I need help with certbot

i use debian with nginx

My domain is: dgarmen.com

I run this command: sudo certbot --ngnix -v

It produced this output:
Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
Domain: dgarmen.com
Type: unauthorized
Detail: 2606:4700:3032::ac43:8d12: Invalid response from http://dgarmen.com/.well-known/acme-challenge/zimEV6C8ptbVrA3zPTbwdvV-eLTMhH8tJ3m0PBy2Tk0: 403

Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.

Cleaning up challenges
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

Welcome @josemonterroso

Your domain is proxied at Cloudflare. And, for some reason every request to your domain gets rejected by a 403. Your nginx server is probably not configured properly. Or, maybe a firewall or Cloudflare setting is requiring requests only from browsers. If so, that won't work as the Let's Encrypt server does not look like a browser.

But, since you are proxying at Cloudflare have you considered using their Origin CA Cert? This provides a cert for your origin server without having to use something like Certbot. It is far easier.

The Cloudflare community is also very good and could help with any problems setting that up. Their docs are easy to follow.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.