Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): httpd
The operating system my web server runs on is (include version): openbsd 6.6
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):certbot
The folder needs to be 755. 666 gives read/write permissions for everyone. 755 gives read/execute instead of write/execute, which allows people to browse into the directory and read the contents, with only the owner having write permissions.
Cert is due for renewal, auto-renewing…
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for mail.openbsd-network.org
http-01 challenge for openbsd-network.org
http-01 challenge for www.openbsd-network.org
Waiting for verification…
Challenge failed for domain mail.openbsd-network.org
Challenge failed for domain openbsd-network.org
Challenge failed for domain www.openbsd-network.org
http-01 challenge for mail.openbsd-network.org
http-01 challenge for openbsd-network.org
http-01 challenge for www.openbsd-network.org
Cleaning up challenges
Attempting to renew cert (openbsd-network.org) from /etc/letsencrypt/renewal/openbsd-network.org.conf produced an unexpected error: Some challenges have failed… Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/openbsd-network.org/fullchain.pem (failure)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/openbsd-network.org/fullchain.pem (failure)
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
Is the file there? If it’s not then there’s an issue with your Certbot configuration or the directory ownership/permissions that’s preventing Certbot from writing the file.
"test.txt" file doesn’t simulate the same “type” of file used in the HTTP authentication.
try accessing via a name more like “test123” [without a period]
If you examine the /etc/letsencrypt/renewal/openbsd-network.org.conf file, it will say which document root directory or directories Certbot is configured to use. Are they correct? (/foo/ means Certbot will place the files in /foo/.well-known/acme-challenge/.)
What do the web server error logs show?
What’s changed since the certificates were created or the last time they were renewed? Is the IP address in the DNS records still correct? Have the websites been changed to use different document roots?
Attempting to renew cert (openbsd-network.org) from /etc/letsencrypt/renewal/openbsd-network.org.conf produced an unexpected error: Some challenges have failed… Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/openbsd-network.org/fullchain.pem (failure)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/openbsd-network.org/fullchain.pem (failure)