Failed authorization procedure (acme-challenge/ not created)


#1

I installed certbot-auto on Debian 7.11, and it seemed to install and update everything fine as far as I could tell. I then ran:

./certbot-auto certonly --webroot -w /path/to/www.mydomain.com -d www.mydomain.com

It took forever, and then I got the following error:

Failed authorization procedure. www.mydomain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.mydomain.com/.well-known/acme-challenge/4Oh6oiNAAEw7iSwbKoFC5OevQcAGszEL11vdSmEjHg0: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"

When I looked in my webroot, I saw a .well-known directory, but I did not see anything inside with ls -la. I tried running the same command above using sudo, which still got the same error. I also tried using the graphical installer, with the same result. The .well-known directory did not exist before I ran the script, so apparently it was able to create it but not put anything else inside? I’m confused. The .well-known directory is still empty, hence the 404 above.


#2

certbot deletes the acme-challenge subdirectory after the challenge passes or fails.

Try creating the subdirectory manually, put a file in there and check if your browser is able to request that file successfully. A common issue is that .htaccess rules or similar are interfering with the request and preventing the file from being served. Your web server logs might have more details.


#3

Thank you! I got sidetracked, not realizing that the files got cleaned up. You were right; I had a rule to hide all directories starting with a period. Once I added an override for .well-known/ it all worked as expected. Thanks for the help!


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.