Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: zabbix-df.digitalfacility.it
I ran this command: certbot --apache -d zabbix-df.digitalfacility.it
It produced this output:
2023-07-18 09:06:57,265:DEBUG:certbot._internal.main:certbot version: 2.1.0
2023-07-18 09:06:57,265:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2023-07-18 09:06:57,265:DEBUG:certbot._internal.main:Arguments: ['--apache', '-d', 'zabbix-df.digitalfacility.it']
2023-07-18 09:06:57,265:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2023-07-18 09:06:57,274:DEBUG:certbot._internal.log:Root logging level set at 30
2023-07-18 09:06:57,275:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache
2023-07-18 09:06:57,348:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.57
2023-07-18 09:06:57,559:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: Authenticator, Installer, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7f79668fe090>
Prep: True
2023-07-18 09:06:57,559:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7f79668fe090> and installer <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7f79668fe090>
2023-07-18 09:06:57,559:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator apache, Installer apache
2023-07-18 09:07:11,423:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2023-07-18 09:07:11,426:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2023-07-18 09:07:11,875:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 752
2023-07-18 09:07:11,876:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 18 Jul 2023 07:07:11 GMT
Content-Type: application/json
Content-Length: 752
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"mB4-C19-twk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-01/renewalInfo/",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2023-07-18 09:07:17,180:DEBUG:acme.client:Requesting fresh nonce
2023-07-18 09:07:17,181:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2023-07-18 09:07:17,329:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2023-07-18 09:07:17,330:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 18 Jul 2023 07:07:17 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 2712DcaDDf7wuQvg74jMH-JV8gcVF5yhRSI98G3ckI-Gn_I
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
2023-07-18 09:07:17,330:DEBUG:acme.client:Storing nonce: 2712DcaDDf7wuQvg74jMH-JV8gcVF5yhRSI98G3ckI-Gn_I
2023-07-18 09:07:17,331:DEBUG:acme.client:JWS payload:
b'{\n "contact": [\n "mailto:assistenza.sistemistica@digitalfacility.it"\n ],\n "termsOfServiceAgreed": true\n}'
2023-07-18 09:07:17,337:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-acct:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAiandrIjogeyJuIjogInJ2UEVjQ25yYW1Lc2d0YVVrR19HeVA0RVY4bjBXTE91OWUzemFTa0xfODFNMTBPbHd1MmMyWWRpUHJUbEQwMEowVV9kMl84a3RXOG9RcTI1N0ZWQ2tjbm1ucUc2eVNpZXVJN0RMOUlMRzNjWkxaUGF2RnBReFQ5U1IzWE1Db2FLb2xwUThDOWZyanZKVHp4N0x1SEJSdndxYjZYTlQwa3BtNVNMY2NuUEVlSkNvbnFkS0hRNVNuSmx2OFZqeVB5WlVJaThEakRfU05BZ01mRWlmRWl0c2M2bkNfVlJxdEVVQVk2YXlsQXRHVGhjYndDUUVBUlFmbHRJMXVYLU9ZdzZfV2Z5SXFTM2FsdmxQZTRoM0M5Tjd5ZEJNMHhLWGpTdjRfZXBWRTRCMTdYSjMyaENQbm1NNmdIS1VmZU9uR3NtVVJYdGlfRldYWnlFVUI0NjVpREItUSIsICJlIjogIkFRQUIiLCAia3R5IjogIlJTQSJ9LCAibm9uY2UiOiAiMjcxMkRjYUREZjd3dVF2Zzc0ak1ILUpWOGdjVkY1eWhSU0k5OEczY2tJLUduX0kiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1hY2N0In0",
"signature": "nHhkl5yL-MZghzFBr1EnEe1b1dhjAK5dXSx1dYiZArz2ytmtO0BP0UCYit0rtNUb9Cw3khqiS3UNc46-E6zisikdJdFOZyZykqRXxjf36ULO0sGxeSC6SFCB0_3WUIC9rDTRHsuRFGxyElszDu15q2YhI2t_XJgzXSmyny29Z0lDSgaJaM8Be9s2o2_VPaQCglAdQt8Bvpq35StqTO9MKS1rzmKN-A-t91ZRFbEH7gnNBOqCgTJmApazNPsVtx-AOmrGEAsD1LahX1TXayeoTy17hYCK4PRVMhH_28lQ_q_Jm5-EtkYk7pIjfZSZD-uNqQBCHOwjGSGNoT7jomv6sQ",
"payload": "ewogICJjb250YWN0IjogWwogICAgIm1haWx0bzphc3Npc3RlbnphLnNpc3RlbWlzdGljYUBkaWdpdGFsZmFjaWxpdHkuaXQiCiAgXSwKICAidGVybXNPZlNlcnZpY2VBZ3JlZWQiOiB0cnVlCn0"
}
2023-07-18 09:07:17,508:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-acct HTTP/1.1" 201 584
2023-07-18 09:07:17,508:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Tue, 18 Jul 2023 07:07:17 GMT
