Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: git.as202454.net
I ran this command: gitlab-ctl reconfigure
It produced this output:
There was an error running gitlab-ctl reconfigure:
letsencrypt_certificate[git.as202454.net] (letsencrypt::http_authorization line 6) had an error: RuntimeError: acme_certificate[staging] (/opt/gitlab/embedded/cookbooks/cache/cookbooks/letsencrypt/resources/certificate.rb line 41) had an error: RuntimeError: ruby_block[create certificate for git.as202454.net] (/opt/gitlab/embedded/cookbooks/cache/cookbooks/acme/resources/certificate.rb line 108) had an error: RuntimeError: [git.as202454.net] Validation failed, unable to request certificate, Errors: [{url: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2355526914/98c3QA, status: invalid, error: {"type"=>"urn:ietf:params:acme:error:unauthorized", "detail"=>"193.28.39.194: Invalid response from http://git.as202454.net/.well-known/acme-challenge/2Ve4JSSU3xorI8ct4ZcCyouUb7if-hd76FJD4NkjF5Y: 400", "status"=>403}} ]
My web server is (include version): nginx
The operating system my web server runs on is (include version): Debian 11
My hosting provider, if applicable, is: N/A
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): N/A