Please fill out the fields below so we can help you better.
My domain is: support.pynso.io
I ran this command: certbot --apache
It produced this output:
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for support.pynso.io
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. support.pynso.io (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect validation certificate for tls-sni-01 challenge. Requested 00305081fb79cf33698be2967bfe98fb.f16ebf915b6eaa6c37e7db4ec26248d3.acme.invalid from [2607:f0d0:1102:8d:24::1d]:443. Received 3 certificate(s), first certificate had names “XXXXXX.es, www.XXXXXX.es”
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: support.pynso.io
Type: unauthorized
Detail: Incorrect validation certificate for tls-sni-01 challenge.
Requested
00305081fb79cf33698be2967bfe98fb.f16ebf915b6eaa6c37e7db4ec26248d3.acme.invalid
from [2607:f0d0:1102:8d:24::1d]:443. Received 3 certificate(s),
first certificate had names “XXXXXX.es, www.XXXXXX.es”To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
My comments on the error:
The DNS A record is pointing to the right IP address:
dig support.pynso.io
; <<>> DiG 9.10.3-P4-Ubuntu <<>> support.pynso.io
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57704
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;support.pynso.io. IN A
;; ANSWER SECTION:
support.pynso.io. 3599 IN A 83.47.70.211
The domain mentioned by the error (Received 3 certificate(s), first certificate had names) is located at a server where the dns is hosted, it’s a completely different IP.
Can’t see what I’m doing wrong.
My web server is (include version): Apache/2.4.18 (Ubuntu)
The operating system my web server runs on is (include version): Ubuntu 16.04 LTS
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
I think the problem might be related to not having the apache server listening at 80 port. It’s only answering at 443. Could be this?