Content-Type: application/json
Content-Length: 584
Connection: keep-alive
Boulder-Requester: 1212219597
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf>;rel="terms-of-service"
Location: https://acme-v02.api.letsencrypt.org/acme/acct/1212219597
Replay-Nonce: 853FE6AB92ClC3ce1F32WmAnvKPYkDua6lQo_Mq2ixZfNzE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"key": {
"kty": "RSA",
"n": "rvPEcCnramKsgtaUkG_GyP4EV8n0WLOu9e3zaSkL_81M10Olwu2c2YdiPrTlD00J0U_d2_8ktW8oQq257FVCkcnmnqG6ySieuI7DL9ILG3cZLZPavFpQxT9SR3XMCoaKolpQ8C9frjvJTzx7LuHBRvwqb6XNT0kpm5SLccnPEeJConqdKHQ5SnJlv8VjyPyZUIi8DjD_SNAgMfEifEitsc6nC_VRqtEUAY6aylAtGThcbwCQEARQfltI1uX-OYw6_WfyIqS3alvlPe4h3C9N7ydBM0xKXjSv4_epVE4B17XJ32hCPnmM6gHKUfeOnGsmURXti_FWXZyEUB465iDB-Q",
"e": "AQAB"
},
"contact": [
"mailto:assistenza.sistemistica@digitalfacility.it"
],
"initialIp": "37.220.45.19",
"createdAt": "2023-07-18T07:07:17.432063993Z",
"status": "valid"
}
2023-07-18 09:07:17,508:DEBUG:acme.client:Storing nonce: 853FE6AB92ClC3ce1F32WmAnvKPYkDua6lQo_Mq2ixZfNzE
2023-07-18 09:07:33,444:DEBUG:certbot._internal.display.obj:Notifying user: Account registered.
2023-07-18 09:07:33,445:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7f796553c990>)>), contact=('mailto:assistenza.sistemistica@digitalfacility.it',), agreement=None, status='valid', terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/1212219597', new_authzr_uri=None, terms_of_service='https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf'), 2f716a946415eb913b67d25ae822af74, Meta(creation_dt=datetime.datetime(2023, 7, 18, 7, 7, 17, tzinfo=<UTC>), creation_host='zabbix-df.digitalfacility.it', register_to_eff=None))>
2023-07-18 09:07:33,446:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for zabbix-df.digitalfacility.it
2023-07-18 09:07:33,448:DEBUG:certbot.crypto_util:Generating ECDSA key (2048 bits): /etc/letsencrypt/keys/0000_key-certbot.pem
2023-07-18 09:07:33,452:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0000_csr-certbot.pem
2023-07-18 09:07:33,454:DEBUG:acme.client:JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "zabbix-df.digitalfacility.it"\n }\n ]\n}'
2023-07-18 09:07:33,456:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTIxMjIxOTU5NyIsICJub25jZSI6ICI4NTNGRTZBQjkyQ2xDM2NlMUYzMldtQW52S1BZa0R1YTZsUW9fTXEyaXhaZk56RSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIn0",
"signature": "oZeOgB1GiZ9DvkWEzwtWfyo4tsNjMt5X-BRmy6dFMwuybwIi5LPzJALQBh3zs3_-9Mf9NATlx8iH4XzvuCdIQUniwgrhj0iwNJAVe_G7V-ljxjVoSuqindtHFNEctxISyz4Q3D2MuL16H3H8kB7n7dguKGz14jbnlRxlxOw4QHuYAAayHN3fYyBFYUbvFspBl0vVJTzdZw_mdoYKLP-d96elquonKrNGigQP7-AUAuw6m46rdxeo01THTQUB1dv3RaowM8CpmiO0xreSiv-47xCgpOeKN7vEnhN5NwKJrNBtjMrpDNwQfhf9gS8addssUS4zJ4RV2_C03FRd0ww9ZA",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInphYmJpeC1kZi5kaWdpdGFsZmFjaWxpdHkuaXQiCiAgICB9CiAgXQp9"
}
2023-07-18 09:07:33,628:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 354
2023-07-18 09:07:33,628:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Tue, 18 Jul 2023 07:07:33 GMT
Content-Type: application/json
Content-Length: 354
Connection: keep-alive
Boulder-Requester: 1212219597
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/1212219597/195671223177
Replay-Nonce: 853FbIp6c1pvXsQlHAhzBUF9Y5UFqPZRracvzXJeySoDUec
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"status": "pending",
"expires": "2023-07-25T07:07:33Z",
"identifiers": [
{
"type": "dns",
"value": "zabbix-df.digitalfacility.it"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/246642627667"
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/1212219597/195671223177"
}
2023-07-18 09:07:33,629:DEBUG:acme.client:Storing nonce: 853FbIp6c1pvXsQlHAhzBUF9Y5UFqPZRracvzXJeySoDUec
2023-07-18 09:07:33,630:DEBUG:acme.client:JWS payload:
b''
2023-07-18 09:07:33,632:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/246642627667:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTIxMjIxOTU5NyIsICJub25jZSI6ICI4NTNGYklwNmMxcHZYc1FsSEFoekJVRjlZNVVGcVBaUnJhY3Z6WEpleVNvRFVlYyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjQ2NjQyNjI3NjY3In0",
