I hate to ask such a simple question. I have review many of the posts here, but noting is helping. So I apologize for a somewhat repetitive question.
My domain is: novasector.net
I ran this command:
certbot --nginx --cert-name novasector.net -d www.novasector.net -d novasector.net
It produced this output:
You are updating certificate novasector.net to include new domain(s):
You are also removing previously included domain(s):
(None)
Did you intend to make this change?
(U)pdate cert/(C)ancel: u
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for www.novasector.net
Waiting for verification...
Challenge failed for domain www.novasector.net
http-01 challenge for www.novasector.net
Cleaning up challenges
Some challenges have failed.
My web server is (include version): nginx/1.18.0 (Ubuntu)
The operating system my web server runs on is (include version): Linux Mint 20.1 Cinnamon (ubuntu)
My hosting provider, if applicable, is: I am hosting on my own home server. novasector.net has a certificate. Just want to add www.novasector.net but I can't figure out why it is failing http challenge.
I can login to a root shell on my machine (yes or no, or I don't know): absolutely
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): nope.
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): 0.40.0
my nginx server config:
server {
listen 80;
listen 443;
listen [::]:443;
root /home/detrix42/www/novasector/public;
index index.html;
error_log /home/detrix42/www/novasector.net/log/ngError.log error;
access_log /home/detrix42/www/novasector.net/log/ngAccess.log;
add_header 'Access-Control-Allow-Origin' '';
server_name novasector.net www.novasector.net;
client_max_body_size 10M;
location ~* \.(png|jpg)$ {
expires 365d;
}
location ~* ^/images/ {
root /home/detrix42/www/novasector.net/public/assets;
gzip_static on;
expires max;
add_header Cache-Control public;
}
location / {
proxy_pass http://novasector;
#proxy_pass http://localhost:3000;
proxy_read_timeout 20;
include proxy_params;
}
ssl_certificate /etc/letsencrypt/live/novasector.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/novasector.net/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
upstream novasector {
server unix:/home/detrix42/www/socks/novasector;
}
Right now if you go to novasector.net all you will see is a Vue start up splash screen. The basic "Welcome to Vue" start page.
output of certbot certificates:
Certificate Name: novasector.net
Domains: novasector.net
Expiry Date: 2023-03-09 01:23:31+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/novasector.net/fullchain.pem
Private Key Path: /etc/letsencrypt/live/novasector.net/privkey.pem
domain registrar is godaddy
output of 'dig www.novasector.net':
; <<>> DiG 9.16.1-Ubuntu <<>> www.novasector.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28811
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;www.novasector.net. IN A
;; ANSWER SECTION:
www.novasector.net. 3600 IN CNAME novasector.net.
novasector.net. 599 IN A 24.231.249.49
;; Query time: 23 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Thu Dec 08 22:56:18 EST 2022
;; MSG SIZE rcvd: 77