Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet

Sendinglabs · December 28, 2023, 8:33am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: sdktest.sending.me

I ran this command: certbot --nginx -d sdktest.sending.me

It produced this output:

My web server is (include version): nginx 1.18

The operating system my web server runs on is (include version): centos 8

My hosting provider, if applicable, is: godaddy

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.22.0

Sendinglabs · December 28, 2023, 8:36am

A records and nginx configuration are OK. I used certbot certonly -- manual-d to apply for the certificate before, but I want to change it to certbot --nginx to apply for and set automatic renewal, because the certificate cannot be automatically renewed manually, which keeps reminding me of this problem

MikeMcQ · December 28, 2023, 4:07pm

Welcome @Sendinglabs

It looks like something may be interfering with the HTTP request being sent to your nginx server. An HTTPS request has a "Server: nginx" response header but an HTTP request does not. While you could configure your system that way it is unusual.

And, should I get a "404 Not Found" for request to your "home page"?

curl -i https://sdktest.sending.me
HTTP/2 404
server: nginx/1.18.0

curl -i http://sdktest.sending.me
HTTP/1.1 404 Not Found
Date: Thu, 28 Dec 2023 16:03:29 GMT

Both requests also return these response headers. These seem more likely to come from a firewall or similar system. We don't often see these from just an nginx server.

Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,Ifince,Cache-Control,Content-Type,Range,Authorization
Access-Control-Max-Age: 1728000

system · January 27, 2024, 4:07pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot Help	5	86	October 8, 2024
Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet Help	7	2585	October 21, 2022
Certbot for domain failed: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot Help	11	987	October 25, 2023
Failed to verify the temporary nginx configuration changes made by Certbot Help	2	144	June 14, 2024
Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot Help	6	253	August 8, 2024

Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet

Related topics