"signature": "YS9tjRfVA-lfU6ICZz6X8cN-miawDTB0eWHBfcpUQ7AwC3_U1nQVrsesOZbx2eLRu91SbjLhLQhvv6MSZFUM_I-7123S9kp4gMAYiA0rGlgdCJH6QmzNwGesOJjfhZ080wB10-vmMRZW9WMnJBDU355mIn90CAOfFFK4z9yKrlvwCY-L4Lwl-6Dc9rQp_btdq2sKijE9HBJGtSegUEk0_C748OBOKtULeAxZIQRT1tQCuFnTsIgpUngbrAE_NUIouEFtBFWfT0ZEPlLUzEAzQhIUJV3pZTvHwhDOfcwx9dieJtPIPai0Ylx2bbeV7QFl8wZ2M_8Zb84y4Kn_KUlBog",
"payload": ""
}
2023-07-18 09:07:33,781:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/246642627667 HTTP/1.1" 200 812
2023-07-18 09:07:33,781:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 18 Jul 2023 07:07:33 GMT
Content-Type: application/json
Content-Length: 812
Connection: keep-alive
Boulder-Requester: 1212219597
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 853Fioj8ocTDJp_BG2dACXkOggqHzHErBDN76nNEaqXFXQ8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "zabbix-df.digitalfacility.it"
},
"status": "pending",
"expires": "2023-07-25T07:07:33Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/246642627667/jC7ssw",
"token": "oG_p-7m9ooTEruZ_FIWBDdfBaf-S4XV5Rs-jmanvgOQ"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/246642627667/jFqn8g",
"token": "oG_p-7m9ooTEruZ_FIWBDdfBaf-S4XV5Rs-jmanvgOQ"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/246642627667/yDUnFg",
"token": "oG_p-7m9ooTEruZ_FIWBDdfBaf-S4XV5Rs-jmanvgOQ"
}
]
}
2023-07-18 09:07:33,782:DEBUG:acme.client:Storing nonce: 853Fioj8ocTDJp_BG2dACXkOggqHzHErBDN76nNEaqXFXQ8
2023-07-18 09:07:33,782:INFO:certbot._internal.auth_handler:Performing the following challenges:
2023-07-18 09:07:33,782:INFO:certbot._internal.auth_handler:http-01 challenge for zabbix-df.digitalfacility.it
2023-07-18 09:07:33,850:INFO:certbot_apache._internal.override_debian:Enabled Apache rewrite module
2023-07-18 09:07:34,004:DEBUG:certbot_apache._internal.http_01:Adding a temporary challenge validation Include for name: None in: /etc/apache2/sites-enabled/000-default.conf
2023-07-18 09:07:34,004:DEBUG:certbot_apache._internal.http_01:writing a pre config file with text:
RewriteEngine on
RewriteRule ^/\.well-known/acme-challenge/([A-Za-z0-9-_=]+)$ /var/lib/letsencrypt/http_challenges/$1 [END]
2023-07-18 09:07:34,005:DEBUG:certbot_apache._internal.http_01:writing a post config file with text:
<Directory /var/lib/letsencrypt/http_challenges>
Require all granted
</Directory>
<Location /.well-known/acme-challenge>
Require all granted
</Location>
2023-07-18 09:07:34,028:DEBUG:certbot.reverter:Creating backup of /etc/apache2/sites-enabled/000-default.conf
2023-07-18 09:07:37,191:DEBUG:acme.client:JWS payload:
b'{}'
2023-07-18 09:07:37,193:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/246642627667/jC7ssw:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTIxMjIxOTU5NyIsICJub25jZSI6ICI4NTNGaW9qOG9jVERKcF9CRzJkQUNYa09nZ3FIekhFckJETjc2bk5FYXFYRlhROCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMjQ2NjQyNjI3NjY3L2pDN3NzdyJ9",
"signature": "GBW9TYk4nMdCCH3jvZku_315h87a8BDwkF5E6QXk505OAGTfibwdxiWaym_ouyhrMTKskZhbzah5B7B7ip-TOkePffSGMFW2u0w6E3zMD_x7RCv2rCh08PFoV23-fyl9T3s7tc5gkAIzYpwSr9s_sKH1YdsdM231HSG7D10kM7PWSGdfLlystF2OIl6Whn2VjId1XeJmrzkHmerNIWqTizRIpf7Ec4gvISJRbRzPSsAUCUBMModXQjI-XR1aFZiV_L05jKKSWOcWAvRMJvbazvY136R81MjQVSZGt2-N8SRE_hC296hfodwET1N7pPLbX0ULxYsTaYNU8G57sze8Ig",
"payload": "e30"
}
2023-07-18 09:07:37,344:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/246642627667/jC7ssw HTTP/1.1" 200 187
2023-07-18 09:07:37,345:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 18 Jul 2023 07:07:37 GMT
Content-Type: application/json
Content-Length: 187
Connection: keep-alive
Boulder-Requester: 1212219597
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/246642627667>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/246642627667/jC7ssw
Replay-Nonce: 853FslS9jNPyUl5eNX6EJtpU-gL7blHF3alEiAr7P5628m8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/246642627667/jC7ssw",
"token": "oG_p-7m9ooTEruZ_FIWBDdfBaf-S4XV5Rs-jmanvgOQ"
}
2023-07-18 09:07:37,345:DEBUG:acme.client:Storing nonce: 853FslS9jNPyUl5eNX6EJtpU-gL7blHF3alEiAr7P5628m8
2023-07-18 09:07:37,345:INFO:certbot._internal.auth_handler:Waiting for verification...
