Failed authorization procedure, When I run sudo certbot --nginx -d interface.orsedd.com certonly


#29

Let’s try:
passenger_enabled off;


#30

Again same, 404 error:


#31

I don’t know Phusion Passenger and how it interacts with nginx.
But I’m thinking that problem lies there.


#32

One last test:
--webroot with the dedicated challenge folder:
sudo certbot --webroot -w /var/ACMEchallengeTEST -d interface.orsedd.com certonly --dry-run


#35

Ok, we never turned up the logging…

Try it again (it will fail) then show the log file.
But this time with much added logging:
sudo certbot --webroot -w /var/ACMEchallengeTEST -d interface.orsedd.com certonly --dry-run -vvvv

[you might want to move or delete the current log file first to create a fresh one]


#36
sudo certbot --webroot -w /var/ACMEchallengeTEST -d interface.orsedd.com certonly --dry-run -vvvv
Root logging level set at -20
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requested authenticator webroot and installer None
Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0x7ff3ecc28fd0>
Prep: True
Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7ff3ecc28fd0> and installer None
Plugins selected: Authenticator webroot, Installer None
Picked account: <Account(RegistrationResource(uri='https://acme-staging-v02.api.letsencrypt.org/acme/acct/7751340', terms_of_service=None, new_authzr_uri=None, body=Registration(agreement=None, terms_of_service_agreed=None, status=None, only_return_existing=None, contact=(), key=None)), a30c29e93f14d4c511d318af5353f2c1, Meta(creation_host='ip-static-195-24-73-35.server.lu', creation_dt=datetime.datetime(2019, 1, 3, 14, 51, 30, tzinfo=<UTC>)))>
Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory.
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
https://acme-staging-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 724
Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 724
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 04 Jan 2019 12:22:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 04 Jan 2019 12:22:01 GMT
Connection: keep-alive

{
  "Blhsf9Ig3-8": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
    "website": "https://letsencrypt.org/docs/staging-environment/"
  },
  "newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order",
  "revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert"
}
Obtaining a new certificate
Requesting fresh nonce
Sending HEAD request to https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce.
https://acme-staging-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 204 0
Received response:
HTTP 204
Server: nginx
Replay-Nonce: Va9iamESxJIvNigFQ7_khC2_LpVgaq-mJzcykI_486E
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 04 Jan 2019 12:22:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 04 Jan 2019 12:22:01 GMT
Connection: keep-alive


Storing nonce: Va9iamESxJIvNigFQ7_khC2_LpVgaq-mJzcykI_486E
JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "interface.orsedd.com"\n    }\n  ]\n}'
Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order:
{
  "signature": "WAgsOtaLHdHueIvDeuIwHUqidXai8zsMwyTEg2fMt1_10pkJhjNb8-SChROPNe__KZdJcxWoFauN5_Ww6GH5dGdwcFD0HAe7xw_br9XEWw4T5-gA7oeL7gok2tkU8dLnnVf1F5Hp7YXz_zGn1zxKt94lhG_m68H2pFc6MIyq3-6LdjWeAiKF3lb7CLMVgKasby925C7P91mF9mVLChxU2JixSngyTXZKHgDsA1IgmT7VE94WLtrsDXwWLpoKRxW857JUaoUEn9rfs_z9uizOD3jNHZ1XXOL10bzcQc0hGPhuGs_lSr7ijurVsdQBtdzCXD9RmujV7YFJG4ubFCwbrw",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImludGVyZmFjZS5vcnNlZGQuY29tIgogICAgfQogIF0KfQ",
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC83NzUxMzQwIiwgIm5vbmNlIjogIlZhOWlhbUVTeEpJdk5pZ0ZRN19raEMyX0xwVmdhcS1tSnpjeWtJXzQ4NkUiLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIn0"
}
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 393
Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 393
Boulder-Requester: 7751340
Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/7751340/18500992
Replay-Nonce: c3RUlomTUoORe1qndtHuD2iKFt4kZQ4z7IfrbJvDluY
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 04 Jan 2019 12:22:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 04 Jan 2019 12:22:02 GMT
Connection: keep-alive

{
  "status": "pending",
  "expires": "2019-01-11T12:22:01.926025851Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "interface.orsedd.com"
    }
  ],
  "authorizations": [
    "https://acme-staging-v02.api.letsencrypt.org/acme/authz/kfAEutsbK5PGhc_8rnp3hr8J7ZZLOCTfSeZ03ncxdXI"
  ],
  "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/7751340/18500992"
}
Storing nonce: c3RUlomTUoORe1qndtHuD2iKFt4kZQ4z7IfrbJvDluY
Sending GET request to https://acme-staging-v02.api.letsencrypt.org/acme/authz/kfAEutsbK5PGhc_8rnp3hr8J7ZZLOCTfSeZ03ncxdXI.
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/authz/kfAEutsbK5PGhc_8rnp3hr8J7ZZLOCTfSeZ03ncxdXI HTTP/1.1" 200 933
Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 933
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 04 Jan 2019 12:22:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 04 Jan 2019 12:22:02 GMT
Connection: keep-alive

