Temp file for verification not created for Cert renewall on WHM/cPanel


#1

Hi Geeks,
I’m using AutoSSL on WHM/cPanel to manage LE Certs. An issue prevent the temp file for http verification to be created.

I also tried using a manual cli command and I get the same results. If I manually create the file, I can access it from Internet. But it does not get automatically created.

I do not know the process for the temp file to be created, however, it appears that it’s not getting done for that one. cPanel support showed me different errors about firewall blocking LE or .htaccess. However, if file exists, I can see the content from http.

Here is the log file:

2017-03-13 15:38:56,134:DEBUG:certbot.main:Root logging level set at 20
2017-03-13 15:38:56,134:INFO:certbot.main:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2017-03-13 15:38:56,140:DEBUG:certbot.main:certbot version: 0.9.3
2017-03-13 15:38:56,140:DEBUG:certbot.main:Arguments: ['--debug', '--force-renew', '-a', 'manual', '-d', 'www.fleursetnature.ca', '-d', 'fleursetnature.ca']
2017-03-13 15:38:56,140:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
2017-03-13 15:38:56,144:DEBUG:certbot.plugins.selection:Requested authenticator manual and installer None
2017-03-13 15:38:56,145:DEBUG:certbot.plugins.selection:Single candidate plugin: * manual
Description: Manually configure an HTTP server
Interfaces: IAuthenticator, IPlugin
Entry point: manual = certbot.plugins.manual:Authenticator
Initialized: <certbot.plugins.manual.Authenticator object at 0x3007150>
Prep: True
2017-03-13 15:38:56,145:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.manual.Authenticator object at 0x3007150> and installer None
2017-03-13 15:38:56,260:DEBUG:certbot.main:Picked account: <Account(ccd919cd4c06a2b1455dba998512588b)>
2017-03-13 15:38:56,265:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/directory. args: (), kwargs: {}
2017-03-13 15:38:56,268:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2017-03-13 15:38:56,527:DEBUG:requests.packages.urllib3.connectionpool:"GET /directory HTTP/1.1" 200 352
2017-03-13 15:38:56,527:DEBUG:root:Received <Response [200]>. Headers: {'content-length': '352', 'strict-transport-security': 'max-age=604800', 'boulder-request-id': 'jO6iFOUDuqYh7f5XAxYlUV2LwHUIk_ainrQlGV27VCw', 'expires': 'Mon, 13 Mar 2017 15:38:57 GMT', 'server': 'nginx', 'connection': 'keep-alive', 'pragma': 'no-cache', 'cache-control': 'max-age=0, no-cache, no-store', 'date': 'Mon, 13 Mar 2017 15:38:57 GMT', 'x-frame-options': 'DENY', 'content-type': 'application/json', 'replay-nonce': 'RA5TPTJ8txoofa9CyS9_UTkw_7rr3O3fDsxwszZozKs'}. Content: '{\n  "key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change",\n  "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",\n  "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",\n  "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",\n  "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"\n}'
2017-03-13 15:38:56,528:DEBUG:acme.client:Received response <Response [200]> (headers: {'content-length': '352', 'strict-transport-security': 'max-age=604800', 'boulder-request-id': 'jO6iFOUDuqYh7f5XAxYlUV2LwHUIk_ainrQlGV27VCw', 'expires': 'Mon, 13 Mar 2017 15:38:57 GMT', 'server': 'nginx', 'connection': 'keep-alive', 'pragma': 'no-cache', 'cache-control': 'max-age=0, no-cache, no-store', 'date': 'Mon, 13 Mar 2017 15:38:57 GMT', 'x-frame-options': 'DENY', 'content-type': 'application/json', 'replay-nonce': 'RA5TPTJ8txoofa9CyS9_UTkw_7rr3O3fDsxwszZozKs'}): '{\n  "key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change",\n  "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",\n  "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",\n  "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",\n  "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"\n}'
2017-03-13 15:38:56,532:DEBUG:certbot.renewal:Auto-renewal forced with --force-renewal...
2017-03-13 15:38:56,532:INFO:certbot.main:Renewing an existing certificate
2017-03-13 15:38:56,539:DEBUG:root:Requesting fresh nonce
2017-03-13 15:38:56,539:DEBUG:root:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {}
2017-03-13 15:38:56,619:DEBUG:requests.packages.urllib3.connectionpool:"HEAD /acme/new-authz HTTP/1.1" 405 0
2017-03-13 15:38:56,629:DEBUG:root:Received <Response [405]>. Headers: {'content-length': '91', 'allow': 'POST', 'boulder-request-id': '6XeXeGLScE50C1yqjWc48uGTF6e0hfpV8UjU26Uza_M', 'expires': 'Mon, 13 Mar 2017 15:38:57 GMT', 'server': 'nginx', 'connection': 'keep-alive', 'pragma': 'no-cache', 'cache-control': 'max-age=0, no-cache, no-store', 'date': 'Mon, 13 Mar 2017 15:38:57 GMT', 'content-type': 'application/problem+json', 'replay-nonce': 'qgkbFtl5C3aAjtnDZJnv85veL1N3JHIo741OOw5EFoc'}. Content: ''
2017-03-13 15:38:56,630:DEBUG:acme.client:Storing nonce: '\xaa\t\x1b\x16\xd9y\x0bv\x80\x8e\xd9\xc3d\x99\xef\xf3\x9b\xde/Sw$r(\xef\x8dN;\x0eD\x16\x87'
2017-03-13 15:38:56,630:DEBUG:acme.jose.json_util:Omitted empty fields: expires=None, challenges=None, combinations=None, status=None
2017-03-13 15:38:56,630:DEBUG:acme.client:Serialized JSON: {"identifier": {"type": "dns", "value": "www.fleursetnature.ca"}, "resource": "new-authz"}
2017-03-13 15:38:56,631:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), crit=(), typ=None, jwk=None, x5u=None, kid=None, alg=None, cty=None, x5tS256=None, jku=None, x5t=None
2017-03-13 15:38:56,633:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), crit=(), typ=None, x5u=None, kid=None, cty=None, x5tS256=None, jku=None, x5t=None, nonce=None
2017-03-13 15:38:56,633:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": .......W7dg"}'}
2017-03-13 15:38:56,761:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/new-authz HTTP/1.1" 201 1472