2023-07-18 09:07:38,345:DEBUG:acme.client:JWS payload:
b''
2023-07-18 09:07:38,348:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/246642627667:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTIxMjIxOTU5NyIsICJub25jZSI6ICI4NTNGc2xTOWpOUHlVbDVlTlg2RUp0cFUtZ0w3YmxIRjNhbEVpQXI3UDU2MjhtOCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjQ2NjQyNjI3NjY3In0",
"signature": "dir9-19Yw1Ec0B7t7dbh8T6AP-cAoiqHUyyB7QezUC6_pH9-PE7f2fiJ00w9-hFP2qpJ2f2SKHsH4UTWaqYdXo_Wj67iXRRL-40mNyyW1IAJ-lpwosIJxPIPzPPUudpJzhSCdIGH_w5S909a_FkzT6Ga3JnvfKoRyvKaY-1cFxBeHsETW_uYD1rLit4urEi85zFePrlwmx4VN9KBEsWM42VzgUigrnMpOStjtndrubSusG2ku3OnktBCmFqSwjTaGJLi8uBpsUIYLNHuuaHrF4R7Nqf9WGwFJitkJVPt7NxwbMs4e2E40z0BHZtH3DV3xGuMy39AElqf0fhI_td8bA",
"payload": ""
}
2023-07-18 09:07:38,496:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/246642627667 HTTP/1.1" 200 812
2023-07-18 09:07:38,497:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 18 Jul 2023 07:07:38 GMT
Content-Type: application/json
Content-Length: 812
Connection: keep-alive
Boulder-Requester: 1212219597
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 2712Al2_mj7k7v2y7xuwjV3hs5A-mc5P_mhNJYTNzc9-7OM
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "zabbix-df.digitalfacility.it"
},
"status": "pending",
"expires": "2023-07-25T07:07:33Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/246642627667/jC7ssw",
"token": "oG_p-7m9ooTEruZ_FIWBDdfBaf-S4XV5Rs-jmanvgOQ"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/246642627667/jFqn8g",
"token": "oG_p-7m9ooTEruZ_FIWBDdfBaf-S4XV5Rs-jmanvgOQ"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/246642627667/yDUnFg",
"token": "oG_p-7m9ooTEruZ_FIWBDdfBaf-S4XV5Rs-jmanvgOQ"
}
]
}
2023-07-18 09:07:38,497:DEBUG:acme.client:Storing nonce: 2712Al2_mj7k7v2y7xuwjV3hs5A-mc5P_mhNJYTNzc9-7OM
2023-07-18 09:07:41,497:DEBUG:acme.client:JWS payload:
b''
2023-07-18 09:07:41,499:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/246642627667:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTIxMjIxOTU5NyIsICJub25jZSI6ICIyNzEyQWwyX21qN2s3djJ5N3h1d2pWM2hzNUEtbWM1UF9taE5KWVROemM5LTdPTSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjQ2NjQyNjI3NjY3In0",
"signature": "VmErcZV47foZ0PB1U9cvi3Hd0QKijRwSruyu9IAjlgOMAz2pZ9aR-3say2pcBIxkW6JJjbq-AIDiINthpzFXHN2qQNoysTO0Smx9N0Lnolbg8XKyZEQvJKg7ifdwGzY9cSmN3kzjvH8LwSxfZniBltxNPxIV4rowWsGKYwS5p_XiYP8Wsl36g9yUwzVGY1ySNWID7ZdHXbZqAv3n1AmaObk-QNVveZoX0UbdODq_Yzaguoy_Ff_wseyP3hYQeErO3yctXbjgt_N9tm2UDCjw1RqWaIy8wyts5OnPgJIh8idJVMYJ31o25JGDtlmw9jlhOygaAMZwAK14YpuAw1iwFw",
"payload": ""
}
2023-07-18 09:07:41,649:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/246642627667 HTTP/1.1" 200 1419
2023-07-18 09:07:41,650:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 18 Jul 2023 07:07:41 GMT
Content-Type: application/json
Content-Length: 1419
Connection: keep-alive
Boulder-Requester: 1212219597
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 853FIbPNoHAJmtpheXriwoNp3wm7gkgw5TgDOhj8bK2BnXQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "zabbix-df.digitalfacility.it"
},
"status": "invalid",
"expires": "2023-07-25T07:07:33Z",
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "37.220.45.19: Invalid response from https://zabbix-df.digitalfacility.it/.well-known/acme-challenge/oG_p-7m9ooTEruZ_FIWBDdfBaf-S4XV5Rs-jmanvgOQ: 404",
"status": 403
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/246642627667/jC7ssw",
"token": "oG_p-7m9ooTEruZ_FIWBDdfBaf-S4XV5Rs-jmanvgOQ",
"validationRecord": [
{
"url": "http://zabbix-df.digitalfacility.it/.well-known/acme-challenge/oG_p-7m9ooTEruZ_FIWBDdfBaf-S4XV5Rs-jmanvgOQ",
"hostname": "zabbix-df.digitalfacility.it",
"port": "80",
"addressesResolved": [
"37.220.45.19"
],
"addressUsed": "37.220.45.19"
},
{
"url": "https://zabbix-df.digitalfacility.it/.well-known/acme-challenge/oG_p-7m9ooTEruZ_FIWBDdfBaf-S4XV5Rs-jmanvgOQ",
"hostname": "zabbix-df.digitalfacility.it",
"port": "443",
"addressesResolved": [
"37.220.45.19"
],
"addressUsed": "37.220.45.19"
}
],
"validated": "2023-07-18T07:07:37Z"
}
]
}
2023-07-18 09:07:41,650:DEBUG:acme.client:Storing nonce: 853FIbPNoHAJmtpheXriwoNp3wm7gkgw5TgDOhj8bK2BnXQ
2023-07-18 09:07:41,650:INFO:certbot._internal.auth_handler:Challenge failed for domain zabbix-df.digitalfacility.it
2023-07-18 09:07:41,651:INFO:certbot._internal.auth_handler:http-01 challenge for zabbix-df.digitalfacility.it
