[SOLVED] Always being redirected to https / non-standard install?

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: rebelcoding.com

I ran this command:
sudo certbot -a webroot -i nginx -d rebelcoding.com -d www.rebelcoding.com

It produced this output:
Failed authorization procedure. rebelcoding.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://www.rebelcoding.com [96.75.146.130]: "\n<html lang=“en-US”>\n \n <meta charset=“utf-8”>\n <meta name=“viewport” content=“width=device-width,in”

My web server is (include version):
nginx version: nginx/1.14.0 (Ubuntu)
built with OpenSSL 1.1.1 11 Sep 2018
TLS SNI support enabled

The operating system my web server runs on is (include version):
Ubunut 18

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.23.0

I read here, something about an old installation method that may be causing problems — ?

I deleted the previous certs using ‘certbot delete rebelcoding.com’ which was the certname, and it verified that those certs were deleted.

super confused – why is it auto-redirecting to https ??

1 Like

Hi @DreamFreely

why not. It's your configuration of your port 80. Deleting a certificate doesn't change your redirects.

And your configuration looks buggy - https://check-your-website.server-daten.de/?q=rebelcoding.com

Different ip addresses non-www / www.

And redirects http -> https, there answers a host with another certificate:

CN=screamfreely.org
	21.04.2020
	20.07.2020
expires in 79 days	api.dreamfreely.org, 
dreamfreely.org, screamfreely.org, 
www.dreamfreely.org, www.screamfreely.org - 5 entries

PS: Your Certbot looks too old. There were changes, so that old Certbot may not work. But curious - that's not your error message.

1 Like

So to renew your certificate, you've deleted your old certificates? Why?

Your initial error probably comes from an erroneous redirect: you're probably redirecting http://example.com/.well-known/acme-challenge/token (which is required for the renewal) to https://example.com/ (without the path!). Obviously, without the path your not presenting the token contents to the Let's Encrypt validation server, but just your website.. Which isn't a valid token :wink:

1 Like

Because I was changing from Wordpress to Vuepress, and thought a workaround to the issue would be to delete and recreate the certs

YES, I know the redirect is in error, and I'm trying to figure out how to stop it from redirecting --- do you have any ideas as to how I might do that?

Check your nginx configuration?

1 Like

all fixed, updated the certbot version and ran the previous command

also updated the DNS file so it wasn’t running an unmasked redirect and was pointing directly at the server

thanks y’all!!

1 Like

Thank you very much!!!

Got it all working after updating the certbot version and adjusting the DNS records!!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.