(…)
‘yHI9jO6TdqkdBwWj3HZfVVbCDMGIFjbXs1mFDd8xwMs’}): ‘{\n “identifier”: {\n “type”: “dns”,\n “value”: “fleursetnature.ca”\n },\n “status”: “pending”,\n “expires”: “2017-03-20T15:38:57.821849938Z”,\n “challenges”: [\n {\n “type”: “tls-sni-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/HhksbVSn58W7HOiqu9UP3TY-PqBeMeQ5rj2b9mi4TXo/792837293”,\n “token”: “ALRlEuvj6qVGZMtm3UvdnPtngJSZQzc6QElIXba62hM”\n },\n {\n “type”: “dns-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/HhksbVSn58W7HOiqu9UP3TY-PqBeMeQ5rj2b9mi4TXo/792837294”,\n “token”: “lHzLPGPG2J1gCQol7bq02VX_ET-KcdtQ7rOyPrA3BfE”\n },\n {\n “type”: “http-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/HhksbVSn58W7HOiqu9UP3TY-PqBeMeQ5rj2b9mi4TXo/792837295”,\n “token”: “4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU”\n }\n ],\n “combinations”: [\n [\n 0\n ],\n [\n 1\n ],\n [\n 2\n ]\n ]\n}‘
2017-03-13 15:38:56,872:INFO:certbot.auth_handler:Performing the following challenges:
2017-03-13 15:38:56,879:INFO:certbot.auth_handler:http-01 challenge for www.fleursetnature.ca
2017-03-13 15:38:56,886:INFO:certbot.auth_handler:http-01 challenge for fleursetnature.ca
2017-03-13 15:40:01,314:DEBUG:acme.challenges:Verifying http-01 at http://www.fleursetnature.ca/.well-known/acme-challenge/ZEZcYCDTcJp1RjtG5p3jG3wljY0ZAthK0rvU8eOkchg
2017-03-13 15:40:01,316:INFO:requests.packages.urllib3.connectionpool:Starting new HTTP connection (1): www.fleursetnature.ca
2017-03-13 15:40:01,330:DEBUG:requests.packages.urllib3.connectionpool:“GET /.well-known/acme-challenge/ZEZcYCDTcJp1RjtG5p3jG3wljY0ZAthK0rvU8eOkchg HTTP/1.1” 200 87
2017-03-13 15:40:01,343:DEBUG:acme.challenges:Received <Response [200]>: ZEZcYCDTcJp1RjtG5p3jG3wljY0ZAthK0rvU8eOkchg.tUYCly-uYMHqPCFRl4y8m3Th9gj-6xdEnqYail76Eyo. Headers: {‘content-length’: ‘87’, ‘accept-ranges’: ‘bytes’, ‘keep-alive’: ‘timeout=5’, ‘server’: ‘Apache’, ‘last-modified’: ‘Mon, 13 Mar 2017 15:26:44 GMT’, ‘connection’: ‘Keep-Alive’, ‘date’: ‘Mon, 13 Mar 2017 15:40:01 GMT’}
2017-03-13 15:40:11,412:DEBUG:acme.challenges:Verifying http-01 at http://fleursetnature.ca/.well-known/acme-challenge/4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU
2017-03-13 15:40:11,413:INFO:requests.packages.urllib3.connectionpool:Starting new HTTP connection (1): fleursetnature.ca
2017-03-13 15:40:11,422:DEBUG:requests.packages.urllib3.connectionpool:“GET /.well-known/acme-challenge/4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU HTTP/1.1” 404 387
2017-03-13 15:40:11,423:DEBUG:acme.challenges:Received <Response [404]>:

