Hi there beautiful community.
I am struggling trying to generate a “new” certificate. I generated certificates for my server a few times before and all of them worked. I formatted and reinstalled the OS and then it’s not working anymore.
The full domain name of my site is: sandbox.sierraminera.com
The command line I ran: certbot --apache -d sandbox.sierraminera.com -d www.sandbox.sierraminera.com
I also tried following the steps for: certbot --apache
I don’t have any issue doing this in my other servers, which are under subdomains of the same domain.
The output of the first command:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for sandbox.sierraminera.com
tls-sni-01 challenge for www.sandbox.sierraminera.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. sandbox.sierraminera.com (tls-sni-01): urn:acme:error:unauthorized :: The client lacks
sufficient authorization :: Incorrect validation certificate for tls-sni-01 challenge. Requested
834bf0fcaf7a05b254bcbbc4a49fbe53.ca26e9b8281998a3c805db9feb3a7203.acme.invalid from 185.44.26.220:443.
Received 1 certificate(s), first certificate had names "192.168.168.168", www.sandbox.sierraminera.com (tls-sni-01):
urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect validation certificate for tls-sni-01
challenge. Requested 2ad0e7ddc323de47e97e872b9972b7e3.58d71913aa635518dcf3cc212d3d3a6a.acme.invalid
from 185.44.26.220:443. Received 1 certificate(s), first certificate had names "192.168.168.168"
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: sandbox.sierraminera.com
Type: unauthorized
Detail: Incorrect validation certificate for tls-sni-01 challenge.
Requested
834bf0fcaf7a05b254bcbbc4a49fbe53.ca26e9b8281998a3c805db9feb3a7203.acme.invalid
from 185.44.26.220:443. Received 1 certificate(s), first
certificate had names "192.168.168.168"
Domain: www.sandbox.sierraminera.com
Type: unauthorized
Detail: Incorrect validation certificate for tls-sni-01 challenge.
Requested
2ad0e7ddc323de47e97e872b9972b7e3.58d71913aa635518dcf3cc212d3d3a6a.acme.invalid
from 185.44.26.220:443. Received 1 certificate(s), first
certificate had names "192.168.168.168"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
The A record for the domain sandbox.sierraminera.com is pointing to 185.44.26.220, which is the IP of the server from where I am issuing the command. Ports 80 and 443 opened.
I don’t know where the IP 192.168.168.168 is coming from. I am under a SonicWall firewall by the way, but this wasn’t a problem before.
Name and version of my OS: Ubuntu Server 16.04
Name and version of my web server: Apache 2.4
I am not using a hosting provider. I have full control of the web server.
Thank you all guys!