My domain is: scitest.esss.lu.se
I ran this command: certbot --text --agree-tos --non-interactive certonly -a standalone --keep-until-expiring --cert-name scitest.esss.lu.se -d scitest.esss.lu.se --http-01-port=8888 && (/bin/systemctl reload rh-haproxy18-haproxy.service)
It produced this output:
Detail: Fetching
https://scitest.esss.lu.se/.well-known/acme-challenge/ws-DhYhzqa43taCs2Yf7eLvvMiSTb-6x0oq1uVhgUMk:
Error getting validation data
My web server is (include version):
The operating system my web server runs on is (include version): CentOS 7
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
0.31.0
My environment is two haproxy servers behind a virtual ip. Only the virtual ip ports 80 and 8888 are opened to the public network. Now the issue is for some of the sites, they can not be renewed on the standby server. The scenario is:
27 Feb: server2 standby and server1 running. Cert will be expired at March 16 so it is renewed on server2.
28 Feb: server2 running and server1 standby. Cert can not be renewed on server1. Got the error “Error getting validation data”
Why it can be renewed on server2 but fail on server1? Is it possible to renew certs automatically on both haproxy servers? If yes, how it works?
Thank you.