Let's multi domain renew error

shelbyp · November 20, 2023, 3:41pm

My two domain names are shop.room801.com and shop.explorotica.us

I ran the following command: sudo certbot renew

Output:

Server: nginx
Date: Mon, 20 Nov 2023 16:11:58 GMT
Content-Type: application/json
Content-Length: 1639
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: v0bMowfiCcF_KpzhMFrfbTnhI9VKYhoQ3CNBj8LA1OlLWXLJVz8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "shop.explorotica.us"
  },
  "status": "invalid",
  "expires": "2023-11-27T16:11:51Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:unauthorized",
        "detail": "159.65.238.59: Invalid response from https://shop.explorotica.us/catalogsearch/result/?q=well+known+acme+challenge+obUpeBmCy6dZnhtnwmgh2nc6xiwE2JY1quTEuG3SuSU\u0026404=1: \"\\r\\n\u003c!doctype html\u003e\\r\\n\u003chtml class=\\\"use-header2\\\" lang=\\\"en\\\"\u003e\\r\\n    \u003chead \u003e\\r\\n        \u003cscript\u003e\\n\\tvar BASE_URL = WEB_URL = 'https://shop.e\"",
        "status": 403
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/285750384116/1rXJtw",
      "token": "obUpeBmCy6dZnhtnwmgh2nc6xiwE2JY1quTEuG3SuSU",
      "validationRecord": [
        {
          "url": "http://shop.explorotica.us/.well-known/acme-challenge/obUpeBmCy6dZnhtnwmgh2nc6xiwE2JY1quTEuG3SuSU",
          "hostname": "shop.explorotica.us",
          "port": "80",
          "addressesResolved": [
            "159.65.238.59"
          ],
          "addressUsed": "159.65.238.59"
        },
        {
          "url": "https://shop.explorotica.us/catalogsearch/result/?q=well+known+acme+challenge+obUpeBmCy6dZnhtnwmgh2nc6xiwE2JY1quTEuG3SuSU\u0026404=1",
          "hostname": "shop.explorotica.us",
          "port": "443",
          "addressesResolved": [
            "159.65.238.59"
          ],
          "addressUsed": "159.65.238.59"
        }
      ],
      "validated": "2023-11-20T16:11:52Z"
    }
  ]
}
2023-11-20 11:11:56,940:DEBUG:acme.client:Storing nonce: v0bMowfiCcF_KpzhMFrfbTnhI9VKYhoQ3CNBj8LA1OlLWXLJVz8
2023-11-20 11:11:56,941:DEBUG:acme.client:JWS payload:
b''
2023-11-20 11:11:56,943:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/285750384126:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAidjBiTW93ZmlDY0ZfS3B6aE1GcmZiVG5oSTlWS1lob1EzQ05CajhMQTFPbExXWExKVno4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yODU3NTAzODQxMjYifQ",
  "signature": "WMFtYO8PWcA6dKw87QgiRNVPRyHbDIQgcXmpIK7O1mPg_KkQv3PIp-CqCsu51bUF5AyX-ZOERx9zz71zSxBBINIHZVvEWvh0kMbQd7x5BDCtvyyIY48hcF0bY6b2pqXpIeP6yu3fl0GKA6N-cfznxfmYQjeaqx5B0jhBfSvqq8UuX6w6H0U-yhRfPEWRkrEB99kMVhBXxf9jO2jVJORpMQD9sHZhSfN-7cTrWjW_5bnTkQsItsPrHcmrMrIAoEzdgqfwD5FKJGweexpkXInXKW1sURVk1l7qZ7kPIfnnxMcyXbWq7gCMnHmRazGYmbcWViysPLJqzkgIBcVUgcTcjA",
  "payload": ""
}
2023-11-20 11:11:56,990:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/285750384126 HTTP/1.1" 200 1621
2023-11-20 11:11:56,991:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 20 Nov 2023 16:11:58 GMT
Content-Type: application/json
Content-Length: 1621
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: v0bMowfisrPp6g35giCZu_YsSwNdK1hvP8TacG6SsOZ2HxTZfQ8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "shop.room801.com"
  },
  "status": "invalid",
  "expires": "2023-11-27T16:11:51Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:unauthorized",
        "detail": "159.65.238.59: Invalid response from https://shop.room801.com/catalogsearch/result/?q=well+known+acme+challenge+oQ1Mm2ADnD6NrI0Oh5XpYHoC99alCC6IETD4GmiC2nI\u0026404=1: \"\\r\\n\u003c!doctype html\u003e\\r\\n\u003chtml class=\\\"use-header3\\\" lang=\\\"en\\\"\u003e\\r\\n    \u003chead \u003e\\r\\n        \u003cscript\u003e\\n\\tvar BASE_URL = WEB_URL = 'https://shop.r\"",
        "status": 403
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/285750384126/5YDEQw",
      "token": "oQ1Mm2ADnD6NrI0Oh5XpYHoC99alCC6IETD4GmiC2nI",
      "validationRecord": [
        {
          "url": "http://shop.room801.com/.well-known/acme-challenge/oQ1Mm2ADnD6NrI0Oh5XpYHoC99alCC6IETD4GmiC2nI",
          "hostname": "shop.room801.com",
          "port": "80",
          "addressesResolved": [
            "159.65.238.59"
          ],
          "addressUsed": "159.65.238.59"
        },
        {
          "url": "https://shop.room801.com/catalogsearch/result/?q=well+known+acme+challenge+oQ1Mm2ADnD6NrI0Oh5XpYHoC99alCC6IETD4GmiC2nI\u0026404=1",
          "hostname": "shop.room801.com",
          "port": "443",
          "addressesResolved": [
            "159.65.238.59"
          ],
          "addressUsed": "159.65.238.59"
        }
      ],
      "validated": "2023-11-20T16:11:52Z"
    }
  ]
}
2023-11-20 11:11:56,991:DEBUG:acme.client:Storing nonce: v0bMowfisrPp6g35giCZu_YsSwNdK1hvP8TacG6SsOZ2HxTZfQ8
2023-11-20 11:11:56,993:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:

My web server is (Apache2 version 2.4.29 (Ubuntu)
The operation system Server Ubuntu 18.04.4 LTS

Host Provider private server: Digital Ocean

I can log in to the root shell.

I don't use a control panel.

certbot version 0.27.0

I am using Magento 2. I have set up Let's Encrypt to work with Magento multi-websites. site1 and site2 90 days ago when trying to renew I get the following error codes.

Attempting to renew cert (site1.com) from /etc/letsencrypt/renewal/site1com.conf produced an unexpected error: Failed authorization procedure. site2.us (HTTP-01): urn:ietf:params:acme:error:unauthorized:: The client lacks sufficient authorization:: 159.65.238.59: Invalid response from https://site2.us/catalogsearch/result/?q=well+known+acme+challenge+T8jQdISFBmpXsVw5nsEK14nEHcPkPW6FbUon9joMsBg&404=1: "\r\n<!doctype html>\r\n<html class="use-header2" lang=" en">\r\n \r\n \n\tvar BASE_URL = WEB_URL = 'https://site2". Skipping.

I have the following directory on my server in the root public .well-known/acme-challenge.

It appears to be looking in my Magento website in the search result for validation.

Any help will be wonderful.

Osiris · November 20, 2023, 3:58pm

When you opened this thread in the Help section, you should have been provided with a questionnaire. Maybe you didn't get it somehow (which is weird), or you've decided to delete it. In any case, all the answers to this questionnaire are required:

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

rg305 · November 20, 2023, 4:57pm

Hi @shelbyp, and welcome to the LE community forum

That indicates that the HTTP ACME challenge requests are being redirected incorrectly.
And [as I expected to see] since you are using Apache, we should start by checking that there are no name:port overlaps, with the output of:

`sudo apachectl -t -D DUMP_VHOSTS`

rg305 · November 20, 2023, 5:00pm

curl -Ii http://shop.explorotica.us/.well-known/acme-challenge/obUpeBmCy6dZnhtnwmgh2nc6xiwE2JY1quTEuG3SuSU

HTTP/1.1 301 Moved Permanently
Date: Mon, 20 Nov 2023 16:59:03 GMT
Access-Control-Allow-Origin: *
Set-Cookie: PHPSESSID=82j34l5eb8jecde4eek7cgmjpu; expires=Tue, 21-Nov-2023 16:59:03 GMT; Max-Age=86400; path=/; domain=shop.explorotica.us; secure; HttpOnly
Set-Cookie: PHPSESSID=82j34l5eb8jecde4eek7cgmjpu; expires=Tue, 21-Nov-2023 16:59:03 GMT; Max-Age=86400; path=/; domain=shop.explorotica.us; secure; HttpOnly
Set-Cookie: X-Magento-Vary=509280933fc63dff61b6f2eea657dd509e4bb637; expires=Tue, 21-Nov-2023 16:59:03 GMT; path=/; HttpOnly; secure; SameSite=Lax
fastly-page-cacheable: YES
Status: 404 File not found
Report-To: {"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"\/csp_reporter.php"}]}
Content-Security-Policy: frame-ancestors shop.explorotica.us 'self'; form-action shop.explorotica.us geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de https://payflowlink.paypal.com/ *.facebook.com *.gstatic.com *.yotpo.com 'self' 'unsafe-inline'; base-uri shop.explorotica.us 'self' 'unsafe-inline'; style-src shop.explorotica.us getfirebug.com cdn.dnky.co webchat.dotdigital.com *.googleapis.com checkout.buckaroo.nl *.fontawesome.com *.mailchimp.com *.trustpilot.com cdn.jsdelivr.net https://accounts.google.com/gsi/style maxcdn.bootstrapcdn.com *.yotpo.com 'self' 'unsafe-inline'; script-src shop.explorotica.us http https https://maps.googleapis.com/  assets.adobedtm.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com *.vimeocdn.com js.authorize.net jstest.authorize.net js.braintreegateway.com cdn-scripts.signifyd.com www.youtube.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de r1-t.trackedlink.net r2-t.trackedlink.net r3-t.trackedlink.net r1.trackedweb.net r2.trackedweb.net r3.trackedweb.net static.trackedweb.net cdn.dnky.co api.comapi.com webchat.dotdigital.com https://payflowlink.paypal.com/ *.google.com *.gstatic.com *.googletagmanager.com *.googleapis.com *.googleadservices.com *.trackedlink.net snap.licdn.com chimpstatic.com checkout.buckaroo.nl *.adyen.com *.zopim.com *.hotjar.com *.zdassets.com *.sendcloud.sc *.mailchimp.com *.trustedshops.com *.fontawesome.com *.facebook.net *.feedbackcompany.com *.google-analytics.com *.trustpilot.com *.newrelic.com *.nr-data.net cdn.jsdelivr.net *.googleoptimize.com *.clarity.ms *.datatrics.com *.criteo.net *.criteo.com *.youtube.com cdn.mouseflow.com *.yotpo.com *.paypal.com 'self' 'unsafe-inline' 'unsafe-eval'; object-src shop.explorotica.us 'self' 'unsafe-inline'; media-src shop.explorotica.us *.zopim.com 'self' 'unsafe-inline'; manifest-src shop.explorotica.us 'self' 'unsafe-inline'; img-src shop.explorotica.us widgets.magentocommerce.com www.googleadservices.com www.google-analytics.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.google.com *.google.nl data: connect.onlinesucces.nl px.ads.linkedin.com stats.g.doubleclick.net *.googleapis.com *.gstatic.com *.linkedin.com *.googletagmanager.com gallery.mailchimp.com amcglobal.sc.omtrdc.net cm.everesttech.net *.trustedshops.com *.facebook.com *.zopim.com cdn.jsdelivr.net *.jmango360.com *.datatrics.com *.smaato.net https://payflowlink.paypal.com https://meetanshi.com/media.png *.yotpo.com *.paypal.com https://payflowlink.paypal.com/ payflowlink.paypal.com 'self' 'unsafe-inline'; frame-src shop.explorotica.us geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de cdn.dnky.co webchat.dotdigital.com https://payflowlink.paypal.com/ *.youtube.com *.hotjar.com *.google.com *.facebook.com *.trustpilot.com *.criteo.com https://accounts.google.com *.yotpo.com *.paypal.com payflowlink.paypal.com 'self' 'unsafe-inline'; font-src shop.explorotica.us fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.zopim.com *.fontawesome.com data: *.gstatic.com maxcdn.bootstrapcdn.com *.yotpo.com *.googleapis.com 'self' 'unsafe-inline'; connect-src shop.explorotica.us https://maps.googleapis.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de r1-t.trackedlink.net r2-t.trackedlink.net r3-t.trackedlink.net r1.trackedweb.net r2.trackedweb.net r3.trackedweb.net static.trackedweb.net api.comapi.com webchat.dotdigital.com https://payflowlink.paypal.com/ commerce.adobedc.net *.google-analytics.com stats.g.doubleclick.net *.zdassets.com *.hotjar.com *.hotjar.io *.zopim.com wss://*.zopim.com dpm.demdex.net *.feedbackcompany.com amcglobal.sc.omtrdc.net *.zendesk.com *.nr-data.net *.clarity.ms *.facebook.com *.datatrics.com https://accounts.google.com/gsi/status *.yotpo.com *.paypal.com www.paypal.com payflowlink.paypal.com 'self' 'unsafe-inline'; child-src shop.explorotica.us 'self' 'unsafe-inline'; default-src shop.explorotica.us https://maps.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; report-uri /csp_reporter.php;
Content-Security-Policy: upgrade-insecure-requests;
Location: https://shop.explorotica.us/catalogsearch/result/?q=well+known+acme+challenge+obUpeBmCy6dZnhtnwmgh2nc6xiwE2JY1quTEuG3SuSU&404=1
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=edge
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Pragma: no-cache
Expires: -1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive

shelbyp · November 20, 2023, 5:28pm

sudo apachectl -t -D DUMP_VHOST
Syntax OK

shelbyp · November 20, 2023, 5:38pm

Found the problem in my .htacess file because I am running a multi-website with Magento I had to add the following

RewriteEngine on
RewriteRule .* -- [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{REQUEST_URI} !^/.well-known/
RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
RewriteRule .* -- [L,R=405]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule .* index.php [L]

When I remove the Trac[EK] getting a different error.