404 Not Found

Not Found


The requested URL /.well-known/acme-challenge/4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU was not found on this server.


Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.



. Headers: {‘content-length’: ‘387’, ‘keep-alive’: ‘timeout=5’, ‘server’: ‘Apache’, ‘connection’: ‘Keep-Alive’, ‘date’: ‘Mon, 13 Mar 2017 15:40:11 GMT’, ‘content-type’: ‘text/html; charset=iso-8859-1’}
2017-03-13 15:40:11,423:DEBUG:acme.challenges:Key authorization from response (u’4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU.tUYCly-uYMHqPCFRl4y8m3Th9gj-6xdEnqYail76Eyo’) doesn’t match HTTP response (u’\n\n404 Not Found\n\n

Not Found

\n

The requested URL /.well-known/acme-challenge/4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU was not found on this server.

\n

Additionally, a 404 Not Found\nerror was encountered while trying to use an ErrorDocument to handle the request.

\n’)
2017-03-13 15:40:11,423:WARNING:certbot.plugins.manual:Self-verify of challenge failed.
2017-03-13 15:40:11,430:INFO:certbot.auth_handler:Waiting for verification…
2017-03-13 15:40:11,437:DEBUG:acme.client:Serialized JSON: {“keyAuthorization”: “ZEZcYCDTcJp1RjtG5p3jG3wljY0ZAthK0rvU8eOkchg.tUYCly-uYMHqPCFRl4y8m3Th9gj-6xdEnqYail76Eyo”, “type”: “http-01”, “resource”: “challenge”}
2017-03-13 15:40:11,438:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), crit=(), typ=None, jwk=None, x5u=None, kid=None, alg=None, cty=None, x5tS256=None, jku=None, x5t=None
2017-03-13 15:40:11,440:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), crit=(), typ=None, x5u=None, kid=None, cty=None, x5tS256=None, jku=None, x5t=None, nonce=None
2017-03-13 15:40:11,440:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/3aUfjZb_be1-UYa75XEZS3md5WhPmIQWwntC-Ejn0ds/792778369. args: (), kwargs: {‘data’: '{“header”: {“alg”: “RS256”, “jwk”: {“e”: “AQAB”, “kty”: “RSA”, “n”: “tLkU3g…:11,552:DEBUG:root:Received <Response [202]>. Headers: {‘content-length’: ‘652’, ‘boulder-request-id’: ‘4wQNb117pVPzT78ZdQJMTwddIezrwVKaisdEVOo8hp8’, ‘boulder-requester’: ‘4466308’, ‘expires’: ‘Mon, 13 Mar 2017 15:40:12 GMT’, ‘server’: ‘nginx’, ‘connection’: ‘keep-alive’, ‘link’: ‘https://acme-v01.api.letsencrypt.org/acme/authz/3aUfjZb_be1-UYa75XEZS3md5WhPmIQWwntC-Ejn0ds;rel=“up”’, ‘location’: ‘https://acme-v01.api.letsencrypt.org/acme/challenge/3aUfjZb_be1-UYa75XEZS3md5WhPmIQWwntC-Ejn0ds/792778369’, ‘pragma’: ‘no-cache’, ‘cache-control’: ‘max-age=0, no-cache, no-store’, ‘date’: ‘Mon, 13 Mar 2017 15:40:12 GMT’, ‘content-type’: ‘application/json’, ‘replay-nonce’: ‘0oDKWrZO3QyKKGcowyYZ4sR9NRXtPGUQm8vY3RNy9m8’}. Content: '{\n “type”: “http-01”,\n “status”: “valid”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/3aUfjZb_be1-UYa75XEZS3md5WhPmIQWwntC-Ejn0ds/792778369”,\n “token”: “ZEZcYCDTcJp1RjtG5p3jG3wljY0ZAthK0rvU8eOkchg”,\n “keyAuthorization”: “ZEZcYCDTcJp1RjtG5p3jG3wljY0ZAthK0rvU8eOkchg.tUYCly-uYMHqPCFRl4y8m3Th9gj-6xdEnqYail76Eyo”,\n “validationRecord”: [\n {\n “url”: “http://www.fleursetnature.ca/.well-known/acme-challenge/ZEZcYCDTcJp1RjtG5p3jG3wljY0ZAthK0rvU8eOkchg”,\n “hostname”: “www.fleursetnature.ca”,\n “port”: “80”,\n “addressesResolved”: [\n “149.56.38.217”\n ],\n “addressUsed”: “149.56.38.217”\n }\n ]\n}'
2017-03-13 15:40:11,552:DEBUG:acme.client:Storing nonce: '\xd2\x80\xcaZ\xb6N\xdd\x0c\x8a(g(\xc3&\x19\xe2\xc4}5\x15\xed<e\x10\x9b\xcb\xd8\xdd\x13r\xf6o’
