Inexplicable certbot-auto renew error

Good day.

I have a certificate ( which expired a couple days ago. I’m trying to renew it with ./letsencrypt/certbot-auto renew but I’m getting errors regarding not getting access to my /.well-known directory, which is present and should be accessible.

This is the complete output when I use the command:

Processing /etc/letsencrypt/renewal/
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for
Waiting for verification...
Cleaning up challenges
Attempting to renew cert ( from /etc/letsencrypt/renewal/ produced an unexpected error: Failed authorization procedure. example.comu (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>". Skipping.
All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/ (failure)

1 renew failure(s), 0 parse failure(s)

 - The following errors were reported by the server:

   Type:   unauthorized
   Detail: Invalid response from
   <head><title>404 Not Found</title></head>
   <body bgcolor="white">
   <center><h1>404 Not Found</h1></center>

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

I’ve checked and it really pass through my DNS properly, then it goes through a Squid reverse proxy which ends in a 404 error:

z1511792411.640 4 TCP_MISS/404 367 GET - HIER_DIRECT/ text/html

Also I have /.well-known properly declared in website’s .conf:

location ^~ /.well-known/ {
allow all;
default_type "text/plain";

What could be happening there?

My webserver is Nginx 1.10.3, and my OS is Ubuntu 16.04.3 LTS.

Thanks in advance.

Warm regards.

What it the root of that domain in the nginx configuration?
This seems to be a filesystem mapping issue.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.