My domain is: assets.sil.ph
I ran this command: certbot-auto renew
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/assets.sil.ph.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for assets.sil.ph
Waiting for verification...
Challenge failed for domain assets.sil.ph
http-01 challenge for assets.sil.ph
Cleaning up challenges
Attempting to renew cert (assets.sil.ph) from /etc/letsencrypt/renewal/assets.sil.ph.conf produced an unexpected error: Some challenges have failed.. Skipping.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/gear.sil.ph.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not yet due for renewal
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/gear.silph.gg.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not yet due for renewal
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/gear.thesilphroad.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not yet due for renewal
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/league-assets.sil.ph.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not yet due for renewal
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/sil.ph.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not yet due for renewal
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/thesilphroad.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not yet due for renewal
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/www.silphleague.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for silphleague.com
http-01 challenge for www.silphleague.com
Waiting for verification...
Challenge failed for domain silphleague.com
Challenge failed for domain www.silphleague.com
http-01 challenge for silphleague.com
http-01 challenge for www.silphleague.com
Cleaning up challenges
Attempting to renew cert (www.silphleague.com) from /etc/letsencrypt/renewal/www.silphleague.com.conf produced an unexpected error: Some challenges have failed.. Skipping.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/www.thesilphroad.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not yet due for renewal
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/assets.sil.ph/fullchain.pem (failure)
/etc/letsencrypt/live/www.silphleague.com/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The following certs are not due for renewal yet:
/etc/letsencrypt/live/gear.sil.ph/fullchain.pem expires on 2019-08-17 (skipped)
/etc/letsencrypt/live/gear.silph.gg/fullchain.pem expires on 2019-08-17 (skipped)
/etc/letsencrypt/live/gear.thesilphroad.com/fullchain.pem expires on 2019-08-17 (skipped)
/etc/letsencrypt/live/league-assets.sil.ph/fullchain.pem expires on 2019-09-29 (skipped)
/etc/letsencrypt/live/sil.ph/fullchain.pem expires on 2019-09-29 (skipped)
/etc/letsencrypt/live/thesilphroad.com/fullchain.pem expires on 2019-08-17 (skipped)
/etc/letsencrypt/live/www.thesilphroad.com/fullchain.pem expires on 2019-08-17 (skipped)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/assets.sil.ph/fullchain.pem (failure)
/etc/letsencrypt/live/www.silphleague.com/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: assets.sil.ph
Type: unauthorized
Detail: Invalid response from
https://assets.sil.ph/.well-known/acme-challenge/3zqyJrx1NtuKCeXt6i45C7hnEbSO2BmP02FewX0tXYk/
[104.196.197.94]: "<html>\r\n<head><title>404 Not
Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404
Not Found</h1></center>\r\n<hr><center>"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
- The following errors were reported by the server:
Domain: silphleague.com
Type: unauthorized
Detail: Invalid response from
https://silphleague.com/.well-known/acme-challenge/Z2j15UDjgoM3Nj_Gm6W2uVxkK1JAaQSecoge5zlmofU
[35.237.53.78]: 404
Domain: www.silphleague.com
Type: unauthorized
Detail: Invalid response from
https://www.silphleague.com/.well-known/acme-challenge/w5q5dakLIXTGdYbianvMwPgIP5nyG_oK9PIA5eY03QE
[35.237.53.78]: 404
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): haproxy 1.6.14 & nginx 1.4.6
The operating system my web server runs on is (include version): Ubuntu 14.04
My hosting provider, if applicable, is: Google Compute Platform
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot): certbot 0.35.1
The DNS in letsencrypt resolvers is wrong. I’m not sure how to correct this.
$ dig +short @8.8.8.8 assets.sil.ph
104.196.197.94
$ dig +short @1.1.1.1 assets.sil.ph
104.196.197.94
$ dig +short @dns1.p07.nsone.net assets.sil.ph
104.196.197.94
However, it’s attempting to use 35.237.53.78 which is not in any of our Google accounts.