The website has been running without https for awhile.
I just installed certbot, following directions at https://certbot.eff.org/lets-encrypt/ubuntufocal-apache.
https://letsdebug.net says everything is OK.
More details below.
My domain is:
marionsculpture.com
I ran this command:
certbot --apache
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices)
(Enter 'c' to cancel): marion@marionsculpture.com
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
(A)gree/(C)ancel: a
Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let's Encrypt project and the non-profit organization that
develops Certbot? We'd like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.
(Y)es/(N)o: yes
Which names would you like to activate HTTPS for?
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for marionsculpture.com
Waiting for verification...
Challenge failed for domain marionsculpture.com
http-01 challenge for marionsculpture.com
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: marionsculpture.com
Type: unauthorized
Detail: Invalid response from
http://marionsculpture.com/.well-known/acme-challenge/60in5LUVITC5KZzRpgLSbGZMBncjMFQ57ZdPzDl_lSI
[73.112.43.149]: "\r\n<html
lang="en-US">\r\n\r\n<meta charset="UTF-8" />\r\n<meta
name="viewport" content="width=device-width, initi"To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. -
Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
My web server is (include version):
Apache/2.4.41 (Ubuntu)
The operating system my web server runs on is (include version):
Ubuntu 20.04 LTS
My hosting provider, if applicable, is:
Me (machine on home network)
I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):
1.9.0
===
In the log file, /var/log/letsencrypt/letsencrypt.log,
this seems to be the most important part:
2020-11-21 16:14:20,104:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443
"POST /acme/authz-v3/8769821829 HTTP/1.1" 200 1211
2020-11-21 16:14:20,105:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sat, 21 Nov 2020 21:14:20 GMT
Content-Type: application/json
Content-Length: 1211
Connection: keep-alive
Boulder-Requester: 103103650
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: 0103bQ6ZDVAjO04sBMYkeMaqJ27WwMjoPm8FBhiHI_KuVd0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "marionsculpture.com"
},
"status": "invalid",
"expires": "2020-11-28T21:14:15Z",
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "Invalid response from http://marionsculpture.com/.well-known/acme-challenge/60in5LUVITC5KZzRpgLSbGZMBncjMFQ57ZdPzDl_lSI [73.112.43.149]: "\u003c!DOCTYPE html\u003e\r\n\u003chtml lang=\"en-US\"\u003e\r\n\u003chead\u003e\r\n\u003cmeta charset=\"UTF-8\" /\u003e\r\n\u003cmeta name=\"viewport\" content=\"width=device-width, initi"",
"status": 403
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/8769821829/P64MYw",
"token": "60in5LUVITC5KZzRpgLSbGZMBncjMFQ57ZdPzDl_lSI",
"validationRecord": [
{
"url": "http://marionsculpture.com/.well-known/acme-challenge/60in5LUVITC5KZzRpgLSbGZMBncjMFQ57ZdPzDl_lSI",
"hostname": "marionsculpture.com",
"port": "80",
"addressesResolved": [
"73.112.43.149"
],
"addressUsed": "73.112.43.149"
}
]
}
]
}
Any ideas?