Failed authorization: file not found

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:invystasafe.com

I ran this command: certbot --apache -d invystasafe.com

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for invystasafe.com
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. invystasafe.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://invystasafe.com/.well-known/acme-challenge/k0NNrKl0gu6gRDNFnHwt4sKUrLwOQI8fE6UVUp3H8tQ [52.53.186.6]: “\n\n404 Not Found\n\n

Not Found

\n<p”
IMPORTANT NOTES:
- The following errors were reported by the server:
   Domain: invystasafe.com
   Type:   unauthorized
   Detail: Invalid response from
   http://invystasafe.com/.well-known/acme-challenge/k0NNrKl0gu6gRDNFnHwt4sKUrLwOQI8fE6UVUp3H8tQ
   [52.53.186.6]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
   2.0//EN\">\n<html><head>\n<title>404 Not
   Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

My web server is (include version): Apache/2.4.41 (Unix)

The operating system my web server runs on is (include version): Linux/Ubuntu 18.04

My hosting provider, if applicable, is: AWS

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot) :0.31.0

DNS check: dig invystasafe.com output:
dig +short invystasafe.com
52.53.186.6

% httpd -V
Server version: Apache/2.4.41 (Unix)
Server built:   Aug  3 2020 16:34:41
Server's Module Magic Number: 20120211:88
Server loaded:  APR 1.7.0, APR-UTIL 1.6.1
Compiled using: APR 1.7.0, APR-UTIL 1.6.1
Architecture:   64-bit
Server MPM:     prefork
  threaded:     no
    forked:     yes (variable process count)
Server compiled with....
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_PROC_PTHREAD_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=256
 -D HTTPD_ROOT="/usr"
 -D SUEXEC_BIN="no"
 -D DEFAULT_PIDLOG="/var/logs/httpd.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="/etc/apache/mime.types"
 -D SERVER_CONFIG_FILE="/etc/apache/httpd.conf"

% httpd -S
VirtualHost configuration:
*:443 invystasafe.com (/etc/apache/sites-available/000-default.conf:2)
ServerRoot: “/usr”
Main DocumentRoot: “/usr/share/httpdocs/htdocs”
Main ErrorLog: “/var/logs/apache2/error_log”
Mutex proxy-balancer-shm: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/logs/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex cache-socache: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex watchdog-callback: using_defaults
PidFile: “/var/logs/httpd.pid”
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name=“daemon” id=1
Group: name=“daemon” id=1

/var/log/letsencrypt/letsencrypt.log @ https://drive.google.com/file/d/1U4CXK3zv8kOUa3L5OrgKgfeskNEugw3n/view?usp=sharing

1 Like

Hi @yaandy

you don’t have a port 80 vHost definition with your domain name. There is only a port 443 vHost.

That’s required, add one.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.