Server: nginx
Date: Mon, 20 Nov 2023 17:32:50 GMT
Content-Type: application/json
Content-Length: 1044
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: jXyutbsnXGv7w7ptS9OAvZSzh9yDJ0gcjuQlNg5pf2Vp9BuvrKY
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "shop.explorotica.us"
  },
  "status": "invalid",
  "expires": "2023-11-27T17:32:47Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:unauthorized",
        "detail": "x.x.x.x: Invalid response from http://shop.explorotica.us/.well-known/acme-challenge/VDSu18MeLOEICcWqxOF8YBh-yoxWxvxijByRhqBOl78: 405",
        "status": 403
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/285770270376/qW4gQg",
      "token": "VDSu18MeLOEICcWqxOF8YBh-yoxWxvxijByRhqBOl78",
      "validationRecord": [
        {
          "url": "http://shop.explorotica.us/.well-known/acme-challenge/VDSu18MeLOEICcWqxOF8YBh-yoxWxvxijByRhqBOl78",
          "hostname": "shop.explorotica.us",
          "port": "80",
          "addressesResolved": [
            "x.x.x.x"
          ],
          "addressUsed": "x.x.x.x"
        }
      ],
      "validated": "2023-11-20T17:32:47Z"
    }
  ]
}

When I added back get same error.

rg305 · November 20, 2023, 6:48pm

Where is the rest of that output?

Osiris · November 20, 2023, 7:12pm

It might not be there. I tested it on my server (Gentoo) and it also only said "Syntax OK". Not sure where the rest of the output went or how to actually get it (That said, on Ubuntu we'd usually see more indeed..)

Nevermind, OP made an oopsie with copy/pasting your command. It should be DUMP_VHOSTS instead of the currently used "DUMP_VHOST", which is nothing to Apache and is ignored.

shelbyp · November 20, 2023, 7:52pm

VirtualHost configuration:
*:8080                 $domain (/etc/apache2/sites-enabled/000-varnish.conf:4)
*:443                  is a NameVirtualHost
         default server adultmart.com (/etc/apache2/sites-enabled/000-varnish-le-ssl.conf:2)
         port 443 namevhost adultmart.com (/etc/apache2/sites-enabled/000-varnish-le-ssl.conf:2)
                 alias www.adultmart.com
         port 443 namevhost Live-am-multi-sites (/etc/apache2/sites-enabled/explorotica-ssl.conf:2)
         port 443 namevhost shop.explorotica.us (/etc/apache2/sites-enabled/explorotica-ssl.conf:140)
                 alias https://shop.explorotica.us
         port 443 namevhost Live-am-multi-sites (/etc/apache2/sites-enabled/room801-ssl.conf:2)
         port 443 namevhost shop.room801.com (/etc/apache2/sites-enabled/room801-ssl.conf:139)
                 alias https://shop.room801.com
*:80                   is a NameVirtualHost
         default server $domain (/etc/apache2/sites-enabled/explorotica.conf:4)
         port 80 namevhost $domain (/etc/apache2/sites-enabled/explorotica.conf:4)
                 alias www.$domain
         port 80 namevhost shop.explorotica.us (/etc/apache2/sites-enabled/explorotica.conf:24)
                 alias shop.explorotica.us
         port 80 namevhost $domain (/etc/apache2/sites-enabled/room801.conf:4)
                 alias www.$domain
         port 80 namevhost shop.room801.com (/etc/apache2/sites-enabled/room801.conf:24)
                 alias shop.room801.com

shelbyp · November 20, 2023, 8:18pm

My problem is the Rewrite condition trace is there a way to create an if statement to check for the base url. well-known the us base plush well-directory getting a get error when I remove the trace.

rg305 · November 20, 2023, 8:34pm

shelbyp:

port 80 namevhost $domain (/etc/apache2/sites-enabled/explorotica.conf:4)
        alias www.$domain
port 80 namevhost $domain (/etc/apache2/sites-enabled/room801.conf:4)
        alias www.$domain

Whatever $domain evaluates to creates a "name:port" overlap.

shelbyp · November 21, 2023, 2:57am

 VirtualHost configuration:
*:8080                 $domain (/etc/apache2/sites-enabled/000-varnish.conf:4)
*:443                  is a NameVirtualHost
         default server adultmart.com (/etc/apache2/sites-enabled/000-varnish-le-ssl.conf:2)
         port 443 namevhost adultmart.com (/etc/apache2/sites-enabled/000-varnish-le-ssl.conf:2)
                 alias www.adultmart.com
         port 443 namevhost Live-am-multi-sites (/etc/apache2/sites-enabled/explorotica-ssl.conf:2)
         port 443 namevhost shop.explorotica.us (/etc/apache2/sites-enabled/explorotica-ssl.conf:140)
                 alias https://shop.explorotica.us
         port 443 namevhost Live-am-multi-sites (/etc/apache2/sites-enabled/room801-ssl.conf:2)
         port 443 namevhost shop.room801.com (/etc/apache2/sites-enabled/room801-ssl.conf:139)
                 alias https://shop.room801.com
*:80                   is a NameVirtualHost
         default server shop.explorotica.us (/etc/apache2/sites-enabled/explorotica.conf:4)
         port 80 namevhost shop.explorotica.us (/etc/apache2/sites-enabled/explorotica.conf:4)
                 alias www.shop.explorotica.us
         port 80 namevhost shop.room801.com (/etc/apache2/sites-enabled/room801.conf:5)
                 alias www.shop.room801.com
root@Live-am-multi-sites:~#

fixed that problem still the same issue.

rg305 · November 21, 2023, 3:12am

Let's have a look at these files:

shelbyp · November 21, 2023, 12:39pm

# Added to mitigate CVE-2017-8295 vulnerability
UseCanonicalName On

<VirtualHost *:80>
        ServerAdmin webmaster@localhost

		DocumentRoot /var/www/html
        ServerName shop.explorotica.us
		ServerAlias www.shop.explorotica.us
		SetEnv MAGE_RUN_TYPE "website"
		SetEnv MAGE_RUN_CODE "explorotica"

        DocumentRoot /var/www/html

        <Directory /var/www/html/>
            Options FollowSymLinks
            AllowOverride All
            Order allow,deny
            Allow from all
            Require all granted
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

# Added to mitigate CVE-2017-8295 vulnerability
UseCanonicalName On


<VirtualHost *:80>
        ServerAdmin webmaster@localhost

        ServerName shop.room801.com
		ServerAlias www.shop.room801.com
		SetEnv MAGE_RUN_TYPE "website"
		SetEnv MAGE_RUN_CODE "base"
        DocumentRoot /var/www/html

        <Directory /var/www/html/>
            Options FollowSymLinks
            AllowOverride All
            Order allow,deny
            Allow from all
            Require all granted
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

MikeMcQ · November 21, 2023, 1:05pm

Can you show the command you used and the full error message?

One thing I see is you are missing DNS A record for your www subdomains. This would not cause the identical problem as before but it will be a problem. Your room801 domain has the same problem as this one

nslookup www.shop.explorotica.us
** server can't find www.shop.explorotica.us: NXDOMAIN

