I did the letsencrypt keys on previous server, than moved to new one, copied the keys and connected nginx to the old keys… Now I need to renew it and I got error.
Here is the details:
My domain is:
I ran this command:
letsencrypt -a webroot --webroot-path /var/common-le-root/ -d autodstools.com certonly
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
My operating system is (include version):
ubuntu 14.04
My web server is (include version):
nginx
My hosting provider, if applicable, is: ovh.com
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
No such file or directory… however I saw now I posted here wrong path that I tried…
However the path I tried /home/my_user/letsencrype…
Same details there…
so if you create a folder in the webroot called “.well-known” and then within “webbroot/.well-known” create a new folder called “acme-challenge” and then create a plain text file called “test” with contents “ok” … can you reach it in your browser at http://autodstools.com/.well-known/acme-challenge/test
Alternatively, you could set your nginx proxy to send requests for .well-known/acme-challenge/* to an alternative location - again you could verify things are working with the above test.
I saw something new.. please tell me if I still should do previous check:
" Renewal conf file /etc/letsencrypt/renewal/autodstools.com.conf is x
x broken. Skipping. "
The file is from the previous server, where was apatche.. now it's nginx:
this is file content:
The easiest approach regarding your existing certificates might be to just delete your /etc/letsencrypt directory entirely (though keeping a backup around just in case is always a good idea), unless you have other certificates that you need to keep as well. Switching the web server and certbot plugin would require quite a number of manual changes to the renewal configuration file - it’s typically not worth the hassle when you can just re-issue the certificate (which needs to happen anyway for renewal).
The webroot plugin expects that your web server serves any file that certbot puts in the directory you provide via the --webroot-path argument, i.e. /var/common-le-root/ in your post. This is typically the path you use for the root directive in your nginxserver block. If you use nginx only as a reverse proxy, you typically want to add a special location directive for the ACME challenge path. This could look roughly like this:
That’s the path you tell the client to write the challenge verification files to via --webroot-path. You’ll just need an empty directory, certbot will take care of the rest and nginx should serve the files with the configuration snippet from my previous post.
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
Your account credentials have been saved in your Let's Encrypt
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Let's
Encrypt so making regular backups of this folder is ideal.
To clarify: have you added the configuration snipped I provided to your nginxserver block, specfically to the server block that handles HTTP (rather than HTTPS, in case those are separate)? Feel free to post any relevant configuration files as a whole if you’re uncertain if it’s right.
Your nginx access or error log might also give some clues as to why the file was not found.