Hi my centos nginx can't activated ssl , when i active certbot --nginx i was got reply " The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot"
Please kindly help me for this
@sawwailin95 welcome.
I moved your thread to the Help category. You would have been asked to answer the below questions. Please answer as much as you can.
Your actual domain name will be very useful.
=====================
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
3 Likes
Dear MikeMcQ ,
Thanks for very much for you reply, please kindly below view your request output
My domain is : nrcd.net
i ran this command : certbot --nginx
It produced this output :
Requesting a certificate for nrcd.net
Performing the following challenges:
http-01 challenge for nrcd.net
Waiting for verification...
Challenge failed for domain nrcd.net
http-01 challenge for nrcd.net
Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
Domain: nrcd.net
Type: unauthorized
Detail: xx.xxx.xx.xx: Invalid response from http://nrcd.net/.well-known/acme-challenge/7iPFyMPqbzqDDT1d2NjPh3Be4CMctf56TE28hlMjT7g: 404
Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.
Cleaning up challenges
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
My Web server is : Windows Server 2019
The operating system my web server runs on is (include version) : Windows Server 2019
I can login to a root shell on my machine (yes or no, or I don't know): Yes
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.8.0
2 Likes
Hi @sawwailin95, I beg to differ; I believe it is Server: nginx/1.14.1
$ curl -Ii http://nrcd.net/.well-known/acme-challenge/sometestfile
HTTP/1.1 404 Not Found
Server: nginx/1.14.1
Date: Sat, 13 Jan 2024 17:24:53 GMT
Content-Type: text/html
Content-Length: 1245
Connection: keep-alive
X-Powered-By: ASP.NET
3 Likes
Is it running on Windows or CentOS?
3 Likes
Sounds like there may be a proxy involved.
3 Likes
Hi @Bruce5051 when i try your command , the out is showing like this
HTTP/1.1 503 Service Unavailable
Server: squid/5.5
Mime-Version: 1.0
Date: Sat, 13 Jan 2024 18:41:40 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3687
X-Squid-Error: ERR_CONNECT_FAIL 110
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from dev-dns.mapps.gov.mm
X-Cache-Lookup: MISS from svr-dns1.mam.mm:3128
Via: 1.1 svr-dns1.mam.mm (squid/5.5)
Connection: keep-alive
It think squid will be block my nginx but I am not configure squid config in my nginx server.
Hi @linkp , sorry for late reply,
I was setup two server, my backend webserver is MS 2019 server and frontend reverse proxy server is centos.
1 Like
Hello @rg305 i have one squid server but i not setup squid config in my nginx server.
I meant a reverse/inbound proxy.
[not sure what you meant about your squid proxy (inbound or outbound)]
4 Likes
Hi @rg305 sorry I don't understand what you means but my nginx config like this is
server {
listen 80;
server_name nrcd.net;
location / {
proxy_pass http://192.168.100.111:91;
}
}
}
No, I meant that there might have been a proxy in front of [before] your nginx server.
But I think there is nothing in front of your server.
We should have a look at your nginx config, with:
nginx -T
3 Likes
Actually...
What is the real IP of the nignx system?
What is at IP 192.168.100.111?
Which system(s) require a certificate?
Which system(s) have an ACME client installed?
3 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.