Please fill out the fields below so we can help you better.
My domain is: mailgw.simonharwood.co.uk
I ran this command: letsencrypt certonly --standalone --standalone-supported-challenges http-01 --email postmaster@simonharwood.co.uk -d mailgw.simonharwood.co.uk --rsa-key-size 4096 --agree-tos
It produced this output:
Failed authorization procedure. mailgw.simonharwood.co.uk (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://mailgw.simonharwood.co.uk/.well-known/acme-challenge/A1k2jTH6H3EJx47yVgS88brcegutw5d4DeB2qu3e4Rk: "
Not Found
<p"IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: mailgw.simonharwood.co.uk
404 Not Found
Type: unauthorized
Detail: Invalid response from http://mailgw.simonharwood.co.uk
/.well-known/acme-
challenge/A1k2jTH6H3EJx47yVgS88brcegutw5d4DeB2qu3e4Rk: "Not Found
<p"To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
My operating system is (include version): Ubuntu 16.04.2 LTS
My web server is (include version): (Apache2)
My hosting provider, if applicable, is: N/A
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No
I have a single IP address behind a NAT router with port redirection dependent on service. Ports 80 and 443 are forwarded to my www server.
I have successfully obtained and installed a certificate on my www server and would like to do the same for my email server for ssl/submission port security.
I have separate VMs for www and incoming email servers. The email server does not host a www server.
I have configured a reverse proxy on the www server to forward port 80 onto the email server, which can receive port 80 successfully, when addressed using the email server hostname. This works. Unfortunately the letsencrypt standalone server does not send back the validation data.
I am running the letsencrypt command as root.
Any help with this would be gratefully received.