Thanks, output from /var/log/letsncrypt/letsencrypt.log
2017-11-27 14:52:20,780:DEBUG:certbot.main:certbot version: 0.19.0
2017-11-27 14:52:20,780:DEBUG:certbot.main:Arguments: ['-n', '-d', 'subdomain.domain.com', '-m', 'me@domain.com', '--standalone', '--agree-tos', '--staging', '--preferred-challenges', 'http', '--debug']
2017-11-27 14:52:20,780:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2017-11-27 14:52:20,791:DEBUG:certbot.log:Root logging level set at 20
2017-11-27 14:52:20,791:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2017-11-27 14:52:20,792:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer None
2017-11-27 14:52:20,867:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone
Description: Spin up a temporary webserver
Interfaces: IAuthenticator, IPlugin
Entry point: standalone = certbot.plugins.standalone:Authenticator
Initialized: <certbot.plugins.standalone.Authenticator object at 0x7f1bb1d79b50>
Prep: True
2017-11-27 14:52:20,868:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.standalone.Authenticator object at 0x7f1bb1d79b50> and installer None
2017-11-27 14:52:20,868:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer None
2017-11-27 14:52:20,871:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(status=None, contact=(u'mailto:me@domain.com',), agreement=u'https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf', key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7f1bb1d79b90>)>)), uri=u'https://acme-staging.api.letsencrypt.org/acme/reg/5140195', new_authzr_uri=u'https://acme-staging.api.letsencrypt.org/acme/new-authz', terms_of_service=u'https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'), f37586153e54421fde25624d2f9ce98e, Meta(creation_host=u'ip-22-0-4-61', creation_dt=datetime.datetime(2017, 11, 27, 13, 47, 14, tzinfo=<UTC>)))>
2017-11-27 14:52:20,872:DEBUG:acme.client:Sending GET request to https://acme-staging.api.letsencrypt.org/directory.
2017-11-27 14:52:20,873:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-staging.api.letsencrypt.org
2017-11-27 14:52:21,158:DEBUG:urllib3.connectionpool:https://acme-staging.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 582
2017-11-27 14:52:21,159:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 582
Replay-Nonce: nzqp878RhDmxGX1rxh7OBHv2h7X-AiHOSv3Wv-6VTlM
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Mon, 27 Nov 2017 14:52:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 27 Nov 2017 14:52:21 GMT
Connection: keep-alive
{
"3m6cYpYQ318": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"key-change": "https://acme-staging.api.letsencrypt.org/acme/key-change",
"meta": {
"terms-of-service": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf"
},
"new-authz": "https://acme-staging.api.letsencrypt.org/acme/new-authz",
"new-cert": "https://acme-staging.api.letsencrypt.org/acme/new-cert",
"new-reg": "https://acme-staging.api.letsencrypt.org/acme/new-reg",
"revoke-cert": "https://acme-staging.api.letsencrypt.org/acme/revoke-cert"
}
2017-11-27 14:52:21,159:INFO:certbot.main:Obtaining a new certificate
2017-11-27 14:52:21,160:DEBUG:acme.client:Requesting fresh nonce
2017-11-27 14:52:21,160:DEBUG:acme.client:Sending HEAD request to https://acme-staging.api.letsencrypt.org/acme/new-authz.
2017-11-27 14:52:21,348:DEBUG:urllib3.connectionpool:https://acme-staging.api.letsencrypt.org:443 "HEAD /acme/new-authz HTTP/1.1" 405 0
2017-11-27 14:52:21,349:DEBUG:acme.client:Received response:
HTTP 405
Server: nginx
