Hi everyone, I’m trying to setup an Ubuntu 16.04 VPS with Nginx, but I’m not able to generate a letsencrypt certificate. The message I get is: “Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.” This is the letsencrypt log. More information is below. Does anyone know what could be the cause?
My domain is: davlstudio.com
I ran this command: sudo certbot --nginx -d davlstudio.com -d www.davlstudio.com
It produced this output: Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.
My web server is (include version): Nginx 1.10.3
The operating system my web server runs on is (include version): 16.04
My hosting provider, if applicable, is: DigitalOcean VPS
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
You either have to upgrade to the latest certbot version or use the --webroot plugin instead of nginx.
Aha. Would this be the correct command, then?
sudo certbot --webroot -d example.com -d www.example.com
Are there any downsides to using this instead of upgrading certbot?
You will have to make sure where to place the challenge files and how to configure your webserver. This can be eased a bit by using webroot for issuance but nginx as installer:
certbot -a webroot -i nginx -d domain -d www.domain ...
Thanks so much! This appears to have solved my problem of not being able to install the certificate.
However, it looks like the certificate doesn’t work for the non-www domain:
https://www.ssllabs.com/ssltest/analyze.html?d=davlstudio.com gets me a certificate name mismatch. Any idea why this could be happening?
This is my nginx config, letsencrypt log, and nginx error log
edit: I’ve since restored an earlier version of the VPS from a snapshot, because the website has to be up and running.
Look into the address records (DNS) of your domain:
$ host davlstudio.com
davlstudio.com has address 22.214.171.124
$ host www.davlstudio.com
www.davlstudio.com has address 126.96.36.199
There is a mismatch.
Ah, thanks so much once again. Editing the DNS solved my problem.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.