My domain is: app.live.swahilies.com (subdomain to swahilies.com)
I ran this command:
sudo certbot --nginx -d app.live.swahilies.com --verbose
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requested authenticator nginx and installer nginx
Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx.configurator:NginxConfigurator
Initialized: <certbot_nginx.configurator.NginxConfigurator object at 0x7f44d03ac100>
Prep: True
Selected authenticator <certbot_nginx.configurator.NginxConfigurator object at 0x7f44d03ac100> and installer <certbot_nginx.configurator.NginxConfigurator object at 0x7f44d03ac100>
Plugins selected: Authenticator nginx, Installer nginx
Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/100203334', new_authzr_uri=None, terms_of_service=None), 8af9bace0ae7398cf5f5fa0765fce529, Meta(creation_dt=datetime.datetime(2020, 10, 24, 11, 42, 34, tzinfo=<UTC>), creation_host='ubuntu-s-1vcpu-2gb-nyc1-01'))>
Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
Received response:
HTTP 200
Server: nginx
Date: Sun, 25 Oct 2020 13:13:26 GMT
Content-Type: application/json
Content-Length: 658
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"DAPG1QJJEZk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
Obtaining a new certificate
Generating key (2048 bits): /etc/letsencrypt/keys/0006_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0006_csr-certbot.pem
Requesting fresh nonce
Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
Received response:
HTTP 200
Server: nginx
Date: Sun, 25 Oct 2020 13:13:26 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0004jNFsmFEPQ-XG42pmQ0nFOblLYrKHAcOEpOcY9AGDhB8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Storing nonce: 0004jNFsmFEPQ-XG42pmQ0nFOblLYrKHAcOEpOcY9AGDhB8
JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "app.live.swahilies.com"\n }\n ]\n}'
Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTAwMjAzMzM0IiwgIm5vbmNlIjogIjAwMDRqTkZzbUZFUFEtWEc0MnBtUTBuRk9ibExZcktIQWNPRXBPY1k5QUdEaEI4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
"signature": "S9r6QA1Sl5Tlk9yKiv7iQIdMznwwxgciSDlD9TCh5Z3uHAG26IXZadMaH6INFSotICMLv7pBMhdCHusBhumK6Xg0ZGOccvctlDf2vYdc5aGDX6Ef0dnQuB2llWUBy-7vjfNeBFeYoMiNQhS-ErqYL6tKpK91Qrs71enwSwWiPpfGypVIMJ99zCyFNzMzURLGK4-FrBu03rFgp7ckaDzc1LW4TM7EhF5aooHL7sCItKz4lLNbIaThr2r8k_A3cFGt-8e-NOZRq4q9tD_1vnbJIJhe314_2xx11FB5UUDfQTeuv_sew4h80vrvAxNV8l2_s1sqgFNMbW6VK6kMuuwSYw",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImFwcC5saXZlLnN3YWhpbGllcy5jb20iCiAgICB9CiAgXQp9"
}
https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 353
Received response:
HTTP 201
Server: nginx
Date: Sun, 25 Oct 2020 13:13:26 GMT
Content-Type: application/json
Content-Length: 353
Connection: keep-alive
Boulder-Requester: 100203334
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/100203334/5865917983
Replay-Nonce: 0004SP8stgvzbJJ6747aKjMiVuAvb-yd7m6IktIkXAmc7VY
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"status": "pending",
"expires": "2020-11-01T13:13:26.379386633Z",
"identifiers": [
{
"type": "dns",
"value": "app.live.swahilies.com"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/8132648710"
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/100203334/5865917983"
}
Storing nonce: 0004SP8stgvzbJJ6747aKjMiVuAvb-yd7m6IktIkXAmc7VY
JWS payload:
b''
Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/8132648710:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTAwMjAzMzM0IiwgIm5vbmNlIjogIjAwMDRTUDhzdGd2emJKSjY3NDdhS2pNaVZ1QXZiLXlkN202SWt0SWtYQW1jN1ZZIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My84MTMyNjQ4NzEwIn0",
"signature": "uSjowjymraOrVS_3eS8zEuh9TuK8MQffyAYntbjhk3XgttCEmvRgEXrVVem1T1C_AR9KkZ2A80fe9YA-Cit2_NR2Kv0cmBBO5CBGWlm1r-HOve89L3YwjA0wqMdBOsYhIRvnJLBI8l6BxTDBxPFtcSELO6q0-niHVgyAAgStY4Np6grbcTF5qAHhtNi3Iu_JW0bSgGukck9-6erZ97KaHx6J8jwuyVKCRkvzODm3BF0QHbOfHz5tTP8YcHDsq2MHbUnpGDkb6E_rb5t7MkNjHjBlmscfQe9GSPoDIn1xZSQcFM1soV5fz1_HYw4tqJlTM61PYgORvnqlD7RbawPtNg",
"payload": ""
}
https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/8132648710 HTTP/1.1" 200 800
Received response:
HTTP 200
Server: nginx
Date: Sun, 25 Oct 2020 13:13:26 GMT
Content-Type: application/json
Content-Length: 800
Connection: keep-alive
Boulder-Requester: 100203334
