I set up a nginx webserver and used Let'sEncrypt to redirect http traffic to https. I have since added some vhosts for different domains and Let'sEncrypt has redirected the traffic successfully for these too.
However, now the certificate has expired and I would like to renew it, but I get the following error for the default domain which I did not get when I initially setup the webserver:
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for scruby.default.pscruby.uk0.bigv.io
Waiting for verification...
Challenge failed for domain scruby.default.pscruby.uk0.bigv.io
http-01 challenge for scruby.default.pscruby.uk0.bigv.io
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: scruby.default.pscruby.uk0.bigv.io
Type: unauthorized
Detail: Invalid response from
http://scruby.default.pscruby.uk0.bigv.io/.well-known/acme-challenge/TPclZVGMF2flO51ZQpk6V16UNa_wxDR_Pf9Rx7UrctU
[2001:41c9:1:422::189]: "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML
1.1//EN\"
\"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">\n\n<html
xmlns=\"http://www.w3.or"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
The domain is: scruby.default.pscruby.uk0.bigv.io (This default domain I that have in nginx which was issued to me by the company hosting my server Bytemark).
My other domains which are vhosts under the same nginx server, all seem to renew with no issues, this seems to be an issue with the default domain only.
The nginx default domain config (/etc/nginx/conf.d/default.conf) is:
server {
server_name scruby.default.pscruby.uk0.bigv.io;
# note that these lines are originally from the "location /" block
root /usr/share/nginx/html;
index index.php index.html;
client_max_body_size 64M;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ .php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/scruby.default.pscruby.uk0.bigv.io/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/scruby.default.pscruby.uk0.bigv.io/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = scruby.default.pscruby.uk0.bigv.io) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name scruby.default.pscruby.uk0.bigv.io;
return 404; # managed by Certbot
}
It is possible to write into the /usr/share/nginx/html folder as root (which is the default ngnix location which is used for the default domain).