nslookup shop.explorotica.us
Address: 159.65.238.59

shelbyp · November 21, 2023, 1:44pm

I just removed the www on both. here is my Let's Encrypt error log

2023-11-21 08:44:02,674:DEBUG:certbot.main:certbot version: 0.27.0
2023-11-21 08:44:02,676:DEBUG:certbot.main:Arguments: []
2023-11-21 08:44:02,677:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2023-11-21 08:44:02,691:DEBUG:certbot.log:Root logging level set at 20
2023-11-21 08:44:02,692:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2023-11-21 08:44:02,733:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7f2de3da34e0> and installer <certbot.cli._Default object at 0x7f2de3da34e0>
2023-11-21 08:44:02,744:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2023-11-19 19:06:20 UTC.
2023-11-21 08:44:02,744:INFO:certbot.renewal:Cert is due for renewal, auto-renewing...
2023-11-21 08:44:02,744:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2023-11-21 08:44:02,745:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0x7f2de3dcb748>
Prep: True
2023-11-21 08:44:02,746:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7f2de3dcb748> and installer None
2023-11-21 08:44:02,746:INFO:certbot.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2023-11-21 08:44:02,750:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/85082002', new_authzr_uri=None, terms_of_service=None), 0f485ae2935ada8b59889b40be8cd2a1, Meta(creation_dt=datetime.datetime(2020, 5, 2, 15, 50, 49, tzinfo=<UTC>), creation_host='adultmart-magento2-open-source-ubuntu'))>
2023-11-21 08:44:02,752:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2023-11-21 08:44:02,755:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
2023-11-21 08:44:02,913:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 752
2023-11-21 08:44:02,913:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:44:03 GMT
Content-Type: application/json
Content-Length: 752
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "j2-2RQMNJoY": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-01/renewalInfo/",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2023-11-21 08:44:02,914:INFO:certbot.main:Renewing an existing certificate
2023-11-21 08:44:02,974:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0182_key-certbot.pem
2023-11-21 08:44:02,978:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0182_csr-certbot.pem
2023-11-21 08:44:02,979:DEBUG:acme.client:Requesting fresh nonce
2023-11-21 08:44:02,979:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2023-11-21 08:44:03,031:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2023-11-21 08:44:03,031:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:44:03 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: jXyutbsnECAhDv87oOovgWWIDd_-tDNPhw6zDIfUzGfeiawk-Ug
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2023-11-21 08:44:03,032:DEBUG:acme.client:Storing nonce: jXyutbsnECAhDv87oOovgWWIDd_-tDNPhw6zDIfUzGfeiawk-Ug
2023-11-21 08:44:03,032:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "shop.room801.com"\n    },\n    {\n      "type": "dns",\n      "value": "shop.explorotica.us"\n    }\n  ]\n}'
2023-11-21 08:44:03,035:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAialh5dXRic25FQ0FoRHY4N29Pb3ZnV1dJRGRfLXRETlBodzZ6RElmVXpHZmVpYXdrLVVnIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
  "signature": "m8BytJ91YsnOKdD-kVk1TvRnOVN0RL3wTb51UbDja6cy9Q-e23xag7ImMiDclj82u63Vmtfy6Vz5KdU1zj78siiFt_Jskyq9xRv036L1KoHRr1wvL9nq6PdmCDhn3JNAiQVdXkb96O9p9LrOGNyLQ3uPT471zoGELESDJLXnNbuxX-x6evB0sX_LrZMxvLw70Abyuafzbn0Z8m-fNsXty8XK2Mcoj6Gohg4VXDN54KaXVqCMVZW0P6zfTw-wbMOu1kxh6blH9ObGYhC1obDAQ0liHiHzlTGjRR-o5NbQi77ZyVORT5XcIsr7eIyt-5_orRkwM5Ax-TRJu9OwnWkMTQ",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInNob3Aucm9vbTgwMS5jb20iCiAgICB9LAogICAgewogICAgICAidHlwZSI6ICJkbnMiLAogICAgICAidmFsdWUiOiAic2hvcC5leHBsb3JvdGljYS51cyIKICAgIH0KICBdCn0"
}
2023-11-21 08:44:03,135:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 482
2023-11-21 08:44:03,136:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Tue, 21 Nov 2023 13:44:03 GMT
Content-Type: application/json
Content-Length: 482
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/85082002/223789726656
Replay-Nonce: SFMYLIQjZRQGAtBymyjkYXwnPNYqYAHvf-6Ub0ntrIUeDUV12sI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "pending",
  "expires": "2023-11-28T13:44:03Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "shop.explorotica.us"
    },
    {
      "type": "dns",
      "value": "shop.room801.com"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/286057614356",
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/286057614366"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/85082002/223789726656"
}
2023-11-21 08:44:03,136:DEBUG:acme.client:Storing nonce: SFMYLIQjZRQGAtBymyjkYXwnPNYqYAHvf-6Ub0ntrIUeDUV12sI
2023-11-21 08:44:03,137:DEBUG:acme.client:JWS payload:
b''
2023-11-21 08:44:03,138:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/286057614356:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAiU0ZNWUxJUWpaUlFHQXRCeW15amtZWHduUE5ZcVlBSHZmLTZVYjBudHJJVWVEVVYxMnNJIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yODYwNTc2MTQzNTYifQ",
  "signature": "WqPwqvBCFtbbkndYLCE75zylpfsl7EwEY5kTpYjj4wAcC3pDtIcmjFPt81cVpv-4cGXBXw6EDOPelk4h5tCfikMVvbHKBAmHPl8SiefX-YOd4wGAdwxpOpjpEEt0RJBEdGzSAnJMZPoZKk_Rt0MeTsLThuU5qKCAXP_wGI7JVhGWV-sSWKNJ0DnyMnFDhPCJf6iMAp2S3gdufV7AzNorLCBOgZwWIYJh5UxK6sjlW2VBDSvrou9MUb_LzOGEoPfVAomEVnsSB4VVEg4MbfuvoVe45L53UFJCS7O9HOnAUHt2ADwhj6DeqPgtcKyuQ1V-w_XfJ7ROogq621c5BQ66yA",
  "payload": ""
}
2023-11-21 08:44:03,193:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/286057614356 HTTP/1.1" 200 803
2023-11-21 08:44:03,193:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:44:03 GMT
Content-Type: application/json
Content-Length: 803
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: SFMYLIQjrMgX9KfGF939Kp8qWaXe2qYQbypwB-gDNF7k5Tz8mcM
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "shop.explorotica.us"
  },
  "status": "pending",
  "expires": "2023-11-28T13:44:03Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/SeR_aQ",
      "token": "XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/-jsD5Q",
      "token": "XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/k2cm6Q",
      "token": "XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg"
    }
  ]
}
2023-11-21 08:44:03,194:DEBUG:acme.client:Storing nonce: SFMYLIQjrMgX9KfGF939Kp8qWaXe2qYQbypwB-gDNF7k5Tz8mcM
2023-11-21 08:44:03,194:DEBUG:acme.client:JWS payload:
b''
2023-11-21 08:44:03,197:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/286057614366:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAiU0ZNWUxJUWpyTWdYOUtmR0Y5MzlLcDhxV2FYZTJxWVFieXB3Qi1nRE5GN2s1VHo4bWNNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yODYwNTc2MTQzNjYifQ",
  "signature": "GFbgoKBOY4w1X1jAuKtq77zJnzbwwt6EBSn4Q9_3jZjE-OkgqVJNsMygUiNh21Ap6kDZ3BbaUutxG80H83qNHB504_T8z9LFkJ2rTfESPzS1LnqjU-ML7o457nJ9BGDVxgGMVBK836_K82UmycRjnJI3W5tz2Zz_KtqAzNz8M8plEldugHHe8J-v4gHGpi3-J-U9bF5P_fGDI0hIrnerJj8GzDWSdVBqXcmOPP_W0cCOJIB5lOXAfbnoP0UwdnZASOGhLPiF06soyvr5V3LLwGq8A46YtqH2jDXixTiSrfkWfnMyBElUc0z6VL2HnIWPZQRUTnmAYA2zzKJ1XnvEPg",
  "payload": ""
}
2023-11-21 08:44:03,250:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/286057614366 HTTP/1.1" 200 800
2023-11-21 08:44:03,251:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:44:03 GMT
Content-Type: application/json
Content-Length: 800
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: SFMYLIQjo2oC1gMIGVgmH6IY95VyEbHPOV9NEetVxDKe9kvwrQ0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "shop.room801.com"
  },
  "status": "pending",
  "expires": "2023-11-28T13:44:03Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614366/lpZG3w",
      "token": "o2qouXpIPoYxt8KMq3qRegJ3JGRYtrGo0jQ-ZgqTIuo"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614366/0LQUSw",
      "token": "o2qouXpIPoYxt8KMq3qRegJ3JGRYtrGo0jQ-ZgqTIuo"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614366/38cHCQ",
      "token": "o2qouXpIPoYxt8KMq3qRegJ3JGRYtrGo0jQ-ZgqTIuo"
    }
  ]
}
2023-11-21 08:44:03,251:DEBUG:acme.client:Storing nonce: SFMYLIQjo2oC1gMIGVgmH6IY95VyEbHPOV9NEetVxDKe9kvwrQ0
2023-11-21 08:44:03,252:INFO:certbot.auth_handler:Performing the following challenges:
2023-11-21 08:44:03,252:INFO:certbot.auth_handler:http-01 challenge for shop.explorotica.us
2023-11-21 08:44:03,252:INFO:certbot.auth_handler:http-01 challenge for shop.room801.com
2023-11-21 08:44:03,253:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /var/www/html/.well-known/acme-challenge
2023-11-21 08:44:03,253:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /var/www/html/.well-known/acme-challenge
2023-11-21 08:44:03,256:DEBUG:certbot.plugins.webroot:Attempting to save validation to /var/www/html/.well-known/acme-challenge/XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg
2023-11-21 08:44:03,259:DEBUG:certbot.plugins.webroot:Attempting to save validation to /var/www/html/.well-known/acme-challenge/o2qouXpIPoYxt8KMq3qRegJ3JGRYtrGo0jQ-ZgqTIuo
2023-11-21 08:44:03,259:INFO:certbot.auth_handler:Waiting for verification...
2023-11-21 08:44:03,259:DEBUG:acme.client:JWS payload:
b'{\n  "resource": "challenge",\n  "type": "http-01"\n}'
2023-11-21 08:44:03,261:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/SeR_aQ:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAiU0ZNWUxJUWpvMm9DMWdNSUdWZ21INklZOTVWeUViSFBPVjlORWV0VnhES2U5a3Z3clEwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yODYwNTc2MTQzNTYvU2VSX2FRIn0",
  "signature": "OqvuAayQxZTPExiMqYScqnbUhfLG_2V_PFm0pJFQRZnWBuwYg6PR50MipWC7jvcAIqtm_y8tMjsUKloAcV7dWQv21OGOgTOJRHBpedfyN95fDhNCLjkk7JDfNZVhO30QSdt0ILloluJCbsbSX4G3rvdxoO-juO43B5Sk0hYl6BT-WLzBV-qAvxLsHWjwIjM0v-KQJ8sNBS5VjCHRoPFot5ACZp4yVvlnCKoptluOgoYOVSykXz03Wud7eQNDZiTJUZ0hW-VTqNuieCvE773mTB1gTXwDrRiC2Ka0GN92khIku4uTfKbXhyf0KzbjHDL8vdlUCrInWbdYwWwh19T1BQ",
  "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0"
}
2023-11-21 08:44:03,345:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/286057614356/SeR_aQ HTTP/1.1" 200 187
2023-11-21 08:44:03,346:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:44:03 GMT
Content-Type: application/json
Content-Length: 187
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/286057614356>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/SeR_aQ
Replay-Nonce: jXyutbsnUbIuQ0cAF31JbBRh0UkAGtgTLeHkGDAzdVEImGVukWQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/SeR_aQ",
  "token": "XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg"
}
2023-11-21 08:44:03,346:DEBUG:acme.client:Storing nonce: jXyutbsnUbIuQ0cAF31JbBRh0UkAGtgTLeHkGDAzdVEImGVukWQ
2023-11-21 08:44:03,346:DEBUG:acme.client:JWS payload:
b'{\n  "resource": "challenge",\n  "type": "http-01"\n}'
2023-11-21 08:44:03,348:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614366/lpZG3w:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAialh5dXRic25VYkl1UTBjQUYzMUpiQlJoMFVrQUd0Z1RMZUhrR0RBemRWRUltR1Z1a1dRIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yODYwNTc2MTQzNjYvbHBaRzN3In0",
  "signature": "VfazSaZ2OUASXQP9m3oqj6VvghxfRkMcCnmhSaZaT_Pxzci16ZLYHuEEBD0vj-pLQXwhxzxGownPdHkM4vVy-RjRUdBLLJkMGj07WEMIwkxrrnrs2-lEd33bpB1W4jMuFj60rxIRNCU-CSvj1hul_ZAtio4JqErh0Fs8gdVnROH815n8-nC_oV-oFvvgyi5URhl00Pa5yjDsvrZgDHOML3dtgeAFtZsp-dfvFUQzzzDmw1gW5QujMC3hoMZFsaJOyJ7WsELV5EtipaSVymfuwPdBvOneF8lg_Sh7iD2KrKCQI_P56Of3AKIhZV1T-BF7CuZ_iFqeVFniiQBx7HqakQ",
  "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0"
}
2023-11-21 08:44:03,404:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/286057614366/lpZG3w HTTP/1.1" 200 187
2023-11-21 08:44:03,405:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:44:03 GMT
Content-Type: application/json
Content-Length: 187
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/286057614366>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614366/lpZG3w
Replay-Nonce: SFMYLIQj1_iBHcF5cVmAFyMlIpmF_2j72-Q0jHeDU-TTgLfPiL0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614366/lpZG3w",
  "token": "o2qouXpIPoYxt8KMq3qRegJ3JGRYtrGo0jQ-ZgqTIuo"
}
2023-11-21 08:44:03,405:DEBUG:acme.client:Storing nonce: SFMYLIQj1_iBHcF5cVmAFyMlIpmF_2j72-Q0jHeDU-TTgLfPiL0
2023-11-21 08:44:06,408:DEBUG:acme.client:JWS payload:
b''
2023-11-21 08:44:06,411:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/286057614356:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAiU0ZNWUxJUWoxX2lCSGNGNWNWbUFGeU1sSXBtRl8yajcyLVEwakhlRFUtVFRnTGZQaUwwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yODYwNTc2MTQzNTYifQ",
  "signature": "Yr0LMXwnlgx62LJqNyr4mNt3kGCfFjWW5X4mFX96S_ti18jTj374ei2FZdzHNbFBJeN8kCSJBK49PmUajupURCvd6N-QGNsBAhWmkifOoUYYDi8vQm0eNDaeFICRTG-56Zy47tYJwCK8OVJ-GX0HUntX37OEDaVnNIZjbSyZVQqF2RgomUXmz7QM0SAZnvBw4qQvIHhjaUmUyV7pPTBNF9xT2PSCatqax498nP9sNlBextSRLBU_01Koxpz7HqPx1-_G8lKG9wNvU1HyphbCDiPHiu84OlK7dXVFNPCDGp0Mp8dvGYteRbAh4cLNs3xT3g4ZKETqWMDe0vE6iUYYYw",
  "payload": ""
}
2023-11-21 08:44:06,466:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/286057614356 HTTP/1.1" 200 803
2023-11-21 08:44:06,467:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:44:06 GMT
Content-Type: application/json
Content-Length: 803
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: jXyutbsnCw2zkBpuCeApiM4JXdqErfgGglWqgs4YgSLw21X0FF4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "shop.explorotica.us"
  },
  "status": "pending",
  "expires": "2023-11-28T13:44:03Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/SeR_aQ",
      "token": "XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/-jsD5Q",
      "token": "XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/k2cm6Q",
      "token": "XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg"
    }
  ]
}
2023-11-21 08:44:06,468:DEBUG:acme.client:Storing nonce: jXyutbsnCw2zkBpuCeApiM4JXdqErfgGglWqgs4YgSLw21X0FF4
2023-11-21 08:44:06,469:DEBUG:acme.client:JWS payload:
b''
2023-11-21 08:44:06,471:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/286057614366:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAialh5dXRic25DdzJ6a0JwdUNlQXBpTTRKWGRxRXJmZ0dnbFdxZ3M0WWdTTHcyMVgwRkY0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yODYwNTc2MTQzNjYifQ",
  "signature": "N0jRXyUXs8kHQkhczquEnB78yMjOdH4j5E0MNCIdBlysqzeuTMdifqvyeWOJk-zaKpRAIRLY0v5lD4QdD6HaFVt6aH5JqUnoo35fSXvIQVzgYtJ4aOp1yPg2s6ArzeG7iZCc16NzEcl_LRKxXYlVAS7k_3Fc99-tvTGiAwC-5Q4Tf3-7I0eJZwRrc_Fa574zHQ-T20ehqQxypYafWNtqTRG1ZA8UJYsMF2C9qe8SnNv6wt5ftyJg6XQeXuiXb-8-RQYDTHHip_gcqnwUUcaCHas6yB6fT2xdx5lN6vktp3FKxP0TStUOUZ9p-1sHzU6jbXKlGvtgyM3B3TgTuuOgaw",
  "payload": ""
}
2023-11-21 08:44:06,526:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/286057614366 HTTP/1.1" 200 800
2023-11-21 08:44:06,526:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:44:06 GMT
Content-Type: application/json
Content-Length: 800
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: SFMYLIQj3Ov5b4-IspUqBEMwST4Si1VDjAeZAeroehd_ITb1Ius
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "shop.room801.com"
  },
  "status": "pending",
  "expires": "2023-11-28T13:44:03Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614366/lpZG3w",
      "token": "o2qouXpIPoYxt8KMq3qRegJ3JGRYtrGo0jQ-ZgqTIuo"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614366/0LQUSw",
      "token": "o2qouXpIPoYxt8KMq3qRegJ3JGRYtrGo0jQ-ZgqTIuo"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614366/38cHCQ",
      "token": "o2qouXpIPoYxt8KMq3qRegJ3JGRYtrGo0jQ-ZgqTIuo"
    }
  ]
}
2023-11-21 08:44:06,527:DEBUG:acme.client:Storing nonce: SFMYLIQj3Ov5b4-IspUqBEMwST4Si1VDjAeZAeroehd_ITb1Ius
2023-11-21 08:44:09,528:DEBUG:acme.client:JWS payload:
b''
2023-11-21 08:44:09,531:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/286057614356:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAiU0ZNWUxJUWozT3Y1YjQtSXNwVXFCRU13U1Q0U2kxVkRqQWVaQWVyb2VoZF9JVGIxSXVzIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yODYwNTc2MTQzNTYifQ",
  "signature": "Wj6kOWrIoF0ZikK8ubVKQnJ-yzwYKrJTYRKb3EUrkOBG0RsAEspJfOnemBLQhEVhtoSIz3GQTx6JxA7DornUGtA9hllZApUh0--MqqC0pue9BkVhNAtXFm5TeGM4DZ3-uL6fdoP0Odo0TADuug39SCZ2TbfJGnGVVbCU-8u-lQJeqJ67zIl-_rf7mihvlm5tZjGmMI_ov0k5yTdUuNANmEGKWc5KPGabfPofedJTCt8i4IG5By2RacxkWTs2Qf1TYTPakxjLiMuN8xsOvqjR3wu38akvJPZn1L6Z6NhJp83WeUgkx_e-ZRS2PYVQeX5u51Tai3X2HHbogPWk1_xV9Q",
  "payload": ""
}
2023-11-21 08:44:09,586:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/286057614356 HTTP/1.1" 200 803
2023-11-21 08:44:09,588:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:44:09 GMT
Content-Type: application/json
Content-Length: 803
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: jXyutbsni068IH0xoMw0-fTon3urxHkZG4QwdNLk7B93m97ejK0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "shop.explorotica.us"
  },
  "status": "pending",
  "expires": "2023-11-28T13:44:03Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/SeR_aQ",
      "token": "XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/-jsD5Q",
      "token": "XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/k2cm6Q",
      "token": "XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg"
    }
  ]
}
2023-11-21 08:44:09,588:DEBUG:acme.client:Storing nonce: jXyutbsni068IH0xoMw0-fTon3urxHkZG4QwdNLk7B93m97ejK0
2023-11-21 08:44:09,589:DEBUG:acme.client:JWS payload:
b''
2023-11-21 08:44:09,592:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/286057614366:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAialh5dXRic25pMDY4SUgweG9NdzAtZlRvbjN1cnhIa1pHNFF3ZE5MazdCOTNtOTdlakswIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yODYwNTc2MTQzNjYifQ",
  "signature": "ixHUrf4qJ3iARxHDukPEtOdXUNJEDRTVS3j8IE0vL9aOjwvfIiD1irZxTHAXJJpqSLM2BXYHZ1a4DaGnLjcT2ErouHNXzcV1JEZjVHrod30pexz35U6ij7Ul0xhBd73cokngbXeTDcUrE3XavLzBFXaMdcEv2AZBzMFMnu8nvMMSlitrT7wVQPVU1Bh8hJYU7n08tpHBYwG5WvL4CbJi1NQdBrqXsLMEUTVQPvT6XfpxZGNuHH-ZYfiUeI66MLn3e86qIngeDC5Qo-8Tl-erbcHOBkflIE6ijn1n7aEsxJAK15Rj7utuTffL2rICJehmPRepG3dUKk8bjGCbVUbHVQ",
  "payload": ""
}
2023-11-21 08:44:09,650:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/286057614366 HTTP/1.1" 200 1621
2023-11-21 08:44:09,651:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:44:10 GMT
Content-Type: application/json
Content-Length: 1621
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: SFMYLIQjG3ky5z7kAt8szq68mPaG0R8fsAMULvbrY_hjZEz4LJk
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "shop.room801.com"
  },
  "status": "invalid",
  "expires": "2023-11-28T13:44:03Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:unauthorized",
        "detail": "159.65.238.59: Invalid response from https://shop.room801.com/catalogsearch/result/?q=well+known+acme+challenge+o2qouXpIPoYxt8KMq3qRegJ3JGRYtrGo0jQ+ZgqTIuo\u0026404=1: \"\\r\\n\u003c!doctype html\u003e\\r\\n\u003chtml class=\\\"use-header3\\\" lang=\\\"en\\\"\u003e\\r\\n    \u003chead \u003e\\r\\n        \u003cscript\u003e\\n\\tvar BASE_URL = WEB_URL = 'https://shop.r\"",
        "status": 403
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614366/lpZG3w",
      "token": "o2qouXpIPoYxt8KMq3qRegJ3JGRYtrGo0jQ-ZgqTIuo",
      "validationRecord": [
        {
          "url": "http://shop.room801.com/.well-known/acme-challenge/o2qouXpIPoYxt8KMq3qRegJ3JGRYtrGo0jQ-ZgqTIuo",
          "hostname": "shop.room801.com",
          "port": "80",
          "addressesResolved": [
            "159.65.238.59"
          ],
          "addressUsed": "159.65.238.59"
        },
        {
          "url": "https://shop.room801.com/catalogsearch/result/?q=well+known+acme+challenge+o2qouXpIPoYxt8KMq3qRegJ3JGRYtrGo0jQ+ZgqTIuo\u0026404=1",
          "hostname": "shop.room801.com",
          "port": "443",
          "addressesResolved": [
            "159.65.238.59"
          ],
          "addressUsed": "159.65.238.59"
        }
      ],
      "validated": "2023-11-21T13:44:03Z"
    }
  ]
}
2023-11-21 08:44:09,651:DEBUG:acme.client:Storing nonce: SFMYLIQjG3ky5z7kAt8szq68mPaG0R8fsAMULvbrY_hjZEz4LJk
2023-11-21 08:44:09,653:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:

