Failed Authorization Procedure

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: nextcloud.broughtonhome.org

I ran this command: certbot renew

It produced this output: Attempting to renew cert (nextcloud.broughtonhome.org) from /etc/letsencrypt/renewal/nextcloud.broughtonhome.org.conf produced an unexpected error: Failed authorization procedure. nextcloud.broughtonhome.org (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://nextcloud.broughtonhome.org/.well-known/acme-challenge/Ite7K7VkztXFa-4rZnEHUZjzDTBKwH7331ARkEgpb6c [173.28.171.243]: “\n\n404 Not Found\n\n

Not Found

\n<p”. Skipping.

My web server is (include version): Apache 2.4.18

The operating system my web server runs on is (include version): Ubuntu 16.04.2

My hosting provider, if applicable, is: Self-Hosted

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.31.0

From above error message not sure if this is relevant my web site setup to redirect from http to https

2

Hi @Ttheb2b

checking your domain - there is no redirect http -> https ( https://check-your-website.server-daten.de/?q=nextcloud.broughtonhome.org ):

Domainname Http-Status redirect Sec. G
• http://nextcloud.broughtonhome.org/
173.28.171.243 200 0.280 H
• https://nextcloud.broughtonhome.org/
173.28.171.243 302 https://nextcloud.broughtonhome.org/index.php/login 1.756 A
• https://nextcloud.broughtonhome.org/index.php/login 200 1.316 A
• http://nextcloud.broughtonhome.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
173.28.171.243 404 0.283 A
Not Found
Visible Content: Not Found The requested URL /.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de was not found on this server.

There is a redirect https -> /index.php/login

Same with your error message:

There is the http version fetched.

Looks like you have a redirect rule or a location definition your Certbot doesn't understand.

Try to find your DocumentRoot / webroot. Then use it.

certbot run -a webroot -i apache -w yourDocumentRoot -d nextcloud.broughtonhome.org
3

Ran command as per your suggestion,

Note replace the "yourDocumentRoot" with the actual location of the document root.

Get the following error message;

Domain: nextcloud.broughtonhome.org
Type: unauthorized
Detail: Invalid response from
http://nextcloud.broughtonhome.org/.well-known/acme-challenge/raXzEJyVx3YVnChPDr1to1aUetcW9RnODs_hTdM2LvE
[173.28.171.243]: "\n\n404 Not
Found\n\n

Not Found

\n<p"

Safe to believe still redirect Certbot not understanding? I do have a redirect rule, connection request comes in on http://nextcloud.broughtonhome.org redirected to https but this has been in place for years.

4

Really var/, not /var/ ?

If that doesn't work

  • this isn't your webroot
  • you have additional location definition, a reverse proxy or something else, so Certbot can't find the correct place to create the test file
5

Got it, thanks! Correct path is /var/www, not /var/www/nextcloud. The entry in the previous post of var/www was a typo on my part.

1 Like
6

A post was split to a new topic: Domain with wildcard-certificate

7

A post was split to a new topic: Authorization Failed message

8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.