My domain is: prova.g2k.it
I ran this command: certbot --nginx -d prova.g2k.it
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for prova.g2k.it
Using default address 80 for authentication.
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. prova.g2k.it (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://prova.g2k.it/.well-known/acme-challenge/YpzHxsfD_23Xd4B5sHyNcdCLINvFXZ8jB4eQhwNxTAc: "
404 Not Found
"
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: prova.g2k.it
404 Not Found
Type: unauthorized
Detail: Invalid response from
http://prova.g2k.it/.well-known/acme-challenge/YpzHxsfD_23Xd4B5sHyNcdCLINvFXZ8jB4eQhwNxTAc:
"404 Not Found
"To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): nginx 1.12.1
The operating system my web server runs on is (include version): Ubuntu 16.04.4 LTS
My hosting provider, if applicable, is: x
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
In front of nginx I have varnish (varnish port 80, nginx port 443).
varnish is configured with this rule in the top of vcl_recv:
if (req.url ~ “^/.well-known/”) {
return(pass);
}
varnish pass request to nginx (locally, same server).
nginx conf for domain prova.g2k.it is this:
server {
listen 81;
server_name prova.g2k.it;
root /usr/share/nginx/html;
index index.html;
set_real_ip_from 127.0.0.1;
real_ip_header X-Forwarded-For;
real_ip_recursive on;
}
I receive Failed authorization procedure. prova.g2k.it (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response … 404 Not Found … for all domains in this server and not for only new certificate request, but also for renew requests.
I have try to create manually file in /usr/share/nginx/html/.well-known/acme-challenge and request this file from browser and it’s OK.
I have try to set 755 permissions to folder .well-know …
I not understand the problem … many weeks ago all works without problems … but now they do not work anymore neither the new requests nor the renewals.
Can you help me ?
Thanks
Manuel