My domain is: panel.sneakycraft.com
I ran this command: sudo certbot renew --dry-run
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/panel.sneakycraft.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for panel.sneakycraft.com
Waiting for verification...
Challenge failed for domain panel.sneakycraft.com
http-01 challenge for panel.sneakycraft.com
Cleaning up challenges
Attempting to renew cert (panel.sneakycraft.com) from /etc/letsencrypt/renewal/panel.sneakycraft.com.conf produced an unexpected error: Some challenges have failed.. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/panel.sneakycraft.com/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/panel.sneakycraft.com/fullchain.pem (failure)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: panel.sneakycraft.com
Type: unauthorized
Detail: Invalid response from
https://panel.sneakycraft.com/auth/login
[2606:4700:3037::6818:61df]:
"<html>\n<head>\n<title>SneakyCraft</title>\n<meta
charset=\"utf-8\">\n<meta http-equiv=\"X-UA-Compatible\"
content=\"IE=edge\">\n<meta cont"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): nginx version: nginx/1.18.0 (Ubuntu)
The operating system my web server runs on is (include version): Ubuntu 20.04.1 LTS (GNU/Linux 5.4.0-48-generic x86_64)
My hosting provider, if applicable, is: Digital Ocean VPS
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): certbot 1.9.0
Server issued certs 5 mins ago just fine. Issue only happens on renewal.
Seen this being used here, no idea how to read this cause I'm an amateur, but maybe it helps someone smarter than me: https://check-your-website.server-daten.de/?q=panel.sneakycraft.com
Please let me know if you need some more information. Thanks!
EDIT: This is a Cloudflare IP. I wonder what's going on. Do I need to Disable Cloudflare on every renewal? That sounds... problematic?