Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:turnosweb.jussanjuan.gob.ar
I ran this command:
http-01 challenge for turnosweb.jussanjuan.gob.ar
Waiting for verification…
Challenge failed for domain turnosweb.jussanjuan.gob.ar
http-01 challenge for turnosweb.jussanjuan.gob.ar
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: turnosweb.jussanjuan.gob.ar
Type: dns
Detail: DNS problem: SERVFAIL looking up A for
turnosweb.jussanjuan.gob.ar - the domain’s nameservers may be
malfunctioning
It produced this output:
My web server is (include version):centos 7
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
nginx -T
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
configuration file /etc/nginx/nginx.conf:
For more information on configuration, see:
* Official English Documentation: http://nginx.org/en/docs/
* Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] “$request” ’
'$status $body_bytes_sent “$http_referer” ’
‘"$http_user_agent" “$http_x_forwarded_for”’;
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
client_max_body_size 100M;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
Settings for a TLS enabled server.
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name _;
root /usr/share/nginx/html;
ssl_certificate “/etc/nginx/cert.crt”;
ssl_certificate_key “/etc/nginx/cert.key”;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
configuration file /usr/share/nginx/modules/mod-http-image-filter.conf:
load_module “/usr/lib64/nginx/modules/ngx_http_image_filter_module.so”;
configuration file /usr/share/nginx/modules/mod-http-perl.conf:
load_module “/usr/lib64/nginx/modules/ngx_http_perl_module.so”;
configuration file /usr/share/nginx/modules/mod-http-xslt-filter.conf:
load_module “/usr/lib64/nginx/modules/ngx_http_xslt_filter_module.so”;
configuration file /usr/share/nginx/modules/mod-mail.conf:
load_module “/usr/lib64/nginx/modules/ngx_mail_module.so”;
configuration file /usr/share/nginx/modules/mod-stream.conf:
load_module “/usr/lib64/nginx/modules/ngx_stream_module.so”;
configuration file /etc/nginx/mime.types:
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
font/woff woff;
font/woff2 woff2;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}
configuration file /etc/nginx/conf.d/backoffice.conf:
server {
listen 80;
server_name mevinterno.jussanjuan.gob.ar;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://10.107.1.136:8000;
}
}
configuration file /etc/nginx/conf.d/mesa.conf:
server {
server_name mesavirtual.jussanjuan.gob.ar;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://10.107.1.136;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mesavirtual.jussanjuan.gob.ar/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mesavirtual.jussanjuan.gob.ar/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = mesavirtual.jussanjuan.gob.ar) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name mesavirtual.jussanjuan.gob.ar;
return 301 https://$server_name$request_uri;
listen 80;
return 404; # managed by Certbot
}
configuration file /etc/letsencrypt/options-ssl-nginx.conf:
This file contains important security parameters. If you modify this file
manually, Certbot will be unable to automatically provide future security
updates. Instead, Certbot will print and log an error message with a path to
the up-to-date file that you will need to refer to when manually updating
this file.
ssl_session_cache shared:le_nginx_SSL:10m;
ssl_session_timeout 1440m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;
ssl_ciphers “ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384”;
configuration file /etc/nginx/conf.d/mesav.conf:
server {
listen 80;
server_name mesavirtual.jussanjuan.gov.ar;
return 301 https://mesavirtual.jussanjuan.gob.ar$request_uri;
}
configuration file /etc/nginx/conf.d/mev.conf:
server {
server_name mev.jussanjuan.gob.ar;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://10.107.1.136;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mev.jussanjuan.gob.ar/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mev.jussanjuan.gob.ar/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = mev.jussanjuan.gob.ar) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name mev.jussanjuan.gob.ar;
return 404; # managed by Certbot
}
configuration file /etc/nginx/conf.d/mevv.conf:
server {
listen 80;
server_name mev.jussanjuan.gov.ar;
return 301 https://mev.jussanjuan.gob.ar$request_uri;
}
configuration file /etc/nginx/conf.d/pignusv.conf:
server {
listen 80;
server_name pignus.jussanjuan.gov.ar;
return 301 https://pignus.jussanjuan.gob.ar$request_uri;
}
configuration file /etc/nginx/conf.d/sitios.conf:
server {
server_name pignus.jussanjuan.gob.ar;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://10.107.1.121;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mesavirtual.jussanjuan.gob.ar/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mesavirtual.jussanjuan.gob.ar/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = pignus.jussanjuan.gob.ar) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name pignus.jussanjuan.gob.ar;
return 301 https://$host$request_uri;
listen 80;
return 404; # managed by Certbot
}
configuration file /etc/nginx/conf.d/turnos.conf:
server {
listen 80;
server_name turnosweb.jussanjuan.gob.ar;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://10.107.3.40;
}
}