Content-Type: application/problem+json
Content-Length: 91
Allow: POST
Replay-Nonce: EWhAxEmNZ5MJwaRNudHs3NDsyXYxtB6YXZz8U1jIwNQ
Expires: Mon, 27 Nov 2017 14:52:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 27 Nov 2017 14:52:21 GMT
Connection: keep-alive
2017-11-27 14:52:21,349:DEBUG:acme.client:Storing nonce: EWhAxEmNZ5MJwaRNudHs3NDsyXYxtB6YXZz8U1jIwNQ
2017-11-27 14:52:21,349:DEBUG:acme.client:JWS payload:
{
"identifier": {
"type": "dns",
"value": "subdomain.domain.com"
},
"resource": "new-authz"
}
2017-11-27 14:52:21,352:DEBUG:acme.client:Sending POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz:
{
"protected": "eyJub25jZSI6ICJFV2hBeEVtTlo1TUp3YVJOdWRIczNORHN5WFl4dEI2WVhaejhVMWpJd05RIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAiMjNqbnhhSXJLTThxUTlNd0JITmtkdFcwTkpaV2FBWTVWWVJCYTF1ZmNlR0VWdmh1UnJWQlYzelR5X2pYNW5wNGo4cFlDa1VLcWhzWV8xWVFpZnEwVUVJNFpBMmYxdlE2VEVjaF9sWmR1ZHJsOXBSTEg3UUhsdGZEOW9QbDdXTWt4SkdXSVV2QUdxemF2RXhKcHpNeGN2bDNoanNaVkZxLTRMelM4cldINEZhZ0stUTJTWW5ENVJqMG1XRHJ2NVA2cEcxaGwyY3g2U1E3dkFObUMxZjZvcWdDUzJpeFI5MUM2Nk1YRHB4TkVvcXBnQlBmaFZGZUtISWF5TGNnSVVYNTdYUENhMFNBU21WZ1JXZzF6bnMzZGRRVkUyTlR5YVg1c2g1MG9OdjFPZEo4QVZiXzdUYzFKQW9QblMtdFJRMHhXaXY2SGs2aFZFQ0hmYnQybWJaX0tRIn19",
"payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAiZGV2LnBhcmFkaW5vLmlvIgogIH0sIAogICJyZXNvdXJjZSI6ICJuZXctYXV0aHoiCn0",
"signature": "J-knPnuBY3Dl1G6o-nYBmFM_uFUhidPfcGB4yBgsYRpL8mU4V0UW9qeAvOGRjd7ZEm4uKW4-82BSr5w-odsNa4ArgzKwOpLKKg8TY6ASWQRK2pDSKyRdsYMg5k-ZSrmGAACZmC88-12Gizu7CZ6lbz0wcqvNspsY3TGZMp9xULlG-02vyfOMAl8TVPtbRJQNXaOxUd6OieUo72Y-neIZRUna_vMk8JagAvTdvOzqQVnMhzlG_4Tp7lMspPbqTMqs4LhkYRDAurKxV5_PqPFgsQPFMVRHEeZMnt1mqm3-gEabRHesSnHySPOU-p5zU4nwakvtFuLt1Lk9shVgT8-m1Q"
}
2017-11-27 14:52:21,561:DEBUG:urllib3.connectionpool:https://acme-staging.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 1009
2017-11-27 14:52:21,561:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 1009
Boulder-Requester: 5140195
Link: <https://acme-staging.api.letsencrypt.org/acme/new-cert>;rel="next"
Location: https://acme-staging.api.letsencrypt.org/acme/authz/hJFSPeoGPiG5pvSgsYD4KxmIKdSSON9azCF2onAIwP8
Replay-Nonce: eiRYJI114Zhg_trlJxTkaRKOpFyQu0f_vOCzpbUuM9U
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Mon, 27 Nov 2017 14:52:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 27 Nov 2017 14:52:21 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "subdomain.domain.com"
},
"status": "pending",
"expires": "2017-12-04T14:52:21.444542706Z",
"challenges": [
{
"type": "dns-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/hJFSPeoGPiG5pvSgsYD4KxmIKdSSON9azCF2onAIwP8/79564232",
"token": "NNJ-OEzbyWDgw1pRZFewDw3yif4nsXjeow8yYYBP_7U"
},
{
"type": "http-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/hJFSPeoGPiG5pvSgsYD4KxmIKdSSON9azCF2onAIwP8/79564233",
"token": "MUXeSBQz8vPExO02benZaH1bwzTlB-gnHhw6MBl4hFo"
},
{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/hJFSPeoGPiG5pvSgsYD4KxmIKdSSON9azCF2onAIwP8/79564234",
"token": "LyTVptVytJB-CeoXyoGj-3rF1J3wuUVly-wsNdwKYIo"
}
],
"combinations": [
[
0
],
[
2
],
[
1
]
]
}
2017-11-27 14:52:21,561:DEBUG:acme.client:Storing nonce: eiRYJI114Zhg_trlJxTkaRKOpFyQu0f_vOCzpbUuM9U
2017-11-27 14:52:21,562:INFO:certbot.auth_handler:Performing the following challenges:
2017-11-27 14:52:21,562:INFO:certbot.auth_handler:http-01 challenge for subdomain.domain.com
2017-11-27 14:52:21,563:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2017-11-27 14:52:21,566:INFO:certbot.auth_handler:Waiting for verification...
