Renew error The key authorization file from the server did not match this challenge

Hello,

When I launch this command line (for renew certificate) :

certbot --agree-tos --renew-by-default --standalone --standalone-supported-challenges http-01 --http-01-port 9998 --server https://acme-v01.api.letsencrypt.org/directory certonly -d example.fr

I have this error :

Domain: example.fr
Type: unauthorized
Detail: The key authorization file from the server did not match this challenge
[b9p3Xqnh-…] != [Bye]

Do u know where is this “Bye” ? Its looks anormal.

“Bye” is probably what your server returns from port 9998.

Can we assume that you have a firewall or router mapping from publicly visible port 80 to your machine’s port 9998? Otherwise, you’re using Certbot in a way that can’t obtain a certificate (you’re not allowed to choose the public port number for HTTP-01).

Agreed. As the docs show:
–http-01-port HTTP01_PORT
Port used in the http-01 challenge. This only affects the port Certbot listens on. A conforming ACME server will still attempt to connect on port 80. (default: 80)

Hi,

Thx for your replies.
It was a wrong configuration from Apache, for url http://example.fr/.well-known/acme-challenge/ (configured on the port 9999 instead of 9998). Now its okay :slight_smile:
Have a nice day

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.