Trying to renew Multi-Domain Cert with name “www.swiss7cloud.ch” with an existing Sub-Domains www.swiss7cloud.ch and Sub-Domain office.swiss7cloud.ch
Webserver is running in productive mode & is serving data.
My domain is: www.swiss7cloud.ch
The operating system my web server runs on is (include version):
centos-release-7-6.1810.2.el7.centos.x86_64
i can login to a root shell on my machine : yes
I’m using a control panel to manage my site : no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot): certbot 0.30.2
Renewal Parameter: (conf-file)
[renewalparams]
authenticator = webroot
account = xxxxxxx
server = https://acme-v02.api.letsencrypt.org/directory
webroot_path = /var/www/html/nextcloud,
[[webroot_map]]
office.swiss7cloud.ch = /var/www/html/nextcloud
swiss7cloud.ch = /var/www/html/nextcloud
www.swiss7cloud.ch = /var/www/html/nextcloud
Error msg:
“type”: “http-01”,
“status”: “invalid”,
“error”: {
“type”: “urn:ietf:params:acme:error:unauthorized”,
“detail”: “Invalid response from https://office.swiss7cloud.ch/.well-known/acme-challenge/pxBgqx01xsl30EgoQapf1xoSoblh3INQutD8-cPWO7Y [88.151.146.103]: “\u003c!DOCTYPE html\u003e\n\u003chtml lang=\“en\”\u003e\n\u003chead\u003e\n\u003cmeta charset=\“utf-8\”\u003e\n\u003ctitle\u003eError\u003c/title\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n\u003cpre\u003eCannot GET /.well-known/””,
“status”: 403
Additional Infos:
There is an Apache Proxy-Redirect of “Office.swiss7cloud.ch” to a Container (Docker), which provice the Cloud Office Application … it Looks like the ACME Response from that Docker Container cannot be obtained by certbot.
Strange Thing is, that the first CERT creation did work -->
certbot certonly --cert-name www.swiss7cloud.ch --webroot -w /var/www/html/nextcloud -d swiss7cloud.ch,www.swiss7cloud.ch,office.swiss7cloud.ch
Maybe some Environment Parameters did Change since … or there was / is a cerbot Software Change !?