Hello,
When I launch this command line (for renew certificate) :
certbot --agree-tos --renew-by-default --standalone --standalone-supported-challenges http-01 --http-01-port 9998 --server https://acme-v01.api.letsencrypt.org/directory certonly -d example.fr
I have this error :
Domain: example.fr
Type: unauthorized
Detail: The key authorization file from the server did not match this challenge
[b9p3Xqnh-…] != [Bye]
Do u know where is this “Bye” ? Its looks anormal.
“Bye” is probably what your server returns from port 9998.
Can we assume that you have a firewall or router mapping from publicly visible port 80 to your machine’s port 9998? Otherwise, you’re using Certbot in a way that can’t obtain a certificate (you’re not allowed to choose the public port number for HTTP-01).
Agreed. As the docs show:
–http-01-port HTTP01_PORT
Port used in the http-01 challenge. This only affects the port Certbot listens on. A conforming ACME server will still attempt to connect on port 80. (default: 80)
Hi,
Thx for your replies.
It was a wrong configuration from Apache, for url http://example.fr/.well-known/acme-challenge/ (configured on the port 9999 instead of 9998). Now its okay 
Have a nice day
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.