Hey all, so I'm following a tutorial and I think it's possible I've got some mundane detail of my configuration wrong, but it's hard to tell. I'll fill out the questionaire, but in plain english I'm running a box in my house with TrueNAS, and I'm pointing to a jail running nginx with the hope of using it as a reverse proxy for a nextcloud instance.
My domain is: spaceraser.dev
I ran this command: certbot certonly -v --standalone -d 'spaceraser.dev'
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Requesting a certificate for spaceraser.dev
Performing the following challenges:
http-01 challenge for spaceraser.dev
Waiting for verification...
Challenge failed for domain spaceraser.dev
http-01 challenge for spaceraser.dev
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: spaceraser.dev
Type: unauthorized
Detail: 172.13.9.105: Invalid response from http://spaceraser.dev/.well-known/acme-challenge/o8WcSvcfnoSuXrYvVUZ_SY7M2gNviRsYqSsb9dFyW34: 404
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Cleaning up challenges
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
My web server is (include version):
nginx version: nginx/1.22.0
built with OpenSSL 1.1.1l-freebsd 24 Aug 2021
TLS SNI support enabled
configure arguments: --prefix=/usr/local/etc/nginx --with-cc-opt='-I /usr/local/include' --with-ld-opt='-L /usr/local/lib' --conf-path=/usr/local/etc/nginx/nginx.conf --sbin-path=/usr/local/sbin/nginx --pid-path=/var/run/nginx.pid --error-log-path=/var/log/nginx/error.log --user=www --group=www --with-compat --with-pcre --modules-path=/usr/local/libexec/nginx --with-file-aio --http-client-body-temp-path=/var/tmp/nginx/client_body_temp --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi_temp --http-proxy-temp-path=/var/tmp/nginx/proxy_temp --http-scgi-temp-path=/var/tmp/nginx/scgi_temp --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi_temp --http-log-path=/var/log/nginx/access.log --with-http_v2_module --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --without-mail_imap_module --without-mail_pop3_module --without-mail_smtp_module --with-mail_ssl_module --without-pcre2 --with-stream_ssl_module --with-stream_ssl_preread_module --with-threads --with-mail=dynamic --with-stream=dynamic
The operating system my web server runs on is (include version): FreeBSD 12.3-RELEASE-p9 running in a jail on TrueNAS (TrueNAS-13.0-U3.1)
My hosting provider, if applicable, is: self-hosted
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no, not yet.
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): certbot 1.31.0