I ran this command: /snap/bin/certbot certonly --non-interactive --dry-run --webroot -w /srv/users/serverpilot/apps/outdoorgearalerts/public --register-unsafely-without-email --agree-tos -d outdoorgearalerts.com
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Cert is due for renewal, auto-renewing...
Simulating renewal of an existing certificate for outdoorgearalerts.com
Performing the following challenges:
http-01 challenge for outdoorgearalerts.com
Using the webroot path /srv/users/serverpilot/apps/outdoorgearalerts/public for all unmatched domains.
Waiting for verification...
Challenge failed for domain outdoorgearalerts.com
http-01 challenge for outdoorgearalerts.com
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: outdoorgearalerts.com
Type: unauthorized
Detail: Invalid response from
http://outdoorgearalerts.com/.well-known/acme-challenge/u4sa9K7kheVf_kws1MZ4dUJMgBWCU_q00isqRuD7PVA
[45.79.78.13]: "<html>\r\n<head><title>404 Not
Found</title></head>\r\n<body>\r\n<center><h1>404 Not
Found</h1></center>\r\n<hr><center>nginx</center>\r\n"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): nginx/1.19.6
The operating system my web server runs on is (include version): Ubuntu 16.04.7 LTS (GNU/Linux 5.8.3-x86_64-linode137 x86_64)
My hosting provider, if applicable, is: Linode using Serverpilot
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.14.0
That results in a 404. What is odd is the test files I had created before did work, but not now. I'm a backend developer and not a sysadmin, but if I were to take a guess I'm wondering if since I'm using Serverpilot they updated the nginx config and overwrote something. I don't think that is the case though because I have another domain that is renewing fine.
Well, like you say it sounds like your nginx is no longer configured to serve files out of that webroot. Have you tried using the nginx plugin instead of the webroot plugin? (Is there a reason you chose to use the webroot plugin in the first place?) Can you post your nginx configuration?
Your website content management system (wordpress) is intercepting the requests and returning the website's 404 page. You need to either configure nginx to pass ./well-known/acme-challenge requests through to the file system (not to wordpress) or use the certbot nginx plugin to configure much the same thing.
You can also optionally use a wordpress plugin to get Let's Encrypt certs but I've not had much luck with plugins like that in the past.
However I'm not seeing anything in the /var/.rwssl/ directory. Could this be the problem? I'm a bit confused how this worked when I originally generated the certificate but not now.
Well, if I'm reading that right (and I know next-to-nothing about nginx, so I might not be), it sounds like you should be using /var/.rwssl as your webroot in certbot instead of what you had been using.
Looks a bit silly to first remove a part of the path and then later add it again
In any case, with or without that weird thing I mention above, you should use /var/.rwssl/ as the webroot-path in certbot indeed as @petercooperjr already mentioned
