Certbot renewal failure

I am trying to renew a few websites which I host however some of the sites are producing an error described below

My domain is: vrocuk.co.uk

I ran this command: certbot --force-renewal -d vrocuk.co.uk

It produced this output:
root@web02:~# certbot --force-renewal -d vrocuk.co.uk
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for vrocuk.co.uk
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. vrocuk.co.uk (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invali d response from http://vrocuk.co.uk/.well-known/acme-challenge/0G9sdhFq68MI7kUaj-us3XawI1AKN1GxYV4-NaTEXNU [2606:4700:3036::6812:274b]: "\n\n<!--[if IE 7]> <html class="no-js "

IMPORTANT NOTES:

My web server is (include version):ubuntu LAMP 16.04

The operating system my web server runs on is (include version):apache

My hosting provider, if applicable, is:Digital Ocean

I can login to a root shell on my machine (yes or no, or I don't know): Yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 0.31.0

Hi @Twanny

checking that url in my browser - there is a security check:

One more step

Please complete the security check to access vrocuk.co.uk

Looks like you block the Letsencrypt program that tries to check your domain.

Remove that check. Complete or if the url starts with /.well-known/

1 Like

Hi, thanks for the quick reply. I had set up a check using Cloudflare which is now been removed. Tried the command again and Had this result.

root@web02:~# certbot --force-renewal -d vrocuk.co.uk
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for vrocuk.co.uk
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. vrocuk.co.uk (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://vrocuk.co.uk/.well-known/acme-challenge/_zIV_05DhAgd_vMfN1PeR1ZQsPgjkSQbY70W_QtqW-E [2606:4700:3036::6812:274b]: "\n\n<!--[if IE 7]> <html class="no-js "

IMPORTANT NOTES:

You didn't. See https://check-your-website.server-daten.de/?q=vrocuk.co.uk - the same screenshot.

The screen must by lying then lol here is a screen shot. could be cache need to be cleared I suspect -

I suspect that Cloudflare Firewall rules were still on. Hopefully they should be reflected in subsequent checks .

@JuergenAuer, you were right. Some of Cloudflare 's firewall rules included this url as well . It took some time to find but all is well now. Thanks very much for your help.

2 Likes