2023-07-18 09:07:41,651:DEBUG:certbot._internal.display.obj:Notifying user:
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: zabbix-df.digitalfacility.it
Type: unauthorized
Detail: 37.220.45.19: Invalid response from https://zabbix-df.digitalfacility.it/.well-known/acme-challenge/oG_p-7m9ooTEruZ_FIWBDdfBaf-S4XV5Rs-jmanvgOQ: 404
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.
2023-07-18 09:07:41,653:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 106, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 206, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2023-07-18 09:07:41,653:DEBUG:certbot._internal.error_handler:Calling registered functions
2023-07-18 09:07:41,653:INFO:certbot._internal.auth_handler:Cleaning up challenges
2023-07-18 09:07:41,929:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 33, in <module>
sys.exit(load_entry_point('certbot==2.1.0', 'console_scripts', 'certbot')())
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/main.py", line 19, in main
return internal_main.main(cli_args)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1736, in main
return config.func(config, plugins)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1440, in run
new_lineage = _get_and_save_cert(le_client, config, domains,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 138, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 516, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 428, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 496, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 106, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 206, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2023-07-18 09:07:41,941:ERROR:certbot._internal.log:Some challenges have failed.
2023-07-18 09:14:34,909:DEBUG:certbot._internal.main:certbot version: 2.1.0
2023-07-18 09:14:34,910:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2023-07-18 09:14:34,910:DEBUG:certbot._internal.main:Arguments: ['--apache', '-d', 'zabbix-df.digitalfacility.it']
2023-07-18 09:14:34,910:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2023-07-18 09:14:34,919:DEBUG:certbot._internal.log:Root logging level set at 30
2023-07-18 09:14:34,919:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache
2023-07-18 09:14:34,996:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.57
2023-07-18 09:14:35,212:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: Authenticator, Installer, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7f184998a8d0>
Prep: True
2023-07-18 09:14:35,213:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7f184998a8d0> and installer <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7f184998a8d0>
2023-07-18 09:14:35,213:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator apache, Installer apache
2023-07-18 09:14:35,289:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/1212219597', new_authzr_uri=None, terms_of_service=None), 2f716a946415eb913b67d25ae822af74, Meta(creation_dt=datetime.datetime(2023, 7, 18, 7, 7, 17, tzinfo=<UTC>), creation_host='zabbix-df.digitalfacility.it', register_to_eff=None))>
2023-07-18 09:14:35,290:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2023-07-18 09:14:35,292:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2023-07-18 09:14:35,752:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 752
2023-07-18 09:14:35,752:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 18 Jul 2023 07:14:35 GMT
Content-Type: application/json
Content-Length: 752
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"YLVIqHLdnsg": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-01/renewalInfo/",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2023-07-18 09:14:35,753:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for zabbix-df.digitalfacility.it
2023-07-18 09:14:35,756:DEBUG:certbot.crypto_util:Generating ECDSA key (2048 bits): /etc/letsencrypt/keys/0001_key-certbot.pem
2023-07-18 09:14:35,758:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0001_csr-certbot.pem
2023-07-18 09:14:35,759:DEBUG:acme.client:Requesting fresh nonce
2023-07-18 09:14:35,759:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2023-07-18 09:14:35,910:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2023-07-18 09:14:35,911:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 18 Jul 2023 07:14:35 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 2712K7kXh4SRzHBwHhJGDGBROGiC8fO9QNTT3zgDQ3rnSJw
