I am running a rails with puma web server running as a reverse proxy off of nginx.
I just installed apache2 because it was throwing some errors about apache2ctl not found so i went ahead with that.
I am on Ubuntu 14.04 and ran ./certbot-auto certonly
I went through a few steps of the blue screen setup, i input my front end domain name. I also input my www root dir on the server (/absolute/path/rails_app/public)
I am getting this error now with my setup of certbot:
Failed authorization procedure. MY_URL (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://MY_URL/.well-known/acme-challenge/long_key_here_i_removed_it "
I would say Iâm rather ignorant to the domain/web handling department not even sure what I am supposed to change/configure to get this part moving.
Youâve removed your domain name etc which makes it slightly more difficult to help.
The basic you need to do are work out where to place a file in your so that it is displayed at your_URL/.well-known/acme-challenge/file
i.e. can you create a test file ( called test ) with plain text content âsuccessâ such that when you go to your_URL/.well-known/acme-challenge/test in a browser you get âsuccessâ
Once you have worked out that bit of information, it should be relatively straightforward to obtain a certificate.
throwing same error âurn:acme:error:unauthorized :: The client lacks sufficient authorization :â with: certbot-auto certonly --webroot -w /home/ubuntu/gpei-tk/public -d poliok.it
Itâs creating a file and checking if the file exists there at this point? I am thinking perhaps the folder permissions are not allowing when i run certbot? When i had to create test i need to sudo touch test
When you created the âtestâ file in /home/ubuntu/application/public/.well-known/acme-challenge/test ⌠what was the owner of that file ? and if you change it to root ( chown root. /home/ubuntu/application/public/.well-known/acme-challenge/test ) can you still reach it on your browser ?
Yes I can access it - ran chown root .well-known/acme-challenge/test . Attempted sudo certbot-auto certonly --webroot -w /home/ubuntu/application/public -d poliok.it same error
also tried chown root .well-known/acme-challenge/ still sameâŚ
Im going down a different rabbit hole currently I think it might involve my ssl configuration along with the forwarding from my front custom domain as https. I will circle back when i have something
Not sure if you solved this yet or not. The .well-known folder should be owned by www-data with 755 permissions thatâs how I have it with Nginx. Then you need a location rule to allow access to it as follows and make sure this location rule is at the very end of all your location rules, if it sits higher up the chain of location rules something lower down can override it.