2017-11-27 14:52:21,566:DEBUG:acme.client:JWS payload:
{
"keyAuthorization": "MUXeSBQz8vPExO02benZaH1bwzTlB-gnHhw6MBl4hFo.ZP9pZIWOJFYfBSG7P8YJHdShf8fwGLJ-Y0S33CV7iiE",
"type": "http-01",
"resource": "challenge"
}
2017-11-27 14:52:21,569:DEBUG:acme.client:Sending POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/hJFSPeoGPiG5pvSgsYD4KxmIKdSSON9azCF2onAIwP8/79564233:
{
"protected": "eyJub25jZSI6ICJlaVJZSkkxMTRaaGdfdHJsSnhUa2FSS09wRnlRdTBmX3ZPQ3pwYlV1TTlVIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAiMjNqbnhhSXJLTThxUTlNd0JITmtkdFcwTkpaV2FBWTVWWVJCYTF1ZmNlR0VWdmh1UnJWQlYzelR5X2pYNW5wNGo4cFlDa1VLcWhzWV8xWVFpZnEwVUVJNFpBMmYxdlE2VEVjaF9sWmR1ZHJsOXBSTEg3UUhsdGZEOW9QbDdXTWt4SkdXSVV2QUdxemF2RXhKcHpNeGN2bDNoanNaVkZxLTRMelM4cldINEZhZ0stUTJTWW5ENVJqMG1XRHJ2NVA2cEcxaGwyY3g2U1E3dkFObUMxZjZvcWdDUzJpeFI5MUM2Nk1YRHB4TkVvcXBnQlBmaFZGZUtISWF5TGNnSVVYNTdYUENhMFNBU21WZ1JXZzF6bnMzZGRRVkUyTlR5YVg1c2g1MG9OdjFPZEo4QVZiXzdUYzFKQW9QblMtdFJRMHhXaXY2SGs2aFZFQ0hmYnQybWJaX0tRIn19",
"payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogIk1VWGVTQlF6OHZQRXhPMDJiZW5aYUgxYnd6VGxCLWduSGh3Nk1CbDRoRm8uWlA5cFpJV09KRllmQlNHN1A4WUpIZFNoZjhmd0dMSi1ZMFMzM0NWN2lpRSIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9",
"signature": "FrvoODVwoc6biOXscDdFrO8s4aezxuRY_rAwYjBdpFDL45ccAOSQdiKTMyxbQjN1pLIhbvrmdumMN1nsECoulM2BasOCumlq4ncXMi-gBAshWlpVByTmS5sU5cTJu9nXF50iErO-NCtCEb6siO8wB8v4j-Wp3rRCO5ie_fJc1mTvbx8u3n7p6jIjQrwFGOGuikEskMz8SFSvo8Om2G3A6FPTvpFzK60Wck6NKAee7XVy5FIHKKpPiHOBgVLjV6to9U24y_oB5zTmJR5Nxu8Yj-ueCkt5dyuUI3YWZen1nfBAznIULgOuCas6iaw8hZ1REt6EzYy_3Pcamr4L-aqCtw"
}
2017-11-27 14:52:21,782:DEBUG:urllib3.connectionpool:https://acme-staging.api.letsencrypt.org:443 "POST /acme/challenge/hJFSPeoGPiG5pvSgsYD4KxmIKdSSON9azCF2onAIwP8/79564233 HTTP/1.1" 202 338
2017-11-27 14:52:21,782:DEBUG:acme.client:Received response:
HTTP 202
Server: nginx
Content-Type: application/json
Content-Length: 338
Boulder-Requester: 5140195
Link: <https://acme-staging.api.letsencrypt.org/acme/authz/hJFSPeoGPiG5pvSgsYD4KxmIKdSSON9azCF2onAIwP8>;rel="up"
Location: https://acme-staging.api.letsencrypt.org/acme/challenge/hJFSPeoGPiG5pvSgsYD4KxmIKdSSON9azCF2onAIwP8/79564233
Replay-Nonce: x32ylXrFfqIGpcEfyFDJ5biDMbrdHvJot5iCmSYCY5Y
Expires: Mon, 27 Nov 2017 14:52:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 27 Nov 2017 14:52:21 GMT
Connection: keep-alive
{
"type": "http-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/hJFSPeoGPiG5pvSgsYD4KxmIKdSSON9azCF2onAIwP8/79564233",
"token": "MUXeSBQz8vPExO02benZaH1bwzTlB-gnHhw6MBl4hFo",
"keyAuthorization": "MUXeSBQz8vPExO02benZaH1bwzTlB-gnHhw6MBl4hFo.ZP9pZIWOJFYfBSG7P8YJHdShf8fwGLJ-Y0S33CV7iiE"
}
2017-11-27 14:52:21,782:DEBUG:acme.client:Storing nonce: x32ylXrFfqIGpcEfyFDJ5biDMbrdHvJot5iCmSYCY5Y
2017-11-27 14:52:24,786:DEBUG:acme.client:Sending GET request to https://acme-staging.api.letsencrypt.org/acme/authz/hJFSPeoGPiG5pvSgsYD4KxmIKdSSON9azCF2onAIwP8.
2017-11-27 14:52:24,985:DEBUG:urllib3.connectionpool:https://acme-staging.api.letsencrypt.org:443 "GET /acme/authz/hJFSPeoGPiG5pvSgsYD4KxmIKdSSON9azCF2onAIwP8 HTTP/1.1" 200 1778
2017-11-27 14:52:24,986:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1778
Link: <https://acme-staging.api.letsencrypt.org/acme/new-cert>;rel="next"
Replay-Nonce: UKaF8vUBT3o2LtTT7PoFId50vG8K6oRntVkMqYKEDX8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Mon, 27 Nov 2017 14:52:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 27 Nov 2017 14:52:24 GMT
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "subdomain.domain.com"
},
"status": "invalid",
"expires": "2017-12-04T14:52:21Z",
"challenges": [
{
"type": "dns-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/hJFSPeoGPiG5pvSgsYD4KxmIKdSSON9azCF2onAIwP8/79564232",
"token": "NNJ-OEzbyWDgw1pRZFewDw3yif4nsXjeow8yYYBP_7U"
},
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:acme:error:unauthorized",
"detail": "Invalid response from http://subdomain.domain.com/.well-known/acme-challenge/MUXeSBQz8vPExO02benZaH1bwzTlB-gnHhw6MBl4hFo [34.240.74.18]: 503",
"status": 403
},
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/hJFSPeoGPiG5pvSgsYD4KxmIKdSSON9azCF2onAIwP8/79564233",
"token": "MUXeSBQz8vPExO02benZaH1bwzTlB-gnHhw6MBl4hFo",
"keyAuthorization": "MUXeSBQz8vPExO02benZaH1bwzTlB-gnHhw6MBl4hFo.ZP9pZIWOJFYfBSG7P8YJHdShf8fwGLJ-Y0S33CV7iiE",
"validationRecord": [
{
"url": "http://subdomain.domain.com/.well-known/acme-challenge/MUXeSBQz8vPExO02benZaH1bwzTlB-gnHhw6MBl4hFo",
"hostname": "subdomain.domain.com",
"port": "80",
"addressesResolved": [
"34.240.74.18",
"54.77.192.196"
],
"addressUsed": "34.240.74.18",
"addressesTried": []
}
]
},
{
"type": "tls-sni-01",
"status": "pending",
"uri": "https://acme-staging.api.letsencrypt.org/acme/challenge/hJFSPeoGPiG5pvSgsYD4KxmIKdSSON9azCF2onAIwP8/79564234",
"token": "LyTVptVytJB-CeoXyoGj-3rF1J3wuUVly-wsNdwKYIo"
}
],
"combinations": [
[
0
],
[
2
],
[
1
]
]
}
2017-11-27 14:52:24,987:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
Domain: subdomain.domain.com
Type: unauthorized
Detail: Invalid response from http://subdomain.domain.com/.well-known/acme-challenge/MUXeSBQz8vPExO02benZaH1bwzTlB-gnHhw6MBl4hFo [34.240.74.18]: 503
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
2017-11-27 14:52:24,987:INFO:certbot.auth_handler:Cleaning up challenges
2017-11-27 14:52:24,987:DEBUG:certbot.plugins.standalone:Stopping server at :::80...
2017-11-27 14:52:25,071:ERROR:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 11, in <module>
load_entry_point('certbot==0.19.0', 'console_scripts', 'certbot')()
File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 861, in main
return config.func(config, plugins)
File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 786, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 85, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 357, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 318, in obtain_certificate
self.config.allow_subset_of_names)
File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 81, in get_authorizations
self._respond(resp, best_effort)
File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 138, in _respond
self._poll_challenges(chall_update, best_effort)
File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 202, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. subdomain.domain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://subdomain.domain.com/.well-known/acme-challenge/MUXeSBQz8vPExO02benZaH1bwzTlB-gnHhw6MBl4hFo [34.240.74.18]: 503
Console output was:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for domain.subdomain.com
Waiting for verification...
Cleaning up challenges
Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 11, in <module>
load_entry_point('certbot==0.19.0', 'console_scripts', 'certbot')()
File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 861, in main
return config.func(config, plugins)
File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 786, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 85, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 357, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 318, in obtain_certificate
self.config.allow_subset_of_names)
File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 81, in get_authorizations
self._respond(resp, best_effort)
File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 138, in _respond
self._poll_challenges(chall_update, best_effort)
File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 202, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. domain.subdomain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://domain.subdomain.com/.well-
known/acme-challenge/MUXeSBQz8vPExO02benZaH1bwzTlB-gnHhw6MBl4hFo [34.240.74.18]: 503
Please see the logfiles in /var/log/letsencrypt for more details.