My domain is: mellmed1.webyroot.co.in
I ran this command: sudo certbot certonly --preferred-challenges=http-01 --dry-run -d mellmed1.webyroot.co.in --nginx
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Simulating a certificate request for mellmed1.webyroot.co.in
Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
Domain: mellmed1.webyroot.co.in
Type: unauthorized
Detail: 2a02:4780:a:598:0:a0b:b9e8:7: Invalid response from http://mellmed1.webyroot.co.in/.well-known/acme-challenge/2Sl-6ZzujP-WmjtCqzGsZIjMkVJpnTpay28aeMQlPi8: 404
Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
My web server is (include version): nginx/1.24.0 (Ubuntu)
The operating system my web server runs on is (include version): ubuntu 24.04
My hosting provider, if applicable, is: digitalocean
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): certbot 2.11.0
in the log i can see nginx config is rewritten for .well-known route with return token. but when certbot request to the url return 404. from my understanding the conf will not take effect if nginx is not reloaded and restarted here is the log file
2024-09-30 05:34:44,080:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 97
2024-09-30 05:34:44,249:DEBUG:certbot._internal.main:certbot version: 2.11.0
2024-09-30 05:34:44,249:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/3834/bin/certbot
2024-09-30 05:34:44,249:DEBUG:certbot._internal.main:Arguments: ['--preferred-challenges=http-01', '--dry-run', '-d', 'mellmed1.webyroot.co.in', '--nginx', '--preconfigured-renewal']
2024-09-30 05:34:44,249:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2024-09-30 05:34:44,265:DEBUG:certbot._internal.log:Root logging level set at 30
2024-09-30 05:34:44,266:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx
2024-09-30 05:34:44,412:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: Authenticator, Installer, Plugin
Entry point: EntryPoint(name='nginx', value='certbot_nginx._internal.configurator:NginxConfigurator', group='certbot.plugins')
Initialized: <certbot_nginx._internal.configurator.NginxConfigurator object at 0x72aa6fe60f10>
Prep: True
2024-09-30 05:34:44,413:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: Authenticator, Installer, Plugin
Entry point: EntryPoint(name='nginx', value='certbot_nginx._internal.configurator:NginxConfigurator', group='certbot.plugins')
Initialized: <certbot_nginx._internal.configurator.NginxConfigurator object at 0x72aa6fe60f10>
Prep: True
2024-09-30 05:34:44,413:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_nginx._internal.configurator.NginxConfigurator object at 0x72aa6fe60f10> and installer <certbot_nginx._internal.configurator.NginxConfigurator object at 0x72aa6fe60f10>
2024-09-30 05:34:44,413:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx
2024-09-30 05:34:44,480:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-staging-v02.api.letsencrypt.org/acme/acct/165201693', new_authzr_uri=None, terms_of_service=None), 10d96436f231f1ad301918d81badd0a9, Meta(creation_dt=datetime.datetime(2024, 9, 30, 2, 52, 28, tzinfo=), creation_host='ubuntu-s-1vcpu-2gb-amd-fra1-01', register_to_eff=None))>
2024-09-30 05:34:44,481:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory.
2024-09-30 05:34:44,483:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org:443
2024-09-30 05:34:44,911:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 820
2024-09-30 05:34:44,912:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 30 Sep 2024 05:34:44 GMT
Content-Type: application/json
Content-Length: 820
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"L9bjideXlXE": "Adding random entries to the directory",
"keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf",
"website": "Staging Environment - Let's Encrypt"
},
"newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order",
"renewalInfo": "https://acme-staging-v02.api.letsencrypt.org/draft-ietf-acme-ari-03/renewalInfo",
"revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert"
}
2024-09-30 05:34:44,913:DEBUG:certbot._internal.display.obj:Notifying user: Simulating a certificate request for mellmed1.webyroot.co.in
2024-09-30 05:34:44,918:DEBUG:acme.client:Requesting fresh nonce
2024-09-30 05:34:44,918:DEBUG:acme.client:Sending HEAD request to https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce.
