[Rewal] Authorization failed, 404 not found

I was trying to renew certificate, but got an authorization error(404). After searching this forum, I got a suggestion what maybe wrong, but I don’t know how to fix it exactly, because the solution wasn’t specified simple enough for my current knowledge.
I have a file in this dir /etc/letsencrypt/renewal/filename.conf . Content of the file is this:

renew_before_expiry = 30 days

version = 0.27.0
archive_dir = /etc/letsencrypt/archive/limbo.company
cert = /etc/letsencrypt/live/limbo.company/cert.pem
privkey = /etc/letsencrypt/live/limbo.company/privkey.pem
chain = /etc/letsencrypt/live/limbo.company/chain.pem
fullchain = /etc/letsencrypt/live/limbo.company/fullchain.pem

Options used in the renewal process

[renewalparams]
account = c06c38b3aa32c0aeb048a808c58b3fc6
authenticator = webroot
webroot_path = /var/www/html,
server = https://acme-v02.api.letsencrypt.org/directory
[[webroot_map]]
limbo.company = /var/www/html
www.limbo.company = /var/www/html

I have very similar problem to this issue link, but in the end the people didn’t clearify what exactly they did. I guess there’s problem with webroot_path/webroot_map, but how exactly am I supposed to change it? (I switched to backend programming from frontend literally today, I understand this question is silly, but still).

The problem is:
I ran this command:

sudo letsencrypt renew

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/domain.name.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for domain.name
http-01 challenge for www.domain.name
Using the webroot path /var/www/html for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (domain.name) from /etc/letsencrypt/renewal/domain.name.conf produced an unexpected error: **Failed authorization procedure**. domain.name (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://domain.name/.well-known/acme-challenge/lrkbIzMxArFUDpt3R9_x5qJzOVXfT2gXSmOjq2n1Z6w [95.213.194.213]: "<html>\r\n<head><title>404 Not Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>**404 Not Found**</h1></center>\r\n<hr><center>", www.domain.name (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://domain.name/.well-known/acme-challenge/52LgydpsMF-Y6I825MN5RfH3HxKw9JrU82AjKK93h0M [95.213.194.213]: "<html>\r\n<head><title>404 Not Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404 Not Found</h1></center>\r\n<hr><center>". Skipping.
All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/domain.name/fullchain.pem (failure)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/domain.name/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: domain.name
   Type:   unauthorized
   Detail: Invalid response from
   https://domain.name/.well-known/acme-challenge/lrkbIzMxArFUDpt3R9_x5qJzOVXfT2gXSmOjq2n1Z6w
   [95.213.194.213]: "<html>\r\n<head><title>404 Not
   Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404
   Not Found</h1></center>\r\n<hr><center>"

   Domain: www.domain.name
   Type:   unauthorized
   Detail: Invalid response from
   https://domain.name/.well-known/acme-challenge/52LgydpsMF-Y6I825MN5RfH3HxKw9JrU82AjKK93h0M
   [95.213.194.213]: "<html>\r\n<head><title>404 Not
   Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404
   Not Found</h1></center>\r\n<hr><center>"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

My web server is (include version):
nginx/1.14.0 (Ubuntu)

The operating system my web server runs on is (include version):
Linux 4.15.0-96-generic x86_64

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):
yes.

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
access via terminal (ssh root@address);

The version of my client is:
certbot 0.27.0

I appreciate any help

The HTTP Challenge Requires that you have a valid HTML page that is publically reachable

You may need to exclude https://domain.name/.well-known/acme-challenge/lrkbIzMxArFUDpt3R9_x5qJzOVXfT2gXSmOjq2n1Z6w from password validation as the Let’s Encrypt challenge verifier cannot have passwords

.well-known/ path on your web server generally should not be password protected as it’s use by different types of verifiers(not just let’s encrypt)

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.