{
  "identifier": {
    "type": "dns",
    "value": "interface.orsedd.com"
  },
  "status": "pending",
  "expires": "2019-01-11T12:22:01Z",
  "challenges": [
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/kfAEutsbK5PGhc_8rnp3hr8J7ZZLOCTfSeZ03ncxdXI/217860636",
      "token": "kh0lC9QUFVFEO2gbvAgcSC22fPU2QF7zhRidRXyO6tA"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/kfAEutsbK5PGhc_8rnp3hr8J7ZZLOCTfSeZ03ncxdXI/217860637",
      "token": "GAdfftIbNrZhwXVjnd3RIgMl4eiME-AB-K-8ccp_Wpc"
    },
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/kfAEutsbK5PGhc_8rnp3hr8J7ZZLOCTfSeZ03ncxdXI/217860638",
      "token": "JmGKFiZgdZ_YwvCbJLTy8Bh5Cv0NMGbHP9AYo2ybmV0"
    }
  ]
}
Performing the following challenges:
http-01 challenge for interface.orsedd.com
Using the webroot path /var/ACMEchallengeTEST for all unmatched domains.
Creating root challenges validation dir at /var/ACMEchallengeTEST/.well-known/acme-challenge
Attempting to save validation to /var/ACMEchallengeTEST/.well-known/acme-challenge/JmGKFiZgdZ_YwvCbJLTy8Bh5Cv0NMGbHP9AYo2ybmV0
Waiting for verification...
JWS payload:
b'{\n  "resource": "challenge",\n  "keyAuthorization": "JmGKFiZgdZ_YwvCbJLTy8Bh5Cv0NMGbHP9AYo2ybmV0.ucwGTuFYwfJ_QlgHTyWyWAfbiUomnEGfo9mR7ki0NcI",\n  "type": "http-01"\n}'
Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/challenge/kfAEutsbK5PGhc_8rnp3hr8J7ZZLOCTfSeZ03ncxdXI/217860638:
{
  "signature": "M7P9BzPT6PSZ9mtbRvjti77EbABYjiJjp9XQrT6eZNCNUrDNhLTJ4qVDs30yjC-BBGg8BIb9wpnLEf0EfMxE5zsB1VVuS5-_mT2x6h2amphBtbnV_9zuXAf_oDose9vvTE2ciBACyqldQhlRVB-9oesW3ZxSUMkgGE6zMaXeMDilbP5rENMW_7tUMSqM_2xV96c5vGJNrg1jWIYwaWxqXj1bm4PX4CXc2uUcyW5p0T4UaR_b__KwVDohYvRZUxcNV2TFT0aM1OX0X79kSbj3WymwzVwz-pB7ILUhUUm_DHqCrQFLFJ0Sbn_9bR_JLf_b9tjcHav-s72-LN4XNbKBFA",
  "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJrZXlBdXRob3JpemF0aW9uIjogIkptR0tGaVpnZFpfWXd2Q2JKTFR5OEJoNUN2ME5NR2JIUDlBWW8yeWJtVjAudWN3R1R1Rll3ZkpfUWxnSFR5V3lXQWZiaVVvbW5FR2ZvOW1SN2tpME5jSSIsCiAgInR5cGUiOiAiaHR0cC0wMSIKfQ",
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC83NzUxMzQwIiwgIm5vbmNlIjogImMzUlVsb21UVW9PUmUxcW5kdEh1RDJpS0Z0NGtaUTR6N0lmcmJKdkRsdVkiLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGxlbmdlL2tmQUV1dHNiSzVQR2hjXzhybnAzaHI4SjdaWkxPQ1RmU2VaMDNuY3hkWEkvMjE3ODYwNjM4In0"
}
https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/challenge/kfAEutsbK5PGhc_8rnp3hr8J7ZZLOCTfSeZ03ncxdXI/217860638 HTTP/1.1" 200 230
Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 230
Boulder-Requester: 7751340
Link: <https://acme-staging-v02.api.letsencrypt.org/acme/authz/kfAEutsbK5PGhc_8rnp3hr8J7ZZLOCTfSeZ03ncxdXI>;rel="up"
Location: https://acme-staging-v02.api.letsencrypt.org/acme/challenge/kfAEutsbK5PGhc_8rnp3hr8J7ZZLOCTfSeZ03ncxdXI/217860638
Replay-Nonce: -eAY5n16tTe5XIrjl4oIBtbMmxxWyTilXeFUI2AnhhI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 04 Jan 2019 12:22:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 04 Jan 2019 12:22:02 GMT
Connection: keep-alive

