Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
^ With that being said, I would prefer my domain not be posted in a publicly searchable forum where bots crawl.
My domain is:
my.domain.com
domain.org
plex.domain.org
I ran this command:
certbot certonly --webroot -w /var/www -d my.domain.com -d domain.org -d plex.domain.org
It produced this output:
root@machine1:/folder/path/to/root# certbot certonly --webroot -w /var/www -d my.domain.com -d domain.org -d plex.domain.org
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
You have an existing certificate that contains a portion of the domains you
requested (ref: /etc/letsencrypt/renewal/my.domain.com.conf)
It contains these names: my.domain.com, domain.org
You requested these names for the new certificate: my.domain.com,
domain.org, plex.domain.org.
Do you want to expand and replace this existing certificate with the new
certificate?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(E)xpand/(C)ancel: E
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for plex.domain.org
Using the webroot path /var/www for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. plex.domain.org (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://plex.domain.org/.well-known/acme-challenge/zrOcdTxrRVV6EVf0_j-BC26MeGxzlHbx2Vt8ycrnvAk [my.ip.address.here]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: plex.domain.org
Type: unauthorized
Detail: Invalid response from
http://plex.domain.org/.well-known/acme-challenge/zrOcdTxrRVV6EVf0_j-BC26MeGxzlHbx2Vt8ycrnvAk
[my.ip.address.here]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
root@machine1:/folder/path/to/root# dig plex.domain.org
; <<>> DiG 9.11.3-1ubuntu1.5-Ubuntu <<>> plex.domain.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43117
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;plex.domain.org. IN A
;; ANSWER SECTION:
plex.domain.org. 1798 IN A my.ip.address.here
;; Query time: 118 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Apr 23 18:30:37 PDT 2019
;; MSG SIZE rcvd: 62
root@machine1:/folder/path/to/root# dig domain.org
; <<>> DiG 9.11.3-1ubuntu1.5-Ubuntu <<>> domain.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18326
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;domain.org. IN A
;; ANSWER SECTION:
domain.org. 179 IN A my.ip.address.here
;; Query time: 106 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Apr 23 18:30:41 PDT 2019
;; MSG SIZE rcvd: 57
My web server is (include version):
The operating system my web server runs on is (include version):
Ubuntu 18.04.2 LTS
My hosting provider, if applicable, is:
Linux rtorrent 4.15.0-47-generic #50-Ubuntu SMP Wed Mar 13 10:44:52 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
certbot --version
certbot 0.31.0
I have waited an hour since creating the A record, and am still receiving this message. There is no trace for the certificate listing search tool, as this is a new sub-domain certificate request (and it’s erroring anyways).