(http-01): urn:acme:error:unauthorized and 404 Not found

danielpc · February 22, 2017, 4:07pm

Greetings, I am trying to install certificates with the following command:

sudo certbot-auto certonly -a webroot --webroot-path=/usr/share/nginx/html -d mydomain.dk -d www.mydomain.dk

But I am getting the following error.

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mydomain.dk
http-01 challenge for www.mydomain.dk
Using the webroot path /usr/share/nginx/html for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. www.mydomain.dk (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.mydomain.dk/.well-known/acme-challenge/BvuFEw0h8KZNPXKoOOPf56u9Yjx4pjrfI9LrcXwYTxE: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>", mydomain.dk (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://mydomain.dk/.well-known/acme-challenge/FJThfmUFRFqwswWiPScbV9rO6D65cdSQbBQJj_IYpjU: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: www.mydomain.dk
   Type:   unauthorized
   Detail: Invalid response from
   http://www.mydomain.dk/.well-known/acme-challenge/BvuFEw0h8KZNPXKoOOPf56u9Yjx4pjrfI9LrcXwYTxE:
   "<html>
   <head><title>404 Not Found</title></head>
   <body bgcolor="white">
   <center><h1>404 Not Found</h1></center>
   <hr><center>"

   Domain: mydomain.dk
   Type:   unauthorized
   Detail: Invalid response from
   http://mydomain.dk/.well-known/acme-challenge/FJThfmUFRFqwswWiPScbV9rO6D65cdSQbBQJj_IYpjU:
   "<html>
   <head><title>404 Not Found</title></head>
   <body bgcolor="white">
   <center><h1>404 Not Found</h1></center>
   <hr><center>"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A record(s) for that domain
   contain(s) the right IP address.

I am running nginx and Wordpress with this current config file.

server {
        listen 80;

        root /var/www/html/wp;
        index index.php index.html index.htm;

        server_name mydomain.dk www.mydomain.dk;

        location / {
                try_files $uri $uri/ /index.php?q=$uri&$args;
        }

        location ~ \.php$ {
                try_files $uri =404;
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                include fastcgi_params;
         }

        location = /favicon.ico {
                log_not_found off;
                 access_log off;
         }

        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }


        location ~* /(?:uploads|files)/.*\.php$ {
                deny all;
        }

        location ~ /.well-known {
            allow all;
    }    
}

I have been looking in /usr/share/nginx/html and noticed that .well-known dont have the acme-challenge folder. Also the access for acme-challenge is drwxrwxrwx 2 root root 4096 .well-known

How do I fix this?

jmorahan · February 22, 2017, 4:57pm

At a glance, it looks like you told certbot your webroot path is /usr/share/nginx/html when in fact you have configured it in nginx to be /var/www/html/wp.

danielpc · February 22, 2017, 5:34pm

I am silly, didn’t think that would be the problem. Thank you!

system · March 24, 2017, 5:34pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.