Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: huijse.nl
I ran this command: sudo certbot --apache -d huijse.nl -d www.huijse.nl
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for huijse.nl
Waiting for verification...
Challenge failed for domain huijse.nl
http-01 challenge for huijse.nl
Cleaning up challenges
Some challenges have failed.
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): Server version: Apache/2.4.29 (Ubuntu)
The operating system my web server runs on is (include version): Ubuntu 18.04
My hosting provider, if applicable, is: hostnet.nl
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.8.0
Thanks for the quick response. Just removed the IPv6 AAAA record from my DNS settings. But it may take up to 24 hours to take effect everywhere.
Than did the following:
sudo certbot certonly --cert-name huijse.nl -a apache -d huijse.nl,www.huijse.nl --dry-run
[sudo] password for michiel:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for huijse.nl
http-01 challenge for www.huijse.nl
Waiting for verification...
Challenge failed for domain huijse.nl
http-01 challenge for huijse.nl
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: huijse.nl
Type: unauthorized
Detail: Invalid response from
http://huijse.nl/.well-known/acme-challenge/22feTxU2ZeYAon0p2Uq6SAOSynzngvgew1Hvkrberkg
[2a02:2268:ffff:ffff::4]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD
HTML 2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
OOh I waited a few minutes and now there is a better result:
sudo certbot certonly --cert-name huijse.nl -a apache -d huijse.nl,www.huijse.nl --dry-run
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for huijse.nl
http-01 challenge for www.huijse.nl
Waiting for verification...
Cleaning up challenges
IMPORTANT NOTES:
- The dry run was successful.
Whoop whoo! Works, thanks allot, happy it is solved. I asked my hosting multiple times if the DNS was configured well...
sudo certbot --apache -d huijse.nl -d www.huijse.nl
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for huijse.nl
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/apache2/sites-available/huijse.nl-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/huijse.nl-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/huijse.nl-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-available/huijse.nl-le-ssl.conf
Redirecting vhost in /etc/apache2/sites-enabled/huijse.nl.conf to ssl vhost in /etc/apache2/sites-available/huijse.nl-le-ssl.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://huijse.nl and
https://www.huijse.nl
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/huijse.nl/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/huijse.nl/privkey.pem
Your cert will expire on 2020-12-22. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
You might want to consider redirecting to either only www or only non-www for SEO purposes, but aside from that, you're golden.
To renew, you need only run the following, which can (and may already) be automated with a scheduled task. Running it will skip acquiring a new certificate until 30 days before expiration, so feel free to run it as often as you like.
