Http challenge fail


#1

Hello

My domain is wallex.market on nginx webserver. I,m using cloudlfare and redirect all http request to 443 port . also the hsts is enable on it . I want to add certificate with certbot to subdomain by this command :
sudo certbot certonly --nginx -w /var/www/wallex/public --cert-name wallex.market -d wallex.market,www.wallex.market,dev.wallex.market --preferred-challenges=http

but all chalenges fail :

Failed authorization procedure. www.wallex.market (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.wallex.market/.well-known/acme-challenge/noDBxpvvt1mljdCGtCB4-pB1YXeRuVHMmz28vTDpW7Q: “\n\n Error 404\n<link href=’//fonts.googleapis.com/css?family=Lato:100’ rel=‘stylesheet’ type=‘text/css’”, wallex.market (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://wallex.market/.well-known/acme-challenge/Bvur4QrdyOvLomaWQmgRmFnu0csQdg6OzCEl64qGAOs: “\n\n Error 404\n<link href=’//fonts.googleapis.com/css?family=Lato:100’ rel=‘stylesheet’ type=‘text/css’”

how can I fix it ?


#2

Hi @M0H3N

you use the --nginx and the -w, but the webroot - parameter is missing. So perhaps Certbot ignores your -w parameter. Try

certbot run certonly -a webroot -w /var/www/wallex/public --cert-name wallex.market -d wallex.market,www.wallex.market,dev.wallex.market

If you use certonly, you don’t need an installer (-i).


#3

this time I got this error :

certbot: error: unrecognized arguments: certonly


#4

Then remove the “run” - word.

Your error:

Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
it will attempt to use a webserver both for obtaining and installing the
certificate.

This isn’t an error if you use certonly.


#5

thank you … it worked