Domain: shop.room801.com
Type:   unauthorized
Detail: 159.65.238.59: Invalid response from https://shop.room801.com/catalogsearch/result/?q=well+known+acme+challenge+o2qouXpIPoYxt8KMq3qRegJ3JGRYtrGo0jQ+ZgqTIuo&404=1: "\r\n<!doctype html>\r\n<html class=\"use-header3\" lang=\"en\">\r\n    <head >\r\n        <script>\n\tvar BASE_URL = WEB_URL = 'https://shop.r"

To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
2023-11-21 08:44:09,654:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
    self._respond(aauthzrs, resp, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 155, in _respond
    self._poll_challenges(aauthzrs, chall_update, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 226, in _poll_challenges
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. shop.room801.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: 159.65.238.59: Invalid response from https://shop.room801.com/catalogsearch/result/?q=well+known+acme+challenge+o2qouXpIPoYxt8KMq3qRegJ3JGRYtrGo0jQ+ZgqTIuo&404=1: "\r\n<!doctype html>\r\n<html class=\"use-header3\" lang=\"en\">\r\n    <head >\r\n        <script>\n\tvar BASE_URL = WEB_URL = 'https://shop.r"

2023-11-21 08:44:09,654:DEBUG:certbot.error_handler:Calling registered functions
2023-11-21 08:44:09,654:INFO:certbot.auth_handler:Cleaning up challenges
2023-11-21 08:44:09,654:DEBUG:certbot.plugins.webroot:Removing /var/www/html/.well-known/acme-challenge/XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg
2023-11-21 08:44:09,654:DEBUG:certbot.plugins.webroot:Removing /var/www/html/.well-known/acme-challenge/o2qouXpIPoYxt8KMq3qRegJ3JGRYtrGo0jQ-ZgqTIuo
2023-11-21 08:44:09,655:DEBUG:certbot.plugins.webroot:All challenges cleaned up
2023-11-21 08:44:09,655:WARNING:certbot.renewal:Attempting to renew cert (shop.room801.com) from /etc/letsencrypt/renewal/shop.room801.com.conf produced an unexpected error: Failed authorization procedure. shop.room801.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: 159.65.238.59: Invalid response from https://shop.room801.com/catalogsearch/result/?q=well+known+acme+challenge+o2qouXpIPoYxt8KMq3qRegJ3JGRYtrGo0jQ+ZgqTIuo&404=1: "\r\n<!doctype html>\r\n<html class=\"use-header3\" lang=\"en\">\r\n    <head >\r\n        <script>\n\tvar BASE_URL = WEB_URL = 'https://shop.r". Skipping.
2023-11-21 08:44:09,657:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 443, in handle_renewal_request
    main.renew_cert(lineage_config, plugins, renewal_candidate)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 1197, in renew_cert
    renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 115, in _get_and_save_cert
    renewal.renew_cert(config, domains, le_client, lineage)
  File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 318, in renew_cert
    new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
  File "/usr/lib/python3/dist-packages/certbot/client.py", line 334, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/usr/lib/python3/dist-packages/certbot/client.py", line 370, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
    self._respond(aauthzrs, resp, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 155, in _respond
    self._poll_challenges(aauthzrs, chall_update, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 226, in _poll_challenges
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. shop.room801.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: 159.65.238.59: Invalid response from https://shop.room801.com/catalogsearch/result/?q=well+known+acme+challenge+o2qouXpIPoYxt8KMq3qRegJ3JGRYtrGo0jQ+ZgqTIuo&404=1: "\r\n<!doctype html>\r\n<html class=\"use-header3\" lang=\"en\">\r\n    <head >\r\n        <script>\n\tvar BASE_URL = WEB_URL = 'https://shop.r"

