The following occurs to me. I have a raspberry pi 3b running four websites with apache2. All of these https with Let’s Encrypt, all with their own domain name. That works fine.
Then I have a second raspberry 3 on which I have a radio stream, with Darkice and Icecast. This works well under http but because Chrome doesn’t want to let this through anymore, I want it to become https with Let’s Encrypt as well. For this I used the following guide: https://mediarealm.com.au/articles/icecast-https-ssl-setup-lets-encrypt/
This stream server also has its own domain name. Unfortunately, registration goes wrong. There I get the below error. I also encounter the same error message within this community, but I cannot find a solution yet. The difference is that I am dealing with a radio stream with icecast. I am only a hobbyist with limited knowledge and so I get stuck here for a moment. I hope someone can help me further. Welcome!
root@raspberry3:~# certbot certonly --webroot-path="/usr/share/icecast2/web" -d ‘radiorstream.nl-web.net’
Saving debug log to /var/log/letsencrypt/letsencrypt.log
How would you like to authenticate with the ACME CA?
1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)
Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 2
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for radiorstream.nl-web.net
Using the webroot path /usr/share/icecast2/web for all unmatched domains.
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. radiorstream.nl-web.net (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://radiorstream.nl-web.net/.well-known/acme-challenge/g9LKd71rUTH5aIB2Lb3T3O5ssiRcB7xSNw3kKbhZ7ms [8*.8*.1**.1**]: “\n\n403 Forbidden\n\n
The following errors were reported by the server:
Detail: Invalid response from
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.