2024-09-30 05:34:45,060:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2024-09-30 05:34:45,060:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 30 Sep 2024 05:34:44 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: XxYQrjHgTkfPEJbreKm-gWDk0yK2oy0Sja1433TqwCz54WrS3Ig
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
2024-09-30 05:34:45,061:DEBUG:acme.client:Storing nonce: XxYQrjHgTkfPEJbreKm-gWDk0yK2oy0Sja1433TqwCz54WrS3Ig
2024-09-30 05:34:45,061:DEBUG:acme.client:JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "mellmed1.webyroot.co.in"\n }\n ]\n}'
2024-09-30 05:34:45,063:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNjUyMDE2OTMiLCAibm9uY2UiOiAiWHhZUXJqSGdUa2ZQRUpicmVLbS1nV0RrMHlLMm95MFNqYTE0MzNUcXdDejU0V3JTM0lnIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9",
"signature": "J6qJbch68c5GotZmNoWD-uh2lH41MCHT65U_HjPymtb9X33-TNu9FND5lPxR0koLS4U9dDTCQrvZXuhts312AnTj86t8Eryew9sM_zz6_DCybJCeJuHmoQ1WmtZ0NdnxGyACc8625nObFmTA_vsWBf6HB7C0xfBMiWGxmgnlp1FVYBZXYiQy6uKT3yjt09BiQn8vDcTdeukhCHBnN-CcNvrtn9RVNDZQsHBKtvK1qCrJXwIDPCMAIS2UAqyGvygL5CK5HI-KxsJELWsdRNwZ0bm8y6BAcdvh5mz8zYMxO9kXrpWXgO_h5_YCdAqF2HLzEapFHVB9B-s7BeeSUOIWYw",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm1lbGxtZWQxLndlYnlyb290LmNvLmluIgogICAgfQogIF0KfQ"
}
2024-09-30 05:34:45,248:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 362
2024-09-30 05:34:45,249:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Mon, 30 Sep 2024 05:34:45 GMT
Content-Type: application/json
Content-Length: 362
Connection: keep-alive
Boulder-Requester: 165201693
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index"
Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/165201693/19462786463
Replay-Nonce: 5TSTEbTYTvh4xhNxWWq__XqcF0MbgZRiGK2vi1WDicL6X0Jf_iw
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"status": "pending",
"expires": "2024-10-07T05:34:45Z",
"identifiers": [
{
"type": "dns",
"value": "mellmed1.webyroot.co.in"
}
],
"authorizations": [
"https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/14209754003"
],
"finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/165201693/19462786463"
}
2024-09-30 05:34:45,249:DEBUG:acme.client:Storing nonce: 5TSTEbTYTvh4xhNxWWq__XqcF0MbgZRiGK2vi1WDicL6X0Jf_iw
2024-09-30 05:34:45,250:DEBUG:acme.client:JWS payload:
b''
2024-09-30 05:34:45,252:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/14209754003:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNjUyMDE2OTMiLCAibm9uY2UiOiAiNVRTVEViVFlUdmg0eGhOeFdXcV9fWHFjRjBNYmdaUmlHSzJ2aTFXRGljTDZYMEpmX2l3IiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzE0MjA5NzU0MDAzIn0",
"signature": "VlHV6VduhMp48LWIu3ZdXutw9XKqKcdXnCa_3H6Pj-XTWDzttxLwFzTnOYBtGMKUgE_NOv_FsHScgs760LBblAe84tsRPPh9rFr7zWRd78gXWtdfAeQfxuP6DX63XTZOaTpJMyaW8HWO4aHV8uSMtVgkigFCREOZ3o8ENcCM2Q7tfkhKtU_oXhDTbC7QoML9f1z9-h7yq3SGbSzaHJUipCDbjH7N3WZgEmatFwvSVKVYP7hRlvdsYBPNt1yUcuMMSinABK0nMHcl3a1uSnpBZ4pyv7NTigrdP3Lgl1qI6SNxmoByUAbPzlaZx65DniPqF6xZdtN3OqoJy-4KeEMNrQ",
"payload": ""
}
2024-09-30 05:34:45,404:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/14209754003 HTTP/1.1" 200 828
2024-09-30 05:34:45,405:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 30 Sep 2024 05:34:45 GMT
Content-Type: application/json
Content-Length: 828
Connection: keep-alive
Boulder-Requester: 165201693
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: XxYQrjHgQZ9RODLhTlJBaLQYvay1m1sm3KWVhexVoNWyPyEraa4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "mellmed1.webyroot.co.in"
},
"status": "pending",
"expires": "2024-10-07T05:34:45Z",
"challenges": [
{
"type": "http-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/14209754003/j_t_FQ",
"status": "pending",
"token": "2Sl-6ZzujP-WmjtCqzGsZIjMkVJpnTpay28aeMQlPi8"
},
{
"type": "dns-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/14209754003/1QO1ZA",