2023-11-21 08:44:09,665:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2023-11-19 19:07:49 UTC.
2023-11-21 08:44:09,665:INFO:certbot.renewal:Cert is due for renewal, auto-renewing...
2023-11-21 08:44:09,681:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2023-11-21 08:44:09,681:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0x7f2de3de6160>
Prep: True
2023-11-21 08:44:09,682:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7f2de3de6160> and installer None
2023-11-21 08:44:09,682:INFO:certbot.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2023-11-21 08:44:09,689:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/85082002', new_authzr_uri=None, terms_of_service=None), 0f485ae2935ada8b59889b40be8cd2a1, Meta(creation_dt=datetime.datetime(2020, 5, 2, 15, 50, 49, tzinfo=<UTC>), creation_host='adultmart-magento2-open-source-ubuntu'))>
2023-11-21 08:44:09,690:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2023-11-21 08:44:09,692:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
2023-11-21 08:44:09,818:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 752
2023-11-21 08:44:09,819:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:44:10 GMT
Content-Type: application/json
Content-Length: 752
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "XXBA_L73AHA": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-01/renewalInfo/",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2023-11-21 08:44:09,820:INFO:certbot.main:Renewing an existing certificate
2023-11-21 08:44:09,959:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0183_key-certbot.pem
2023-11-21 08:44:09,964:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0183_csr-certbot.pem
2023-11-21 08:44:09,965:DEBUG:acme.client:Requesting fresh nonce
2023-11-21 08:44:09,965:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2023-11-21 08:44:10,009:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2023-11-21 08:44:10,010:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:44:10 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: v0bMowfiNGX72fcJvA22HOiP353m4NDHdvXYshwmgooic88hodU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2023-11-21 08:44:10,011:DEBUG:acme.client:Storing nonce: v0bMowfiNGX72fcJvA22HOiP353m4NDHdvXYshwmgooic88hodU
2023-11-21 08:44:10,011:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "shop.explorotica.us"\n    }\n  ]\n}'
2023-11-21 08:44:10,014:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAidjBiTW93ZmlOR1g3MmZjSnZBMjJIT2lQMzUzbTROREhkdlhZc2h3bWdvb2ljODhob2RVIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
  "signature": "ZNHrB-QvSnxjueHPJpS3u8mVRCm6vfZ-KqKMU1An5MXbdrBWpsUTuCMiE0M_dhlcQlb7H9VlUYMugpA02JwP18q0xjbruPfQFMYhMDE3bVSD1KRVu4oP2XNy8RRZdANUDxFiZNUXxJqJsCdQXBHnhFN93N2qvYxIlTk9ATwDcCBqGzxY1uBO7t4o5DcL3M4vhsiADWRv8tNI4qGF3TT0_95ZPr_EaOXwECqWNHZdTC2JG4SlbQ2pc_sbd2O41Cw4zh5q8bYTo9aYeE3QSxNOPDg6kw1HIEnwvPk6vFkOj53vPIqJQbVApFbsTGHvyIJX0LrUv9NK1OdUA9tHg-aP_Q",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInNob3AuZXhwbG9yb3RpY2EudXMiCiAgICB9CiAgXQp9"
}
2023-11-21 08:44:10,218:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 343
2023-11-21 08:44:10,219:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Tue, 21 Nov 2023 13:44:10 GMT
Content-Type: application/json
Content-Length: 343
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/85082002/223789750756
Replay-Nonce: nbWKegf8OFWIhWXwZ-5QJRi0jvt0orzS5r9JA6DBHNzrKF4dvsE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "pending",
  "expires": "2023-11-28T13:44:03Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "shop.explorotica.us"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/286057614356"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/85082002/223789750756"
}
2023-11-21 08:44:10,220:DEBUG:acme.client:Storing nonce: nbWKegf8OFWIhWXwZ-5QJRi0jvt0orzS5r9JA6DBHNzrKF4dvsE
2023-11-21 08:44:10,220:DEBUG:acme.client:JWS payload:
b''
2023-11-21 08:44:10,223:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/286057614356:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAibmJXS2VnZjhPRldJaFdYd1otNVFKUmkwanZ0MG9yelM1cjlKQTZEQkhOenJLRjRkdnNFIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yODYwNTc2MTQzNTYifQ",
  "signature": "IFLqRxjb-33JtJYZ6FrOGPtiHFzIXWZSukA-3WN4xSjzmd968ARw6trF9C-I5lx90zf76mUODbHf9XdtQnOFQAmeVrDnbdan8h7dCRhjgOlCq_-JHIJG09sy0s25ZbJ04RLeWfkvkkiXyLSZGYeV1-Sp_5O-B1whohzjOMWwYdWq-gQfR2SfYugZSpyClFTytu_45nlmr8E-HkMiPq7yWypM9tQhE70JcRj22o92_YZQC9MoTS1I-kupkD9e0nEMOGKVI9bP-5EEwFw5BZ04QBTfiS5qONYCjRkM6W-BPz1C2CKF6UXjPvMNEiSIOCAjkEgA9CpFIvfUNX5E0KvSgg",
  "payload": ""
}
2023-11-21 08:44:10,269:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/286057614356 HTTP/1.1" 200 803
2023-11-21 08:44:10,270:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:44:10 GMT
Content-Type: application/json
Content-Length: 803
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: nbWKegf8dMCLeDDSB8l3QWGJFkIoM98ShIT-4R007HDn5qMoW_8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "shop.explorotica.us"
  },
  "status": "pending",
  "expires": "2023-11-28T13:44:03Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/SeR_aQ",
      "token": "XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/-jsD5Q",
      "token": "XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/k2cm6Q",
      "token": "XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg"
    }
  ]
}
2023-11-21 08:44:10,271:DEBUG:acme.client:Storing nonce: nbWKegf8dMCLeDDSB8l3QWGJFkIoM98ShIT-4R007HDn5qMoW_8
2023-11-21 08:44:10,272:INFO:certbot.auth_handler:Performing the following challenges:
2023-11-21 08:44:10,272:INFO:certbot.auth_handler:http-01 challenge for shop.explorotica.us
2023-11-21 08:44:10,273:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /var/www/html/.well-known/acme-challenge
2023-11-21 08:44:10,276:DEBUG:certbot.plugins.webroot:Attempting to save validation to /var/www/html/.well-known/acme-challenge/XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg
2023-11-21 08:44:10,276:INFO:certbot.auth_handler:Waiting for verification...
2023-11-21 08:44:10,277:DEBUG:acme.client:JWS payload:
b'{\n  "resource": "challenge",\n  "type": "http-01"\n}'
2023-11-21 08:44:10,280:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/SeR_aQ:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAibmJXS2VnZjhkTUNMZUREU0I4bDNRV0dKRmtJb005OFNoSVQtNFIwMDdIRG41cU1vV184IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yODYwNTc2MTQzNTYvU2VSX2FRIn0",
  "signature": "hbtMPiqU1g7vii79qaJi02WuHDDhCKmxpoEtQOdRKiU8M87unYsQmzx6a4S9eeTSOsz7vdDUs6pJrZ0hWXYk8d0mKY-L-F8BubmpAEPotOm0SvWxK311kysHXucCIt93i1ObxS3DxVqahxd-vGG_DXSsF7YIDngaEtNRYPFJ6NnlToAQuHcpnL2JnwXbkAEhI2XBaHDYJGyQo9Mi15NKaUKjafn_VL_oxpTebxRW6t6lIq3BCXA1IIbmdr8V_iAsSIZLcU0Xn1tvYMrGPU9Grke1XA9_mKKLKTGjN3Q06AmFF3H6a4Y2VlP5oiubZEnF4FiilllHTygI8eCMVbdoMA",
  "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0"
}
2023-11-21 08:44:10,333:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/286057614356/SeR_aQ HTTP/1.1" 200 187
2023-11-21 08:44:10,334:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:44:10 GMT
Content-Type: application/json
Content-Length: 187
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/286057614356>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/SeR_aQ
Replay-Nonce: nbWKegf8R47Hkmfb4ZW7UV7kr0T0zz4YvT-6B-srehvnhY9IQG4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/SeR_aQ",
  "token": "XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg"
}
2023-11-21 08:44:10,335:DEBUG:acme.client:Storing nonce: nbWKegf8R47Hkmfb4ZW7UV7kr0T0zz4YvT-6B-srehvnhY9IQG4
2023-11-21 08:44:13,336:DEBUG:acme.client:JWS payload:
b''
2023-11-21 08:44:13,338:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/286057614356:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAibmJXS2VnZjhSNDdIa21mYjRaVzdVVjdrcjBUMHp6NFl2VC02Qi1zcmVodm5oWTlJUUc0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yODYwNTc2MTQzNTYifQ",
  "signature": "Vj69Etw9wFtoBSs7DQO8u8T4SVHTKTBgwLckojV5Fsybxlz1EAfuxRfn2juGeAaW6wqaR9HvZ9llUmkkt8hUAt9IGha96-zV9PBlpKOno0sU_Q9M_CUZIjXeD-BauKR_NWdC36-XkZhX_HASjRd48CVye8m13mdmNi8GzkrBu0Xc8cdceSYko-ypJ0zJaUGeweQxMnMNuxuy-WIkbYkmnJRA8nXz9Hr1_K8asHaQbpDk7qyKLLrYukXUKwEvrq8qc2AGE7hHQ4XnmnP_NY81VII-T9gXPGNoSkbgCXOL5GX8465Y0mfoi-Xvg4wxmaBjMPX9ykXGwvNs08UxySNDsA",
  "payload": ""
}
2023-11-21 08:44:13,385:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/286057614356 HTTP/1.1" 200 1637
2023-11-21 08:44:13,386:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:44:13 GMT
Content-Type: application/json
Content-Length: 1637
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: nbWKegf8eKbghCbnEVzCDiGkd-uToMKwEDtH_DHUELvAL_5A8as
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "shop.explorotica.us"
  },
  "status": "invalid",
  "expires": "2023-11-28T13:44:03Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:unauthorized",
        "detail": "159.65.238.59: Invalid response from https://shop.explorotica.us/catalogsearch/result/?q=well+known+acme+challenge+XTK9n+iX4H03+hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg\u0026404=1: \"\\r\\n\u003c!doctype html\u003e\\r\\n\u003chtml class=\\\"use-header2\\\" lang=\\\"en\\\"\u003e\\r\\n    \u003chead \u003e\\r\\n        \u003cscript\u003e\\n\\tvar BASE_URL = WEB_URL = 'https://shop.e\"",
        "status": 403
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286057614356/SeR_aQ",
      "token": "XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg",
      "validationRecord": [
        {
          "url": "http://shop.explorotica.us/.well-known/acme-challenge/XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg",
          "hostname": "shop.explorotica.us",
          "port": "80",
          "addressesResolved": [
            "159.65.238.59"
          ],
          "addressUsed": "159.65.238.59"
        },
        {
          "url": "https://shop.explorotica.us/catalogsearch/result/?q=well+known+acme+challenge+XTK9n+iX4H03+hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg\u0026404=1",
          "hostname": "shop.explorotica.us",
          "port": "443",
          "addressesResolved": [
            "159.65.238.59"
          ],
          "addressUsed": "159.65.238.59"
        }
      ],
      "validated": "2023-11-21T13:44:03Z"
    }
  ]
}
2023-11-21 08:44:13,386:DEBUG:acme.client:Storing nonce: nbWKegf8eKbghCbnEVzCDiGkd-uToMKwEDtH_DHUELvAL_5A8as
2023-11-21 08:44:13,387:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:

Domain: shop.explorotica.us
Type:   unauthorized
Detail: 159.65.238.59: Invalid response from https://shop.explorotica.us/catalogsearch/result/?q=well+known+acme+challenge+XTK9n+iX4H03+hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg&404=1: "\r\n<!doctype html>\r\n<html class=\"use-header2\" lang=\"en\">\r\n    <head >\r\n        <script>\n\tvar BASE_URL = WEB_URL = 'https://shop.e"

To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
2023-11-21 08:44:13,387:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
    self._respond(aauthzrs, resp, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 155, in _respond
    self._poll_challenges(aauthzrs, chall_update, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 226, in _poll_challenges
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. shop.explorotica.us (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: 159.65.238.59: Invalid response from https://shop.explorotica.us/catalogsearch/result/?q=well+known+acme+challenge+XTK9n+iX4H03+hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg&404=1: "\r\n<!doctype html>\r\n<html class=\"use-header2\" lang=\"en\">\r\n    <head >\r\n        <script>\n\tvar BASE_URL = WEB_URL = 'https://shop.e"

2023-11-21 08:44:13,388:DEBUG:certbot.error_handler:Calling registered functions
2023-11-21 08:44:13,388:INFO:certbot.auth_handler:Cleaning up challenges
2023-11-21 08:44:13,388:DEBUG:certbot.plugins.webroot:Removing /var/www/html/.well-known/acme-challenge/XTK9n-iX4H03__hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg
2023-11-21 08:44:13,388:DEBUG:certbot.plugins.webroot:All challenges cleaned up
2023-11-21 08:44:13,389:WARNING:certbot.renewal:Attempting to renew cert (shop.explorotica.us) from /etc/letsencrypt/renewal/shop.explorotica.us.conf produced an unexpected error: Failed authorization procedure. shop.explorotica.us (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: 159.65.238.59: Invalid response from https://shop.explorotica.us/catalogsearch/result/?q=well+known+acme+challenge+XTK9n+iX4H03+hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg&404=1: "\r\n<!doctype html>\r\n<html class=\"use-header2\" lang=\"en\">\r\n    <head >\r\n        <script>\n\tvar BASE_URL = WEB_URL = 'https://shop.e". Skipping.
2023-11-21 08:44:13,389:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 443, in handle_renewal_request
    main.renew_cert(lineage_config, plugins, renewal_candidate)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 1197, in renew_cert
    renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 115, in _get_and_save_cert
    renewal.renew_cert(config, domains, le_client, lineage)
  File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 318, in renew_cert
    new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
  File "/usr/lib/python3/dist-packages/certbot/client.py", line 334, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/usr/lib/python3/dist-packages/certbot/client.py", line 370, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
    self._respond(aauthzrs, resp, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 155, in _respond
    self._poll_challenges(aauthzrs, chall_update, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 226, in _poll_challenges
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. shop.explorotica.us (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: 159.65.238.59: Invalid response from https://shop.explorotica.us/catalogsearch/result/?q=well+known+acme+challenge+XTK9n+iX4H03+hgJ6LHfQ2DYG7hYo2Z73s8TBAcvQg&404=1: "\r\n<!doctype html>\r\n<html class=\"use-header2\" lang=\"en\">\r\n    <head >\r\n        <script>\n\tvar BASE_URL = WEB_URL = 'https://shop.e"

2023-11-21 08:44:13,391:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2023-11-21 08:44:13,391:ERROR:certbot.renewal:  /etc/letsencrypt/live/shop.room801.com/fullchain.pem (failure)
  /etc/letsencrypt/live/shop.explorotica.us/fullchain.pem (failure)
2023-11-21 08:44:13,392:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/certbot", line 11, in <module>
    load_entry_point('certbot==0.27.0', 'console_scripts', 'certbot')()
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 1364, in main
    return config.func(config, plugins)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 1276, in renew
    renewal.handle_renewal_request(config)
  File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 468, in handle_renewal_request
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 2 renew failure(s), 0 parse failure(s)

shelbyp · November 21, 2023, 1:54pm

In my .htacess file, I have the following:

<IfModule mod_rewrite.c>

SetEnvIf Host .*shop.room801.com.* MAGE_RUN_CODE=base
SetEnvIf Host .*shop.room801.com.* MAGE_RUN_TYPE=website

SetEnvIf Host .*shop.explorotica.us.* MAGE_RUN_CODE=explorotica
SetEnvIf Host .*shop.explorotica.us.* MAGE_RUN_TYPE=website

RewriteEngine on
RewriteRule .* -- [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
RewriteRule .* -- [L,R=405]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule .* index.php [L]
</IfModule>

I commented out "#RewriteCond %{REQUEST_METHOD} ^TRAC[EK]"
I get the following in the log:

2023-11-21 08:48:14,153:DEBUG:certbot.main:certbot version: 0.27.0
2023-11-21 08:48:14,154:DEBUG:certbot.main:Arguments: []
2023-11-21 08:48:14,155:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2023-11-21 08:48:14,164:DEBUG:certbot.log:Root logging level set at 20
2023-11-21 08:48:14,166:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2023-11-21 08:48:14,198:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7f7d649e1550> and installer <certbot.cli._Default object at 0x7f7d649e1550>
2023-11-21 08:48:14,206:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2023-11-19 19:06:20 UTC.
2023-11-21 08:48:14,206:INFO:certbot.renewal:Cert is due for renewal, auto-renewing...
2023-11-21 08:48:14,206:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2023-11-21 08:48:14,206:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0x7f7d64a096d8>
Prep: True
2023-11-21 08:48:14,207:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7f7d64a096d8> and installer None
2023-11-21 08:48:14,207:INFO:certbot.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2023-11-21 08:48:14,211:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/85082002', new_authzr_uri=None, terms_of_service=None), 0f485ae2935ada8b59889b40be8cd2a1, Meta(creation_dt=datetime.datetime(2020, 5, 2, 15, 50, 49, tzinfo=<UTC>), creation_host='adultmart-magento2-open-source-ubuntu'))>
2023-11-21 08:48:14,212:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2023-11-21 08:48:14,215:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
2023-11-21 08:48:14,374:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 752
2023-11-21 08:48:14,375:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:48:14 GMT
Content-Type: application/json
Content-Length: 752
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "03KhVQVNtjM": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-01/renewalInfo/",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2023-11-21 08:48:14,376:INFO:certbot.main:Renewing an existing certificate
2023-11-21 08:48:14,488:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0184_key-certbot.pem
2023-11-21 08:48:14,491:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0184_csr-certbot.pem
2023-11-21 08:48:14,492:DEBUG:acme.client:Requesting fresh nonce
2023-11-21 08:48:14,492:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2023-11-21 08:48:14,544:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2023-11-21 08:48:14,545:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:48:14 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: SFMYLIQjU6olmJzbzPy7U3JK8Jj0Ec2SNC8dpqu3RVhFOp1q7Mg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2023-11-21 08:48:14,545:DEBUG:acme.client:Storing nonce: SFMYLIQjU6olmJzbzPy7U3JK8Jj0Ec2SNC8dpqu3RVhFOp1q7Mg
2023-11-21 08:48:14,546:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "shop.room801.com"\n    },\n    {\n      "type": "dns",\n      "value": "shop.explorotica.us"\n    }\n  ]\n}'
2023-11-21 08:48:14,548:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAiU0ZNWUxJUWpVNm9sbUp6YnpQeTdVM0pLOEpqMEVjMlNOQzhkcHF1M1JWaEZPcDFxN01nIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
  "signature": "fNAgCOFPjkPJ1Dh_2os_Pj3fGlQOXARTYo4AJwdyK0RCs0oZ8rAYmng-0z8KXyB6YWdTR0rp1tDONY7T0o3NyXcF2fv8bGgBDHstsOM5tmWmxNgau9oewt8pMVWi4VwIGB2mvj1yQuKONRzB3yDwFDcdEdRi1aJWr0Csm7ZaRxleiA2I0qgoDrpY8COgorWWYLbh1PaEKNaDUDhb4ikdnRgiyscYLcuh4JBkvC4M_cZRuJB_J4jhdzEW9lLtTQTH6Wh1bcDKAeL4C6V23iayJjtpt3YDFPTchlgjCPPcZ6WZm5NpzZoL5JS08T-4CZ9QeJZBceAJOxlbOj_uCWyKIQ",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInNob3Aucm9vbTgwMS5jb20iCiAgICB9LAogICAgewogICAgICAidHlwZSI6ICJkbnMiLAogICAgICAidmFsdWUiOiAic2hvcC5leHBsb3JvdGljYS51cyIKICAgIH0KICBdCn0"
}
2023-11-21 08:48:14,649:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 482
2023-11-21 08:48:14,650:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Tue, 21 Nov 2023 13:48:15 GMT
Content-Type: application/json
Content-Length: 482
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/85082002/223790343306
Replay-Nonce: jXyutbsn0jEMHPOcusM2lkcKBu4xsY_6ARgZrdaUdCdDIo9x14M
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "pending",
  "expires": "2023-11-28T13:48:15Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "shop.explorotica.us"
    },
    {
      "type": "dns",
      "value": "shop.room801.com"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/286058487676",
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/286058487686"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/85082002/223790343306"
}
2023-11-21 08:48:14,650:DEBUG:acme.client:Storing nonce: jXyutbsn0jEMHPOcusM2lkcKBu4xsY_6ARgZrdaUdCdDIo9x14M
2023-11-21 08:48:14,650:DEBUG:acme.client:JWS payload:
b''
2023-11-21 08:48:14,651:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/286058487676:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAialh5dXRic24wakVNSFBPY3VzTTJsa2NLQnU0eHNZXzZBUmdacmRhVWRDZERJbzl4MTRNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yODYwNTg0ODc2NzYifQ",
  "signature": "XJB7X919RfxS6sfaAJwqxn7O04c84RUZUMzCCElSUAzEujdxxtQwCIiK3LtJPCQXQyf3uwbGt30gJisNHbdge2simU4aNO8IeXAV4dPC1KTTVMwLa0iRegFM4Wr1JSOzTzsk42I3d7w1EyfrNW7fzkoe1SIQRi1NNBiYl6RMcBkNZNMaXh9dTDYpz5YwqnoPYXP3rSjrINepYG2I_Z4-L4s9Lzw7dt1HxJf80eB5jDib9ySSAlewD02XYphDh9nv4YD02nBy8PoeJMXUaFHezBjSI4bw-zpfn2so_n_RYumITFFiwKqRq1V56RRISZbyV1A989VBtTG9FCnUuTfo-w",
  "payload": ""
}
2023-11-21 08:48:14,708:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/286058487676 HTTP/1.1" 200 803
2023-11-21 08:48:14,709:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:48:15 GMT
Content-Type: application/json
Content-Length: 803
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: jXyutbsn4-f5FLFNqpYPPdM5DM6l5AF1epCF3g0P1CnUdeTJ7qo
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "shop.explorotica.us"
  },
  "status": "pending",
  "expires": "2023-11-28T13:48:15Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058487676/c0PcDw",
      "token": "n-a21PLDvm7dwCWbgZ751PEzQn4KQWUDXi3xF-sxiHc"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058487676/3PwKxA",
      "token": "n-a21PLDvm7dwCWbgZ751PEzQn4KQWUDXi3xF-sxiHc"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058487676/bdh0Bg",
      "token": "n-a21PLDvm7dwCWbgZ751PEzQn4KQWUDXi3xF-sxiHc"
    }
  ]
}
2023-11-21 08:48:14,709:DEBUG:acme.client:Storing nonce: jXyutbsn4-f5FLFNqpYPPdM5DM6l5AF1epCF3g0P1CnUdeTJ7qo
2023-11-21 08:48:14,710:DEBUG:acme.client:JWS payload:
b''
2023-11-21 08:48:14,712:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/286058487686:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAialh5dXRic240LWY1RkxGTnFwWVBQZE01RE02bDVBRjFlcENGM2cwUDFDblVkZVRKN3FvIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yODYwNTg0ODc2ODYifQ",
  "signature": "BoeIYqAw9vFOvgJUZ3XeXzBWx5nashWz2oCNweHcuENGbpi91QM3OSJ1UMIwJVLOsrIFx6HNCm4m6_IxlhiKfyanyWFMhmzUbU4xoKCKZOo4cnbnzg3HqdhvZhgQWYsPikHdKORXYz8MAvQfZwCKryWCIlKDiOfaF4Hxo7DTdDQ1V5tBtEKdote8Ck0Y3oiSiC1e2RMbZpCT6Z4VgXx4WH0HLOjMI1kL7FWM_od3bvXvQmWAo4eIeLIrZAkaqe5qFAFxmt6GcyelEyPRJnHdLiz6IjKb9We34S2dG5d-kdFTiLvZSUv4lxqHnlxawEu4gexCJyR3fQ9fp8KQ7Aauyg",
  "payload": ""
}
2023-11-21 08:48:14,768:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/286058487686 HTTP/1.1" 200 800
2023-11-21 08:48:14,768:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:48:15 GMT
Content-Type: application/json
Content-Length: 800
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: jXyutbsnS5qi2hQ3FEK3RWbhAycldjIke3-4TMT6Cnc6CY49mf4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "shop.room801.com"
  },
  "status": "pending",
  "expires": "2023-11-28T13:48:15Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058487686/WWkNjw",
      "token": "sqdDT8pjwdmaAK_-YR-vx7YwLKUCF2cY2xYH9FeYUoc"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058487686/D1jXew",
      "token": "sqdDT8pjwdmaAK_-YR-vx7YwLKUCF2cY2xYH9FeYUoc"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058487686/2BJsAQ",
      "token": "sqdDT8pjwdmaAK_-YR-vx7YwLKUCF2cY2xYH9FeYUoc"
    }
  ]
}
2023-11-21 08:48:14,769:DEBUG:acme.client:Storing nonce: jXyutbsnS5qi2hQ3FEK3RWbhAycldjIke3-4TMT6Cnc6CY49mf4
2023-11-21 08:48:14,769:INFO:certbot.auth_handler:Performing the following challenges:
2023-11-21 08:48:14,770:INFO:certbot.auth_handler:http-01 challenge for shop.explorotica.us
2023-11-21 08:48:14,770:INFO:certbot.auth_handler:http-01 challenge for shop.room801.com
2023-11-21 08:48:14,770:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /var/www/html/.well-known/acme-challenge
2023-11-21 08:48:14,770:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /var/www/html/.well-known/acme-challenge
2023-11-21 08:48:14,773:DEBUG:certbot.plugins.webroot:Attempting to save validation to /var/www/html/.well-known/acme-challenge/n-a21PLDvm7dwCWbgZ751PEzQn4KQWUDXi3xF-sxiHc
2023-11-21 08:48:14,775:DEBUG:certbot.plugins.webroot:Attempting to save validation to /var/www/html/.well-known/acme-challenge/sqdDT8pjwdmaAK_-YR-vx7YwLKUCF2cY2xYH9FeYUoc
2023-11-21 08:48:14,775:INFO:certbot.auth_handler:Waiting for verification...
2023-11-21 08:48:14,776:DEBUG:acme.client:JWS payload:
b'{\n  "resource": "challenge",\n  "type": "http-01"\n}'
2023-11-21 08:48:14,777:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058487676/c0PcDw:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAialh5dXRic25TNXFpMmhRM0ZFSzNSV2JoQXljbGRqSWtlMy00VE1UNkNuYzZDWTQ5bWY0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yODYwNTg0ODc2NzYvYzBQY0R3In0",
  "signature": "WXUKeNbFWzE5G1JSAlnNx1CXI5zYTMReRew8TDEktIWjzONo8qRIRF-wXSwgG2XMeB1ziy-FY_akjlgcrk6l7GfNve2HpXGoR0dcyjSn__H1erh7ViVD8J5Xng-VEZ9NApaOqrgJQdix3rL3BlUuuuOy40suaQJtvGYldC1FwYpTxbhIv-c2PGF66nFkDo4t5d4-PZoLhSeFUrLEfELu9Ono8QsDVtzvIf54lzNKUN2eGwMt70WUDsUJEUFqVROGGmOovESlFDJmXsnIqP7Fco0tJyTWh9qaFGgcudd2TGbCSSc1e_PuIDNV1BrdfyCXxieFmiCyOOt1OEHrFMjwMg",
  "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0"
}
2023-11-21 08:48:14,846:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/286058487676/c0PcDw HTTP/1.1" 200 187
2023-11-21 08:48:14,846:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:48:15 GMT
Content-Type: application/json
Content-Length: 187
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/286058487676>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058487676/c0PcDw
Replay-Nonce: jXyutbsntmxgn1vePzJsZyXyvDH8twNHOe2EH5-nIpHYQZfYE8w
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058487676/c0PcDw",
  "token": "n-a21PLDvm7dwCWbgZ751PEzQn4KQWUDXi3xF-sxiHc"
}
2023-11-21 08:48:14,847:DEBUG:acme.client:Storing nonce: jXyutbsntmxgn1vePzJsZyXyvDH8twNHOe2EH5-nIpHYQZfYE8w
2023-11-21 08:48:14,847:DEBUG:acme.client:JWS payload:
b'{\n  "resource": "challenge",\n  "type": "http-01"\n}'
2023-11-21 08:48:14,849:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058487686/WWkNjw:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAialh5dXRic250bXhnbjF2ZVB6SnNaeVh5dkRIOHR3TkhPZTJFSDUtbklwSFlRWmZZRTh3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yODYwNTg0ODc2ODYvV1drTmp3In0",
  "signature": "P_Ck46M3ahO5Zet9__ZrlcdFZYLcJPKryC5ASVqbpbbrwK87ARJL20pgl-gdXYKe1hWDt1BiwgEYOLjNHUHtIVKrLKRtQX710C4wOENf38tiYZvwFtpzpteNZ7Hr_AvZ8_dAN3f36qMbwJmZj9XVI0NyozGPrsmzR-Xokfy4IMnmRz3x_iAsbfcQCBTUOVr4uws05VrSgd-PVP43dPFmOyVZ9e-Uo0M9Ll8v07eQyWIG_aNRLgqObPq3s6U41X5V6WsFgCTn6x_9HjWQ4hSsfqeSoYFXGeNxFxS_oIVAiqeOYlmRO_DE4-_gaQjI7-ojlNgCB_mQ2Y1cTnhYUtqbqw",
  "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0"
}
2023-11-21 08:48:14,913:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/286058487686/WWkNjw HTTP/1.1" 200 187
2023-11-21 08:48:14,914:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:48:15 GMT
Content-Type: application/json
Content-Length: 187
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/286058487686>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058487686/WWkNjw
Replay-Nonce: SFMYLIQjbyd91Ulwikj_2r7xEkg2EuJEV_qhLJ7lQqGgq1cZAf0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058487686/WWkNjw",
  "token": "sqdDT8pjwdmaAK_-YR-vx7YwLKUCF2cY2xYH9FeYUoc"
}
2023-11-21 08:48:14,914:DEBUG:acme.client:Storing nonce: SFMYLIQjbyd91Ulwikj_2r7xEkg2EuJEV_qhLJ7lQqGgq1cZAf0
2023-11-21 08:48:17,918:DEBUG:acme.client:JWS payload:
b''
2023-11-21 08:48:17,919:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/286058487676:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAiU0ZNWUxJUWpieWQ5MVVsd2lral8ycjd4RWtnMkV1SkVWX3FoTEo3bFFxR2dxMWNaQWYwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yODYwNTg0ODc2NzYifQ",
  "signature": "QPG2F9GUyPjrubP1FtrFlvl4TVj6ZMc5B1LF7C12AuIlj6d_MokZC2_-g-C5xsuUCHoU53AUQZMPZjys0Qe33YX7BZt05Dli3lYDDmDDwu2j_6r-XHSrUOcZKanz4lTU0pxcVOn2UxIzqcmdmUyrP71tvRESLqiaJxWnbg9CvZWFGbGI2KUwuukOztFLou-ligiFD04EZ9UmyWKoKh7BJUnIbOfVxghV2ryj0cf9f1rSI4XpWSPAMmQl66hZONFscP6WkyQDwRTRnlrRJbjXPabSbi5vw569RmHYG1JQv6ao4N8Ihe6o1FnYZS9s-5p26LQ1CHUzEiMK-EjLhWs3rw",
  "payload": ""
}
2023-11-21 08:48:17,974:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/286058487676 HTTP/1.1" 200 1044
2023-11-21 08:48:17,974:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:48:18 GMT
Content-Type: application/json
Content-Length: 1044
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: jXyutbsnwZmxUqGP5lKgylv_5HjkHG2KpeWjFeh7oh5lL5jsNlU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "shop.explorotica.us"
  },
  "status": "invalid",
  "expires": "2023-11-28T13:48:15Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:unauthorized",
        "detail": "159.65.238.59: Invalid response from http://shop.explorotica.us/.well-known/acme-challenge/n-a21PLDvm7dwCWbgZ751PEzQn4KQWUDXi3xF-sxiHc: 405",
        "status": 403
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058487676/c0PcDw",
      "token": "n-a21PLDvm7dwCWbgZ751PEzQn4KQWUDXi3xF-sxiHc",
      "validationRecord": [
        {
          "url": "http://shop.explorotica.us/.well-known/acme-challenge/n-a21PLDvm7dwCWbgZ751PEzQn4KQWUDXi3xF-sxiHc",
          "hostname": "shop.explorotica.us",
          "port": "80",
          "addressesResolved": [
            "159.65.238.59"
          ],
          "addressUsed": "159.65.238.59"
        }
      ],
      "validated": "2023-11-21T13:48:15Z"
    }
  ]
}
2023-11-21 08:48:17,975:DEBUG:acme.client:Storing nonce: jXyutbsnwZmxUqGP5lKgylv_5HjkHG2KpeWjFeh7oh5lL5jsNlU
2023-11-21 08:48:17,975:DEBUG:acme.client:JWS payload:
b''
2023-11-21 08:48:17,977:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/286058487686:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAialh5dXRic253Wm14VXFHUDVsS2d5bHZfNUhqa0hHMktwZVdqRmVoN29oNWxMNWpzTmxVIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yODYwNTg0ODc2ODYifQ",
  "signature": "XghS9iFw_2u8SPLbREYNoDWpXHK4kEUEppo6gLrwC3mX0omdM8NxlmScEL2QE85Bq7_u8AOJRLQ_Zw_fsDXBkgOty7folBn_xTkmMV0zeC6MGTxVHT9tSaa5P4WVltVODOv3MrocSCLtz0z8hKvo4_sBlV_gsJntjQigMGG8sIij4scbKlZqatWgPf0wUWULr1Kf-a-YnmXAnVaoh7EwdIdGzlSj3X8zG_T2ADQC5AILSixRUYV6a1VEt2iutzwLJHvAiadi-SGv9RIFMgCP36vB5nIzYfpkhr40vhGfAl9SI7QT3E0wGYoo7rfX9ApqFRVGz7wu7wEjvQ3-LaYiXA",
  "payload": ""
}
2023-11-21 08:48:18,031:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/286058487686 HTTP/1.1" 200 1032
2023-11-21 08:48:18,032:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:48:18 GMT
Content-Type: application/json
Content-Length: 1032
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: SFMYLIQjxjwi31Ynu2h2VHGgWyKoKie-REsag8v7E4GPLKqYE6I
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "shop.room801.com"
  },
  "status": "invalid",
  "expires": "2023-11-28T13:48:15Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:unauthorized",
        "detail": "159.65.238.59: Invalid response from http://shop.room801.com/.well-known/acme-challenge/sqdDT8pjwdmaAK_-YR-vx7YwLKUCF2cY2xYH9FeYUoc: 405",
        "status": 403
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058487686/WWkNjw",
      "token": "sqdDT8pjwdmaAK_-YR-vx7YwLKUCF2cY2xYH9FeYUoc",
      "validationRecord": [
        {
          "url": "http://shop.room801.com/.well-known/acme-challenge/sqdDT8pjwdmaAK_-YR-vx7YwLKUCF2cY2xYH9FeYUoc",
          "hostname": "shop.room801.com",
          "port": "80",
          "addressesResolved": [
            "159.65.238.59"
          ],
          "addressUsed": "159.65.238.59"
        }
      ],
      "validated": "2023-11-21T13:48:15Z"
    }
  ]
}
2023-11-21 08:48:18,032:DEBUG:acme.client:Storing nonce: SFMYLIQjxjwi31Ynu2h2VHGgWyKoKie-REsag8v7E4GPLKqYE6I
2023-11-21 08:48:18,033:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:

Domain: shop.room801.com
Type:   unauthorized
Detail: 159.65.238.59: Invalid response from http://shop.room801.com/.well-known/acme-challenge/sqdDT8pjwdmaAK_-YR-vx7YwLKUCF2cY2xYH9FeYUoc: 405

Domain: shop.explorotica.us
Type:   unauthorized
Detail: 159.65.238.59: Invalid response from http://shop.explorotica.us/.well-known/acme-challenge/n-a21PLDvm7dwCWbgZ751PEzQn4KQWUDXi3xF-sxiHc: 405

To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
2023-11-21 08:48:18,033:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
    self._respond(aauthzrs, resp, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 155, in _respond
    self._poll_challenges(aauthzrs, chall_update, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 226, in _poll_challenges
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. shop.room801.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: 159.65.238.59: Invalid response from http://shop.room801.com/.well-known/acme-challenge/sqdDT8pjwdmaAK_-YR-vx7YwLKUCF2cY2xYH9FeYUoc: 405, shop.explorotica.us (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: 159.65.238.59: Invalid response from http://shop.explorotica.us/.well-known/acme-challenge/n-a21PLDvm7dwCWbgZ751PEzQn4KQWUDXi3xF-sxiHc: 405

2023-11-21 08:48:18,034:DEBUG:certbot.error_handler:Calling registered functions
2023-11-21 08:48:18,034:INFO:certbot.auth_handler:Cleaning up challenges
2023-11-21 08:48:18,034:DEBUG:certbot.plugins.webroot:Removing /var/www/html/.well-known/acme-challenge/n-a21PLDvm7dwCWbgZ751PEzQn4KQWUDXi3xF-sxiHc
2023-11-21 08:48:18,034:DEBUG:certbot.plugins.webroot:Removing /var/www/html/.well-known/acme-challenge/sqdDT8pjwdmaAK_-YR-vx7YwLKUCF2cY2xYH9FeYUoc
2023-11-21 08:48:18,034:DEBUG:certbot.plugins.webroot:All challenges cleaned up
2023-11-21 08:48:18,034:WARNING:certbot.renewal:Attempting to renew cert (shop.room801.com) from /etc/letsencrypt/renewal/shop.room801.com.conf produced an unexpected error: Failed authorization procedure. shop.room801.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: 159.65.238.59: Invalid response from http://shop.room801.com/.well-known/acme-challenge/sqdDT8pjwdmaAK_-YR-vx7YwLKUCF2cY2xYH9FeYUoc: 405, shop.explorotica.us (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: 159.65.238.59: Invalid response from http://shop.explorotica.us/.well-known/acme-challenge/n-a21PLDvm7dwCWbgZ751PEzQn4KQWUDXi3xF-sxiHc: 405. Skipping.
2023-11-21 08:48:18,035:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 443, in handle_renewal_request
    main.renew_cert(lineage_config, plugins, renewal_candidate)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 1197, in renew_cert
    renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 115, in _get_and_save_cert
    renewal.renew_cert(config, domains, le_client, lineage)
  File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 318, in renew_cert
    new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
  File "/usr/lib/python3/dist-packages/certbot/client.py", line 334, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/usr/lib/python3/dist-packages/certbot/client.py", line 370, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
    self._respond(aauthzrs, resp, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 155, in _respond
    self._poll_challenges(aauthzrs, chall_update, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 226, in _poll_challenges
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. shop.room801.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: 159.65.238.59: Invalid response from http://shop.room801.com/.well-known/acme-challenge/sqdDT8pjwdmaAK_-YR-vx7YwLKUCF2cY2xYH9FeYUoc: 405, shop.explorotica.us (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: 159.65.238.59: Invalid response from http://shop.explorotica.us/.well-known/acme-challenge/n-a21PLDvm7dwCWbgZ751PEzQn4KQWUDXi3xF-sxiHc: 405

