Please help with "Failed authorization procedure. duckdns.org (http-01)"

Hi,
Cannot obtain the certificate. Here is the log:
Failed authorization procedure. duckdns.org (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://duckdns.org/.well-known/acme-challenge/704W01Sb9iLHj1CZMZgZs5JLf3tyvN9u-GpTDci68Ew: “<html>\r\n<head><title>404 Not Found</title></head>\r\n<body bgcolor=“white”>\r\n<center><h1>404 Not Found</h1></center>\r\n<hr><center>”

  • The following errors were reported by the server:

Domain: duckdns.org
Type: unauthorized
Detail: Invalid response from
http://duckdns.org/.well-known/acme-challenge/704W01Sb9iLHj1CZMZgZs5JLf3tyvN9u-GpTDci68Ew:
“<html>\r\n<head><title>404 Not Found</title></head>\r\n<body
bgcolor=“white”>\r\n<center><h1>404 Not
Found</h1></center>\r\n<hr><center>”

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container

My Port forwarding settings are Port 90 to 80 and Port 450 to 443. When I check my ports from Internet, the service sais that Port 90 is opened and 450 is closed.
Thanks,
Alex

Your domain is not duckdns.org, right?

What is your actual domain, and what exact command did you use to run Certbot?

This isn't going to work. Let's Encrypt must perform its HTTP validation over port 80 and will connect to your server over port 80.

If this isn't going to work for you, may try DNS validation. For example, using acme.sh.

1 Like

Thanks for quick response _az

I'm a little newbie... I guess, duckdns is my domain.
Here is the whole log, maybe it helps
> root@OMV:~# docker logs -f letsencrypt

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership &amp; permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 10-adduser: executing...

-------------------------------------
_ ()
| | ___ _ __
| | / __| | | / \
| | \__ \ | | | () |
|_| |___/ |_| \__/

Brought to you by [linuxserver.io](http://linuxserver.io/)
We gratefully accept donations at:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------

User uid: 1000
User gid: 100
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
generating self-signed keys in /config/keys, you can replace these with your own keys if required
Generating a RSA private key
...........+++++
..............................................+++++
writing new private key to '/config/keys/cert.key'
-----
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing...
Variables set:
PUID=1000
PGID=100
TZ=Ukraine/Kyiv
[URL=duckdns.org](http://url%3Dduckdns.org/)
SUBDOMAINS=kimi4eg,shunia
EXTRA_DOMAINS=
ONLY_SUBDOMAINS=false
DHLEVEL=2048
VALIDATION=http
DNSPLUGIN=
[EMAIL=kimi4eg@gmail.com](http://EMAIL%3Dkimi4eg@gmail.com/)
STAGING=

Created donoteditthisfile.conf
Creating DH parameters for additional security. This may take a very long time. There will be another message once this process is completed
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
....................+..........+.........................................................................................................................................................................................................................................................................+........................................................................................................................................................................................................+................................+.........................................................................+.......+.......+.........+.....................................................................................................................+.......+.............+...........................................+.......................................................+..................................................+....................................................................+................................................................................................................................................+..+..............................................................................................................................................................................................+.....................................+..........................................+...................................................+...+.........................................................+................................................................................................................................+...............................+................................................................................................................................+.......................+...............................................................+...............................+.................................................+..........................................................................................................................................................................................................................................................................................................................+..+............+....+.................................................+.....................................................+.....................................................................................................................+................................................................................................................................................................+.........................................................................................................................................................................................................................................................................................................................................................................+....................+............................................................................................................................................................................................................................+....................................................................................................................................................................................................................+..................+...................................................................................+.........................................+......................................................................................................................................................................................................................................................................................................................................+.................................................................................................................................................................................................................+............................................................................................................+.....................+.......................++*++*++*++*
DH parameters successfully created - 2048 bits
SUBDOMAINS entered, processing
SUBDOMAINS entered, processing
Sub-domains processed are: -d [kimi4eg.duckdns.org](http://kimi4eg.duckdns.org/) -d [shunia.duckdns.org](http://shunia.duckdns.org/)
E-mail address entered: [kimi4eg@gmail.com](mailto:kimi4eg@gmail.com)
http validation is selected
Generating new certificate
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for [duckdns.org](http://duckdns.org/)
http-01 challenge for [kimi4eg.duckdns.org](http://kimi4eg.duckdns.org/)
http-01 challenge for [shunia.duckdns.org](http://shunia.duckdns.org/)
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. [duckdns.org](http://duckdns.org/) (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://duckdns.org/.well-known/acme-challenge/npyzAST7uaVOWm-xxLdS_PHFwTri9htZAFoeJawdmF0: "&lt;html&gt;\r\n&lt;head&gt;&lt;title&gt;404 Not Found&lt;/title&gt;&lt;/head&gt;\r\n&lt;body bgcolor=\"white\"&gt;\r\n&lt;center&gt;&lt;h1&gt;404 Not Found&lt;/h1&gt;&lt;/center&gt;\r\n&lt;hr&gt;&lt;center&gt;"
IMPORTANT NOTES:
- The following errors were reported by the server:

