Long time ago, i setup everything and it worked perfectly now i received an email, that my certificate will expire, so i checked whats not good with my certbot.
when i want to renew: “/opt/certbot/certbot-auto renew”
it says:
"All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/mydomain/fullchain.pem (failure)
IMPORTANT NOTES:
location ^~ /.well-known/acme-challenge/ {
auth_basic off;
autoindex on;
}
"
Probably LE cant authenticate due to some permissions issues. but i don’t know further ):
Usually with HTTP challenges we ask you to put a test.html and a test file (no extensions) in to the .well-known/acme-challenge/ folder
You then browse to these with a browser. If you are not able to get either check your rules, I know you a directive in your web browser but it’s also good to check HTACCESS files as well (in case there is something blocking it there)
"Cert is due for renewal, auto-renewing…
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for streammachine.ch
Waiting for verification…
Cleaning up challenges
Unable to clean up challenge directory /var/www/html/.well-known/acme-challenge
Attempting to renew cert from /etc/letsencrypt/renewal/streammachine.ch.conf produced an unexpected error: Failed authorization procedure. streammachine.ch (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://streammachine.ch/.well-known/acme-challenge/5TFm0uJ0CC11MV1x_R9ci0x4ezXfrascz28g4Vy9d84: "
To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address.
2017-06-05 18:16:02,805:INFO:certbot.auth_handler:Cleaning up challenges
2017-06-05 18:16:02,805:DEBUG:certbot.plugins.webroot:Removing /var/www/html/.well-known/acme-challenge/EAvSMG0QxRrneDytxIfY1CetktSoIjROwQ3PJ5IsKgo
2017-06-05 18:16:02,806:INFO:certbot.plugins.webroot:Unable to clean up challenge directory /var/www/html/.well-known/acme-challenge
2017-06-05 18:16:02,806:DEBUG:certbot.plugins.webroot:Error was: [Errno 39] Directory not empty: '/var/www/html/.well-known/acme-challenge’
2017-06-05 18:16:02,807:WARNING:certbot.renewal:Attempting to renew cert from /etc/letsencrypt/renewal/streammachine.ch.conf produced an unexpected error: Failed authorization procedure. streammachine.ch (http-01): urn:acme:error:unau$
404 Not Found
Not Found
<p". Skipping.
2017-06-05 18:16:02,983:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/renewal.py", line 418, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 640, in renew_cert
_get_and_save_cert(le_client, config, lineage=lineage)
File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 77, in _get_and_save_cert
not accessible from the Internet…
resolve that and your on your way
That is, at least not accessible from an IPv4 address.
the resolve shows IPv4 & IPv6; “Resolving streammachine.ch (streammachine.ch)… 5.9.143.45, 2a00:d70:0:a::166”