt.org:443 "POST /acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155555 HTTP/1.1" 200 223
Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 223
Boulder-Requester: 7831957
Link: https://acme-v02.api.letsencrypt.org/acme/authz/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155555
Replay-Nonce: -XyNUmxvIbGGQnbN9XNeVq-9I3q4nlAYLVNAOrfREv4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 23 Nov 2018 19:01:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 23 Nov 2018 19:01:16 GMT
Connection: keep-alive

{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155555",
"token": "AMZCtl_FW6B1xLOhGePa5R8l35_eUsGj_RGnyZLNcWU"
}
Storing nonce: -XyNUmxvIbGGQnbN9XNeVq-9I3q4nlAYLVNAOrfREv4
JWS payload:
b'{\n "resource": "challenge",\n "keyAuthorization": "qaByQrmxOiIBmo3iKIcbMXkrlPn1BNT9wzdAT_skKSM.XUin-qerlRsOXMDLRYX5TYOyBKZoQ5yDq15IYuOMI_M",\n "type": "http-01"\n}'
Sending POST request to https://acme-v02.api.letsencrypt.org/acme/challenge/N7GPQoMCIhoGgnkyZeHlV7IrxEN0uH-p_yyDBwmyicc/9579155568:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDEuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL3JlZy83ODMxOTU3IiwgIm5vbmNlIjogIi1YeU5VbXh2SWJHR1FuYk45WE5lVnEtOUkzcTRubEFZTFZOQU9yZlJFdjQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsZW5nZS9ON0dQUW9NQ0lob0dnbmt5WmVIbFY3SXJ4RU4wdUgtcF95eURCd215aWNjLzk1NzkxNTU1NjgifQ",
"signature": "Wg-HPXi0LbsXRjMpR47m-Bjp_uEgr08QRubxghhAcFCGeAvLVUKGQefJgx2WBQ51nZBWbqAaHDKRP3xjAD7qYcfu51a8uhRmI0d5H8Ep8YwpFnf4Nyi2BUAC7X-sy9voNILw29igyHUwrK3itqjbaym3dhJdKf0bWLVRjf1EJ7368f-hLHPJ0nUCazi9acaSb1I2FsnXJ0-S_Gknb5i6yF9VZlOoI7bBGYZ80feJHgtXtWyq3iKWGgeiQIfexRUExSGygGDC20OfchZaEXsilgcjjCTNigp9wf-QFYg-5XwaV2lsUqIuIem3-GcXCDA4QWztW4RASTXZqjd1SfyIeA",
"payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJrZXlBdXRob3JpemF0aW9uIjogInFhQnlRcm14T2lJQm1vM2lLSWNiTVhrcmxQbjFCTlQ5d3pkQVRfc2tLU00uWFVpbi1xZXJsUnNPWE1ETFJZWDVUWU95Qktab1E1eURxMTVJWXVPTUlfTSIsCiAgInR5cGUiOiAiaHR0cC0wMSIKfQ"
}
https://acme-v02.api.letsencrypt.org:443 "POST /acme/challenge/N7GPQoMCIhoGgnkyZeHlV7IrxEN0uH-p_yyDBwmyicc/9579155568 HTTP/1.1" 200 223
Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 223
Boulder-Requester: 7831957
Link: https://acme-v02.api.letsencrypt.org/acme/authz/N7GPQoMCIhoGgnkyZeHlV7IrxEN0uH-p_yyDBwmyicc;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/challenge/N7GPQoMCIhoGgnkyZeHlV7IrxEN0uH-p_yyDBwmyicc/9579155568
Replay-Nonce: 5eJB_0x76p3If9V_88h_keI4ytwultzcoRGrmgEL0bQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 23 Nov 2018 19:01:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 23 Nov 2018 19:01:17 GMT
Connection: keep-alive

{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/N7GPQoMCIhoGgnkyZeHlV7IrxEN0uH-p_yyDBwmyicc/9579155568",
"token": "qaByQrmxOiIBmo3iKIcbMXkrlPn1BNT9wzdAT_skKSM"
}
Storing nonce: 5eJB_0x76p3If9V_88h_keI4ytwultzcoRGrmgEL0bQ
Sending GET request to https://acme-v02.api.letsencrypt.org/acme/authz/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw.
https://acme-v02.api.letsencrypt.org:443 "GET /acme/authz/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw HTTP/1.1" 200 1155
Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1155
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 23 Nov 2018 19:01:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 23 Nov 2018 19:01:20 GMT
Connection: keep-alive

