Error 403 when i generate certs for my domain

hello, first of all.. sorry for my bad english and thanks in advance. im newby in this particular area :frowning:

My domain is: senz.com.mx

I ran this command:

I working with this a reverse proxy on docker, also my proyect (front, api, db), my reverse proxy looks like this

version: '3' # Version of the Docker Compose file format
services:
nginx-proxy:
image: jwilder/nginx-proxy:alpine
restart: "always" # Always restart container
ports:
- "80:80" # Port mappings in format host:container
- "443:443"
networks:
- nginx-proxy # Name of the etwork these two containers will share
labels:
- "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy" # Label needed for Let's Encrypt companion container
volumes: # Volumes needed for container to configure proixes and access certificates genereated by Let's Encrypt companion container
- /var/run/docker.sock:/tmp/docker.sock:ro
- "nginx-conf:/etc/nginx/conf.d"
- "nginx-vhost:/etc/nginx/vhost.d"
- "html:/usr/share/nginx/html"
- "certs:/etc/nginx/certs:ro"
letsencrypt-nginx-proxy-companion:
image: jrcs/letsencrypt-nginx-proxy-companion
restart: always
container_name: letsencrypt-nginx-proxy-companion
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "nginx-conf:/etc/nginx/conf.d"
- "nginx-vhost:/etc/nginx/vhost.d"
- "html:/usr/share/nginx/html"
- "certs:/etc/nginx/certs:rw"
depends_on: # Make sure we start nginx proxy container first
- nginx-proxy
networks:
nginx-proxy: # Name of our shared network that containers will use
volumes: # Names of volumes that out containers will share. Those will persist on docker's host machine.
nginx-conf:
nginx-vhost:
html:
certs:

my project:

version: '3'
services:
front: #front
build: ./front
ports:
- "61100:80"
expose:
- "61100"
environment:
- TZ = Mazatlan
- VIRTUAL_HOST=senz.com.mx
- LETSENCRYPT_HOST=senz.com.mx
- LETSENCRYPT_EMAIL=Hola@senz.mx
networks:
- reverse-proxy_nginx-proxy
- bd-senz_db-senz-net
restart: on-failure
api: #api
build: ./api
environment:
TZ: "America/Mazatlan"
ports:
- "61101:3000"
expose:
- "61101"
networks:
- bd-senz_db-senz-net
restart: on-failure
networks:
reverse-proxy_nginx-proxy:
external: true
bd-senz_db-senz-net:
external: true

I use this exact config in other two project on other servers and I didn't have any problems with them,
senz.com.mx works just fine but i cannot generate SSL certs

my dns config

the certs challanges produce this log of errors
It produced this output:
logs-2.txt (121.8 KB)

The operating system my web server runs on is (include version): Debian 11, Linux 5.10.0-27-amd64

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

You're using acme.sh as the client to acquire your certificates. It's writing the HTTP challenge response to /usr/share/nginx/html/.well-known/acme-challenge/ so start by creating a test file in that location and trying to browse to it over http (not https).

If I try to access http://senz.com.mx/./well-known/acme-challenge/test currently your website responds with your default web app html instead of a 404 etc so that suggests you are redirecting all paths to the root of the site.

2 Likes

Thanks for the reply !, i'll try that as soon as I can.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.