Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
It produced this output: Saving debug log to /var/log/letsencrypt/letsencrypt.log
Missing command line flags. For non-interactive execution, you will need to specify a plugin on the command line. Run with ââhelp pluginsâ to see a list of options, and see https://eff.org/letsencrypt-plugins for more detail on what the plugins do and how to use them.
My web server is (include version): Ubuntu 16.1
The operating system my web server runs on is (include version): ngnix
My hosting provider, if applicable, is: amazon
I can login to a root shell on my machine (yes or no, or I donât know): yes
Iâm using a control panel to manage my site (no, or provide the name and version of the control panel): no
Right now you have two separate certificatesâone covering www.claudiaotger.com and claudiaotger.com, and the other covering api.claudiaotger.com. When you run certbot certonly, it tries to create a single certificate covering all (and only) the names that you specify with -d. Therefore, Certbot thinks that you want a new certificate covering these names (but not www.claudiaotger.com), rather than to renew your 2 previous certificates. Itâs then complaining that your use of --noninteractive prevents it from asking questions that it needs to know about how to obtain the new certificate.
Is this the same server where you previously obtained these certificates? If so, you should just be able to run certbot renew, which is the intended way to renew certificates. If the renewal fails for some reason, it will give a more specific explanation of why they couldnât be renewed.
Cert is due for renewal, auto-renewingâŚ
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for api.claudiaotger.com
Waiting for verificationâŚ
Cleaning up challenges
Unable to clean up challenge directory /home/node/formclaudiaotger/.well-known/acme-challenge
Attempting to renew cert (api.claudiaotger.com) from /etc/letsencrypt/renewal/api.claudiaotger.com.conf produced an unexpected error: Failed authorization procedure. api.claudiaotger.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://api.claudiaotger.com/.well-known/acme-challenge/J3CM7LOL4482wPagxSN50dkraBx8Mk8Hb3ocl7vQWbM: "
Cert not yet due for renewal
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/api.claudiaotger.com/fullchain.pem (failure)
The following certs are not due for renewal yet:
/etc/letsencrypt/live/claudiaotger.com/fullchain.pem (skipped)
/etc/letsencrypt/live/www.claudiaotger.com/fullchain.pem (skipped)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/api.claudiaotger.com/fullchain.pem (failure)
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
Great, thatâs a more useful error message. (If the certificates were set up to auto-renew, this is probably also whatâs been happening and preventing the renewal from working.)
Could you take a look at the contents of the files /etc/letsencrypt/renewal/api.claudiaotger.com.conf and /etc/letsencrypt/renewal/www.claudiaotger.com.conf? They should specify a webroot directory somewhere. Can you see if that directory still corresponds to where website content for each of these sites would be placed?
If I try the same command when I create the certificate. For www.claudiaotger.com is renewed but for api.claudiaotger.com
I ran this command:
sudo certbot certonly --webroot --webroot-path=/home/node/formclaudiaotger -d api.claudiaotger.com
Was the same when I create it.
I got this error message:
aving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Cert is due for renewal, auto-renewingâŚ
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for api.claudiaotger.com
Using the webroot path /home/node/formclaudiaotger for all unmatched domains.
Waiting for verificationâŚ
Cleaning up challenges
Unable to clean up challenge directory /home/node/formclaudiaotger/.well-known/acme-challenge
Failed authorization procedure. api.claudiaotger.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://api.claudiaotger.com/.well-known/acme-challenge/lzZ4ZbiWJqDfjfjuDgemu74yc_LGLaAF5boL-SDBOv8: "
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
This is also progress in understanding the problem.
How did you choose /home/node/formclaudiaotger as the webroot directory originally? Was it ever possible to put files in there and have them show up on the site? Did the site configuration change to redirect the content to some kind of web application after the site was originally set up? Is there still some place where you could put files in order to have their content appear on the site?
# ruta a los certificados
ssl_certificate /etc/letsencrypt/live/api.claudiaotger.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/api.claudiaotger.com/privkey.pem;
# carpeta donde debe buscar los ficheros
root /home/node/formclaudiaotger;
# archivo a cargar por defecto
index index.ejs;
# location para comprobacion de letsencrypt
location ~ /.well-know {
allow all;
}
si solicitan una url /, enviamos a la app de nodeform la peticion
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Cert is due for renewal, auto-renewingâŚ
Renewing an existing certificate
An unexpected error occurred:
There were too many requests of a given type :: Error creating new authz :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/
Please see the logfiles in /var/log/letsencrypt for more details.
I renewed my certificates yesterday. But the domain is still throwing a certificate error message. How long it takes to renew them? Or maybe is something wrong.