"status": "pending",
"token": "2Sl-6ZzujP-WmjtCqzGsZIjMkVJpnTpay28aeMQlPi8"
},
{
"type": "tls-alpn-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/14209754003/6xQO7w",
"status": "pending",
"token": "2Sl-6ZzujP-WmjtCqzGsZIjMkVJpnTpay28aeMQlPi8"
}
]
}
2024-09-30 05:34:45,405:DEBUG:acme.client:Storing nonce: XxYQrjHgQZ9RODLhTlJBaLQYvay1m1sm3KWVhexVoNWyPyEraa4
2024-09-30 05:34:45,405:INFO:certbot._internal.auth_handler:Performing the following challenges:
2024-09-30 05:34:45,406:INFO:certbot._internal.auth_handler:http-01 challenge for mellmed1.webyroot.co.in
2024-09-30 05:34:45,413:DEBUG:certbot_nginx._internal.http_01:Generated server block:
2024-09-30 05:34:45,414:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/default
2024-09-30 05:34:45,414:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf
2024-09-30 05:34:45,414:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types
2024-09-30 05:34:45,415:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
error_log /var/log/nginx/error.log;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
server_names_hash_bucket_size 128;
include /etc/letsencrypt/le_http_01_cert_challenge.conf;
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# See sample authentication script at:
# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
# auth_http localhost/auth.php;
# pop3_capabilities "TOP" "USER";
# imap_capabilities "IMAP4rev1" "UIDPLUS";
server {
listen localhost:110;
protocol pop3;
proxy on;
}
server {
listen localhost:143;
protocol imap;
proxy on;
}
#}
2024-09-30 05:34:45,416:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/default:
server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot
listen 80;
server_name mellmed1.webyroot.co.in;
root /var/www/html;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location = /.well-known/acme-challenge/2Sl-6ZzujP-WmjtCqzGsZIjMkVJpnTpay28aeMQlPi8{default_type text/plain;return 200 2Sl-6ZzujP-WmjtCqzGsZIjMkVJpnTpay28aeMQlPi8.psO3OfYFCZOn5lMeObqTSFlhJpObprutiOH8K7JzJzA;} # managed by Certbot
}
2024-09-30 05:34:46,431:DEBUG:acme.client:JWS payload:
b'{}'
2024-09-30 05:34:46,434:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/14209754003/j_t_FQ:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNjUyMDE2OTMiLCAibm9uY2UiOiAiWHhZUXJqSGdRWjlST0RMaFRsSkJhTFFZdmF5MW0xc20zS1dWaGV4Vm9OV3lQeUVyYWE0IiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzE0MjA5NzU0MDAzL2pfdF9GUSJ9",
"signature": "YdAiQsugTQO1W_F1zDnNOGwelEfhNGO1M2tOBCR57KkPKuIh2PKDw5-1hrdsRNIEwRjYCNdLhu06I3WH4fV4VOiJay_-p-BS69zC70R_YWMBCLp8scxghxujJxh0Jc28hqZf1TlEdxWX4cSFzS3NwaJuHmuuM6jlFQDUNTEw8upZZmNL0SJrkB9A7nIYH32ejlgaC1qxBYd9AiTXBro4_1J57iYGcJXibMfamTEx7FtXcDnaRUkUdOVZ4pt7GqNDWQpI6Zr2GohVCKpVZ6AWYs-_hmQcXcTgKJs8b6nuxyjqERah_CaTwKbp2JX5ypF2WVuqJX8miyDyeB869CribA",
"payload": "e30"
}
2024-09-30 05:34:46,587:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/14209754003/j_t_FQ HTTP/1.1" 200 194
2024-09-30 05:34:46,588:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 30 Sep 2024 05:34:46 GMT
Content-Type: application/json
Content-Length: 194
Connection: keep-alive
Boulder-Requester: 165201693
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index", https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/14209754003;rel="up"
Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/14209754003/j_t_FQ
Replay-Nonce: 5TSTEbTYa49Ra8bOVvJabdDyypwYF9rGmWv4rkO2iZ4iGvNaTrI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"type": "http-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/14209754003/j_t_FQ",
"status": "pending",
"token": "2Sl-6ZzujP-WmjtCqzGsZIjMkVJpnTpay28aeMQlPi8"
}
2024-09-30 05:34:46,588:DEBUG:acme.client:Storing nonce: 5TSTEbTYa49Ra8bOVvJabdDyypwYF9rGmWv4rkO2iZ4iGvNaTrI
2024-09-30 05:34:46,589:INFO:certbot._internal.auth_handler:Waiting for verification...
