Certbot unauthorized

Hi everybody ! so,

My domain is: syllaproduction.com

I ran this command: certbot certonly --nginx

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Which names would you like to activate HTTPS for?

1: syllaproduction.com
2: www.syllaproduction.com

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Requesting a certificate for syllaproduction.com and www.syllaproduction.com

Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
Domain: syllaproduction.com
Type: unauthorized
Detail: Invalid response from http://syllaproduction.com/.well-known/acme-challenge/9yBaCEzI8gB-HhMh2TbTVwWyLbVbLMKv4NhXigwhNCs [217.170.193.178]: "\n<html style="height:100%">\n\n<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-"

Domain: www.syllaproduction.com
Type: unauthorized
Detail: Invalid response from http://www.syllaproduction.com/.well-known/acme-challenge/3QSrVWi6886vXPjUEvaIRS8Ck4zvmTurCrTJ0km4E6A [217.170.193.178]: "\n<html style="height:100%">\n\n<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-"

Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

My web server is (include version): nginx 1.20.1-1

The operating system my web server runs on is (include version): Manjaro 21.1.1

My hosting provider, if applicable, is: onnet.no

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.19.0

1. i was browsing through the community and i stumble upon this topic :
   Certbot unauthorized. But didn't understood what the solution meant... (what does webroot mean?)

2. Why is certbot unauthorized ?

3. does the hint The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet. mean that i have to (re)configure nginx ?

Anyway Thx for reading so far ! xD
Have a nice day !

Hi @Wanabe_sudo, welcome to the LE community forum

A1. --webroot is an authentication method that signals certbot to basically ignore the web server in use and simply place the necessary challenge response file in that specific location.
So certbot does NOT have to figure out where the challenge file goes, nor make any modifications to your config to get that file served.
It can be very useful in tricky situations.

A2. The response was NOT the file that was expected.
I'm unable to replicate the response shown; So you may have changed your config or the system may be responding differently based on the source IP (or source country) - IDK, just guessing.

A3. hmm... maybe - not very likely as nginx is quite difficult to use with a non-functional/broken configuration.

So, where to begin...
I think we should have a look at your nginx config, with:
sudo nginx -T
[please upload the entire file if it is too large to post]

Hi @rg305,

We've manage to change the A record. And we manage to set up the certbot. I say 'we' cuz i've got some help:
First the domain provider changed our A record.
Then the magic happened when i wasn't looking so i don't know quite what we did whit the certbot.

I think you meant ... does NOT have to figure out ...

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.