Failed authorization procedure

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:thecoldwars.net

I ran this command: sudo certbot renew --dry-run

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log


Processing /etc/letsencrypt/renewal/thecoldwars.net.conf


Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for thecoldwars.net
Waiting for verification…
Cleaning up challenges
Attempting to renew cert (thecoldwars.net) from /etc/letsencrypt/renewal/thecoldwars.net.conf produced an unexpected error: Failed authorization procedure. thecoldwars.net (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://thecoldwars.net/.well-known/acme-challenge/ytSWZR506dFBW5GVLUmAzFlT_KNjD79dPVg2cZjy1Ac [173.254.236.142]: “\n\n404 Not Found\n\n

Not Found

\n<p”. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/thecoldwars.net/fullchain.pem (failure)

** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates below have not been saved.)

All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/thecoldwars.net/fullchain.pem (failure)
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates above have not been saved.)


1 renew failure(s), 0 parse failure(s)

IMPORTANT NOTES:

My web server is (include version):
Server version: Apache/2.4.18 (Ubuntu)

The operating system my web server runs on is (include version):
Ubuntu 16.04.1 LTS (GNU/Linux 4.4.0-862.20.2.vz7.73.29 x86_64)

My hosting provider, if applicable, is:
vps
I can login to a root shell on my machine (yes or no, or I don’t know): i ca sudo su rot but not direct logins

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.31.0

1 Like

Hi @advocaite

there is a check of your domain, ~~5 hours old - https://check-your-website.server-daten.de/?q=thecoldwars.net

The main things are ok. So your vHost configuration may be buggy.

What says

apachectl -S
1 Like

i have actually upgraded to ubunutu 18 i think it was due to a server name mismatch, so im going to retry later today when home from work to re doo the certs and hopefully they will work straight out the box like last time

*:80 is a NameVirtualHost
default server dev.thecoldwars.net (/etc/apache2/sites-enabled/dev.thecoldwars.conf:1)
port 80 namevhost dev.thecoldwars.net (/etc/apache2/sites-enabled/dev.thecoldwars.conf:1)
alias dev.thecoldwars.net
port 80 namevhost thecoldwars.net (/etc/apache2/sites-enabled/thecoldwars.conf:1)
alias www.thecoldwars.net
ServerRoot: “/etc/apache2”
Main DocumentRoot: “/var/www/html”
Main ErrorLog: “/var/log/apache2/error.log”
Mutex watchdog-callback: using_defaults
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex mpm-accept: using_defaults
PidFile: “/var/run/apache2/apache2.pid”
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name=“www-data” id=33 not_used
Group: name=“www-data” id=33 not_used

this is what is says atm so if anything is wrong let me know ty

1 Like

Ok so I have just re set up everything ran a fresh install and all is working now
feel free to close this now. thank you for your help.

1 Like

There

is no duplicated vHost. That’s a typical problem that blocks the --apache authenticator, because the wrong vHost ist selected.

Happy to read that it works now. Thanks for reporting back :+1:

1 Like