My domain is: http://jabber.my-it-brain.de
I ran this command:
DIR='/path/to/dir/where/i/keep/key_and_csr'
python acme-tiny-by-frezbo/acme_tiny.py --account-key ${DIR}/account.key --csr ${DIR}/jabber_request.csr --acme-dir /var/www/sites/jabber.my-it-brain.de/public/.well-known/acme-challenge/ > ${DIR}/jabber.my-it-brain.de.crt
It produced this output:
Parsing account key...
Parsing CSR...
Registering account...
Already registered!
Signing certificate...
Traceback (most recent call last):
File "acme-tiny-by-frezbo/acme_tiny.py", line 200, in <module>
main(sys.argv[1:])
File "acme-tiny-by-frezbo/acme_tiny.py", line 196, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, verifychallenge=args.verifychallenge, log=LOGGER, CA=args.ca)
File "acme-tiny-by-frezbo/acme_tiny.py", line 162, in get_crt
raise ValueError("Error signing certificate: {0} {1}".format(code, result))
ValueError: Error signing certificate: 403 {
"type": "urn:acme:error:unauthorized",
"detail": "Error creating new cert :: authorizations for these names not found or expired: jabber.my-it-brain.de",
"status": 403
}
My web server is (include version): nginx (1.10.3)
The operating system my web server runs on is (include version): Ubuntu 16.04.3 LTS
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
Additional Notes
Running the command didn’t create a challenge-response key in my acmy-dir. There is only a text file I created for testing:
ls -lisa /var/www/sites/jabber.my-it-brain.de/public/.well-known/acme-challenge/
total 12
73875 4 drwxr-xr-x 2 tronde www-data 4096 Okt 30 07:20 .
73865 4 drwxr-xr-x 3 tronde www-data 4096 Nov 12 2016 ..
73174 4 -rw-rw-r-- 1 tronde tronde 5 Okt 30 07:20 ping.txt
The testfile ‘ping.txt’ was created with the same user which runs the command for the cert renewal. It can be accessed from a webbrowser or from a different host via curl:
curl http://jabber.my-it-brain.de/.well-known/acme-challenge/ping.txt
Pong
And here comes my current nginx vhost config which wasn’t edited for month:
# NGINX - VHOSTS CONFIGURATION #
# #
# Author : Tronde
# Site: http://jabber.my-it-brain.de
# Version: 2016-11-12
#
## BEGIN CONFIGURATION ##############################################
server {
listen 80;
listen [::]:80;
server_name jabber.my-it-brain.de;
# return 301 https://$server_name$request_uri;
# Path to the root of your installation
root /var/www/sites/$host/public;
index index.html;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
}
## END CONFIGURATION ##############################################
I hope I’ve provided enough information to get help. If I missed something, tell me what you need to know, please.
Looking forward to hearing from you soon.
Best regards,
Tronde