2023-11-21 08:48:18,040:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2023-11-19 19:07:49 UTC.
2023-11-21 08:48:18,040:INFO:certbot.renewal:Cert is due for renewal, auto-renewing...
2023-11-21 08:48:18,041:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2023-11-21 08:48:18,041:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0x7f7d64a19cf8>
Prep: True
2023-11-21 08:48:18,041:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7f7d64a19cf8> and installer None
2023-11-21 08:48:18,041:INFO:certbot.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2023-11-21 08:48:18,043:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/85082002', new_authzr_uri=None, terms_of_service=None), 0f485ae2935ada8b59889b40be8cd2a1, Meta(creation_dt=datetime.datetime(2020, 5, 2, 15, 50, 49, tzinfo=<UTC>), creation_host='adultmart-magento2-open-source-ubuntu'))>
2023-11-21 08:48:18,044:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2023-11-21 08:48:18,045:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
2023-11-21 08:48:18,203:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 752
2023-11-21 08:48:18,204:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:48:18 GMT
Content-Type: application/json
Content-Length: 752
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-01/renewalInfo/",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert",
  "xfAoFC9GmjE": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417"
}
2023-11-21 08:48:18,204:INFO:certbot.main:Renewing an existing certificate
2023-11-21 08:48:18,278:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0185_key-certbot.pem
2023-11-21 08:48:18,281:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0185_csr-certbot.pem
2023-11-21 08:48:18,282:DEBUG:acme.client:Requesting fresh nonce
2023-11-21 08:48:18,282:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2023-11-21 08:48:18,334:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2023-11-21 08:48:18,334:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:48:18 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: jXyutbsnB79023TDiFoRkHFpRJelNLbEe8M20j6N23kQZyZS41A
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2023-11-21 08:48:18,334:DEBUG:acme.client:Storing nonce: jXyutbsnB79023TDiFoRkHFpRJelNLbEe8M20j6N23kQZyZS41A
2023-11-21 08:48:18,335:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "shop.explorotica.us"\n    }\n  ]\n}'
2023-11-21 08:48:18,336:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAialh5dXRic25CNzkwMjNURGlGb1JrSEZwUkplbE5MYkVlOE0yMGo2TjIza1FaeVpTNDFBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
  "signature": "a-sCxi_kc3rZPGXl8Lye4paZUmaG4EIpo-BgwiQPgRGaDxWThG7MP1gTDxmDeQD82AyEe0d5SYZlD_DKtP95GFFFyFZU70gmPTj8J-3dMkdRJJxYfA7W9GYglvYNun_Vu6lxo87HqJvMYcMvpZncHD2RuRmrSKDGWuD5atdM83lDZrzDJmEaZFwpuT5p2W3e56YF8uer9GhGwaHtp5rBZ_r9HTvVLbfrifh-DAsAkvwlPeX3de1XRTvROiemF69mN37FzbZKwTOb428DMXiSCvbYT4KH31HIMY_kzTVEY47YMnAxVXJx-jXYCaPYfJfBN2kNkW6pTABueATn24mhIA",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInNob3AuZXhwbG9yb3RpY2EudXMiCiAgICB9CiAgXQp9"
}
2023-11-21 08:48:18,436:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 343
2023-11-21 08:48:18,437:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Tue, 21 Nov 2023 13:48:18 GMT
Content-Type: application/json
Content-Length: 343
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/85082002/223790351446
Replay-Nonce: jXyutbsn7ok4ppX-gMy9z-VTu2NTAzgG8M5eJbVMFNQrMKylERQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "pending",
  "expires": "2023-11-28T13:48:18Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "shop.explorotica.us"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/286058501506"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/85082002/223790351446"
}
2023-11-21 08:48:18,437:DEBUG:acme.client:Storing nonce: jXyutbsn7ok4ppX-gMy9z-VTu2NTAzgG8M5eJbVMFNQrMKylERQ
2023-11-21 08:48:18,437:DEBUG:acme.client:JWS payload:
b''
2023-11-21 08:48:18,439:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/286058501506:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAialh5dXRic243b2s0cHBYLWdNeTl6LVZUdTJOVEF6Z0c4TTVlSmJWTUZOUXJNS3lsRVJRIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yODYwNTg1MDE1MDYifQ",
  "signature": "faNDp3P5q5wZEgZQS3AWG59PCikLuQCsBKI9b6f6Wcn4aOGbcy_mM9GvxLaRLS8EJsUZrE_9yvN_63jR9Pi4WZx8xim3zVpbOnWGA9ROVrg-txwfLhB0Qrn-REcJR2ItENEUM_gyn1w0fh416-Yzif45XrAp_nx_5mFVChyGsoRVyu95cvJmq-vBILd8s_Ly2nehXmyfjDV8LJQIYq9ye1f53TAatMXUULLAccFxhZq8R_sQgBf38Q4mxU77XlLmq_HnDjEhpNUoxkT21lsu6CHVEnn0KpkNejSnuDqqgPjyjkXbbdbWBFCp2G7KklVRf5QsfWn8He4ylNgn8Fu-0Q",
  "payload": ""
}
2023-11-21 08:48:18,493:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/286058501506 HTTP/1.1" 200 803
2023-11-21 08:48:18,494:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:48:18 GMT
Content-Type: application/json
Content-Length: 803
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: SFMYLIQjK4cr-QhrRaEtWssyIQiALtlmx3YsMxC9X1H738K3LPk
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "shop.explorotica.us"
  },
  "status": "pending",
  "expires": "2023-11-28T13:48:18Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058501506/a3gerA",
      "token": "WSO94nwv15nOb8SlTR_sYo10QCYh3_v2r1m-p84lBeI"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058501506/BFN7iw",
      "token": "WSO94nwv15nOb8SlTR_sYo10QCYh3_v2r1m-p84lBeI"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058501506/yGXLXg",
      "token": "WSO94nwv15nOb8SlTR_sYo10QCYh3_v2r1m-p84lBeI"
    }
  ]
}
2023-11-21 08:48:18,494:DEBUG:acme.client:Storing nonce: SFMYLIQjK4cr-QhrRaEtWssyIQiALtlmx3YsMxC9X1H738K3LPk
2023-11-21 08:48:18,495:INFO:certbot.auth_handler:Performing the following challenges:
2023-11-21 08:48:18,495:INFO:certbot.auth_handler:http-01 challenge for shop.explorotica.us
2023-11-21 08:48:18,496:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /var/www/html/.well-known/acme-challenge
2023-11-21 08:48:18,499:DEBUG:certbot.plugins.webroot:Attempting to save validation to /var/www/html/.well-known/acme-challenge/WSO94nwv15nOb8SlTR_sYo10QCYh3_v2r1m-p84lBeI
2023-11-21 08:48:18,499:INFO:certbot.auth_handler:Waiting for verification...
2023-11-21 08:48:18,499:DEBUG:acme.client:JWS payload:
b'{\n  "resource": "challenge",\n  "type": "http-01"\n}'
2023-11-21 08:48:18,501:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058501506/a3gerA:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAiU0ZNWUxJUWpLNGNyLVFoclJhRXRXc3N5SVFpQUx0bG14M1lzTXhDOVgxSDczOEszTFBrIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yODYwNTg1MDE1MDYvYTNnZXJBIn0",
  "signature": "EWQ_YAOtsG4w4c_wZ6c6vJFrbg9ALFnMa1SQMxM6gETc9bX6Qp-GNCZkIpPgOh5VCmmmXtmS2gdnCvkX0QiFImGinXjQ8ReL_gBPZuajKHg8mQe35MMr4xna-hbv7276T3yuwHfecPcPX-cnOtBKJoC1O9JpedBWrvdEOi0kJUEn2aioXEIYI9-fS-Bthpvp9HkK48KynVylCljU_Gferv3i5Xys6GEJrQhxx3X49-XxIjf07syhyOT5Zdyv1Kffrq-zcdTKBK6dP8Np9j6DTjcHPslL4XHeFzw2sIgez5m5esuR2j9ZCAptMa2IpxQzlgab_ma55hGBZFoZE7JWTQ",
  "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0"
}
2023-11-21 08:48:18,556:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/286058501506/a3gerA HTTP/1.1" 200 187
2023-11-21 08:48:18,557:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:48:18 GMT
Content-Type: application/json
Content-Length: 187
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/286058501506>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058501506/a3gerA
Replay-Nonce: jXyutbsn2gqzLiwQ0CYhVe4PD4gOroWrr81mdX4om7s5kzrAuV8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058501506/a3gerA",
  "token": "WSO94nwv15nOb8SlTR_sYo10QCYh3_v2r1m-p84lBeI"
}
2023-11-21 08:48:18,557:DEBUG:acme.client:Storing nonce: jXyutbsn2gqzLiwQ0CYhVe4PD4gOroWrr81mdX4om7s5kzrAuV8
2023-11-21 08:48:21,561:DEBUG:acme.client:JWS payload:
b''
2023-11-21 08:48:21,564:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/286058501506:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvODUwODIwMDIiLCAibm9uY2UiOiAialh5dXRic24yZ3F6TGl3UTBDWWhWZTRQRDRnT3JvV3JyODFtZFg0b203czVrenJBdVY4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yODYwNTg1MDE1MDYifQ",
  "signature": "YrFOqhn_evWxF08XLmq-gdnUuxMPV55RcYlHTg5TSt3xJ0s8FI8DZtykIL3qza5V_DVRtIKo4EAb1c1ToL77-vPbT2ZWfkKw5sR81S9Md-IDO1elzPsu51JefFs9fhOHaRCR_ylzv3mU1YW9yPzNU1tZorrInS6wWbvGGvZYzUQRTHjxDNmUdFN9LgWfX40LSIdfzg6ZclrWKFgkXt4ws0FI7GHvPXPce9UP2T76odfXUsKOOuWnwVxe5ypJ0bksJ7otqXHVf19ygqKZ0eXUEY9Ml5JJn--srKjq3VCluBzI6yLLZeHF-7-T1zRh1uOn9R5hisWhP9kpoeCPgVOWdA",
  "payload": ""
}
2023-11-21 08:48:21,632:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/286058501506 HTTP/1.1" 200 1044
2023-11-21 08:48:21,633:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 21 Nov 2023 13:48:22 GMT
Content-Type: application/json
Content-Length: 1044
Connection: keep-alive
Boulder-Requester: 85082002
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: jXyutbsnyLtw_alsNq8XViMh0AC3AIuBY8Qo6x2WnxBI2BeK1_8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "shop.explorotica.us"
  },
  "status": "invalid",
  "expires": "2023-11-28T13:48:18Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:unauthorized",
        "detail": "159.65.238.59: Invalid response from http://shop.explorotica.us/.well-known/acme-challenge/WSO94nwv15nOb8SlTR_sYo10QCYh3_v2r1m-p84lBeI: 405",
        "status": 403
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/286058501506/a3gerA",
      "token": "WSO94nwv15nOb8SlTR_sYo10QCYh3_v2r1m-p84lBeI",
      "validationRecord": [
        {
          "url": "http://shop.explorotica.us/.well-known/acme-challenge/WSO94nwv15nOb8SlTR_sYo10QCYh3_v2r1m-p84lBeI",
          "hostname": "shop.explorotica.us",
          "port": "80",
          "addressesResolved": [
            "159.65.238.59"
          ],
          "addressUsed": "159.65.238.59"
        }
      ],
      "validated": "2023-11-21T13:48:18Z"
    }
  ]
}
2023-11-21 08:48:21,633:DEBUG:acme.client:Storing nonce: jXyutbsnyLtw_alsNq8XViMh0AC3AIuBY8Qo6x2WnxBI2BeK1_8
2023-11-21 08:48:21,634:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:

Domain: shop.explorotica.us
Type:   unauthorized
Detail: 159.65.238.59: Invalid response from http://shop.explorotica.us/.well-known/acme-challenge/WSO94nwv15nOb8SlTR_sYo10QCYh3_v2r1m-p84lBeI: 405

To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
2023-11-21 08:48:21,635:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
    self._respond(aauthzrs, resp, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 155, in _respond
    self._poll_challenges(aauthzrs, chall_update, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 226, in _poll_challenges
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. shop.explorotica.us (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: 159.65.238.59: Invalid response from http://shop.explorotica.us/.well-known/acme-challenge/WSO94nwv15nOb8SlTR_sYo10QCYh3_v2r1m-p84lBeI: 405

2023-11-21 08:48:21,635:DEBUG:certbot.error_handler:Calling registered functions
2023-11-21 08:48:21,635:INFO:certbot.auth_handler:Cleaning up challenges
2023-11-21 08:48:21,635:DEBUG:certbot.plugins.webroot:Removing /var/www/html/.well-known/acme-challenge/WSO94nwv15nOb8SlTR_sYo10QCYh3_v2r1m-p84lBeI
2023-11-21 08:48:21,636:DEBUG:certbot.plugins.webroot:All challenges cleaned up
2023-11-21 08:48:21,636:WARNING:certbot.renewal:Attempting to renew cert (shop.explorotica.us) from /etc/letsencrypt/renewal/shop.explorotica.us.conf produced an unexpected error: Failed authorization procedure. shop.explorotica.us (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: 159.65.238.59: Invalid response from http://shop.explorotica.us/.well-known/acme-challenge/WSO94nwv15nOb8SlTR_sYo10QCYh3_v2r1m-p84lBeI: 405. Skipping.
2023-11-21 08:48:21,637:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 443, in handle_renewal_request
    main.renew_cert(lineage_config, plugins, renewal_candidate)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 1197, in renew_cert
    renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 115, in _get_and_save_cert
    renewal.renew_cert(config, domains, le_client, lineage)
  File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 318, in renew_cert
    new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
  File "/usr/lib/python3/dist-packages/certbot/client.py", line 334, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/usr/lib/python3/dist-packages/certbot/client.py", line 370, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
    self._respond(aauthzrs, resp, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 155, in _respond
    self._poll_challenges(aauthzrs, chall_update, best_effort)
  File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 226, in _poll_challenges
    raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. shop.explorotica.us (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: 159.65.238.59: Invalid response from http://shop.explorotica.us/.well-known/acme-challenge/WSO94nwv15nOb8SlTR_sYo10QCYh3_v2r1m-p84lBeI: 405

2023-11-21 08:48:21,640:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2023-11-21 08:48:21,641:ERROR:certbot.renewal:  /etc/letsencrypt/live/shop.room801.com/fullchain.pem (failure)
  /etc/letsencrypt/live/shop.explorotica.us/fullchain.pem (failure)
2023-11-21 08:48:21,641:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/certbot", line 11, in <module>
    load_entry_point('certbot==0.27.0', 'console_scripts', 'certbot')()
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 1364, in main
    return config.func(config, plugins)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 1276, in renew
    renewal.handle_renewal_request(config)
  File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 468, in handle_renewal_request
    len(renew_failures), len(parse_failures)))
certbot.errors.Error: 2 renew failure(s), 0 parse failure(s)

MikeMcQ · November 21, 2023, 2:20pm

Sorry but I cannot reproduce the 405 Method Not Allowed you show.

I see you are using Fastly and that something is redirecting HTTP Challenges incorrectly. This would cause problems but not the one you show. I am not sure what to suggest other than review your Fastly config so it passes the HTTP challenge directly to your Apache server. You may need to ask their support about that.

A sample test that should get a 404 response but instead gets redirected to your catalog search and gets a 200

@0ms: Making a request to http://shop.explorotica.us/.well-known/acme-challenge/letsdebug-test (using initial IP 159.65.238.59)
@0ms: Dialing 159.65.238.59
@572ms: Server response: HTTP 301 Moved Permanently
@572ms: Received redirect to https://shop.explorotica.us/catalogsearch/result/?q=well+known+acme+challenge+letsdebug+test&404=1
@573ms: Dialing 159.65.238.59
@2356ms: Server response: HTTP 200 OK

shelbyp · November 21, 2023, 2:36pm

try again i will comment out the the following line:

RewriteCond %{REQUEST_METHOD} ^TRAC[EK]

MikeMcQ · November 21, 2023, 2:37pm

Comment out both those lines. That may be cause of 405

I still don't see how Fastly is not involved but go ahead and try