Please fill out the fields below so we can help you better.
My domain is: unkommod.eu
I ran this command: ./certbot-auto renew --dry-run --keep-until-expiring
It produced this output: (domain anonymized to mydomain.test)
Attempting to renew cert from /etc/letsencrypt/renewal/mydomain.test.conf produced an unexpected error: Failed authorization procedure. mydomain.test (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to www.mydomain.test.well-known, maximus.mydomain.test (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to maximus.mydomain.test.well-known, imap.mydomain.test (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to www.mydomain.test.well-known, zeus.mydomain.test (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to www.mydomain.test.well-known, smtp.mydomain.test (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to www.mydomain.test.well-known, www.mydomain.test (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to www.mydomain.test.well-known, pop.mydomain.test (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to www.mydomain.test.well-known. Skipping.
My operating system is (include version): Ubuntu 16.04 LTS
My web server is (include version): Apache 2.4
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no control panel
Hallo,
I’m running a wordpress site unter Ubuntu 16.04/Apache 2.4. The main site is https://www.unkommod.eu. This site is ssl only and there are aliases for pop3, imap and fqdn, needed for my mail server. There are permanent redirects from the non-www-site to the ssl www-site. On a subdomain https://maximus.unkommod.eu I currently have only the welcome message from apache, together with the allowance to access .well-known.
The main site looks like:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName www.mydomain.test
ServerAlias smtp.mydomain.test imap.mydomain.test pop.mydomain.test mydomain.test zeus.mydomain.test
DocumentRoot /var/www/mydomain/public_html
. . .
. . .
. . .
<Directory "/var/www/mydomain/public_html/.well-known">
Options -Indexes
Require all granted
</Directory>
<Directory "/var/www/mydomain/public_html">
Require all granted
DirectoryIndex index.php
AllowOverride FileInfo
Options FollowSymLinks
FallbackResource /index.php
# Deny access to No-Referrer Requests
# (Spam Bots which don't use comment form)
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*mydomain.test.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) http://%{REMOTE_ADDR}/$ [R=301,L]
</IfModule>
</Directory>
All sites are online, and a textfile (test - no extension) placed under .well-known gets delivered properly on the main site as well as the subdomain.
3 month ago I could create certs without a problem. Now they are nearly expired, and I can’t get a renewal (getting a 403)
It's a very tiny small detail, but a crucial very tiny small detail