My domain is: medik.app
I ran this command: sudo certbot certonly --agree-tos --email my_mail@gmail.com --webroot -w /var/lib/letsencrypt/ -d mydomain.app -d www.mydomain.app
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for medik.app
Using the webroot path /var/lib/letsencrypt for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. medik.app (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://medik.app/.wel
l-known/acme-challenge/rImBpQfvuAl_VUIXPXQQvKj4s9t-b3Dab3xk81q6V5Q: "<html>\r\n<head><title>404 Not Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404 Not
Found</h1></center>\r\n<hr><center>"
**IMPORTANT NOTES:**
- The following errors were reported by the server:
Domain: medik.app
Type:   unauthorized
Detail: Invalid response from
http://medik.app/.well-known/acme-challenge/rImBpQfvuAl_VUIXPXQQvKj4s9t-b3Dab3xk81q6V5Q:
"<html>\r\n<head><title>404 Not Found</title></head>\r\n<body
bgcolor=\"white\">\r\n<center><h1>404 Not
Found</h1></center>\r\n<hr><center>"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): nginx/1.14.0 (Ubuntu)
The operating system my web server runs on is (include version): Linux ubuntu-s-1vcpu-1gb-sfo2-01 4.15.0-39-generic #42-Ubuntu SMP Tue Oct 23 15:48:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
My hosting provider, if applicable, is: DigitalOcean
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
Hello I need some help to figure out what is going on, let me explain.
I am trying to setup ssl on my dockerized rails app that points to http://0.0.0.0:3000 and NGINX reverse proxy on host, without success.
I buyed I domain .app on 1and1 (hint: when I buyed my domain 1and1 says that domain can only be accesed by https), so I pointed my domain to vps droplet on DigitalOcean like this:
A = mydomain.app, directs to my public IP XXX.XXX.XXX.XXX
CNAME = www.mydomain.app, is an alias of mydomain.app
NS = mydomain.app directs to ns1.digitalocean.com, ns2.digitalocean.com, ns3.digitalocean.com
In 1and1 site I changed under DNS servers, the default DNS servers for digital ocean DNS servers (ns1.digitalocean.com, ns2.digitalocean.com, ns3.digitalocean.com)
I have an NGINX reverse proxy server on ubuntu 18.04 configured like this:
# /etc/nginx/nginx.conf
user www-data;
worker_processes auto;
worker_rlimit_nofile 1024;
events {
multi_accept on;
worker_connections 1024;
}
http {
charset utf-8;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
log_not_found off;
types_hash_max_size 2048;
client_max_body_size 16M;
# MIME
include mime.types;
default_type application/octet-stream;
# logging
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log warn;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*.conf;
}
# /etc/nginx/sites-available/mydomain.app.conf
# test lets encrypt challenge block
server {
listen 80;
root /var/www/mydomainapp/public;
index index.html;
server_name mydomain.app www.mydomain.app;
include snippets/letsencrypt.conf;
}
# /etc/nginx/snippets/letsencrypt.conf
location ~ /.well-known/acme-challenge/ {
allow all;
# root /var/lib/letsencrypt/;
# default_type "text/plain";
# try_files $uri =404;
}
location ~ /.well-known {
allow all;
}
With certbot I am using this command:
sudo certbot certonly --agree-tos --email my_mail@gmail.com --webroot -w /var/lib/letsencrypt/ -d mydomain.app -d www.mydomain.app
But throws this error:
FailedChallenges: Failed authorization procedure. www.mydomain.app (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.mydomain.app/.well-known/acme-challenge/…
Domain: mydomain.app
Type: unauthorized
Detail: Invalid response from
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
NOTE: the error goes for both domains, mydomain.app and www.mydomain.app (I run each domain cerbot command separately but the same error)
I am following this tutorial: https://linuxize.com/post/secure-nginx-with-let-s-encrypt-on-ubuntu-18-04/#disqus_thread
This is my first ssl and domain registration/configuration, any help?