My domain is:
–.nl
I ran this command:
sudo certbot --staging certonly --webroot -w /var/www/virtual/-- -d --.nl
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for --.nl
Using the webroot path /var/www/virtual/-- for all unmatched domains.
Waiting for verification…
Cleaning up challenges
Unable to clean up challenge directory /var/www/virtual/–/.well-known/acme-challenge
Failed authorization procedure. --.nl (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://–.nl/.well-known/acme-challenge/mypwSj_CAeRqjAL31ppEcOn98ZrxpmWWFpQ2Y1OFoGQ: "
<meta http-equiv="Content-Type" conte"
IMPORTANT NOTES:
The following errors were reported by the server:
Domain: --.nl
Type: unauthorized
Detail: Invalid response from
http://–.nl/.well-known/acme-challenge/mypwSj_CAeRqjAL31ppEcOn98ZrxpmWWFpQ2Y1OFoGQ:
"
<meta http-equiv="Content-Type" conte"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version):
nginx/1.10.3 (Ubuntu)
The operating system my web server runs on is (include version):
Ubuntu 16.04.3 LTS
My hosting provider, if applicable, is:
domain: Oxilion, VM on Azure
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
When I use the --manual parameter, I create the files myself. Afther this I actually can download the files and the content is correct. But Letsencrypt seems not doing the request on my server. I cannot see it in access.log of nginx.
Done that:
usr@srv:/etc/nginx$ sudo certbot --staging certonly --manual -d --.nl
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for --.nl
NOTE: The IP of this machine will be publicly logged as having requested this
certificate. If you’re running certbot in manual mode on a machine that is not
your server, please ensure you’re okay with that.
Press Enter to Continue
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. --.nl (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://–.nl/.well-known/acme-challenge/_1lhu8yKcah5SP3BLtnNt–DDOcxfoO3GIB78qhRR1M: "
<meta http-equiv="Content-Type" conte"
IMPORTANT NOTES:
The following errors were reported by the server:
Domain: --.nl
Type: unauthorized
Detail: Invalid response from
http://–.nl/.well-known/acme-challenge/_1lhu8yKcah5SP3BLtnNt–DDOcxfoO3GIB78qhRR1M:
"
<meta http-equiv="Content-Type" conte"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
Right. IPv6 has a higher precedence. You should configure your webserver accordingly or get rid of the AAAA-Record if you don't need IPv6 connectivity.