Problem with renewing certificates


My domain is:

I ran this command:
./letsencrypt-auto renew

It produced this output:

Processing /etc/letsencrypt/renewal/

Cert is due for renewal, auto-renewing…
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for
Waiting for verification…
Cleaning up challenges
Attempting to renew cert ( from /etc/letsencrypt/renewal/ produced an unexpected error: Failed authorization procedure. (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from “\n\n404 Not Found\n\n

Not Found

\n<p”. Skipping.

My web server is (include version):

The operating system my web server runs on is (include version):
Debian 7

I can login to a root shell on my machine:

I’m using a control panel to manage my site:

I understand that an error occurs when confirming domain rights.
I created folders at: /var/www/
Exposed permission level 755
What text should I place and where can the system check my domain? Or do you need to add some information in DNS?


Hi @oleg_antonov

I see, you have already checked your domain via :

There is one problem:

Domainname Http-Status redirect Sec. G 302 0.047 A 302 0.047 A 200 1.423 N
Certificate error: RemoteCertificateChainErrors 200 1.360 N
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors 302 0.064 A 302 0.043 A 200 1.267 N
Certificate error: RemoteCertificateChainErrors 200 1.266 N
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors

The redirect http -> https is ok, Letsencrypt ignores the wrong certificate. But checking a not existing file

your server sends a http status 200 (ok), not the expected status 404 (not found).

So it looks there are other redirects or a misconfiguration. Ah - loading the url manual, there is a big 404, so it’s only the wrong http status.

I created folders at: /var/www/

That’s good, now create there a file (file name 1234 with random content) and try to load this file via

If this works, you have found your correct webroot, so you can use

./letsencrypt-auto run -a webroot -i apache -w /var/www/ -d

to create a new certificate.


Thank you very much! It all worked.


Yep, now it works.

But if you want, you can create one certificate with two names:

-d -d

Your current certificate has only one domain name, but www has a dns entry.

Different countries, different people. Some people add always www, some people add never www.

If you use one certificate with two domain names, both versions work.

closed #5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.