2017-03-13 15:40:11,552:DEBUG:acme.client:Received response <Response [202]> (headers: {‘content-length’: ‘652’, ‘boulder-request-id’: ‘4wQNb117pVPzT78ZdQJMTwddIezrwVKaisdEVOo8hp8’, ‘boulder-requester’: ‘4466308’, ‘expires’: ‘Mon, 13 Mar 2017 15:40:12 GMT’, ‘server’: ‘nginx’, ‘connection’: ‘keep-alive’, ‘link’: ‘https://acme-v01.api.letsencrypt.org/acme/authz/3aUfjZb_be1-UYa75XEZS3md5WhPmIQWwntC-Ejn0ds;rel=“up”’, ‘location’: ‘https://acme-v01.api.letsencrypt.org/acme/challenge/3aUfjZb_be1-UYa75XEZS3md5WhPmIQWwntC-Ejn0ds/792778369’, ‘pragma’: ‘no-cache’, ‘cache-control’: ‘max-age=0, no-cache, no-store’, ‘date’: ‘Mon, 13 Mar 2017 15:40:12 GMT’, ‘content-type’: ‘application/json’, ‘replay-nonce’: ‘0oDKWrZO3QyKKGcowyYZ4sR9NRXtPGUQm8vY3RNy9m8’}): '{\n “type”: “http-01”,\n “status”: “valid”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/3aUfjZb_be1-UYa75XEZS3md5WhPmIQWwntC-Ejn0ds/792778369”,\n “token”: “ZEZcYCDTcJp1RjtG5p3jG3wljY0ZAthK0rvU8eOkchg”,\n “keyAuthorization”: “ZEZcYCDTcJp1RjtG5p3jG3wljY0ZAthK0rvU8eOkchg.tUYCly-uYMHqPCFRl4y8m3Th9gj-6xdEnqYail76Eyo”,\n “validationRecord”: [\n {\n “url”: “http://www.fleursetnature.ca/.well-known/acme-challenge/ZEZcYCDTcJp1RjtG5p3jG3wljY0ZAthK0rvU8eOkchg”,\n “hostname”: “www.fleursetnature.ca”,\n “port”: “80”,\n “addressesResolved”: [\n “149.56.38.217”\n ],\n “addressUsed”: “149.56.38.217”\n }\n ]\n}'
2017-03-13 15:40:11,552:DEBUG:acme.client:Serialized JSON: {“keyAuthorization”: “4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU.tUYCly-uYMHqPCFRl4y8m3Th9gj-6xdEnqYail76Eyo”, “type”: “http-01”, “resource”: “challenge”}
2017-03-13 15:40:11,553:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), crit=(), typ=None, jwk=None, x5u=None, kid=None, alg=None, cty=None, x5tS256=None, jku=None, x5t=None
2017-03-13 15:40:11,555:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), crit=(), typ=None, x5u=None, kid=None, cty=None, x5tS256=None, jku=None, x5t=None, nonce=None
2017-03-13 15:40:11,555:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/HhksbVSn58W7HOiqu9UP3TY-PqBeMeQ5rj2b9mi4TXo/792837295. args: (), kwargs: {‘data’: ‘{“header”: {“alg”: “RS256”, “jwk”: {“e”: “AQAB”, “kty”: “RSA”, “n”: "tLkU3gLZ4utrD…_NM71SAIs’, ‘boulder-requester’: ‘4466308’, ‘expires’: ‘Mon, 13 Mar 2017 15:40:13 GMT’, ‘server’: ‘nginx’, ‘connection’: ‘keep-alive’, ‘link’: ‘https://acme-v01.api.letsencrypt.org/acme/authz/HhksbVSn58W7HOiqu9UP3TY-PqBeMeQ5rj2b9mi4TXo;rel=“up”’, ‘location’: ‘https://acme-v01.api.letsencrypt.org/acme/challenge/HhksbVSn58W7HOiqu9UP3TY-PqBeMeQ5rj2b9mi4TXo/792837295’, ‘pragma’: ‘no-cache’, ‘cache-control’: ‘max-age=0, no-cache, no-store’, ‘date’: ‘Mon, 13 Mar 2017 15:40:13 GMT’, ‘content-type’: ‘application/json’, ‘replay-nonce’: ‘9b3X01aa6XQjEEQRCTayXsj_JVURo4HpO-EcaXMMNwc’}. Content: '{\n “type”: “http-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/HhksbVSn58W7HOiqu9UP3TY-PqBeMeQ5rj2b9mi4TXo/792837295”,\n “token”: “4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU”,\n “keyAuthorization”: “4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU.tUYCly-uYMHqPCFRl4y8m3Th9gj-6xdEnqYail76Eyo”\n}'
2017-03-13 15:40:12,151:DEBUG:acme.client:Storing nonce: '\xf5\xbd\xd7\xd3V\x9a\xe9t#\x10D\x11\t6\xb2^\xc8\xff%U\x11\xa3\x81\xe9;\xe1\x1cis\x0c7\x07’