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
2023-07-18 09:14:35,912:DEBUG:acme.client:Storing nonce: 2712K7kXh4SRzHBwHhJGDGBROGiC8fO9QNTT3zgDQ3rnSJw
2023-07-18 09:14:35,912:DEBUG:acme.client:JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "zabbix-df.digitalfacility.it"\n }\n ]\n}'
2023-07-18 09:14:35,918:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTIxMjIxOTU5NyIsICJub25jZSI6ICIyNzEySzdrWGg0U1J6SEJ3SGhKR0RHQlJPR2lDOGZPOVFOVFQzemdEUTNyblNKdyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIn0",
"signature": "QL5qs6PV_XtyZE0KRF9Ss2mmA6xFMWs4RxQY5H4AF3veRP8HOa2B8YK9fiPq2Ma3pCU_jkFxdwOrxEo0jMlYhXz-yosyjDK6nj3R_-0AQ2KzsKYtO95LnszeDGFGvE5Qbwj6XyTiiiHQ4rJG_ThHTY-cKYnO72pUTfPr_RHzMC2HouuBlM-polohED6nSTxNBgQJ1pXAZ0db7WTr3iZWeIp5Ub5IcApriKHyy5QxhdB0NFV9h-DuM8m0sz3-YPavnefiKc4OpwugOnaBxZ0MPQHK1mUvBR7me3Jzq-A7ev2_Qj3VU7uvvjZMF-_EmdC5zI5clZCbPzV1ATycrObPIA",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInphYmJpeC1kZi5kaWdpdGFsZmFjaWxpdHkuaXQiCiAgICB9CiAgXQp9"
}
2023-07-18 09:14:36,131:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 354
2023-07-18 09:14:36,132:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Tue, 18 Jul 2023 07:14:36 GMT
Content-Type: application/json
Content-Length: 354
Connection: keep-alive
Boulder-Requester: 1212219597
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/1212219597/195672312207
Replay-Nonce: 853FJkM6TYgMNaEn_f1x5mvJTkZPc8RCvWl77EEGjp1LIKo
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"status": "pending",
"expires": "2023-07-25T07:14:36Z",
"identifiers": [
{
"type": "dns",
"value": "zabbix-df.digitalfacility.it"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/246644173387"
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/1212219597/195672312207"
}
2023-07-18 09:14:36,132:DEBUG:acme.client:Storing nonce: 853FJkM6TYgMNaEn_f1x5mvJTkZPc8RCvWl77EEGjp1LIKo
2023-07-18 09:14:36,132:DEBUG:acme.client:JWS payload:
b''
2023-07-18 09:14:36,134:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/246644173387:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTIxMjIxOTU5NyIsICJub25jZSI6ICI4NTNGSmtNNlRZZ01OYUVuX2YxeDVtdkpUa1pQYzhSQ3ZXbDc3RUVHanAxTElLbyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjQ2NjQ0MTczMzg3In0",
"signature": "bbmZvCAkvqZOfTN8Iwqr6Tv2euMst2YjiM_BEgmmFVTnrMuR5lP2H3FYuxhfvKIXxXvOvJTQPX7PIN-iYkFwpz28EiCY5VoknE1vkiwGCttcpE9W258ZpROYuB_Ok5_P4COnk49J1VvoBe5cdtP1HGc2ehxkPzHRB-W3SMEeLXcHTaNrWf-tN97Gx3d1wcKEw5N1HruKnSTDCc9-Nn9kJEGuQPq7Ol7y9Gu9KUs5YEMuPkxEedQGVs1LD5mM9-opz_fELoYyAzY97h7xKplj1fldjUKtpdb2uZlhSm4jMBdRCHjNiPkzKuYlhQ7AdYDjpyY2Ycc6QLBM-4iuZ3RvXw",
"payload": ""
}
2023-07-18 09:14:36,287:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/246644173387 HTTP/1.1" 200 812
2023-07-18 09:14:36,288:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 18 Jul 2023 07:14:36 GMT
Content-Type: application/json
Content-Length: 812
Connection: keep-alive
Boulder-Requester: 1212219597
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 2712nixi5afzwxAcx6dBL4rVz7_a1L0EHUwep4tR1TRSjFI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "zabbix-df.digitalfacility.it"
},
"status": "pending",
"expires": "2023-07-25T07:14:36Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/246644173387/B-SZcg",
"token": "lS0xgE08zyzRYsovDxMBV95f-w6i5A5ew4zyq5VjOGI"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/246644173387/QK8RTg",
"token": "lS0xgE08zyzRYsovDxMBV95f-w6i5A5ew4zyq5VjOGI"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/246644173387/H1otkA",
"token": "lS0xgE08zyzRYsovDxMBV95f-w6i5A5ew4zyq5VjOGI"
}
]
}
2023-07-18 09:14:36,288:DEBUG:acme.client:Storing nonce: 2712nixi5afzwxAcx6dBL4rVz7_a1L0EHUwep4tR1TRSjFI
2023-07-18 09:14:36,288:INFO:certbot._internal.auth_handler:Performing the following challenges:
2023-07-18 09:14:36,288:INFO:certbot._internal.auth_handler:http-01 challenge for zabbix-df.digitalfacility.it
2023-07-18 09:14:36,350:INFO:certbot_apache._internal.override_debian:Enabled Apache rewrite module
2023-07-18 09:14:36,512:DEBUG:certbot_apache._internal.http_01:Adding a temporary challenge validation Include for name: None in: /etc/apache2/sites-enabled/000-default.conf
