Problem issuing SSL Certificate for domain on AWS EC2 Instance

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: apis.arishti.in

I ran this command: sudo certbot --nginx

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org

Which names would you like to activate HTTPS for?


1: apis.arishti.in
2: memeadmin.arishti.in


Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for apis.arishti.in
nginx: [error] invalid PID number "" in "/run/nginx.pid"
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. apis.arishti.in (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://apis.arishti.in/.well-known/acme-challenge/bSW_TV10VeveTS1ysO03dRdvM7tXNqKybkPw2rRwF-0 [13.234.117.105]: "\n<html lang="en">\n\n<meta charset="utf-8">\nError\n\n\n

Cannot GET /.well-known/"

IMPORTANT NOTES:
The following errors were reported by the server:

Domain: apis.arishti.in
Type: unauthorized
Detail: Invalid response from
http://apis.arishti.in/.well-known/acme-challenge/bSW_TV10VeveTS1ysO03dRdvM7tXNqKybkPw2rRwF-0
[13.234.117.105]: "\n<html
lang="en">\n\n<meta
charset="utf-8">\nError\n\n\n

Cannot
GET /.well-known/"

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

My web server is (include version): NodeJs, NGINX

The operating system my web server runs on is (include version): Ubuntu 16.04

My hosting provider, if applicable, is: Hostinger

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Yes, using Hostinger to control the DNS Settings

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Version 0.31.0

2 Likes

Welcome to the Let's Encrypt Community, KanaK :slightly_smiling_face:

There are several things clearly amiss here.

Orphaned/crashed nginx?

Possible problem with nginx configuration.

Very outdated certbot version.

What is the output of:

sudo nginx -T

Certificate history for arishti.in:

https://crt.sh/?q=arishti.in

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.