2017-03-13 15:40:12,151:DEBUG:acme.client:Received response <Response [202]> (headers: {‘content-length’: ‘335’, ‘boulder-request-id’: ‘XOuXpLVFy8PfkmvIoNls5cmDbIyAEQa-ub_NM71SAIs’, ‘boulder-requester’: ‘4466308’, ‘expires’: ‘Mon, 13 Mar 2017 15:40:13 GMT’, ‘server’: ‘nginx’, ‘connection’: ‘keep-alive’, ‘link’: ‘https://acme-v01.api.letsencrypt.org/acme/authz/HhksbVSn58W7HOiqu9UP3TY-PqBeMeQ5rj2b9mi4TXo;rel=“up”’, ‘location’: ‘https://acme-v01.api.letsencrypt.org/acme/challenge/HhksbVSn58W7HOiqu9UP3TY-PqBeMeQ5rj2b9mi4TXo/792837295’, ‘pragma’: ‘no-cache’, ‘cache-control’: ‘max-age=0, no-cache, no-store’, ‘date’: ‘Mon, 13 Mar 2017 15:40:13 GMT’, ‘content-type’: ‘application/json’, ‘replay-nonce’: ‘9b3X01aa6XQjEEQRCTayXsj_JVURo4HpO-EcaXMMNwc’}): '{\n “type”: “http-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/HhksbVSn58W7HOiqu9UP3TY-PqBeMeQ5rj2b9mi4TXo/792837295”,\n “token”: “4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU”,\n “keyAuthorization”: “4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU.tUYCly-uYMHqPCFRl4y8m3Th9gj-6xdEnqYail76Eyo”\n}'
2017-03-13 15:40:15,156:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/3aUfjZb_be1-UYa75XEZS3md5WhPmIQWwntC-Ejn0ds. args: (), kwargs: {}
2017-03-13 15:40:15,306:DEBUG:requests.packages.urllib3.connectionpool:“GET /acme/authz/3aUfjZb_be1-UYa75XEZS3md5WhPmIQWwntC-Ejn0ds HTTP/1.1” 200 1472
2017-03-13 15:40:15,307:DEBUG:root:Received <Response [200]>. Headers: {‘content-length’: ‘1472’, ‘strict-transport-security’: ‘max-age=604800’, ‘boulder-request-id’: ‘8HXPg2TjTG9E8SRLD3Xj_ms1OtFqWVK1FQkPDRwEecQ’, ‘expires’: ‘Mon, 13 Mar 2017 15:40:16 GMT’, ‘server’: ‘nginx’, ‘connection’: ‘keep-alive’, ‘link’: ‘https://acme-v01.api.letsencrypt.org/acme/new-cert;rel=“next”’, ‘pragma’: ‘no-cache’, ‘cache-control’: ‘max-age=0, no-cache, no-store’, ‘date’: ‘Mon, 13 Mar 2017 15:40:16 GMT’, ‘x-frame-options’: ‘DENY’, ‘content-type’: ‘application/json’, ‘replay-nonce’: ‘_u0zSVPRV2lKSI6NuPgf8sY7KXx_GIXGFuN3YqJ4ksQ’}. Content: '{\n “identifier”: {\n “type”: “dns”,\n “value”: “www.fleursetnature.ca”\n },\n “status”: “valid”,\n “expires”: “2017-05-12T15:27:38Z”,\n “challenges”: [\n {\n “type”: “tls-sni-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/3aUfjZb_be1-UYa75XEZS3md5WhPmIQWwntC-Ejn0ds/792778367”,\n “token”: “kXogOZvOEBZUF-bHdMroLtestpEzF5YEaeK8cOSrbL0”\n },\n {\n “type”: “dns-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/3aUfjZb_be1-UYa75XEZS3md5WhPmIQWwntC-Ejn0ds/792778368”,\n “token”: “fF7jdl4SWRwW-CeRbCpOyOT0urayn2ob_fMxM1nKry0”\n },\n {\n “type”: “http-01”,\n “status”: “valid”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/3aUfjZb_be1-UYa75XEZS3md5WhPmIQWwntC-Ejn0ds/792778369”,\n “token”: “ZEZcYCDTcJp1RjtG5p3jG3wljY0ZAthK0rvU8eOkchg”,\n “keyAuthorization”: “ZEZcYCDTcJp1RjtG5p3jG3wljY0ZAthK0rvU8eOkchg.tUYCly-uYMHqPCFRl4y8m3Th9gj-6xdEnqYail76Eyo”,\n “validationRecord”: [\n {\n “url”: “http://www.fleursetnature.ca/.well-known/acme-challenge/ZEZcYCDTcJp1RjtG5p3jG3wljY0ZAthK0rvU8eOkchg”,\n “hostname”: “www.fleursetnature.ca”,\n “port”: “80”,\n “addressesResolved”: [\n “149.56.38.217”\n ],\n “addressUsed”: “149.56.38.217”\n }\n ]\n }\n ],\n “combinations”: [\n [\n 0\n ],\n [\n 2\n ],\n [\n 1\n ]\n ]\n}'
