Certificate not issued for my domain

Hello everyone!

My domain is: alleksy.com

I ran this command: sudo certbot --nginx -d alleksy.com -d www.alleksy.com

It produced this output:

Plugins selected: Authenticator nginx, Installer nginx
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for alleksy.com
http-01 challenge for www.alleksy.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. alleksy.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://alleksy.com/.well-known/acme-challenge/gao-M-6_WGAAvAlTFkpwHdg-BKdBM3ZzpnJE1i3Rtk0 [2a03:b0c0:1:d0::bbc:9001]: "<html>\r\n<head><title>404 Not Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404 Not Found</h1></center>\r\n<hr><center>", www.alleksy.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.alleksy.com/.well-known/acme-challenge/ReK37yw4oAnCJsd9ZBR18ZGpspQhU1hgbA7d5MXQONI [2a03:b0c0:1:d0::bbc:9001]: "<html>\r\n<head><title>404 Not Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404 Not Found</h1></center>\r\n<hr><center>"

  IMPORTANT NOTES:
  - The following errors were reported by the server:

  Domain: alleksy.com
  Type:   unauthorized
  Detail: Invalid response from
  http://alleksy.com/.well-known/acme-challenge/gao-M-6_WGAAvAlTFkpwHdg-BKdBM3ZzpnJE1i3Rtk0
  [2a03:b0c0:1:d0::bbc:9001]: "<html>\r\n<head><title>404 Not
    Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404
    Not Found</h1></center>\r\n<hr><center>"

    Domain: www.alleksy.com
    Type:   unauthorized
    Detail: Invalid response from
    http://www.alleksy.com/.well-known/acme-challenge/ReK37yw4oAnCJsd9ZBR18ZGpspQhU1hgbA7d5MXQONI
    [2a03:b0c0:1:d0::bbc:9001]: "<html>\r\n<head><title>404 Not
      Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404
      Not Found</h1></center>\r\n<hr><center>"

      To fix these errors, please make sure that your domain name was
      entered correctly and the DNS A/AAAA record(s) for that domain
      contain(s) the right IP address.

My web server is (include version): nginx/1.14.0 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 18.04.3 (LTS) x64

My hosting provider, if applicable, is: digital ocean

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

Also, here is mine DNS A/AAAA records:


IPv6 is also correct (this records provided by Digital Ocean)
TTL everywhere is 3600

Could you help to find an error? What do I do wrong? Command I run worked on the other server, but not here

1 Like

try running sudo certbot --nginx – what does it say?

I suspect your nginx config is somewhat incomplete, ie: some missing or incomplete|wrong server_name directive.

1 Like

Hi @iamalleksy

checking your domain - https://check-your-website.server-daten.de/?q=alleksy.com

You have ipv4 and ipv6. But both sends the same content, /.well-known/acme-challenge/random-filename - both with a http status 404 - Not Found.

So your ipv4/ipv6 looks good.

What says

nginx -T
1 Like
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx

Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: alleksy.com
2: www.alleksy.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for alleksy.com
http-01 challenge for www.alleksy.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. www.alleksy.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.alleksy.com/.well-known/acme-challenge/bMdUZwfga8eLY8v-kNwIfSBZv_KMhj-TKVqeY0uNG4w [2a03:b0c0:1:d0::bbc:9001]: "<html>\r\n<head><title>404 Not Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404 Not Found</h1></center>\r\n<hr><center>", alleksy.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://alleksy.com/.well-known/acme-challenge/FO2s1JAHwUUCxp3MdVe_WDUl6fw42Sy0TsDC1iXBssI [2a03:b0c0:1:d0::bbc:9001]: "<html>\r\n<head><title>404 Not Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404 Not Found</h1></center>\r\n<hr><center>"

  IMPORTANT NOTES:
  - The following errors were reported by the server:

  Domain: www.alleksy.com
  Type:   unauthorized
  Detail: Invalid response from
  http://www.alleksy.com/.well-known/acme-challenge/bMdUZwfga8eLY8v-kNwIfSBZv_KMhj-TKVqeY0uNG4w
  [2a03:b0c0:1:d0::bbc:9001]: "<html>\r\n<head><title>404 Not
    Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404
    Not Found</h1></center>\r\n<hr><center>"

    Domain: alleksy.com
    Type:   unauthorized
    Detail: Invalid response from
    http://alleksy.com/.well-known/acme-challenge/FO2s1JAHwUUCxp3MdVe_WDUl6fw42Sy0TsDC1iXBssI
    [2a03:b0c0:1:d0::bbc:9001]: "<html>\r\n<head><title>404 Not
      Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404
      Not Found</h1></center>\r\n<hr><center>"
  
      To fix these errors, please make sure that your domain name was
      entered correctly and the DNS A/AAAA record(s) for that domain
      contain(s) the right IP address.
1 Like

It has very big output :smiley:

it should be several hundred to few thousand lines, it’s expected.

Critical: Duplicated combinations of port and server_name.

Hm, what should I fix?