My domain is: cookaborough.com
I ran this command: sudo certbot renew
It produced this output:
Attempting to renew cert (www.cookaborough.com) from /etc/letsencrypt/renewal/www.cookaborough.com.conf produced an unexpected error: Failed authorization procedure. www.cookaborough.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://cookaborough.com/.well-known/acme-challenge/9zr2K2flz7OSUV9LOllAaVJ3_ttCR4Nk_f1KFBncjF8 [2606:4700:3032::681c:1e29]: "<!doctype html>\n\n<meta charset="utf-8">\n<meta name="viewport" content="width=device-width, initial-scale=1">\n<link href="/". Skipping.
My web server is (include version): Nginx 1.14
The operating system my web server runs on is (include version): ubuntu 18.04
My hosting provider, if applicable, is: AWS ec2
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): 0.31.0
I manually created the .well-knwon directory inside /var/www/cookaborough/public and given 755 permissions, but still exactly the same output. Tried everything I could find online but nothing works.
This is my Nginx configuration:
server {
server_name cookaborough.com;
root /var/www/cookaborough/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location ^~ /.well-known/acme-challenge/ {
allow all;
default_type "text/plain";
}
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
# browser caching of static assets
location ~* \.(jpg|jpeg|png|gif|ico|svg|webp)$ {
expires 365d;
}
location ~* \.(css|js)$ {
expires 365d;
}
client_max_body_size 10M;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/cookaborough.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/cookaborough.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = cookaborough.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name cookaborough.com;
return 404; # managed by Certbot
}
server {
listen 80;
server_name cookaborough.com.au www.cookaborough.com.au;
return 301 https://cookaborough.com$request_uri;
}
server {
listen 443;
server_name cookaborough.com.au www.cookaborough.com.au;
return 301 https://cookaborough.com$request_uri;
}
server {
listen 443;
server_name www.cookaborough.com;
return 301 https://cookaborough.com$request_uri;
}
server {
if ($host = www.cookaborough.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name www.cookaborough.com;
listen 80;
return 404; # managed by Certbot
}