Issue with renewing Certificate

gsohler · June 18, 2020, 1:49pm

Hi Group,

3 Month before I have installed a Lets-Encrypt Certificate for our website.
Now i got a reminder, that the Certificate is due to expire, so now i am trying to extend it.

We are using apache to serve our homepage.

After some excessive trials i hit the Limit of 5 Trials, so one week later i am trying again

This is what i did this time:
service httpd stop
certbot --verbose --agree-tos --email guenther.sohler@photeon.com renew

but it fails after some seconds.

Pasting the relevant sections from /var/log/letsencrypr/letsencrypt.log are in the bottom of the topic.

What can be the issue ? Do i need to specify a password or could it be to wrong 80-> 443 redirection ?

Thank you for your Attention

Best regards …

===================

020-06-18 15:24:11,422:DEBUG:acme.client:Storing nonce: 0102yw-TRUyMDgxEwg7AkDA7cOdVMu9pH-z6jfEVik2-QLk
2020-06-18 15:24:11,422:WARNING:certbot._internal.auth_handler:Challenge failed for domain www.photeon.com
2020-06-18 15:24:11,422:INFO:certbot._internal.auth_handler:http-01 challenge for www.photeon.com
2020-06-18 15:24:11,423:DEBUG:certbot._internal.reporter:Reporting to user: The following errors were reported by the server:

Domain: www.photeon.com
Type: unauthorized
Detail: Invalid response from https://www.photeon.com/.well-known/acme-challenge/30TH8Uw9Xcfy8ZdYYu3GkZdbkB0NOrmZgxMs2LrCuIg [194.208.5.133]: “\n\n<!–[if IE 8]>\n<html class=“ie ie8” lang=“en-US”>”

To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
2020-06-18 15:24:11,423:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File “/usr/lib/python2.7/site-packages/certbot/_internal/auth_handler.py”, line 91, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File “/usr/lib/python2.7/site-packages/certbot/_internal/auth_handler.py”, line 180, in _poll_authorizations
raise errors.AuthorizationError(‘Some challenges have failed.’)
AuthorizationError: Some challenges have failed.

Osiris · June 18, 2020, 4:45pm

How is it possible the certbot error log has a HTML answer in the response from the request when you’ve stopped your httpd? That shouldn’t be possible.

Also, how did you request the certificate in the first place? With what command?

gsohler · June 19, 2020, 5:48am

Hi Osiris,

Thank you for your attention.

When it was not working, i read on the internet, that a user succeeded when turning off his apache service, so did i.
Now I believe that the certbot has just started it again, this is why we see HTML output.

I installed certbot according to the documentation given:

sudo certbot --apache

However i remember that i was editing the apache config files to properly include the lets-encrypt certificates.

Please find attached my certbot log and other files of interest

(Attachment letsencrypt.log is missing)

(Attachment virtualhost.conf is missing)

(Attachment ssl.conf is missing)

gsohler · June 19, 2020, 6:45am

Hi,

please find attached the files with txt extension

Thank you

letsencrypt.txt (22.9 KB)

virtualhost.txt (278 Bytes)

ssl.txt (9.36 KB)

system · July 19, 2020, 6:45am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.