My domain is:
I ran this command:
#!/bin/sh
certbot certonly --webroot \
-w /home/webhost/www/www.buchausgabe.de/jshop/public \ -d www.buchausgabe.de \
-d buchausgabe.de \
--config-dir=/home/webhost/letsencrypt/config \
--work-dir=/home/webhost/letsencrypt/work \
--logs-dir=/home/webhost/letsencrypt/log
It produced this output:
**Saving debug log to /home/webhost/letsencrypt/log/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Cert is due for renewal, auto-renewing...
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for www.buchausgabe.de
http-01 challenge for buchausgabe.de
Using the webroot path /home/webhost/www/www.buchausgabe.de/jshop/public for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. buchausgabe.de (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://buchausgabe.de/.well-known/acme-challenge/rTxfGMFOiz0cYHK8jWbZMxE8S7wGlF3jM0a5pIXtiD8: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>", www.buchausgabe.de (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.buchausgabe.de/.well-known/acme-challenge/VKzyg8uBsUX573BtovqO7qQGhB4ljuyOUMoPATLEjOg: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: buchausgabe.de
Type: unauthorized
Detail: Invalid response from
http://buchausgabe.de/.well-known/acme-challenge/rTxfGMFOiz0cYHK8jWbZMxE8S7wGlF3jM0a5pIXtiD8:
"<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"
Domain: www.buchausgabe.de
Type: unauthorized
Detail: Invalid response from
http://www.buchausgabe.de/.well-known/acme-challenge/VKzyg8uBsUX573BtovqO7qQGhB4ljuyOUMoPATLEjOg:
"<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.t
But when I ran this command with the --dry-run option everything worked fine:
#!/bin/sh
certbot certonly --webroot \
-w /home/webhost/www/www.buchausgabe.de/jshop/public \ -d www.buchausgabe.de \
-d buchausgabe.de \
--config-dir=/home/webhost/letsencrypt/config \
--work-dir=/home/webhost/letsencrypt/work \
--logs-dir=/home/webhost/letsencrypt/log --dry-run
Saving debug log to /home/webhost/letsencrypt/log/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Cert is due for renewal, auto-renewing...
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for buchausgabe.de
http-01 challenge for www.buchausgabe.de
Using the webroot path /home/webhost/www/www.buchausgabe.de/jshop/public for all unmatched domains.
Waiting for verification...
Cleaning up challenges
IMPORTANT NOTES:
- The dry run was successful.
My web server is (include version):
Nginx 1.12.2
The operating system my web server runs on is (include version):
FreeBSD 11.2
My hosting provider, if applicable, is:
Self hosting
I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No, I use the shell.
Maybe naming the option --dry-run is misleading if it produces false positives. The name --dry-run suggests that a positive result would guarantee that the actual run works too. Yet it returns false positives resulting in too many failed authorizations because of exceeded rate limits.
That’s not good.