Debian 10 + NGINX = Invalid response but ports open

onetwofree · September 5, 2020, 4:21pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: example.com

I ran this command:
certbot --nginx

It produced this output:
Domain: example.com Type: unauthorized Detail: Invalid response from http://www.example.com/.well-known/acme-challenge/w4MTzmH6sTzbaKS0GlSJt0HC9-RLbUJLOUBk-IbZYmQ [217.70.184.50]: "\n\n

\n \n To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.

My web server is (include version):
Nginx 1.14.2

The operating system my web server runs on is (include version): Debian 10 latest (fresh install)

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):
yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
0.31

Hello,

I am having trouble setting up EFF certbot on my Debian 10 server running NGINX

certbot --nginx error:

Domain: example.com Type: unauthorized Detail: Invalid response fromhttp://www.example.com/.well-known/acme-challenge/w4MTzmH6sTzbaKS0GlSJt0HC9-RLbUJLOUBk-IbZYmQ [217.70.184.50]: "\n\n

\n \n To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.

both ports 80 and 443 are open as checked with this website

iptables -vnL gives

netstat -tln gives

here is my Nginx configuration file

server {

listen 80 default_server;
listen [::]:80 default_server;

server_name  example.com www.example.com;
root   /var/www/mySite;
index  index.php;

access_log /var/log/nginx/example.com.access.log;
error_log /var/log/nginx/example.com.error.log;

client_max_body_size 100M;

autoindex off;

location / {
try_files $uri /index.php$is_args$args;
  }

location ~ \.php$ {
     include snippets/fastcgi-php.conf;
     fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
     include fastcgi_params;
     fastcgi_intercept_errors on;
}
}

server {

listen 443;
listen [::]:443;

server_name  example.com www.example.com;
root   /var/www/mySite;
index  index.php;

access_log /var/log/nginx/example.com.access.log;
error_log /var/log/nginx/example.com.error.log;

client_max_body_size 100M;

autoindex off;

location / {
try_files $uri /index.php$is_args$args;
  }

location ~ \.php$ {
     include snippets/fastcgi-php.conf;
     fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
     include fastcgi_params;
     fastcgi_intercept_errors on;
}
}

Osiris · September 5, 2020, 4:23pm

That's not how this Community works. I for one will not read your "detailed post" on serverfault and answer it here.. That would be ridiculous. If you want our help, you'll need to give us a "detailed post" too.

Also, I'm preeeeeetty sure you're domain is not example.com. See from the first paragraph in the questionnaire you got when you started this thread:

onetwofree · September 5, 2020, 4:27pm

sorry about that, I updated the question
website is not up yet; I hope that it is ok not to post the url everywhere ? I can dm it to you if you need

system · October 5, 2020, 4:27pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.