2017-03-13 15:40:15,307:DEBUG:acme.client:Received response <Response [200]> (headers: {‘content-length’: ‘1472’, ‘strict-transport-security’: ‘max-age=604800’, ‘boulder-request-id’: ‘8HXPg2TjTG9E8SRLD3Xj_ms1OtFqWVK1FQkPDRwEecQ’, ‘expires’: ‘Mon, 13 Mar 2017 15:40:16 GMT’, ‘server’: ‘nginx’, ‘connection’: ‘keep-alive’, ‘link’: ‘https://acme-v01.api.letsencrypt.org/acme/new-cert;rel=“next”’, ‘pragma’: ‘no-cache’, ‘cache-control’: ‘max-age=0, no-cache, no-store’, ‘date’: ‘Mon, 13 Mar 2017 15:40:16 GMT’, ‘x-frame-options’: ‘DENY’, ‘content-type’: ‘application/json’, ‘replay-nonce’: ‘_u0zSVPRV2lKSI6NuPgf8sY7KXx_GIXGFuN3YqJ4ksQ’}): '{\n “identifier”: {\n “type”: “dns”,\n “value”: “www.fleursetnature.ca”\n },\n “status”: “valid”,\n “expires”: “2017-05-12T15:27:38Z”,\n “challenges”: [\n {\n “type”: “tls-sni-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/3aUfjZb_be1-UYa75XEZS3md5WhPmIQWwntC-Ejn0ds/792778367”,\n “token”: “kXogOZvOEBZUF-bHdMroLtestpEzF5YEaeK8cOSrbL0”\n },\n {\n “type”: “dns-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/3aUfjZb_be1-UYa75XEZS3md5WhPmIQWwntC-Ejn0ds/792778368”,\n “token”: “fF7jdl4SWRwW-CeRbCpOyOT0urayn2ob_fMxM1nKry0”\n },\n {\n “type”: “http-01”,\n “status”: “valid”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/3aUfjZb_be1-UYa75XEZS3md5WhPmIQWwntC-Ejn0ds/792778369”,\n “token”: “ZEZcYCDTcJp1RjtG5p3jG3wljY0ZAthK0rvU8eOkchg”,\n “keyAuthorization”: “ZEZcYCDTcJp1RjtG5p3jG3wljY0ZAthK0rvU8eOkchg.tUYCly-uYMHqPCFRl4y8m3Th9gj-6xdEnqYail76Eyo”,\n “validationRecord”: [\n {\n “url”: “http://www.fleursetnature.ca/.well-known/acme-challenge/ZEZcYCDTcJp1RjtG5p3jG3wljY0ZAthK0rvU8eOkchg”,\n “hostname”: “www.fleursetnature.ca”,\n “port”: “80”,\n “addressesResolved”: [\n “149.56.38.217”\n ],\n “addressUsed”: “149.56.38.217”\n }\n ]\n }\n ],\n “combinations”: [\n [\n 0\n ],\n [\n 2\n ],\n [\n 1\n ]\n ]\n}'
2017-03-13 15:40:15,307:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/HhksbVSn58W7HOiqu9UP3TY-PqBeMeQ5rj2b9mi4TXo. args: (), kwargs: {}
2017-03-13 15:40:15,388:DEBUG:requests.packages.urllib3.connectionpool:“GET /acme/authz/HhksbVSn58W7HOiqu9UP3TY-PqBeMeQ5rj2b9mi4TXo HTTP/1.1” 200 1934
2017-03-13 15:40:15,389:DEBUG:root:Received <Response [200]>. Headers: {‘content-length’: ‘1934’, ‘strict-transport-security’: ‘max-age=604800’, ‘boulder-request-id’: ‘MI0kJRlvtXRtqguwusB9igbOpFfvYdzYhw4zAgEqdhc’, ‘expires’: ‘Mon, 13 Mar 2017 15:40:16 GMT’, ‘server’: ‘nginx’, ‘connection’: ‘keep-alive’, ‘link’: ‘https://acme-v01.api.letsencrypt.org/acme/new-cert;rel=“next”’, ‘pragma’: ‘no-cache’, ‘cache-control’: ‘max-age=0, no-cache, no-store’, ‘date’: ‘Mon, 13 Mar 2017 15:40:16 GMT’, ‘x-frame-options’: ‘DENY’, ‘content-type’: ‘application/json’, ‘replay-nonce’: ‘qgK10AY2T_ol697kfHmD5dFKhffak2VUwpvlAz212GA’}. Content: '{\n “identifier”: {\n “type”: “dns”,\n “value”: “fleursetnature.ca”\n },\n “status”: “invalid”,\n “expires”: “2017-03-20T15:38:57Z”,\n “challenges”: [\n {\n “type”: “tls-sni-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/HhksbVSn58W7HOiqu9UP3TY-PqBeMeQ5rj2b9mi4TXo/792837293”,\n “token”: “ALRlEuvj6qVGZMtm3UvdnPtngJSZQzc6QElIXba62hM”\n },\n {\n “type”: “dns-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/HhksbVSn58W7HOiqu9UP3TY-PqBeMeQ5rj2b9mi4TXo/792837294”,\n “token”: “lHzLPGPG2J1gCQol7bq02VX_ET-KcdtQ7rOyPrA3BfE”\n },\n {\n “type”: “http-01”,\n “status”: “invalid”,\n “error”: {\n “type”: “urn:acme:error:unauthorized”,\n “detail”: “Invalid response from http://fleursetnature.ca/.well-known/acme-challenge/4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU: \”\u003c!DOCTYPE HTML PUBLIC \”-//IETF//DTD HTML 2.0//EN\"\u003e\n\u003chtml\u003e\u003chead\u003e\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\n\u003c/head\u003e\u003cbody\u003e\n\u003ch1\u003eNot