We are trying to configure Let’s Encrypt in 2 Nginx servers behind a OVH loadbalancer, but I always get the error --> The key authorization file from the server did not match this challenge.
We stopped one node and I only running one Nginx server to debug the problem, but we got the same error.
When we configure the DNS to the Nginx server IP, the procedure works fine, so the problem is located with the load balancer.
The configuration of my Nginx is:
server {
listen 80 default_server;
server_name _;
location /.well-known/acme-challenge {
default_type "text/plain";
root /usr/share/nginx/html/.well-known;
}
return 301 https://$host$request_uri;
}
My domain is: testssl.nubaltec.net
I ran this command: certbot certonly --test-cert --webroot -w /usr/share/nginx/html -d testssl.nubaltec.net --agree-tos --http-01-address 188.165.59.55
It produced this output:
The following errors were reported by the server:
Domain: testssl.nubaltec.net
Type: unauthorized
Detail: The key authorization file from the server did not match
this challenge
[SUQHnck2Ca06XJTetkHP8lEgDmGykFqKByWdfRYBM0I.uxTA_TlNKmSGqIT8qGlRw8bm5XlDd4uBcphGCHT84Vw]
!=
[SUQHnck2Ca06XJTetkHP8lEgDmGykFqKByWdfRYBM0I.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8]
My web server is (include version): Nginx 1.14
The operating system my web server runs on is (include version): Centos 7
My hosting provider, if applicable, is: OVH
I can login to a root shell on my machine (yes or no, or I don’t know): yes
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot): Certbot 0.29.1