Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: https://in-spired.xyz
I ran this command: certbot renew
It produced this output:
root@localhost:/var/www/in-spired.xyz/.well-known# certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/in-spired.xyz.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer nginx
Renewing an existing certificate for in-spired.xyz and www.in-spired.xyz
Performing the following challenges:
http-01 challenge for in-spired.xyz
http-01 challenge for www.in-spired.xyz
Waiting for verification...
Challenge failed for domain in-spired.xyz
Challenge failed for domain www.in-spired.xyz
http-01 challenge for in-spired.xyz
http-01 challenge for www.in-spired.xyz
Cleaning up challenges
Failed to renew certificate in-spired.xyz with error: Some challenges have failed.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/in-spired.xyz/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: in-spired.xyz
Type: unauthorized
Detail: Invalid response from
https://in-spired.xyz/.well-known/acme-challenge/-u0cowwidemvyvh2cncjyjz5hwtlsvqe743-himoezq/
[139.162.201.166]: "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n\n
<meta charset=\"utf-8\" />\n <meta
http-equiv=\"X-UA-Compatible\" content=\"IE=edge\" /"
Domain: www.in-spired.xyz
Type: unauthorized
Detail: Invalid response from
https://www.in-spired.xyz/.well-known/acme-challenge/hvbo6ommlsoleypj46cnzsj11x2ejbtiweiaavvik-e/
[139.162.201.166]: "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n\n
<meta charset=\"utf-8\" />\n <meta
http-equiv=\"X-UA-Compatible\" content=\"IE=edge\" /"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): Nginx 1.18
The operating system my web server runs on is (include version): Ubuntu 20.04
My hosting provider, if applicable, is: Linode
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.12.0
Not really sure what's changed, as I was able to add the certificate fine originally. I'm in a bit of a muddle as I used Run your blog with Ghost, Docker and LetsEncrypt to create the platform, and using docker is kind of confusing me a little bit as to where everything is getting put. If I run certbot renew -a nginx --dry-run it seems to succeed, so I'm unsure why it won't work normally, runs out in 5 days.
Thanks for any help, I really appreciate any time given.
Some additional information.
Nginx Configuration
root@localhost:/var/www/in-spired.xyz/.well-known# cat /etc/nginx/conf.d/default
server {
listen 80;
server_name in-spired.xyz;
location /.well-known/ {
root /var/www/in-spired.xyz/.well-known/;
}
location / {
return 301 https://$server_name$request_uri;
}
}
server {
server_name in-spired.xyz;
listen 443 ssl;
location / {
proxy_pass http://127.0.0.1:2368;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
ssl_certificate /etc/letsencrypt/live/in-spired.xyz/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/in-spired.xyz/privkey.pem;
ssl on;
}
root@localhost:/var/www/in-spired.xyz/.well-known#