Found\u003c/h1\u003e\n\u003cp\"",\n “status”: 403\n },\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/HhksbVSn58W7HOiqu9UP3TY-PqBeMeQ5rj2b9mi4TXo/792837295”,\n “token”: “4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU”,\n “keyAuthorization”: “4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU.tUYCly-uYMHqPCFRl4y8m3Th9gj-6xdEnqYail76Eyo”,\n “validationRecord”: [\n {\n “url”: “http://fleursetnature.ca/.well-known/acme-challenge/4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU”,\n “hostname”: “fleursetnature.ca”,\n “port”: “80”,\n “addressesResolved”: [\n “149.56.38.217”\n ],\n “addressUsed”: “149.56.38.217”\n }\n ]\n }\n ],\n “combinations”: [\n [\n 0\n ],\n [\n 1\n ],\n [\n 2\n ]\n ]\n}'
2017-03-13 15:40:15,389:DEBUG:acme.client:Received response <Response [200]> (headers: {‘content-length’: ‘1934’, ‘strict-transport-security’: ‘max-age=604800’, ‘boulder-request-id’: ‘MI0kJRlvtXRtqguwusB9igbOpFfvYdzYhw4zAgEqdhc’, ‘expires’: ‘Mon, 13 Mar 2017 15:40:16 GMT’, ‘server’: ‘nginx’, ‘connection’: ‘keep-alive’, ‘link’: ‘https://acme-v01.api.letsencrypt.org/acme/new-cert;rel=“next”’, ‘pragma’: ‘no-cache’, ‘cache-control’: ‘max-age=0, no-cache, no-store’, ‘date’: ‘Mon, 13 Mar 2017 15:40:16 GMT’, ‘x-frame-options’: ‘DENY’, ‘content-type’: ‘application/json’, ‘replay-nonce’: ‘qgK10AY2T_ol697kfHmD5dFKhffak2VUwpvlAz212GA’}): '{\n “identifier”: {\n “type”: “dns”,\n “value”: “fleursetnature.ca”\n },\n “status”: “invalid”,\n “expires”: “2017-03-20T15:38:57Z”,\n “challenges”: [\n {\n “type”: “tls-sni-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/HhksbVSn58W7HOiqu9UP3TY-PqBeMeQ5rj2b9mi4TXo/792837293”,\n “token”: “ALRlEuvj6qVGZMtm3UvdnPtngJSZQzc6QElIXba62hM”\n },\n {\n “type”: “dns-01”,\n “status”: “pending”,\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/HhksbVSn58W7HOiqu9UP3TY-PqBeMeQ5rj2b9mi4TXo/792837294”,\n “token”: “lHzLPGPG2J1gCQol7bq02VX_ET-KcdtQ7rOyPrA3BfE”\n },\n {\n “type”: “http-01”,\n “status”: “invalid”,\n “error”: {\n “type”: “urn:acme:error:unauthorized”,\n “detail”: “Invalid response from http://fleursetnature.ca/.well-known/acme-challenge/4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU: \”\u003c!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"\u003e\n\u003chtml\u003e\u003chead\u003e\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\n\u003c/head\u003e\u003cbody\u003e\n\u003ch1\u003eNot Found\u003c/h1\u003e\n\u003cp\"",\n “status”: 403\n },\n “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/HhksbVSn58W7HOiqu9UP3TY-PqBeMeQ5rj2b9mi4TXo/792837295”,\n “token”: “4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU”,\n “keyAuthorization”: “4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU.tUYCly-uYMHqPCFRl4y8m3Th9gj-6xdEnqYail76Eyo”,\n “validationRecord”: [\n {\n “url”: “http://fleursetnature.ca/.well-known/acme-challenge/4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU”,\n “hostname”: “fleursetnature.ca”,\n “port”: “80”,\n “addressesResolved”: [\n “149.56.38.217”\n ],\n “addressUsed”: “149.56.38.217”\n }\n ]\n }\n ],\n “combinations”: [\n [\n 0\n ],\n [\n 1\n ],\n [\n 2\n ]\n ]\n}'
2017-03-13 15:40:15,390:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
Domain: fleursetnature.ca
Type:   unauthorized
Detail: Invalid response from http://fleursetnature.ca/.well-known/acme-challenge/4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p"

