On my clients site i have replaced border router Mikrotik with Sophos XG firewall and make nesessry changes to clients cPanel. I have added additional A record so now i have two A records for same IP address:
This was done becouse mailserver (Postfix) had hostname the same as A record. New firewall is used for mail protection (beside others) and it act as mailserver himself (built in) and after checking mail it forward mails to existing Postfix. So now mails are accepted by xg.muzejvojvodine.org.rs, checked and forwarded to museo.muzejvojvodine.org.rs
On firewall i have open port 80 temporarily and pointed to Postfix so now i can access to Postfix server nginx on port 80 from outside.
Now when existing mail certificate has expired i was trying to renew cert but when i execute command:
i get error message:
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (museo.muzejvojvodine.org.rs) from /etc/letsencrypt/renewal/museo.muzejvojvodine.org.rs.conf produced an unexpected error: Failed authorization procedure. museo.muzejvojvodine.org.rs (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://museo.muzejvojvodine.org.rs/.well-known/acme-challenge/FApiEpcqWTKFOxcZI25ycIubp0vGUGEJUJXilppkHCs [220.127.116.11]: "\n\n503 Service Unavailable... Service". Skipping.
All renewal attempts failed. The following certs could not be renewed:
The following errors were reported by the server:
Detail: Invalid response from
[18.104.22.168]: "\n\n503 Service
What am i doing wrong?
Thanks in advance