2023-07-18 09:14:36,513:DEBUG:certbot_apache._internal.http_01:writing a pre config file with text:
RewriteEngine on
RewriteRule ^/\.well-known/acme-challenge/([A-Za-z0-9-_=]+)$ /var/lib/letsencrypt/http_challenges/$1 [END]
2023-07-18 09:14:36,513:DEBUG:certbot_apache._internal.http_01:writing a post config file with text:
<Directory /var/lib/letsencrypt/http_challenges>
Require all granted
</Directory>
<Location /.well-known/acme-challenge>
Require all granted
</Location>
2023-07-18 09:14:36,534:DEBUG:certbot.reverter:Creating backup of /etc/apache2/sites-enabled/000-default.conf
2023-07-18 09:14:39,700:DEBUG:acme.client:JWS payload:
b'{}'
2023-07-18 09:14:39,703:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/246644173387/B-SZcg:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTIxMjIxOTU5NyIsICJub25jZSI6ICIyNzEybml4aTVhZnp3eEFjeDZkQkw0clZ6N19hMUwwRUhVd2VwNHRSMVRSU2pGSSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMjQ2NjQ0MTczMzg3L0ItU1pjZyJ9",
"signature": "clreIF3R6a9qEDpkETJ1UW4QSa6fvlCtvYfu4K7JY09pQMhGlw2jdDJepuhg92Rtc_n8KLWCSj_j62P1L1JOAKkfakOYJa0auGO5cdkQkuixAemrz8IG1QC0quVgVklcCy9XJGwbyLJ3pzqLacrcsJBrMf6lv5Q3z3gl8s7Y7GGnjVQZSTbVaHQbBJG4b-fAaHzsza3qtr3QIa2egj4DOQ2eTYT2R_xQi-pPvVna84eDH9ieog-isS5oE0gs9u-6B4ALIdK0UEBrdK9sOOdHucST9DYKOwl5QPyL5nT3wrQKIe8GAmaVaHA8PdZv-ayuzOFBthOjHzaa7VaZhX0puA",
"payload": "e30"
}
2023-07-18 09:14:39,860:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/246644173387/B-SZcg HTTP/1.1" 200 187
2023-07-18 09:14:39,861:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 18 Jul 2023 07:14:39 GMT
Content-Type: application/json
Content-Length: 187
Connection: keep-alive
Boulder-Requester: 1212219597
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/246644173387>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/246644173387/B-SZcg
Replay-Nonce: 27122PRCZzoGUpUgS1ZMYE6BelzrEkgQ_ouK71fIhx4PFIw
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/246644173387/B-SZcg",
"token": "lS0xgE08zyzRYsovDxMBV95f-w6i5A5ew4zyq5VjOGI"
}
2023-07-18 09:14:39,861:DEBUG:acme.client:Storing nonce: 27122PRCZzoGUpUgS1ZMYE6BelzrEkgQ_ouK71fIhx4PFIw
2023-07-18 09:14:39,861:INFO:certbot._internal.auth_handler:Waiting for verification...
2023-07-18 09:14:40,862:DEBUG:acme.client:JWS payload:
b''
2023-07-18 09:14:40,864:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/246644173387:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTIxMjIxOTU5NyIsICJub25jZSI6ICIyNzEyMlBSQ1p6b0dVcFVnUzFaTVlFNkJlbHpyRWtnUV9vdUs3MWZJaHg0UEZJdyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjQ2NjQ0MTczMzg3In0",
"signature": "fqHzzqfa5gdGvRdbSAajItNAMKtnTwLKpNyr1PZOeLyho0-GUysyIoBfRdVeQG5TkX51LnJMNiXjTVGlwmQLR4idu7ZjX5gOGU4BRFvunyJgSlOP93ZRPAr99ViA-AxnQfdJNQmqy_d5mc0ADF4iKVqIHvLEikzE3WK_QP8Tgb1A3EFnhs7Lma5Z7WcGgTtKkQ_OI60PGYBlGdukPSkD2Jq1YMUnJ0Mqo-uYkxxMncC5XOdA5qMTkvWXZKAUUdM7RR_WrHCwR2Zz7ZBqcR9MUsAEEj6OLtd5kmOQhyCbwuuorgvJkolASHmMhsdQ8Wld3zm3zLmiAqo4ukv-ufg94A",
"payload": ""
}
2023-07-18 09:14:41,017:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/246644173387 HTTP/1.1" 200 812
2023-07-18 09:14:41,017:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 18 Jul 2023 07:14:40 GMT
Content-Type: application/json
Content-Length: 812
Connection: keep-alive
Boulder-Requester: 1212219597
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 853Fi2je4o1ihPv2c2_mZ35T6MQoQIc9hX-Ub6b_UlBdN7A
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "zabbix-df.digitalfacility.it"
},
"status": "pending",
"expires": "2023-07-25T07:14:36Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/246644173387/B-SZcg",
"token": "lS0xgE08zyzRYsovDxMBV95f-w6i5A5ew4zyq5VjOGI"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/246644173387/QK8RTg",
"token": "lS0xgE08zyzRYsovDxMBV95f-w6i5A5ew4zyq5VjOGI"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/246644173387/H1otkA",
"token": "lS0xgE08zyzRYsovDxMBV95f-w6i5A5ew4zyq5VjOGI"
}
]
}
2023-07-18 09:14:41,018:DEBUG:acme.client:Storing nonce: 853Fi2je4o1ihPv2c2_mZ35T6MQoQIc9hX-Ub6b_UlBdN7A
2023-07-18 09:14:44,018:DEBUG:acme.client:JWS payload:
b''
2023-07-18 09:14:44,020:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/246644173387:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTIxMjIxOTU5NyIsICJub25jZSI6ICI4NTNGaTJqZTRvMWloUHYyYzJfbVozNVQ2TVFvUUljOWhYLVViNmJfVWxCZE43QSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMjQ2NjQ0MTczMzg3In0",