Domain: [duckdns.org](http://duckdns.org/)
Type: unauthorized
Detail: Invalid response from
http://duckdns.org/.well-known/acme-challenge/npyzAST7uaVOWm-xxLdS_PHFwTri9htZAFoeJawdmF0:
"&lt;html&gt;\r\n&lt;head&gt;&lt;title&gt;404 Not Found&lt;/title&gt;&lt;/head&gt;\r\n&lt;body
bgcolor=\"white\"&gt;\r\n&lt;center&gt;&lt;h1&gt;404 Not
Found&lt;/h1&gt;&lt;/center&gt;\r\n&lt;hr&gt;&lt;center&gt;"

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.

Here are my settings

Maybe kimi4eg.duckdns.org and shunia.duckdns.org are your domains, but duckdns.org is not. That's controlled by the people who run DuckDNS. So you need to remove it from the list of domains on your server.

Maybe this can be done by setting ONLY_SUBDOMAINS=false to ONLY_SUBDOMAINS=true .

Is there a particular reason you are using port 90? Your current strategy isn't going to work unless you use port 80.

Oh, shure.:grinning:

Done. But no succes

root@OMV:~# docker logs -f letsencrypt
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership &amp; permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 10-adduser: executing...

-------------------------------------
_ ()
| | ___ _ __
| | / __| | | / \
| | \__ \ | | | () |
|_| |___/ |_| \__/

Brought to you by [linuxserver.io](http://linuxserver.io/)
We gratefully accept donations at:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------

User uid: 1000
User gid: 100
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing...
Variables set:
PUID=1000
PGID=100
TZ=Ukraine/Kyiv
[URL=duckdns.org](http://url%3Dduckdns.org/)
SUBDOMAINS=kimi4eg,shunia
EXTRA_DOMAINS=
ONLY_SUBDOMAINS=true
DHLEVEL=2048
VALIDATION=http
DNSPLUGIN=
[EMAIL=kimi4eg@gmail.com](http://EMAIL%3Dkimi4eg@gmail.com/)
STAGING=

2048 bit DH parameters present
SUBDOMAINS entered, processing
SUBDOMAINS entered, processing
Only subdomains, no URL in cert
Sub-domains processed are: -d [kimi4eg.duckdns.org](http://kimi4eg.duckdns.org/) -d [shunia.duckdns.org](http://shunia.duckdns.org/)
E-mail address entered: [kimi4eg@gmail.com](mailto:kimi4eg@gmail.com)
http validation is selected
Different validation parameters entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created
Generating new certificate
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for [kimi4eg.duckdns.org](http://kimi4eg.duckdns.org/)
http-01 challenge for [shunia.duckdns.org](http://shunia.duckdns.org/)
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. [kimi4eg.duckdns.org](http://kimi4eg.duckdns.org/) (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://kimi4eg.duckdns.org/.well-known/acme-challenge/FnOc7lpP9Kmst1l4YnqmD8QVTXp54THijJ0YTk2QRVg: Timeout during connect (likely firewall problem), [shunia.duckdns.org](http://shunia.duckdns.org/) (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://shunia.duckdns.org/.well-known/acme-challenge/MsyHRXkDVPPVhtBYW0u1ECocugGCiIIRCAwd3gdEgQw: Timeout during connect (likely firewall problem)
IMPORTANT NOTES:
- The following errors were reported by the server:

Domain: [kimi4eg.duckdns.org](http://kimi4eg.duckdns.org/)
Type: connection
Detail: Fetching
http://kimi4eg.duckdns.org/.well-known/acme-challenge/FnOc7lpP9Kmst1l4YnqmD8QVTXp54THijJ0YTk2QRVg:
Timeout during connect (likely firewall problem)

Domain: [shunia.duckdns.org](http://shunia.duckdns.org/)
Type: connection
Detail: Fetching
http://shunia.duckdns.org/.well-known/acme-challenge/MsyHRXkDVPPVhtBYW0u1ECocugGCiIIRCAwd3gdEgQw:
Timeout during connect (likely firewall problem)

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container

But I can't open port 80.

