This one is driving me up the wall I have multiple sites on the same server, all with the exact same configuration, and they all work. This one (school-clip-art.com) I moved over to the server 5 days ago now, and the DNS has been updated as well (5 days ago), yet I still get an error:
/usr/local/letsencrypt/certbot-auto certonly --staging --webroot -w /home/admin/web/school-clip-art.com/public_html -d school-clip-art.com -d www.school-clip-art.com
Requesting root privileges to run certbot...
/home/admin/.local/share/letsencrypt/bin/letsencrypt certonly --staging --webroot -w /home/admin/web/school-clip-art.com/public_html -d school-clip-art.com -d www.school-clip-art.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for school-clip-art.com
http-01 challenge for www.school-clip-art.com
Using the webroot path /home/admin/web/school-clip-art.com/public_html for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Unable to clean up challenge directory /home/admin/web/school-clip-art.com/public_html/.well-known/acme-challenge
Failed authorization procedure. www.school-clip-art.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: The key authorization file from the server did not match this challenge [vyqi_55zrRezBBW4282yRy8hmFXez9IXs464jim0EO0.9tWJ04WclPHsE6tJ8fH-o4oQE_C-dr55xuchHHq3mEI] != [vyqi_55zrRezBBW4282yRy8hmFXez9IXs464jim0EO0.jovWtVw8hQo48B0oVNH2HtMnU6dasUd0_8jh4cxgALE], school-clip-art.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: The key authorization file from the server did not match this challenge [I5nqSObuI0Oq2A5x4o8jJJIppC8R2Hm7KY0PDQhXF9w.9tWJ04WclPHsE6tJ8fH-o4oQE_C-dr55xuchHHq3mEI] != [I5nqSObuI0Oq2A5x4o8jJJIppC8R2Hm7KY0PDQhXF9w.jovWtVw8hQo48B0oVNH2HtMnU6dasUd0_8jh4cxgALE]
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: www.school-clip-art.com
Type: unauthorized
Detail: The key authorization file from the server did not match
this challenge
[vyqi_55zrRezBBW4282yRy8hmFXez9IXs464jim0EO0.9tWJ04WclPHsE6tJ8fH-o4oQE_C-dr55xuchHHq3mEI]
!=
[vyqi_55zrRezBBW4282yRy8hmFXez9IXs464jim0EO0.jovWtVw8hQo48B0oVNH2HtMnU6dasUd0_8jh4cxgALE]
Domain: school-clip-art.com
Type: unauthorized
Detail: The key authorization file from the server did not match
this challenge
[I5nqSObuI0Oq2A5x4o8jJJIppC8R2Hm7KY0PDQhXF9w.9tWJ04WclPHsE6tJ8fH-o4oQE_C-dr55xuchHHq3mEI]
!=
[I5nqSObuI0Oq2A5x4o8jJJIppC8R2Hm7KY0PDQhXF9w.jovWtVw8hQo48B0oVNH2HtMnU6dasUd0_8jh4cxgALE]
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
Is there a way to see the IP addresses that LE is using? I just don’t get why its not working (I’ve confirmed the folder is accessible from the web, and also works with the default text/plain mime)
Performing the following challenges:
http-01 challenge for school-clip-art.com
http-01 challenge for www.school-clip-art.com
Using the webroot path /home/admin/web/school-clip-art.com/public_html for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Unable to clean up challenge directory /home/admin/web/school-clip-art.com/public_html/.well-known/acme-challenge
Failed authorization procedure. school-clip-art.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: The key authorization file from the server did not match this challenge [bxHvcRvJwBG-CDxhczJ4etStHjGtwFg_WEmvl6ZITnA.QOHPDOM39nXOn7vMCwxuoSYRMc3icfYIIOtd8JI45Q8] != [bxHvcRvJwBG-CDxhczJ4etStHjGtwFg_WEmvl6ZITnA.jovWtVw8hQo48B0oVNH2HtMnU6dasUd0_8jh4cxgALE], www.school-clip-art.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: The key authorization file from the server did not match this challenge [evmpxWckSzIS09Xcm-oqUJPpJ5YOlgKVXF6TQRJB1Q4.QOHPDOM39nXOn7vMCwxuoSYRMc3icfYIIOtd8JI45Q8] != [evmpxWckSzIS09Xcm-oqUJPpJ5YOlgKVXF6TQRJB1Q4.jovWtVw8hQo48B0oVNH2HtMnU6dasUd0_8jh4cxgALE]
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: school-clip-art.com
Type: unauthorized
Detail: The key authorization file from the server did not match
this challenge
[bxHvcRvJwBG-CDxhczJ4etStHjGtwFg_WEmvl6ZITnA.QOHPDOM39nXOn7vMCwxuoSYRMc3icfYIIOtd8JI45Q8]
!=
[bxHvcRvJwBG-CDxhczJ4etStHjGtwFg_WEmvl6ZITnA.jovWtVw8hQo48B0oVNH2HtMnU6dasUd0_8jh4cxgALE]
Domain: www.school-clip-art.com
Type: unauthorized
Detail: The key authorization file from the server did not match
this challenge
[evmpxWckSzIS09Xcm-oqUJPpJ5YOlgKVXF6TQRJB1Q4.QOHPDOM39nXOn7vMCwxuoSYRMc3icfYIIOtd8JI45Q8]
!=
[evmpxWckSzIS09Xcm-oqUJPpJ5YOlgKVXF6TQRJB1Q4.jovWtVw8hQo48B0oVNH2HtMnU6dasUd0_8jh4cxgALE]
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
@ahaw021 - thanks, that does sound a lot like the issue. @StephDotNet is also using VestaCP (like me).It also has only happened to me on one domain so far (I've done 3 or 4 fine). Really odd
Just confirming, as I said in the other thread, same here - using VestaCP - but even manually its failing on one domain only. My root domain as it happens - 5 others have worked fine, 3 via Vesta’s plugin and 2 via the command line.
I have multiple sites on the same server, all with the exact same configuration, and they all work. This one (school-clip-art.com) I moved over to the server 5 days ago now, and the DNS has been updated as well (5 days ago), yet I still get an error:
Thats how the site works (redirects all traffic to SSL). The non-ssl version only work within the acme-challenge folder:
