My domain is: cyannotes.com
I ran this command: sudo certbot renew --dry-run
It produced this output:
1 renew failure(s), 0 parse failure(s) IMPORTANT NOTES: - The following errors were reported by the server: Domain: cyannotes.com Type: unauthorized Detail: Invalid response from https://cyannotes.com/.well-known/acme-challenge/0qD5OsLQU0aM_OEwSjcOWmiLWcliPVNsC_Lwd1YwKS8 [184.108.40.206]: "<html>\r\n<head><title>404 Not Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404 Not Found</h1></center>\r\n<hr><center>" Domain: www.cyannotes.com Type: unauthorized Detail: Invalid response from https://cyannotes.com/.well-known/acme-challenge/9--No4wmqANKY0IDq1WXv-rKDhs_dnz5hnhmiJB-YuE [220.127.116.11]: "<html>\r\n<head><title>404 Not Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404 Not Found</h1></center>\r\n<hr><center>" To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
My web server is (include version): nginx 1.6.2
The operating system my web server runs on is (include version): Ubuntu 14.04 LTS
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you’re using Certbot): certbot 0.31.0
First, I created the existing certificate using standalone option, and it worked fine. Second, I can access https://cyannotes.com/.well-known/acme-challenge/test.txt. I think the problem lies in the fact that whatever needs to be created under
.well-known/acme-challenge/ directory (e.g.
9--No4wmqANKY0IDq1WXv-rKDhs_dnz5hnhmiJB-YuE as above) does not get created during the renewal, which leads to 404 not found. The reason I don’t know and hope to find out.
For reference, my renewal parameters inside
[renewalparams] server = https://acme-v02.api.letsencrypt.org/directory pref_challs = http-01, authenticator = standalone account = blahblahblah http01_port = 8008