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 00043nEsiwtKVU-XtG4fmq2VEbsV_YhrQFMF7RMJd0hlB0w
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "app.live.swahilies.com"
},
"status": "pending",
"expires": "2020-11-01T13:13:26Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/8132648710/_LSXTA",
"token": "Nrnxt6f5tOpRFYdavSC6Hgo5AN3l79r-gosaG-RWEPo"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/8132648710/l91kug",
"token": "Nrnxt6f5tOpRFYdavSC6Hgo5AN3l79r-gosaG-RWEPo"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/8132648710/2VweZQ",
"token": "Nrnxt6f5tOpRFYdavSC6Hgo5AN3l79r-gosaG-RWEPo"
}
]
}
Storing nonce: 00043nEsiwtKVU-XtG4fmq2VEbsV_YhrQFMF7RMJd0hlB0w
Performing the following challenges:
http-01 challenge for app.live.swahilies.com
Generated server block:
[]
Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf
Creating backup of /etc/nginx/mime.types
Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf
Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf
Creating backup of /etc/nginx/sites-enabled/app.live.swahilies.com
Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf
Creating backup of /etc/nginx/nginx.conf
Writing nginx conf tree to /etc/nginx/nginx.conf:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
include /etc/letsencrypt/le_http_01_cert_challenge.conf;
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
server_names_hash_bucket_size 128;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
# Default server configuration
#
server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot
listen 10.116.0.2:80;
listen [2604:a880:400:d0::1c86:c001]:80;
# SSL configuration
#listen 443 ssl;
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
server_name app.live.swahilies.com;
root /var/www/app.live.swahilies.com/html/public;
location ~ /.well-known {
allow all;
}
# Add index.php to the list if you are using PHP
index index.php index.html index.htm;
location / {
allow 10.116.0.6; # Private IP of load balancer 01
allow 10.116.0.7; # Private IP of load balancer 02
deny all;
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php?$query_string;
# CORS headers
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' '*';
add_header 'Access-Control-Allow-Methods' 'PATCH, PUT, GET, POST, DELETE, OPTIONS';
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
location ~ /\.ht {
deny all;
}
location = /.well-known/acme-challenge/Nrnxt6f5tOpRFYdavSC6Hgo5AN3l79r-gosaG-RWEPo{default_type text/plain;return 200 Nrnxt6f5tOpRFYdavSC6Hgo5AN3l79r-gosaG-RWEPo.QtCHl42r9JSxfXuLPt_Gi2Al1HfmKW3WnhXNj2_SGtw;} # managed by Certbot
}
Waiting for verification...
JWS payload:
b'{\n "resource": "challenge",\n "type": "http-01"\n}'
Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/8132648710/_LSXTA:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTAwMjAzMzM0IiwgIm5vbmNlIjogIjAwMDQzbkVzaXd0S1ZVLVh0RzRmbXEyVkVic1ZfWWhyUUZNRjdSTUpkMGhsQjB3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My84MTMyNjQ4NzEwL19MU1hUQSJ9",
"signature": "jtesf5LGcWg25RymoTiTflckOUCyU73ogux5B3Ixgwu1bGRlsDZaFdQ4NaY3O1TKf7YPlL3OMhjFEA0xfH7sbRb9HbhBFxANpw7FH2FoXHI3zA82_tuWtuhp5Ua2leLxsHCrTc0d-8fk4F7e3T7zXhMAoH0ZzNNlDeZokj09mNPsPJ1t0uSZ6IP4Nm-9EHkWXBmCAp9hBicqeQEhylbN553-xSQjmn2DqOktYqS3ZWNj1KlHqFYrvmDP85zf3aQCxomrJASKcsTWlVyTllC9TeI7B8JVyCxfLTY1pcCnxtTKPjDuVUr1-lpaiB8VcH747LAbYxLrSbS5rrgD67JnQg",
"payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0"
}
https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/8132648710/_LSXTA HTTP/1.1" 200 185
Received response:
HTTP 200
Server: nginx
Date: Sun, 25 Oct 2020 13:13:27 GMT
Content-Type: application/json
Content-Length: 185
Connection: keep-alive
Boulder-Requester: 100203334
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/8132648710>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/8132648710/_LSXTA
Replay-Nonce: 0004HRdD2aR5Ae6zS9jCf-qRZGy9Uy1zH0CQc76AB-nxroQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/8132648710/_LSXTA",
"token": "Nrnxt6f5tOpRFYdavSC6Hgo5AN3l79r-gosaG-RWEPo"
}
Storing nonce: 0004HRdD2aR5Ae6zS9jCf-qRZGy9Uy1zH0CQc76AB-nxroQ
JWS payload:
b''
Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/8132648710:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTAwMjAzMzM0IiwgIm5vbmNlIjogIjAwMDRIUmREMmFSNUFlNnpTOWpDZi1xUlpHeTlVeTF6SDBDUWM3NkFCLW54cm9RIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My84MTMyNjQ4NzEwIn0",
"signature": "oH6YZoDC69lzs0_be2clm5F2eVLMQkkbl542bmRwcicIpE7C0bo3RM1ute9qRaVSzGRz1ykXbtEBcTmljvlviotxdf29BO5DZjsV-jSK7bRukr1kDGxopI3mvaQTt_KsefuEtv5i22UKYGazjUaLHuZlyx5fu_-Qk52w_Y8S9R6P057iIsXGtUGpOV_mE09QOeg4faLLVpHB7smbnFTUotnzPl3AdBzEGR6mZOosenyB2c-osn2cat6PFSZEwU2PJGdmehAXHHPFR7z-eehba7yZFy9sVOcGBG2CdiAuijp7Nbti-t1ZzYppw4BFmKOg3qT8yCAVAeA0IAYaWkcr4A",
"payload": ""
}
https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/8132648710 HTTP/1.1" 200 1309
Received response:
HTTP 200
Server: nginx
Date: Sun, 25 Oct 2020 13:13:28 GMT
Content-Type: application/json
Content-Length: 1309
Connection: keep-alive
Boulder-Requester: 100203334
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0003oeayfAxIdIb2CpShbIrKB3nJHa3FPTFEMaUJnH6wr6o
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "app.live.swahilies.com"
},
"status": "invalid",
"expires": "2020-11-01T13:13:26Z",
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "During secondary validation: Invalid response from http://app.live.swahilies.com/.well-known/acme-challenge/Nrnxt6f5tOpRFYdavSC6Hgo5AN3l79r-gosaG-RWEPo [161.35.253.136]: \"\u003chtml\u003e\\r\\n\u003chead\u003e\u003ctitle\u003e404 Not Found\u003c/title\u003e\u003c/head\u003e\\r\\n\u003cbody\u003e\\r\\n\u003ccenter\u003e\u003ch1\u003e404 Not Found\u003c/h1\u003e\u003c/center\u003e\\r\\n\u003chr\u003e\u003ccenter\u003enginx/1.18.0 (Ub\"",
"status": 403
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/8132648710/_LSXTA",
"token": "Nrnxt6f5tOpRFYdavSC6Hgo5AN3l79r-gosaG-RWEPo",
"validationRecord": [
{
"url": "http://app.live.swahilies.com/.well-known/acme-challenge/Nrnxt6f5tOpRFYdavSC6Hgo5AN3l79r-gosaG-RWEPo",
"hostname": "app.live.swahilies.com",
"port": "80",
"addressesResolved": [
"161.35.253.136"
],
"addressUsed": "161.35.253.136"
}
]
}
]
}
Storing nonce: 0003oeayfAxIdIb2CpShbIrKB3nJHa3FPTFEMaUJnH6wr6o
Challenge failed for domain app.live.swahilies.com
http-01 challenge for app.live.swahilies.com
Reporting to user: The following errors were reported by the server:
Domain: app.live.swahilies.com
Type: unauthorized
Detail: During secondary validation: Invalid response from http://app.live.swahilies.com/.well-known/acme-challenge/Nrnxt6f5tOpRFYdavSC6Hgo5AN3l79r-gosaG-RWEPo [161.35.253.136]: "<html>\r\n<head><title>404 Not Found</title></head>\r\n<body>\r\n<center><h1>404 Not Found</h1></center>\r\n<hr><center>nginx/1.18.0 (Ub"
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
Encountered exception:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 91, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 180, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
Calling registered functions
Cleaning up challenges
Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 11, in <module>
load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')()
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main
return config.func(config, plugins)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1132, in run
new_lineage = _get_and_save_cert(le_client, config, domains,
File "/usr/lib/python3/dist-packages/certbot/main.py", line 121, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 417, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 348, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 396, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 91, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 180, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: app.live.swahilies.com
Type: unauthorized
Detail: During secondary validation: Invalid response from
http://app.live.swahilies.com/.well-known/acme-challenge/Nrnxt6f5tOpRFYdavSC6Hgo5AN3l79r-gosaG-RWEPo
[161.35.253.136]: "<html>\r\n<head><title>404 Not
Found</title></head>\r\n<body>\r\n<center><h1>404 Not
Found</h1></center>\r\n<hr><center>nginx/1.18.0 (Ub"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version):
nginx/1.18.0
The operating system my web server runs on is (include version):
Ubuntu - 20.04
My hosting provider, if applicable, is:
DigitalOcean
I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is: certbot 0.40.0