I’m not sure if the two issues are related or not. I renewed the certs on Feb 9-10. Yesterday the cert was not there when I went to the web page. I then tried to renew the cert and it failed below. I can see the website (without the secure) and can also see a file in the .well-known/acme-challenge directory. I tried setting the directory to 777 briefly and it still did not work. Any ideas?
Please fill out the fields below so we can help you better.
My domain is:
I ran this command:
./certbot-auto certonly --webroot
It produced this output:
./certbot-auto certonly --webrootRequesting root privileges to run certbot…
/home/username/.local/share/letsencrypt/bin/letsencrypt certonly --webroot
[sudo] password for username:
Use of --agree-dev-preview is deprecated.
Use of --agree-dev-preview is deprecated.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Please enter in your domain name(s) (comma and/or space separated) (Enter 'c’
to cancel):www.example.com
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for www.onlinedegreedatabase.com
Using the webroot path /var/www for all unmatched domains.
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. www.example.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.example.com/.well-known/acme-challenge/qaNjuGPAOeoDttaGABdsf3gSEHq98UrpQxYf557-vx8: "
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
My operating system is (include version):
ubuntu 14.04
My web server is (include version):
apache2
My hosting provider, if applicable, is:
n/a
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):no
Thank you for responding. So is the problem with renewing that I have two certificates in the pipeline and if I do another I would get a Too many authorizations error? If so, what is the solution that you recommend?
Renew the certificate you currently have and just make sure that you pass the challenge (it should be the same challenge as these are valid for some time)
Alas, I am still getting the unauthorized error. I have cleared all .htaccess files and I am at a loss. This worked fine the last time and I have made no major changes to anything.
And a new error: When I change the permissions back to 777 and run manually, I get: Error: urn:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new authz :: Too many invalid authorizations recently.
As @ahaw021 mentioned, it looks like you do have a newer certificate which you aren’t using. If you can figure out how that happened, it might help.
Related to your current renewal failures: Do you know if you originally obtained the certificate using the webroot method? Do you have a record or a recollection of what command you used when you originally got your certificate? If you used a different method before and are trying to renew with webroot without specifying the appropriate parameters, it might account for the failures you’re seeing.