Failed authorization procedure Ubuntu 16.04, Nginx, Docker

THE ERROR MESSAGE

IMPORTANT NOTES:

PRELIMINARY STEPS

  1. apt-get update
  2. apt-get upgrade
  3. cd …
  4. mkdir var/www
  5. cd var/www
  6. mkdir subdomain.example.com
  7. sudo apt install docker.io
  8. docker pull creativitykills/nginx-php-server:1.1.1
  9. docker run -d -p 1234:80 \
  10. –name subdomain \
  11. -v /var/www/subdomain.example.com:/var/www/public \
  12. creativitykills/nginx-php-server:1.1.1
  13. nano /var/www/subdomain.example.com/index.html
  14. Example Site

    This is my example site

INSTALL NGINX
15. apt install nginx
16. touch /etc/nginx/sites-available/subdomain.example.com.conf
17. server {listen 80;listen [::]:80;server_name subdomain.example.com www.subdomain.example.com;location / {proxy_pass http://0.0.0.0:1234;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto $scheme;}}
18. ln -s /etc/nginx/sites-available/subdomain.example.com.conf /etc/nginx/sites-enabled/subdomain.example.com.conf
19. /etc/init.d/nginx reload

INSTALL LET’S ENCRYPT

  1. apt-get update
  2. apt-get install software-properties-common
  3. add-apt-repository ppa:certbot/certbot
  4. apt-get update
  5. apt-get install python-certbot-nginx
  6. certbot --authenticator standalone --installer nginx --pre-hook “nginx -s stop” --post-hook “nginx”
  7. certbot renew --dry-run
  8. openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
  9. nano /etc/nginx/sites-available/subdomain.example.com.conf
  10. server {listen 80;listen [::]:80;server_name subdomain.example.com www.subdomain.example.com;location “/.well-known/acme-challenge” {default_type “text/plain”;root /var/www/subdomain.example.com;allow all;}location / {proxy_pass http://0.0.0.0:1234;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto $scheme;}}
  11. /etc/init.d/nginx reload
  12. ping subdomain.example.com
  13. was your domain name entered correctly?
  14. do the DNS A record(s) for that domain contain(s) the right IP address?
  15. is the domain routed to your ip address?
  16. control + z
  17. letsencrypt certonly -a webroot
    –webroot-path=/var/www/subdomain.example.com
    -d subdomain.example.com -d www.subdomain.example.com

Can you please tell me what I have done wrong?

The forum software is having issues. I apologize if this appears twice.


You indicated that you used --authenticator standalone in your certbot command, but your error happens more often using --authenticator webroot. Can you please confirm the full certbot command you used?

If you were in fact using standalone mode, the error suggests that nginx may not be stopping properly. Try replacing the hook calls to use systemctl instead of nginx directly, i.e. --pre-hook 'systemctl stop nginx' --post-hook 'systemctl start nginx'

[fixed for future readers, thanks schoen]

1 Like

don’t forget the nginx there (--post-hook 'systemctl start nginx')

2 Likes

incorrect version
6. certbot --authenticator standalone --installer nginx --pre-hook “nginx -s stop” --post-hook “nginx”

corrected version
6. certbot --authenticator standalone --installer nginx --pre-hook ‘systemctl stop nginx’ --post-hook 'systemctl start nginx’

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.