2024-09-30 05:34:47,590:DEBUG:acme.client:JWS payload:
b''
2024-09-30 05:34:47,592:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/14209754003:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNjUyMDE2OTMiLCAibm9uY2UiOiAiNVRTVEViVFlhNDlSYThiT1Z2SmFiZER5eXB3WUY5ckdtV3Y0cmtPMmlaNGlHdk5hVHJJIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzE0MjA5NzU0MDAzIn0",
"signature": "BcsNbneg4esy1Yd8T-Zy2C6tUMJf8kcWd67XtfFyQ3MS93piSn4dGCk0k1QixOvPpNWXvX-hBkK8CR1Wt3Hg91bxMmf2sXrjm1FdbxNfUvga5ZWI3hPkzPfu-N4Nn7Myrj3BtIPncB83UCoWlpoWg4Df6vPnTTP4HgEoWZAKmtgC-0U2EbP_pe7atPGz5WxjXtkRDrVXMwF_wxybeOqGzpRuMZR8KUKVujX9hJArF5TJBbjTTjVS2HrgofhrVyFK8NhP8fwlXH2hHXYqxXixGOnGClJVtwpjsLLYnlAU2A0dEh2E7gsElfc1sdEa1Mi8HkQ0Nw3Ilk6j45ggi0LC0A",
"payload": ""
}
2024-09-30 05:34:47,740:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/14209754003 HTTP/1.1" 200 1143
2024-09-30 05:34:47,741:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 30 Sep 2024 05:34:47 GMT
Content-Type: application/json
Content-Length: 1143
Connection: keep-alive
Boulder-Requester: 165201693
Cache-Control: public, max-age=0, no-cache
Link: https://acme-staging-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: 5TSTEbTYHirzKJhRpWjyVtHDztFLvIMVD8aJ-Ld7oz1VcgaYnNs
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "mellmed1.webyroot.co.in"
},
"status": "invalid",
"expires": "2024-10-07T05:34:45Z",
"challenges": [
{
"type": "http-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/14209754003/j_t_FQ",
"status": "invalid",
"validated": "2024-09-30T05:34:46Z",
"error": {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "2a02:4780:a:598:0:a0b:b9e8:7: Invalid response from http://mellmed1.webyroot.co.in/.well-known/acme-challenge/2Sl-6ZzujP-WmjtCqzGsZIjMkVJpnTpay28aeMQlPi8: 404",
"status": 403
},
"token": "2Sl-6ZzujP-WmjtCqzGsZIjMkVJpnTpay28aeMQlPi8",
"validationRecord": [
{
"url": "http://mellmed1.webyroot.co.in/.well-known/acme-challenge/2Sl-6ZzujP-WmjtCqzGsZIjMkVJpnTpay28aeMQlPi8",
"hostname": "mellmed1.webyroot.co.in",
"port": "80",
"addressesResolved": [
"207.154.220.136",
"2a02:4780:a:598:0:a0b:b9e8:7"
],
"addressUsed": "2a02:4780:a:598:0:a0b:b9e8:7"
}
]
}
]
}
2024-09-30 05:34:47,741:DEBUG:acme.client:Storing nonce: 5TSTEbTYHirzKJhRpWjyVtHDztFLvIMVD8aJ-Ld7oz1VcgaYnNs
2024-09-30 05:34:47,741:INFO:certbot._internal.auth_handler:Challenge failed for domain mellmed1.webyroot.co.in
2024-09-30 05:34:47,741:INFO:certbot._internal.auth_handler:http-01 challenge for mellmed1.webyroot.co.in
2024-09-30 05:34:47,741:DEBUG:certbot._internal.display.obj:Notifying user:
Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
Domain: mellmed1.webyroot.co.in
Type: unauthorized
Detail: 2a02:4780:a:598:0:a0b:b9e8:7: Invalid response from http://mellmed1.webyroot.co.in/.well-known/acme-challenge/2Sl-6ZzujP-WmjtCqzGsZIjMkVJpnTpay28aeMQlPi8: 404
Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.
2024-09-30 05:34:47,742:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2024-09-30 05:34:47,742:DEBUG:certbot._internal.error_handler:Calling registered functions
2024-09-30 05:34:47,742:INFO:certbot._internal.auth_handler:Cleaning up challenges
2024-09-30 05:34:48,843:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/snap/certbot/3834/bin/certbot", line 8, in
sys.exit(main())
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/main.py", line 19, in main
return internal_main.main(cli_args)
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/main.py", line 1894, in main
return config.func(config, plugins)
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/main.py", line 1600, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/main.py", line 143, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/client.py", line 517, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/client.py", line 428, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/client.py", line 496, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2024-09-30 05:34:48,845:ERROR:certbot._internal.log:Some challenges have failed.