{
"identifier": {
"type": "dns",
"value": "skargeth.at"
},
"status": "pending",
"expires": "2018-11-30T18:55:15Z",
"challenges": [
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155551",
"token": "W3mgQq8F4kGJEbr6acn9jEQeeIvFY1qmuLYMhFP3cyw"
},
{
"type": "tls-sni-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155552",
"token": "nCFD_IQOfOJ2_eVlxDNXxZVFjMQrcMhHVPw2XN0qvns"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155553",
"token": "wIiPBl40CjvwQieF2TNGNQRrFHbTdWLSXwb95iYwUt8"
},
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155555",
"token": "AMZCtl_FW6B1xLOhGePa5R8l35_eUsGj_RGnyZLNcWU"
}
]
}
Sending GET request to https://acme-v02.api.letsencrypt.org/acme/authz/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw.
https://acme-v02.api.letsencrypt.org:443 "GET /acme/authz/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw HTTP/1.1" 200 1155
Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1155
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 23 Nov 2018 19:01:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 23 Nov 2018 19:01:23 GMT
Connection: keep-alive

{
"identifier": {
"type": "dns",
"value": "skargeth.at"
},
"status": "pending",
"expires": "2018-11-30T18:55:15Z",
"challenges": [
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155551",
"token": "W3mgQq8F4kGJEbr6acn9jEQeeIvFY1qmuLYMhFP3cyw"
},
{
"type": "tls-sni-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155552",
"token": "nCFD_IQOfOJ2_eVlxDNXxZVFjMQrcMhHVPw2XN0qvns"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155553",
"token": "wIiPBl40CjvwQieF2TNGNQRrFHbTdWLSXwb95iYwUt8"
},
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155555",
"token": "AMZCtl_FW6B1xLOhGePa5R8l35_eUsGj_RGnyZLNcWU"
}
]
}
Sending GET request to https://acme-v02.api.letsencrypt.org/acme/authz/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw.
https://acme-v02.api.letsencrypt.org:443 "GET /acme/authz/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw HTTP/1.1" 200 1771
Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1771
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 23 Nov 2018 19:01:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 23 Nov 2018 19:01:30 GMT
Connection: keep-alive

{
"identifier": {
"type": "dns",
"value": "skargeth.at"
},
"status": "invalid",
"expires": "2018-11-30T18:55:15Z",
"challenges": [
{
"type": "tls-alpn-01",
"status": "invalid",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155551",
"token": "W3mgQq8F4kGJEbr6acn9jEQeeIvFY1qmuLYMhFP3cyw"
},
{
"type": "tls-sni-01",
"status": "invalid",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155552",
"token": "nCFD_IQOfOJ2_eVlxDNXxZVFjMQrcMhHVPw2XN0qvns"
},
{
"type": "dns-01",
"status": "invalid",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155553",
"token": "wIiPBl40CjvwQieF2TNGNQRrFHbTdWLSXwb95iYwUt8"
},
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:connection",
"detail": "Fetching http://skargeth.at/.well-known/acme-challenge/AMZCtl_FW6B1xLOhGePa5R8l35_eUsGj_RGnyZLNcWU: Timeout during connect (likely firewall problem)",
"status": 400
},
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/AdNHCFsv17hAx35Z84pvLkGomLDjqnjUnehQi58ZcDw/9579155555",
"token": "AMZCtl_FW6B1xLOhGePa5R8l35_eUsGj_RGnyZLNcWU",
"validationRecord": [
{
"url": "http://skargeth.at/.well-known/acme-challenge/AMZCtl_FW6B1xLOhGePa5R8l35_eUsGj_RGnyZLNcWU",
"hostname": "skargeth.at",
"port": "80",
"addressesResolved": [
"91.224.71.24"
],
"addressUsed": "91.224.71.24"
}
]
}
]
}
Sending GET request to https://acme-v02.api.letsencrypt.org/acme/authz/N7GPQoMCIhoGgnkyZeHlV7IrxEN0uH-p_yyDBwmyicc.
https://acme-v02.api.letsencrypt.org:443 "GET /acme/authz/N7GPQoMCIhoGgnkyZeHlV7IrxEN0uH-p_yyDBwmyicc HTTP/1.1" 200 1787
Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1787
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 23 Nov 2018 19:01:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 23 Nov 2018 19:01:30 GMT
Connection: keep-alive