Hi @kimi4

why? If you can't open port 80, you can't use http-01 - validation.

Then you must use

  • dns-01 validation, so you have to create a dns txt entry (every 60 - 85 days new)
  • tls-alpn-01 - validation (only a few clients support that)

Got an error “Too many authorizations recently”. Have to wait for some time.

What do you try? Your website is completely invisible ( https://check-your-website.server-daten.de/?q=kimi4eg.duckdns.org ):


Domainname Http-Status redirect Sec. G
http://kimi4eg.duckdns.org/
62.205.136.252 -14 10.027 T
Timeout - The operation has timed out
http://www.kimi4eg.duckdns.org/
62.205.136.252 -14 10.027 T
Timeout - The operation has timed out
https://kimi4eg.duckdns.org/
62.205.136.252 -14 10.030 T
Timeout - The operation has timed out
https://www.kimi4eg.duckdns.org/
62.205.136.252 -14 10.026 T
Timeout - The operation has timed out
http://kimi4eg.duckdns.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
62.205.136.252 -14 10.026 T
Timeout - The operation has timed out
http://www.kimi4eg.duckdns.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
62.205.136.252 -14 10.027 T
Timeout - The operation has timed out

There should be no timeout when fetching http / port 80, instead http status 200 or 404. But there are only timeouts visible.

So it's impossible that you can create a certificate.

Then you won't be able to get a certificate with HTTP validation. If you want to use that validation, you must have port 80 open, full stop. If you can't, or won't, open port 80, you need to use either TLS-ALPN or DNS validation. duckdns.org does have an API, and acme.sh supports it--not sure which, if any, other clients do.

Here is the most recent log:
root@OMV:~# docker logs -f letsencrypt
> [s6-init] making user provided files available at /var/run/s6/etc...exited 0.
> [s6-init] ensuring user provided files have correct perms...exited 0.
> [fix-attrs.d] applying ownership & permissions fixes...
> [fix-attrs.d] done.
> [cont-init.d] executing container initialization scripts...
> [cont-init.d] 10-adduser: executing...
>
> -------------------------------------
> _ ()
> | | ___ _ __
> | | / | | | /
> | | _
\ | | | () |
> || |
/ || __/
>
> Brought to you by linuxserver.io
> We gratefully accept donations at:
> Donate | LinuxServer.io
> -------------------------------------
> GID/UID
> -------------------------------------
>
> User uid: 1000
> User gid: 100
> -------------------------------------
>
> [cont-init.d] 10-adduser: exited 0.
> [cont-init.d] 20-config: executing...
> [cont-init.d] 20-config: exited 0.
> [cont-init.d] 30-keygen: executing...
> using keys found in /config/keys
> [cont-init.d] 30-keygen: exited 0.
> [cont-init.d] 50-config: executing...
> Variables set:
> PUID=1000
> PGID=100
> TZ=Ukraine/Kyiv
> URL=duckdns.org
> SUBDOMAINS=kimi4eg,shunia
> EXTRA_DOMAINS=
> ONLY_SUBDOMAINS=true
> DHLEVEL=2048
> VALIDATION=http
> DNSPLUGIN=
> EMAIL=kimi4eg@gmail.com
> STAGING=
>
> 2048 bit DH parameters present
> SUBDOMAINS entered, processing
> SUBDOMAINS entered, processing
> Only subdomains, no URL in cert
> Sub-domains processed are: -d kimi4eg.duckdns.org -d shunia.duckdns.org
> E-mail address entered: kimi4eg@gmail.com
> http validation is selected
> Generating new certificate
> Saving debug log to /var/log/letsencrypt/letsencrypt.log
> Plugins selected: Authenticator standalone, Installer None
> Obtaining a new certificate
> An unexpected error occurred:
> There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see Rate Limits - Let's Encrypt
> Please see the logfiles in /var/log/letsencrypt for more details.
> ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container

Actually, I'm trying to setup NextCloud service in Openmediavault (Debian), I follow this guide https://youtu.be/TkjAcp8q0W0
Just called my ISP. Now my port 80 is opened. But this error "Too many authorizations recently”...:frowning_face: Cannot check now.

