MacOS Failed authorization procedure

My domain is:

I ran this command in my laptop: certbot certonly --webroot --staging -w . -d --config-dir . --logs-dir . --work-dir .
Saving debug log to /Users/samar/projects/me-1/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for
Using the webroot path /Users/samar/projects/me-1 for all unmatched domains.
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from "

404 Not Found

Not Found



My operating system is (include version): MacOS Sierra Version: 10.12.3 (16D32)

My web server is (include version):

My hosting provider, if applicable, is: Smallorange. Its a shared server and i don’t have root access.

I can login to a root shell on my machine (yes or no, or I don’t know): No

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Yes

The webroot looks incorrect in your command. What is the folder which is the top level of your website ? i.e. where the main index.htm or index.php is usually. This is the folder you should be defining in the command.

I am running this command from my laptop locally not in my hosting server. But still if i ran as per server webroot path i.e

Samars-MacBook-Pro:me-1 samar$ certbot certonly --webroot --agree-tos -w /home/samarpan/public_html -d --config-dir . --logs-dir . --work-dir .

/home/samarpan/public_html does not exist or is not a directory

certbot needs to be on the same server as webroot files.

Do you want to specifically run it from your MAC ? You could use the DNS challenge from your MAC if that works (it requires a token copied as a TXT record to your DNS )

Yes, i want to run it from my MAC. Sorry, couldn’t get you how to use this DNS challenge from my MAC. Where do i get this token? Could you please elaborate?

If you want to run it remotely from your MAC, there are 2 relatively easy options that I can think of.

  1. using the DNS challenge - see the certbot documentation. If you use the “–preferred-challenges dns-01” then certbot will provide you with the “token” that needs to be added to your DNS records.

  2. using the webroot method you can use GetSSL, one of the alternate clients, which is designed to copy the files for webroot using FTP, SFTP or SSH for validation

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.