To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address.
2017-03-13 15:40:15,390:INFO:certbot.auth_handler:Cleaning up challenges
2017-03-13 15:40:15,398:DEBUG:certbot.main:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/certbot", line 9, in <module>
load_entry_point('certbot==0.9.3', 'console_scripts', 'certbot')()
  File "/usr/lib/python2.7/site-packages/certbot/main.py", line 776, in main
return config.func(config, plugins)
  File "/usr/lib/python2.7/site-packages/certbot/main.py", line 563, in obtain_cert
action, _ = _auth_from_domains(le_client, config, domains, lineage)
  File "/usr/lib/python2.7/site-packages/certbot/main.py", line 96, in _auth_from_domains
renewal.renew_cert(config, domains, le_client, lineage)
  File "/usr/lib/python2.7/site-packages/certbot/renewal.py", line 238, in renew_cert
new_certr, new_chain, new_key, _ = le_client.obtain_certificate(domains)
  File "/usr/lib/python2.7/site-packages/certbot/client.py", line 253, in obtain_certificate
self.config.allow_subset_of_names)
  File "/usr/lib/python2.7/site-packages/certbot/auth_handler.py", line 78, in get_authorizations
self._respond(resp, best_effort)
  File "/usr/lib/python2.7/site-packages/certbot/auth_handler.py", line 135, in _respond
self._poll_challenges(chall_update, best_effort)
  File "/usr/lib/python2.7/site-packages/certbot/auth_handler.py", line 199, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. fleursetnature.ca (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://fleursetnature.ca/.well-known/acme-challenge/4NrT4G_WK8DZzwz1rMefYp_1JYGtKN4zWFO-IwfPmYU: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>

#2

Instantly made me not want to help you :smiley:

good luck


#3

Thanks a loot for your help. It’s been fixed now.


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.