Since that rate limit is over a one hour window, you can try again soon. :sweat_smile:

Hmm, I am having this error for 3.5 hours...

Could there be a thing automatically trying to issue a certificate 5 or more times per hour?

I don’t think so. But I was doing this every 30 min by myself.:sweat_smile:

Port 80 is opened now. Still have the same error.

Precisely what error are you getting now?

root@OMV:~# docker logs -f letsencrypt
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership &amp; permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 10-adduser: executing...

-------------------------------------
_ ()
| | ___ _ __
| | / __| | | / \
| | \__ \ | | | () |
|_| |___/ |_| \__/

Brought to you by [linuxserver.io](http://linuxserver.io/)
We gratefully accept donations at:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------

User uid: 1000
User gid: 100
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing...
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing...
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing...
Variables set:
PUID=1000
PGID=100
TZ=Ukraine/Kyiv
[URL=duckdns.org](http://url%3Dduckdns.org/)
SUBDOMAINS=kimi4eg,shunia
EXTRA_DOMAINS=
ONLY_SUBDOMAINS=true
DHLEVEL=2048
VALIDATION=http
DNSPLUGIN=
[EMAIL=kimi4eg@gmail.com](http://EMAIL%3Dkimi4eg@gmail.com/)
STAGING=
2048 bit DH parameters present
SUBDOMAINS entered, processing
SUBDOMAINS entered, processing
Only subdomains, no URL in cert
Sub-domains processed are: -d [kimi4eg.duckdns.org](http://kimi4eg.duckdns.org/) -d [shunia.duckdns.org](http://shunia.duckdns.org/)
E-mail address entered: [kimi4eg@gmail.com](mailto:kimi4eg@gmail.com)
http validation is selected
Generating new certificate
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for [kimi4eg.duckdns.org](http://kimi4eg.duckdns.org/)
http-01 challenge for [shunia.duckdns.org](http://shunia.duckdns.org/)
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. [kimi4eg.duckdns.org](http://kimi4eg.duckdns.org/) (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://kimi4eg.duckdns.org/.well-known/acme-challenge/qdIuczAvjsZ3ee5ydGgJGMDt6cBx78Vg5kGdBwNqNVE: "&lt;!DOCTYPE html&gt;\n&lt;html&gt;\n\t&lt;head&gt;\n\t\t&lt;title&gt;openmediavault - HTTP 404 error&lt;/title&gt;\n\t\t&lt;meta charset=\"UTF-8\"&gt;\n\t\t&lt;meta http-equiv=\"X-U", [shunia.duckdns.org](http://shunia.duckdns.org/) (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://shunia.duckdns.org/.well-known/acme-challenge/J2ECafiu06C3J9z_-OSyzqBFSfcVfSMKi1d2cmt_OBw: "&lt;!DOCTYPE html&gt;\n&lt;html&gt;\n\t&lt;head&gt;\n\t\t&lt;title&gt;openmediavault - HTTP 404 error&lt;/title&gt;\n\t\t&lt;meta charset=\"UTF-8\"&gt;\n\t\t&lt;meta http-equiv=\"X-U"
IMPORTANT NOTES:
- The following errors were reported by the server:

Domain: [kimi4eg.duckdns.org](http://kimi4eg.duckdns.org/)
Type: unauthorized
Detail: Invalid response from
http://kimi4eg.duckdns.org/.well-known/acme-challenge/qdIuczAvjsZ3ee5ydGgJGMDt6cBx78Vg5kGdBwNqNVE:
"&lt;!DOCTYPE html&gt;\n&lt;html&gt;\n\t&lt;head&gt;\n\t\t&lt;title&gt;openmediavault -
HTTP 404 error&lt;/title&gt;\n\t\t&lt;meta charset=\"UTF-8\"&gt;\n\t\t&lt;meta
http-equiv=\"X-U"

