my letsencrypt certificate renewal script does suddenly not work anymore (was working flawlessly for months). I am trying to figure out what happened. Similar Issues have been reported and I had a look at them, but none of them solved my problem.
This is the error msg of “certbot renew”:
Attempting to renew cert (odroid-online.dedyn.io) from /etc/letsencrypt/renewal/odroid-online.dedyn.io.conf produced an unexpected error: Failed authorization procedure. odroid-online.dedyn.io (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://odroid-online.dedyn.io/.well-known/acme-challenge/q5RLpI79VFAULANW5MR_NyJh8yqIi2jA58WYHFfZuf8: "
All renewal attempts failed. The following certs could not be renewed:
I was following the suggestions here: Unable to verify my domain because of acme challenge
and here: Can't renew certificate. DNS problem: Failed authorization procedure
The webroot-path is: /var/www/letsencrypt as specified in /etc/letsencrypt/renewal/odroid-online.dedyn.io.conf and the /etc/nginx/conf.d/letsencrypt.conf
I created the “test” file in /var/www/letsencrypt/.well_known/acme_challenge/. However when I try to access this file via firefox (i.e. https://odroid-online.dedyn.io/.well_known/acme-challenge/test) I get a 404 not found.
The nginx-server error.log recorded the following:
2018/04/16 23:39:11 [error] 929#929: *52416 open() “/var/www/nextcloud/.well-known/acme-challenge/test” failed (2: No such file or directory), client: 127.0.0.1, server: 127.0.0.1, request: “GET /.well-known/acme-challenge/test HTTP/1.1”, host: “odroid-online.dedyn.io”
Why does the error msg not state the webroot-path? (i.e. var/www/nextcloud/.well-known/acme-challenge/test instead of var/www/letsencrypt/.well-known/acme-challenge/test)
I didn’t change anything at my router, i.e. the port-forwarding for HTTP (80) and HTTPS (443) for the server is still active and the server-firewall is also still forwarding both ports.
I also compared my /var/www/nextcloud/.htaccess file with one from a previous installation. There is a difference (but I didn’t modify this):
diff nextcloud/.htaccess nextcloud-old/.htaccess 83,84c83,84 < ErrorDocument 403 // < ErrorDocument 404 // --- > ErrorDocument 403 /core/templates/403.php > ErrorDocument 404 /core/templates/404.php
My web server is (include version): nginx/1.13.0
The operating system my web server runs on is (include version): Ubuntu 16.04.4 LTS
I can login to a root shell on my machine (yes or no, or I don’t know): yes