"signature": "Eub6Syp190f8D8Dye_g1878y3oUxedj72isCRHADnqTT0y7Yx4glQ_Tv_mt3x-4qWc-UlJyESOy9F-0jpx6bJ7BEfy_CPX9KI-OhK9kTU_dIpBUBiFcgwGtsh0MEiya_IDM2t9a0TQ6ypFVaQ7oQNW1InzAiIHCRygp9F5-UB0ECxF-ctJGiIxLu2R3-T-dcCWst43MLuB9YBAf74XWo5D4ZKXhjbT1_HaWAk3nGRAa4NGIhtCp6ag5WmXTCGL-i23zj-3b50Z3iEauAh03p9m4ENHSgSNRDC9aVc6bR2tPm17dMhLilCPQzHEVnr0vv2up1hpPLplU1rhoBN0yUcw",
"payload": ""
}
2023-07-18 09:14:44,175:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/246644173387 HTTP/1.1" 200 1419
2023-07-18 09:14:44,175:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 18 Jul 2023 07:14:44 GMT
Content-Type: application/json
Content-Length: 1419
Connection: keep-alive
Boulder-Requester: 1212219597
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 2712PVgHq0-nQfwzAy6D1f0de1RYAgwtFh5ePX_Gj4fzN8g
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "zabbix-df.digitalfacility.it"
},
"status": "invalid",
"expires": "2023-07-25T07:14:36Z",
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "37.220.45.19: Invalid response from https://zabbix-df.digitalfacility.it/.well-known/acme-challenge/lS0xgE08zyzRYsovDxMBV95f-w6i5A5ew4zyq5VjOGI: 404",
"status": 403
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/246644173387/B-SZcg",
"token": "lS0xgE08zyzRYsovDxMBV95f-w6i5A5ew4zyq5VjOGI",
"validationRecord": [
{
"url": "http://zabbix-df.digitalfacility.it/.well-known/acme-challenge/lS0xgE08zyzRYsovDxMBV95f-w6i5A5ew4zyq5VjOGI",
"hostname": "zabbix-df.digitalfacility.it",
"port": "80",
"addressesResolved": [
"37.220.45.19"
],
"addressUsed": "37.220.45.19"
},
{
"url": "https://zabbix-df.digitalfacility.it/.well-known/acme-challenge/lS0xgE08zyzRYsovDxMBV95f-w6i5A5ew4zyq5VjOGI",
"hostname": "zabbix-df.digitalfacility.it",
"port": "443",
"addressesResolved": [
"37.220.45.19"
],
"addressUsed": "37.220.45.19"
}
],
"validated": "2023-07-18T07:14:39Z"
}
]
}
2023-07-18 09:14:44,176:DEBUG:acme.client:Storing nonce: 2712PVgHq0-nQfwzAy6D1f0de1RYAgwtFh5ePX_Gj4fzN8g
2023-07-18 09:14:44,176:INFO:certbot._internal.auth_handler:Challenge failed for domain zabbix-df.digitalfacility.it
2023-07-18 09:14:44,176:INFO:certbot._internal.auth_handler:http-01 challenge for zabbix-df.digitalfacility.it
2023-07-18 09:14:44,176:DEBUG:certbot._internal.display.obj:Notifying user:
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: zabbix-df.digitalfacility.it
Type: unauthorized
Detail: 37.220.45.19: Invalid response from https://zabbix-df.digitalfacility.it/.well-known/acme-challenge/lS0xgE08zyzRYsovDxMBV95f-w6i5A5ew4zyq5VjOGI: 404
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.
2023-07-18 09:14:44,177:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 106, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 206, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2023-07-18 09:14:44,177:DEBUG:certbot._internal.error_handler:Calling registered functions
2023-07-18 09:14:44,177:INFO:certbot._internal.auth_handler:Cleaning up challenges
2023-07-18 09:14:44,442:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 33, in <module>
sys.exit(load_entry_point('certbot==2.1.0', 'console_scripts', 'certbot')())
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/main.py", line 19, in main
return internal_main.main(cli_args)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1736, in main
return config.func(config, plugins)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1440, in run
new_lineage = _get_and_save_cert(le_client, config, domains,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 138, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 516, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 428, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 496, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 106, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 206, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2023-07-18 09:14:44,444:ERROR:certbot._internal.log:Some challenges have failed.
My web server is (include version):
apache2 -v
Server version: Apache/2.4.57 (Debian)
Server built: 2023-04-13T03:26:51
root@zabbix-df:/etc/apache2# dpkg --list|grep nginx
root@zabbix-df:/etc/apache2#
The operating system my web server runs on is (include version):
cat /etc/debian_version
12.0
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot --version
certbot 2.1.0