Domain: [shunia.duckdns.org](http://shunia.duckdns.org/)
Type: unauthorized
Detail: Invalid response from
http://shunia.duckdns.org/.well-known/acme-challenge/J2ECafiu06C3J9z_-OSyzqBFSfcVfSMKi1d2cmt_OBw:
"&lt;!DOCTYPE html&gt;\n&lt;html&gt;\n\t&lt;head&gt;\n\t\t&lt;title&gt;openmediavault -
HTTP 404 error&lt;/title&gt;\n\t\t&lt;meta charset=\"UTF-8\"&gt;\n\t\t&lt;meta
http-equiv=\"X-U"

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container

The 404 error is actually an improvement.
[it shows that LE can reach a server at that name:80]

Can you check your server (error) logs to see why it was shown error 404?
Can you verify there is nothing altering the path to the challenge requests?
[/.well-known/acme-challenge/]
Can you place a sample/test file in the expected challenge folder?
[http://shunia.duckdns.prg/.well-known/acme-challenge/1234]

How can I find these logs?

Could please explain the way how can I do it?
What can I find is letsencrypt.log. Here it is:

2019-02-10 20:27:47,553:DEBUG:certbot.main:certbot version: 0.31.0
2019-02-10 20:27:47,554:DEBUG:certbot.main:Arguments: ['--renew-by-default', '--server', 'https://acme-v02.api.letsencrypt.org/directory', '--non-interactive', '--standalone', '--preferred-challenges', 'http', '--rsa-key-size', '4096', '-m', '[kimi4eg@gmail.com](mailto:kimi4eg@gmail.com)', '--no-eff-email', '--agree-tos', '-d', 'kimi4eg.duckdns.org', '-d', 'shunia.duckdns.org']
2019-02-10 20:27:47,554:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#certbot-route53:auth,PluginEntryPoint#dns-cloudflare,PluginEntryPoint#dns-cloudxns,PluginEntryPoint#dns-digitalocean,PluginEntryPoint#dns-dnsimple,PluginEntryPoint#dns-dnsmadeeasy,PluginEntryPoint#dns-google,PluginEntryPoint#dns-luadns,PluginEntryPoint#dns-nsone,PluginEntryPoint#dns-ovh,PluginEntryPoint#dns-rfc2136,PluginEntryPoint#dns-route53,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2019-02-10 20:27:47,585:DEBUG:certbot.log:Root logging level set at 20
2019-02-10 20:27:47,586:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2019-02-10 20:27:47,587:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer None
2019-02-10 20:27:47,640:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone
Description: Spin up a temporary webserver
Interfaces: IAuthenticator, IPlugin
Entry point: standalone = certbot.plugins.standalone:Authenticator
Initialized: &lt;certbot.plugins.standalone.Authenticator object at 0x7ff86b4d6390&gt;
Prep: True
2019-02-10 20:27:47,641:DEBUG:certbot.plugins.selection:Selected authenticator &lt;certbot.plugins.standalone.Authenticator object at 0x7ff86b4d6390&gt; and installer None
2019-02-10 20:27:47,641:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer None
2019-02-10 20:27:47,650:DEBUG:certbot.main:Picked account: &lt;Account(RegistrationResource(body=Registration(status=None, terms_of_service_agreed=None, agreement=None, only_return_existing=None, contact=(), key=None, external_account_binding=None), uri=u'https://acme-v02.api.letsencrypt.org/acme/acct/51212638', new_authzr_uri=None, terms_of_service=None), f6e05674d1b6934344efa766a2025743, Meta(creation_host=u'c0f202375266', creation_dt=datetime.datetime(2019, 2, 10, 8, 23, 36, tzinfo=&lt;UTC&gt;)))&gt;
2019-02-10 20:27:47,652:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2019-02-10 20:27:47,654:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): [acme-v02.api.letsencrypt.org](http://acme-v02.api.letsencrypt.org/)
2019-02-10 20:27:48,264:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
2019-02-10 20:27:48,267:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 658
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Sun, 10 Feb 2019 20:27:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 10 Feb 2019 20:27:56 GMT
Connection: keep-alive

{
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"lhe5GbkXa3Y": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"meta": {
"caaIdentities": [
"[letsencrypt.org](http://letsencrypt.org/)"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "[https://letsencrypt.org](https://letsencrypt.org/)"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}

Try:
grep -Eri 'servername|serveralias|log|error' /etc/apache2

First: Find the document root.
Try:
grep -Eri 'servername|serveralias|root' /etc/apache2