Problem issuing SSL Certificate for domain on AWS EC2 Instance

kanakkawadiwale · July 12, 2021, 7:46am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: apis.arishti.in

I ran this command: sudo certbot --nginx

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org

Which names would you like to activate HTTPS for?

1: apis.arishti.in
2: memeadmin.arishti.in

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for apis.arishti.in
nginx: [error] invalid PID number "" in "/run/nginx.pid"
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. apis.arishti.in (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://apis.arishti.in/.well-known/acme-challenge/bSW_TV10VeveTS1ysO03dRdvM7tXNqKybkPw2rRwF-0 [13.234.117.105]: "\n<html lang="en">\n\n<meta charset="utf-8">\nError\n\n\n

Cannot GET /.well-known/"

IMPORTANT NOTES:
The following errors were reported by the server:

Domain: apis.arishti.in
Type: unauthorized
Detail: Invalid response from
http://apis.arishti.in/.well-known/acme-challenge/bSW_TV10VeveTS1ysO03dRdvM7tXNqKybkPw2rRwF-0
[13.234.117.105]: "\n<html
lang="en">\n\n<meta
charset="utf-8">\nError\n\n\n

Cannot
GET /.well-known/"

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

My web server is (include version): NodeJs, NGINX

The operating system my web server runs on is (include version): Ubuntu 16.04

My hosting provider, if applicable, is: Hostinger

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Yes, using Hostinger to control the DNS Settings

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Version 0.31.0

griffin · July 12, 2021, 8:32am

Welcome to the Let's Encrypt Community, KanaK

There are several things clearly amiss here.

Orphaned/crashed nginx?

Possible problem with nginx configuration.

Very outdated certbot version.

What is the output of:

sudo nginx -T

Certificate history for arishti.in:

system · August 11, 2021, 8:32am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Some challenges have failed Help	2	599	May 17, 2023
I cannot obtain ssl certificate on my nginx web server Help	49	1104	May 11, 2023
Challenge failed for domain Help	2	449	July 27, 2022
Issue when creating ssl Help	4	853	May 30, 2020
Unable to setup ssl cert Help	19	408	June 1, 2024

Problem issuing SSL Certificate for domain on AWS EC2 Instance

It produced this output:

To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.

Related topics

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.