My domain is: partcatalog.ru

I ran this command:
./letsencrypt-auto renew

It produced this output:

Processing /etc/letsencrypt/renewal/partcatalog.ru.conf

---

Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for partcatalog.ru
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (partcatalog.ru) from /etc/letsencrypt/renewal/partcatalog.ru.conf produced an unexpected error: Failed authorization procedure. partcatalog.ru (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://partcatalog.ru/.well-known/acme-challenge/IlAXbhDd3Su72SFWzXJy9j96-8sGW1pvUIcS5GFkUus: "\n\n404 Not Found\n\n

Not Found

\n<p". Skipping.

My web server is (include version):
Apache

The operating system my web server runs on is (include version):
Debian 7

I can login to a root shell on my machine:
Yes

I'm using a control panel to manage my site:
No

I understand that an error occurs when confirming domain rights.
I created folders at: /var/www/partcatalog.ru/.well-known/acme-challenge
Exposed permission level 755
What text should I place and where can the system check my domain? Or do you need to add some information in DNS?

Hi @oleg_antonov

I see, you have already checked your domain via partcatalog.ru - Make your website better - DNS, redirects, mixed content, certificates :

There is one problem:

The redirect http -> https is ok, Letsencrypt ignores the wrong certificate. But checking a not existing file

https://www.partcatalog.ru/.well-known/acme-challenge/1234

your server sends a http status 200 (ok), not the expected status 404 (not found).

So it looks there are other redirects or a misconfiguration. Ah - loading the url manual, there is a big 404, so it's only the wrong http status.

I created folders at: /var/www/partcatalog.ru/.well-known/acme-challenge

That's good, now create there a file (file name 1234 with random content) and try to load this file via

http://partcatalog.ru/.well-known/acme-challenge/1234

If this works, you have found your correct webroot, so you can use

./letsencrypt-auto run -a webroot -i apache -w /var/www/partcatalog.ru -d partcatalog.ru

to create a new certificate.

Thank you very much! It all worked.

Yep, now it works.

But if you want, you can create one certificate with two names:

-d partcatalog.ru -d www.partcatalog.ru

Your current certificate has only one domain name, but www has a dns entry.

Different countries, different people. Some people add always www, some people add never www.

If you use one certificate with two domain names, both versions work.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.