Hi everyone!
I'm new to certificates and never used to set or update certs on the website.
We had developer who was doing this before but he left us and doesn't answer to help us to update certs.
My domain is:
qoovee.co
This is the demo server we are trying to get up.
I ran this command:
certbot renew --webroot --webroot-path /home/.../letsencrypt/www/certbot --agree-tos
This comand left behind by the previous developer and it was working before.
It produced this output:
Renewing an existing certificate for qoovee.co and 4 more domains
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: billing.qoovee.co
Type: unauthorized
Detail: 2606:4700::6810:f34e: Invalid response from http://billing.qoovee.co/.well-known/acme-challenge/DptLLHAcQytJRiiU_B--lgtp1XB_2GOPDQs7_MPGpZY: 404
Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.
Failed to renew certificate qoovee.co with error: Some challenges have failed.
The following certificates are not due for renewal yet:
/etc/letsencrypt/live/affiliate.qoovee.co/fullchain.pem expires on 2023-03-20 (skipped)
/etc/letsencrypt/live/m.qoovee.co/fullchain.pem expires on 2023-02-23 (skipped)
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/qoovee.co/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
I checked log and see that there's no connection to old services:
Server: nginx
Date: Wed, 04 Jan 2023 16:17:02 GMT
Content-Type: application/json
Content-Length: 1151
Connection: keep-alive
Boulder-Requester: 34056034
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: F977igevOGfk4_4IPHqypJm41ARv0u4L5ZkqHBCohAO5Xwg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "billing.qoovee.co" <--- this is the old application, but I don't see why it's trying to reach this
},
"status": "invalid",
"expires": "2023-01-11T16:17:00Z",
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "2606:4700::6810:f44e: Invalid response from http://billing.qoovee.co/.well-known/acme-challenge/ESM03NOSHyoWmgjm2vy1m-QcfkrHrJWL8VpmHqW7Q98: 404",
"status": 403
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/192515810437/gQgZPg",
"token": "ESM03NOSHyoWmgjm2vy1m-QcfkrHrJWL8VpmHqW7Q98",
"validationRecord": [
{
"url": "http://billing.qoovee.co/.well-known/acme-challenge/ESM03NOSHyoWmgjm2vy1m-QcfkrHrJWL8VpmHqW7Q98",
"hostname": "billing.qoovee.co",
"port": "80",
"addressesResolved": [
"104.16.243.78",
"104.16.244.78",
"2606:4700::6810:f44e",
"2606:4700::6810:f34e"
],
"addressUsed": "2606:4700::6810:f44e"
}
],
"validated": "2023-01-04T16:17:01Z"
}
]
}
My web server is (include version):
nginx version: nginx/1.18.0
built by gcc 9.2.0 (Alpine 9.2.0)
The operating system my web server runs on is (include version):
Linux 4.4.0-148-generic #174~14.04.1-Ubuntu SMP
2019 x86_64 x86_64 x86_64 GNU/Linux
My hosting provider, if applicable, is:
digital ocean
I can login to a root shell on my machine (yes or no, or I don't know):
Yes
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
version is 1.32.2