{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/kfAEutsbK5PGhc_8rnp3hr8J7ZZLOCTfSeZ03ncxdXI/217860638",
  "token": "JmGKFiZgdZ_YwvCbJLTy8Bh5Cv0NMGbHP9AYo2ybmV0"
}
Storing nonce: -eAY5n16tTe5XIrjl4oIBtbMmxxWyTilXeFUI2AnhhI
Sending GET request to https://acme-staging-v02.api.letsencrypt.org/acme/authz/kfAEutsbK5PGhc_8rnp3hr8J7ZZLOCTfSeZ03ncxdXI.
https://acme-staging-v02.api.letsencrypt.org:443 "GET /acme/authz/kfAEutsbK5PGhc_8rnp3hr8J7ZZLOCTfSeZ03ncxdXI HTTP/1.1" 200 1751
Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1751
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Fri, 04 Jan 2019 12:22:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 04 Jan 2019 12:22:05 GMT
Connection: keep-alive

{
  "identifier": {
    "type": "dns",
    "value": "interface.orsedd.com"
  },
  "status": "invalid",
  "expires": "2019-01-11T12:22:01Z",
  "challenges": [
    {
      "type": "tls-alpn-01",
      "status": "invalid",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/kfAEutsbK5PGhc_8rnp3hr8J7ZZLOCTfSeZ03ncxdXI/217860636",
      "token": "kh0lC9QUFVFEO2gbvAgcSC22fPU2QF7zhRidRXyO6tA"
    },
    {
      "type": "dns-01",
      "status": "invalid",
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/kfAEutsbK5PGhc_8rnp3hr8J7ZZLOCTfSeZ03ncxdXI/217860637",
      "token": "GAdfftIbNrZhwXVjnd3RIgMl4eiME-AB-K-8ccp_Wpc"
    },
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:unauthorized",
        "detail": "Invalid response from http://interface.orsedd.com/.well-known/acme-challenge/JmGKFiZgdZ_YwvCbJLTy8Bh5Cv0NMGbHP9AYo2ybmV0: \"\u003c!DOCTYPE html\u003e\\n\u003chtml\u003e\\n\u003chead\u003e\\n  \u003ctitle\u003eThe page you were looking for doesn't exist (404)\u003c/title\u003e\\n  \u003cstyle type=\\\"text/css\\\"\u003e\\n    b\"",
        "status": 403
      },
      "url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/kfAEutsbK5PGhc_8rnp3hr8J7ZZLOCTfSeZ03ncxdXI/217860638",
      "token": "JmGKFiZgdZ_YwvCbJLTy8Bh5Cv0NMGbHP9AYo2ybmV0",
      "validationRecord": [
        {
          "url": "http://interface.orsedd.com/.well-known/acme-challenge/JmGKFiZgdZ_YwvCbJLTy8Bh5Cv0NMGbHP9AYo2ybmV0",
          "hostname": "interface.orsedd.com",
          "port": "80",
          "addressesResolved": [
            "195.24.73.27"
          ],
          "addressUsed": "195.24.73.27"
        }
      ]
    }
  ]
}
Reporting to user: The following errors were reported by the server:

Domain: interface.orsedd.com
Type:   unauthorized
Detail: Invalid response from http://interface.orsedd.com/.well-known/acme-challenge/JmGKFiZgdZ_YwvCbJLTy8Bh5Cv0NMGbHP9AYo2ybmV0: "<!DOCTYPE html>\n<html>\n<head>\n  <title>The page you were looking for doesn't exist (404)</title>\n  <style type=\"text/css\">\n    b"

To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
Encountered exception:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
    self._respond(aauthzrs, resp, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 161, in _respond
    self._poll_challenges(aauthzrs, chall_update, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 232, in _poll_challenges
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. interface.orsedd.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://interface.orsedd.com/.well-known/acme-challenge/JmGKFiZgdZ_YwvCbJLTy8Bh5Cv0NMGbHP9AYo2ybmV0: "<!DOCTYPE html>\n<html>\n<head>\n  <title>The page you were looking for doesn't exist (404)</title>\n  <style type=\"text/css\">\n    b"