{
"identifier": {
"type": "dns",
"value": "www.skargeth.at"
},
"status": "invalid",
"expires": "2018-11-30T18:55:15Z",
"challenges": [
{
"type": "tls-alpn-01",
"status": "invalid",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/N7GPQoMCIhoGgnkyZeHlV7IrxEN0uH-p_yyDBwmyicc/9579155566",
"token": "qMIKhsbEkI0CGdbqq5Hb8CXuK3dFJudOpPNCtPhtFZM"
},
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:connection",
"detail": "Fetching http://www.skargeth.at/.well-known/acme-challenge/qaByQrmxOiIBmo3iKIcbMXkrlPn1BNT9wzdAT_skKSM: Timeout during connect (likely firewall problem)",
"status": 400
},
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/N7GPQoMCIhoGgnkyZeHlV7IrxEN0uH-p_yyDBwmyicc/9579155568",
"token": "qaByQrmxOiIBmo3iKIcbMXkrlPn1BNT9wzdAT_skKSM",
"validationRecord": [
{
"url": "http://www.skargeth.at/.well-known/acme-challenge/qaByQrmxOiIBmo3iKIcbMXkrlPn1BNT9wzdAT_skKSM",
"hostname": "www.skargeth.at",
"port": "80",
"addressesResolved": [
"91.224.71.24"
],
"addressUsed": "91.224.71.24"
}
]
},
{
"type": "dns-01",
"status": "invalid",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/N7GPQoMCIhoGgnkyZeHlV7IrxEN0uH-p_yyDBwmyicc/9579155570",
"token": "ksm92EBsIvMUKS_q5k2tyqcXII-4NtLHy6nXrWmfZg0"
},
{
"type": "tls-sni-01",
"status": "invalid",
"url": "https://acme-v02.api.letsencrypt.org/acme/challenge/N7GPQoMCIhoGgnkyZeHlV7IrxEN0uH-p_yyDBwmyicc/9579155572",
"token": "R0E5RkVwu8f2jfaaN21Efr_NUNzkVnyDTQYcw31K-dk"
}
]
}
Reporting to user: The following errors were reported by the server:

Domain: skargeth.at
Type: connection
Detail: Fetching http://skargeth.at/.well-known/acme-challenge/AMZCtl_FW6B1xLOhGePa5R8l35_eUsGj_RGnyZLNcWU: Timeout during connect (likely firewall problem)

Domain: www.skargeth.at
Type: connection
Detail: Fetching http://www.skargeth.at/.well-known/acme-challenge/qaByQrmxOiIBmo3iKIcbMXkrlPn1BNT9wzdAT_skKSM: Timeout during connect (likely firewall problem)

To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
Encountered exception:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
self._respond(aauthzrs, resp, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 155, in _respond
self._poll_challenges(aauthzrs, chall_update, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 226, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. skargeth.at (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://skargeth.at/.well-known/acme-challenge/AMZCtl_FW6B1xLOhGePa5R8l35_eUsGj_RGnyZLNcWU: Timeout during connect (likely firewall problem), www.skargeth.at (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://www.skargeth.at/.well-known/acme-challenge/qaByQrmxOiIBmo3iKIcbMXkrlPn1BNT9wzdAT_skKSM: Timeout during connect (likely firewall problem)

Calling registered functions
Cleaning up challenges
Removing /var/www/html/.well-known/acme-challenge/AMZCtl_FW6B1xLOhGePa5R8l35_eUsGj_RGnyZLNcWU
Removing /var/www/html/.well-known/acme-challenge/qaByQrmxOiIBmo3iKIcbMXkrlPn1BNT9wzdAT_skKSM
All challenges cleaned up
Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 11, in
load_entry_point('certbot==0.26.1', 'console_scripts', 'certbot')()
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1364, in main
return config.func(config, plugins)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1124, in run
certname, lineage)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 115, in _get_and_save_cert
renewal.renew_cert(config, domains, le_client, lineage)
File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 305, in renew_cert
new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 334, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 370, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
self._respond(aauthzrs, resp, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 155, in _respond
self._poll_challenges(aauthzrs, chall_update, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 226, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. skargeth.at (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://skargeth.at/.well-known/acme-challenge/AMZCtl_FW6B1xLOhGePa5R8l35_eUsGj_RGnyZLNcWU: Timeout during connect (likely firewall problem), www.skargeth.at (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://www.skargeth.at/.well-known/acme-challenge/qaByQrmxOiIBmo3iKIcbMXkrlPn1BNT9wzdAT_skKSM: Timeout during connect (likely firewall problem)
Failed authorization procedure. skargeth.at (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://skargeth.at/.well-known/acme-challenge/AMZCtl_FW6B1xLOhGePa5R8l35_eUsGj_RGnyZLNcWU: Timeout during connect (likely firewall problem), www.skargeth.at (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://www.skargeth.at/.well-known/acme-challenge/qaByQrmxOiIBmo3iKIcbMXkrlPn1BNT9wzdAT_skKSM: Timeout during connect (likely firewall problem)

IMPORTANT NOTES:

I also have a few other and more important domains on this server, all of them having the same issue right now. I urgently need a solution. I can't use DNS challenge or I atleast failed trying to use it.