Is something wrong with domains with .ORG


#1

Please fill out the fields below so we can help you better.

My domain is:
matjar.org

I ran this command:
sudo letsencrypt certonly -a webroot --webroot-path=/var/www/ -d sidati.com -d www.sidati.com -d alafsa.com -d www.alafsa.com -d 9awalib.com -d www.9awalib.com -d matjar.org -d www.matjar.org

It produced this output:

- The following errors were reported by the server:

** Domain: matjar.org**
** Type: unauthorized**
** Detail: Invalid response from http://matjar.org/.well-known/acme-**
** challenge/gC2ajWimBhlaDT89LgQT426U3XwnWJsyk0KZ6OEel60: “<!DOCTYPE…>”"**

** Domain: www.matjar.org**
** Type: unauthorized**
** Detail: Invalid response from http://www.matjar.org/.well-known**
** /acme-challenge/FV3ek9qHaAGZqrQCQc9m74LL3BpuqFjITg37_G99wLg**
** [139.59.4.70]: 404**

** To fix these errors, please make sure that your domain name was**
** entered correctly and the DNS A record(s) for that domain**
** contain(s) the right IP address.**

My operating system is (include version):
Ubuntu 16.04

My web server is (include version):
nginx/1.10.0

My hosting provider, if applicable, is:
DigitalOcean

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No

I did enter the A record 2 days ago and still the same problem i buy yesterday a domain 9awalib.com and its working but matjar.org still NOT


#2

It’s not a generic problem with .org, no.

It’s saying if couldn’t reach http://matjar.org/.well-known/acme-challenge/gC2ajWimBhlaDT89LgQT426U3XwnWJsyk0KZ6OEel60

If you place a text file in .well-known/acme-challenge/ can you reach it in your browser ? It looks as if your application is preventing it currently.


#3

Thanks @serverco for your reply, yes i can the web server can access to the txt file
http://matjar.org/.well-known/acme-challenge/test.txt

But why all the other domains are working just fine but the matjar.org does not even they all have the same exact config.


#4

Is the error message still the same ? i.e. a 404 error, file not found ? If so, is your web root for that account the same as all the others ?


#5

Yes the error still the same, about web roots this is the structure :

by the way i did remove matjar.org, the ssl working fine but i’m not sure why its not working for matjar.org, i swear they all have the same exact config for nginx and user ownership/privileges but matjar.org is just keep failing :

https://sidati.com/ => working
https://9awalib.com/ => working
https://alafsa.com/ => working

https://matjar.org/ => NOT working (of course because i removed it from the command )

sudo letsencrypt certonly -a webroot --webroot-path=/var/www/ -d sidati.com -d www.sidati.com -d alafsa.com -d www.alafsa.com -d 9awalib.com -d www.9awalib.com -d matjar.org -d www.matjar.org

thank you very mush @serverco for your help


#6

@sidati, can you post your full Certbot logs from /var/log/letsencrypt/letsencrypt.log? Tagging in @erica and @bmw to take a look at what may be an issue with the newly release Nginx support for Certbot.


#7

Hi jsha,
Thank you for joining in, here is the log : https://sidati.com/letsencrypt.log

CC: @erica, @bmw


#8

I notice from your logs that you’re using the letsencrypt command, version 0.4.1. That command has been renamed to certbot, and is now at version 0.9.2. Can you upgrade to the latest version of certbot? Instructions are available at https://certbot.eff.org/.


#9

Tagging in @erica and @bmw to take a look at what may be an issue with the newly release Nginx support for Certbot.

It shouldn’t be because the webroot plugin is being used, not the Nginx plugin, however, I’m happy to take a look.

@sidati, looking at your at your log and the paths you listed above, I think you need to specify another webroot. Where did you place the test.txt file you listed above? In /var/www/sidati/matjar/.well-known/acme-challenge? If so, you’d want to write a command that looks like:

sudo letsencrypt certonly -a webroot --webroot-path=/var/www/ -d sidati.com -d www.sidati.com -d alafsa.com -d www.alafsa.com -d 9awalib.com -d www.9awalib.com –webroot-path /var/www/sidati/matjar -d matjar.org -d www.matjar.org

Can you upgrade to the latest version of certbot?

They could using certbot-auto, however, in most cases we think OS packages provide a better experience. We’re trying to get Ubuntu to upgrade to a newer package and working on an official Ubuntu 16.04 PPA.


#10

:+1:
specifying a webroot for each domain was the fix, thank you very mush @bmw, @serverco & jsha


#11

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.