Calling registered functions
Cleaning up challenges
Removing /var/ACMEchallengeTEST/.well-known/acme-challenge/JmGKFiZgdZ_YwvCbJLTy8Bh5Cv0NMGbHP9AYo2ybmV0
All challenges cleaned up
Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/certbot", line 11, in <module>
    load_entry_point('certbot==0.28.0', 'console_scripts', 'certbot')()
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 1340, in main
    return config.func(config, plugins)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 1225, in certonly
    lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 121, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
  File "/usr/lib/python3/dist-packages/certbot/client.py", line 392, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
  File "/usr/lib/python3/dist-packages/certbot/client.py", line 335, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/usr/lib/python3/dist-packages/certbot/client.py", line 371, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
    self._respond(aauthzrs, resp, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 161, in _respond
    self._poll_challenges(aauthzrs, chall_update, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 232, in _poll_challenges
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. interface.orsedd.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://interface.orsedd.com/.well-known/acme-challenge/JmGKFiZgdZ_YwvCbJLTy8Bh5Cv0NMGbHP9AYo2ybmV0: "<!DOCTYPE html>\n<html>\n<head>\n  <title>The page you were looking for doesn't exist (404)</title>\n  <style type=\"text/css\">\n    b"
Failed authorization procedure. interface.orsedd.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://interface.orsedd.com/.well-known/acme-challenge/JmGKFiZgdZ_YwvCbJLTy8Bh5Cv0NMGbHP9AYo2ybmV0: "<!DOCTYPE html>\n<html>\n<head>\n  <title>The page you were looking for doesn't exist (404)</title>\n  <style type=\"text/css\">\n    b"

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: interface.orsedd.com
   Type:   unauthorized
   Detail: Invalid response from
   http://interface.orsedd.com/.well-known/acme-challenge/JmGKFiZgdZ_YwvCbJLTy8Bh5Cv0NMGbHP9AYo2ybmV0:
   "<!DOCTYPE html>\n<html>\n<head>\n  <title>The page you were
   looking for doesn't exist (404)</title>\n  <style
   type=\"text/css\">\n    b"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

#38

Maybe the problem is in the way it handles file types…
This worked:
http://interface.orsedd.com/.well-known/acme-challenge/delete-me-5678
With this:
echo "test 5678" > /var/rails/orsedd_interface/current/public/.well-known/acme-challenge/delete-me-5678

Let’s try something closer to what a challenge file really looks like:
[assuming you haven’t deleted anything - yet]

echo "kh0lC9QUFVFEO2gbvAgcSC22fPU2QF7zhRidRXyO6tA" > /var/ACMEchallengeTEST/.well-known/acme-challenge/JmGKFiZgdZ_YwvCbJLTy8Bh5Cv0NMGbHP9AYo2ybmV0

Then:
http://interface.orsedd.com/.well-known/acme-challenge/JmGKFiZgdZ_YwvCbJLTy8Bh5Cv0NMGbHP9AYo2ybmV0
should return:
kh0lC9QUFVFEO2gbvAgcSC22fPU2QF7zhRidRXyO6tA


#39

We must also try (and review the log file for):
sudo certbot --nginx -d interface.orsedd.com certonly --dry-run -vvvv

As shown in the --webroot logs:

  • Using the webroot path /var/ACMEchallengeTEST for all unmatched domains.
  • Creating root challenges validation dir at /var/ACMEchallengeTEST/.well-known/acme-challenge
  • Attempting to save validation to /var/ACMEchallengeTEST/.well-known/acme-challenge/JmGKFiZgdZ_YwvCbJLTy8Bh5Cv0NMGbHP9AYo2ybmV0
  • Removing /var/ACMEchallengeTEST/.well-known/acme-challenge/JmGKFiZgdZ_YwvCbJLTy8Bh5Cv0NMGbHP9AYo2ybmV0

it put the file in the right place…


#40

Not deleted the files.Trying in this format.


#41

Add it here too (just in case):
echo "kh0lC9QUFVFEO2gbvAgcSC22fPU2QF7zhRidRXyO6tA" > /var/rails/orsedd_interface/current/public/.well-known/acme-challenge/JmGKFiZgdZ_YwvCbJLTy8Bh5Cv0NMGbHP9AYo2ybmV0


#42

One TYPO found - my bad:
try_files $uri 405;
should have been:
try_files $uri =405;

While you’re there, update that entire file to this:

server {
    listen 80;
    listen [::]:80;
    server_name interface.orsedd.com;
    location /acmetest/ {                          # TEST location
     access_log /var/ACMEchallengeTEST/access.log; # added logging
     root /var/ACMEchallengeTEST/;
     return 200 'The acmetest worked.';            # return 200 for all access
    }
    location /.well-known/acme-challenge/ {        # normal challenge location
     access_log /var/ACMEchallengeTEST/access.log; # added logging
     root /var/ACMEchallengeTEST/;
     try_files $uri =405;
    }
    root /var/rails/orsedd_interface/current/public;
 }

#43

Did you get this resolved?


closed #44

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.