Renew, Correct zName not found and PORT 443


#1

Hello,

When i attemp to renew i have the “urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Correct zName not found for …”

For fix it, i comment the “listen 198.211.120.208:443;” in nginx.conf
Restart nginx and renew my certificate : OK
And uncomment … Restart nginx,…

Ok, but how to automate this or what is the problem with port 443 ? iptables ? nginx ?

Thank you !!


#2

It sounds as if you were using the ‘standalone’ flag - for which there shouldn’t be anything else ( like nginx) running on that port.

Since you have a running web server, you don’t need to use the ‘standalone’ flag, you can use the existing nginx server to provide the correct tokens ( that way you don’t need to shut down your existing server) and it can all be done automatically with zero downtime.


#3

I use this command to renew :
/home/user/.local/share/letsencrypt/bin/letsencrypt renew
And there is not flag ?


#4

The renew mode reuses the flags used when you originally got the cert, to change this you’ll need to use certonly mode with the correct flags. After that renew mode should work correctly.