Hi, since 2 weeks it get the error during the cron steered renew process. I'm not sure what happens. I can say, that I didn't change anything on my server. It was working in the past without any problems. What is going wrong? Please help me

My domain is:ncloud.spdns.org

I ran this command:/usr/bin/certbot renew >> /var/log/le-renew.log

It produced this output: Saving debug log to /var/log/letsencrypt/letsencrypt.log
Cert is due for renewal, auto-renewing…
Non-interactive renewal: random delay of 204 seconds
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for ncloud.spdns.org
Waiting for verification…
Cleaning up challenges
Attempting to renew cert (ncloud.spdns.org) from /etc/letsencrypt/renewal/ncloud.spdns.org.conf produced an unexpected error: Failed authorization procedure. ncloud.spdns.org (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://ncloud.spdns.org/.well-known/acme-challenge/e1QTcTfiEBWHfn4KZZAPAU548XCY2nBFFyUK8W1xLPI[]: “\n\n400 Bad Request\n\n

Bad Request</h1”. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/ncloud.spdns.org/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)

My web server is (include version):Apache 2.4.6

The operating system my web server runs on is (include version):CentOS Linux release 7.6.1810

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):certbot 0.31.0

Hi @hhorch

checking your domain via https://check-your-website.server-daten.de/?q=ncloud.spdns.org there you see the problem:

Domainname Http-Status redirect Sec. G
http://ncloud.spdns.org/ 400 0.080 M
Bad Request
https://ncloud.spdns.org/ -14 11.550 T
Timeout - The operation has timed out
Nextcloud 200 0.596 A
https://ncloud.spdns.org:80/ 302 Nextcloud 0.510 Q
Visible Content:
http://ncloud.spdns.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 400 0.090 M
Bad Request
Visible Content: Bad Request Your browser sent a request that this server could not understand. Reason: You're speaking plain HTTP to an SSL-enabled server port. Instead use the HTTPS scheme to access this URL, please.

The content of the "Bad Request" - http status 400:

Your port 80 sends https requests, that can't never work.

Looks like this is a home server and you have a wrong port forwarding rule port 80 extern -> port 443 intern.

You need two port forwarding rules:

  • port 80 extern -> port 80 intern
  • port 443 extern -> port 443 intern
1 Like

Hi Juergen,
thanks for your quick help. I’ve changed the settings on my router and now it works.

Grüße aus Südtirol


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.