My website suddenly cannot renew the cert

My domain is: pingpongtactics.com

I ran this command: certbot renew

It produced this output:
Domain: pingpongtactics.com

Type: unauthorized

Detail: xx.xxx.xx.xx: Invalid response from

https://pingpongtactics.com: "<!doctype html>\n<html lang="en-US"

prefix="og: https://ogp.me/ns#\">\n\n\t\n\t<meta

charset="UTF-8">\n\t<meta name="viewport" cont"

To fix these errors, please make sure that your domain name was

entered correctly and the DNS A/AAAA record(s) for that domain

contain(s) the right IP address.

My web server is (include version): using AWS Linux, with the use of nginx

The operating system my web server runs on is (include version): Linux

My hosting provider, if applicable, is: AWS

I can login to a root shell on my machine (yes or no, or I don't know): yes I can login

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.38.0

nginx config

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name wordpress;
   # root       /var/www/wordpress;

   # include /etc/nginx/default.d/*.conf;
   return 301 https://pingpongtactics.com;
}

server {
    listen       443 ssl http2 default_server;
    listen       [::]:443 ssl http2 default_server;
    server_name  wordpress;
    root         /var/www/wordpress;

    index index.php;

    ssl_certificate     /etc/letsencrypt/live/pingpongtactics.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/pingpongtactics.com/privkey.pem;
    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout  10m;

    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php-fpm/www.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }

    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }
}

http://nginx.org/en/docs/http/ngx_http_core_module.html#server_name

That's supposed to be the fqdn for which the server block is responding.

I have tried to set somethinng like below, but it still not working with unauthorised failed… anything I am missing? And also should the fail must related to nginx config?

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name pingpongtactics.com;
   # root       /var/www/wordpress;

   # include /etc/nginx/default.d/*.conf;
   return 301 https://pingpongtactics.com;
}

server {
    listen       443 ssl http2 default_server;
    listen       [::]:443 ssl http2 default_server;
    server_name  pingpongtactics.com;
    root         /var/www/wordpress;

    index index.php;

    ssl_certificate     /etc/letsencrypt/live/pingpongtactics.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/pingpongtactics.com/privkey.pem;
    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout  10m;

    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php-fpm/www.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }

    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }
}

Should be:

return 301 https://pingpongtactics.com$request_uri;

That never should have worked to get a cert before.

After changing it try certbot renew --dry-run to test it. If that works remove --dry-run to get a production cert

I think there is more that we have not been shown.
Please show the output of:
nignx -T

Thanks! This method works for me

Excellent. Looks good

image2010×510 92.4 KB

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.