Nginx webroot 404 unauthorized

artstylee · August 20, 2024, 12:40am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
dev-hata.ru

I ran this command:
certbot certonly --webroot -w /home/dev-hata/public -d www.dev-hata.ru -d dev-hata.ru --dry-run --debug-challenges

It produced this output:

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: dev-hata.ru
   Type:   unauthorized
   Detail: 2a0a:2b43:5:c6dc::: Invalid response from
   http://dev-hata.ru/.well-known/acme-challenge/4hau1rnYfFUDI2QkDlk1X4XV3b4FJTqaBxOycwbWWyU:
   404

   Domain: www.dev-hata.ru
   Type:   unauthorized
   Detail: 2a0a:2b43:5:c6dc::: Invalid response from
   http://www.dev-hata.ru/.well-known/acme-challenge/SDJipYJdyEkc6lhF3gu_MfR6_A69smHVvTdhpTd9sm4:
   404

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

My web server is (include version):
nginx version: nginx/1.22.0

The operating system my web server runs on is (include version):

No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 10 (buster)
Release:        10
Codename:       buster

My hosting provider, if applicable, is:
hetzner

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 0.31.0

hi guys
im trying to get certificates but got 404 error
im using debug challenge and i see how certbot creating files under this links

http://dev-hata.ru/.well-known/acme-challenge/4hau1rnYfFUDI2QkDlk1X4XV3b4FJTqaBxOycwbWWyU
http://www.dev-hata.ru/.well-known/acme-challenge/SDJipYJdyEkc6lhF3gu_MfR6_A69smHVvTdhpTd9sm4

i can access them with browser
why im getting this error?
nginx is running under nginx/www-data (i tried both)
also i tried chown -R nginx:nginx(and other users) webroot
and chmod -R 755 webroot

can anyone help me ?

MikeMcQ · August 20, 2024, 12:44am

You have an AAAA record in your DNS for IPv6. But, it points to an openresty server not your nginx. Let's Encrypt prefers IPv6 over the IPv4 A record.

You need to remove the AAAA record if you do not support IPv6. Or, adjust the AAAA value and make sure nginx is coded to listen on IPv6

See

artstylee · August 20, 2024, 12:52am

wow
thanks for the quick answer and your help
works now

rg305 · August 20, 2024, 1:04am

Please follow the recommended installation instructions:
Certbot Instructions | Certbot (eff.org)

Topic		Replies	Views
Nginx 404 despite domain hitting the nginx server Help	4	557	July 22, 2022
404 on challenge Help	5	627	July 24, 2022
Type: unauthorized Help	4	147	August 1, 2024
404 error due to unauthorized type Help	8	247	July 11, 2024
404 Error on internet accessible machine [Resolved] Help	3	159	August 10, 2024

Nginx webroot 404 unauthorized

Related topics