My domain is: osf.dev
I ran this command: certbot renew
It produced this output:
Type: unauthorized
Detail: Invalid response from
https://osf.dev/.well-known/acme-challenge/90n6Y2LLR6VenIaWz0meLKts0F7DAWsLirfM92cre_Y
[2606:4700:20::6819:7f14]: "\n<html
lang=“en-US”>\n\n<meta charset=“utf-8”>\n<meta
name=“viewport” content=“width=device-width,initial-scal”
My web server is (include version): nginx
The operating system my web server runs on is (include version): ubuntu 18.04
My hosting provider, if applicable, is: vexxhost
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.31.0
This is partially referencing this post: LetsEncrypt Renewal Failing with CloudFlare enabled IPv6 --> IPv4
In this post I noticed that disabling cloud flare, then re-enabling it to the origin server solved the issue. The certificates would issue / renew as expected. Note this not only works when disabling it, but also if I re-enable it immediately, it starts working again.
Once again, the certificate suddenly failed to renew. Looking into it the same action worked. Disable cloudflare to origin, re-enable cloudflare to origin.
I’m really just posting here to see if anyone else has experienced this. I’m putting in a page rule on cloud flare to disable the cache to origin for /.well-known/* URLs, we will see if it works going forward. But even if it does should this even be necessary?
Any insight appreciated.