Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: lightweightforyou.com
I ran this command: sudo certbot --nginx --test-cert -v
It produced this output:
2024-09-07 03:07:19,279:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 97
2024-09-07 03:07:19,371:DEBUG:certbot._internal.main:certbot version: 2.11.0
2024-09-07 03:07:19,372:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/3834/bin/certbot
2024-09-07 03:07:19,372:DEBUG:certbot._internal.main:Arguments: ['--nginx', '--test-cert', '-v', '--preconfigured-renewal']
2024-09-07 03:07:19,372:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2024-09-07 03:07:19,380:DEBUG:certbot._internal.log:Root logging level set at 20
2024-09-07 03:07:19,381:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx
2024-09-07 03:07:19,464:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: Authenticator, Installer, Plugin
Entry point: EntryPoint(name='nginx', value='certbot_nginx._internal.configurator:NginxConfigurator', group='certbot.plugins')
Initialized: <certbot_nginx._internal.configurator.NginxConfigurator object at 0x7f62a9a02a30>
Prep: True
2024-09-07 03:07:19,464:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_nginx._internal.configurator.NginxConfigurator object at 0x7f62a9a02a30> and installer <certbot_nginx._internal.configurator.NginxConfigurator object at 0x7f62a9a02a30>
2024-09-07 03:07:19,464:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx
2024-09-07 03:07:19,506:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-staging-v02.api.letsencrypt.org/acme/acct/162283333', new_authzr_uri=None, terms_of_service=None), 66f7de70fe593620898078f1e3ef9b78, Meta(creation_dt=datetime.datetime(2024, 9, 6, 16, 6, 29, tzinfo=<UTC>), creation_host='ubuntu-24.localhost', register_to_eff='dileep.learner@gmail.com'))>
2024-09-07 03:07:19,507:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory.
2024-09-07 03:07:19,508:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org:443
2024-09-07 03:07:20,242:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 820
2024-09-07 03:07:20,242:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sat, 07 Sep 2024 03:07:20 GMT
Content-Type: application/json
Content-Length: 820
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"3Kf-gSDA_fU": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf",
"website": "https://letsencrypt.org/docs/staging-environment/"
},
"newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order",
"renewalInfo": "https://acme-staging-v02.api.letsencrypt.org/draft-ietf-acme-ari-03/renewalInfo",
"revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert"
}
2024-09-07 03:07:20,244:DEBUG:certbot.util:Not suggesting name "_"
Traceback (most recent call last):
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/util.py", line 389, in get_filtered_names
filtered_names.add(enforce_le_validity(name))
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/util.py", line 575, in enforce_le_validity
raise errors.ConfigurationError(
certbot.errors.ConfigurationError: _ contains an invalid character. Valid characters are A-Z, a-z, 0-9, ., and -.
2024-09-07 03:07:23,426:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for lightweightforyou.com and www.lightweightforyou.com
2024-09-07 03:07:23,429:DEBUG:acme.client:Requesting fresh nonce
2024-09-07 03:07:23,429:DEBUG:acme.client:Sending HEAD request to https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce.
2024-09-07 03:07:23,669:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2024-09-07 03:07:23,670:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sat, 07 Sep 2024 03:07:23 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 6wrlOJ0Tgm_-mWinXbLe0AFmote2aqFF5L0U_rL69C7Gd8oNIb0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
2024-09-07 03:07:23,670:DEBUG:acme.client:Storing nonce: 6wrlOJ0Tgm_-mWinXbLe0AFmote2aqFF5L0U_rL69C7Gd8oNIb0
2024-09-07 03:07:23,670:DEBUG:acme.client:JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "lightweightforyou.com"\n },\n {\n "type": "dns",\n "value": "www.lightweightforyou.com"\n }\n ]\n}'
2024-09-07 03:07:23,671:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNjIyODMzMzMiLCAibm9uY2UiOiAiNndybE9KMFRnbV8tbVdpblhiTGUwQUZtb3RlMmFxRkY1TDBVX3JMNjlDN0dkOG9OSWIwIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9",
"signature": "fYzNbPgM7PqEE2_IcDVLq1HHkh6ObArSDhl-oN-72siXgDbacddQRO5_X5AUyZe0ahiGsvgzmwnsT4t5clbtUJaE7PyJPko1AJQvr3TR3z7q7i2Uw5dyt2Z2B6JBE0whxKgvxvPgqrjo64ccxr7pr8_wJRzqwPUZFkYgrJ55PaURO6Gh92dalZXri8dE0e1mF6zAPF7AZuNR1mdqK9BTjP4C9lc0MFVKTIViTS-RzcoWOkuygG2_h8yPPdtNba4eiK4aMT7PE48IHeumNJ9KyzBXQATazrLb5LckWuQNQHISJJZwsM8iY_s9-VfJexXP_m6KoPFbfa7Yf9Kv_BCRtw",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImxpZ2h0d2VpZ2h0Zm9yeW91LmNvbSIKICAgIH0sCiAgICB7CiAgICAgICJ0eXBlIjogImRucyIsCiAgICAgICJ2YWx1ZSI6ICJ3d3cubGlnaHR3ZWlnaHRmb3J5b3UuY29tIgogICAgfQogIF0KfQ"
}
2024-09-07 03:07:23,970:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 515
2024-09-07 03:07:23,970:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Sat, 07 Sep 2024 03:07:23 GMT
Content-Type: application/json
Content-Length: 515
Connection: keep-alive
Boulder-Requester: 162283333
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/162283333/18928497613
Replay-Nonce: _yLDrU7Hwwcmf2p-DOWHS4ZpDeL-2O0wLYQqcBJChAFl8bRB7ms
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"status": "pending",
"expires": "2024-09-14T03:07:23Z",
"identifiers": [
{
"type": "dns",
"value": "lightweightforyou.com"
},
{
"type": "dns",
"value": "www.lightweightforyou.com"
}
],
"authorizations": [
"https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/13902850853",
"https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/13902850863"
],
"finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/162283333/18928497613"
}
2024-09-07 03:07:23,971:DEBUG:acme.client:Storing nonce: _yLDrU7Hwwcmf2p-DOWHS4ZpDeL-2O0wLYQqcBJChAFl8bRB7ms
2024-09-07 03:07:23,971:DEBUG:acme.client:JWS payload:
b''
2024-09-07 03:07:23,971:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/13902850853:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNjIyODMzMzMiLCAibm9uY2UiOiAiX3lMRHJVN0h3d2NtZjJwLURPV0hTNFpwRGVMLTJPMHdMWVFxY0JKQ2hBRmw4YlJCN21zIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzEzOTAyODUwODUzIn0",
"signature": "H2cTBFWJhBNnMxMEQX2ZTVqjh7cFsSiPtQfZ0inFeWc_GvggWupiJbnZuktPvytxCv-YHgNJyrmDZLGQB9LgGedDk5h8oTZjih245eTJ9mWefBgKtk6KsAkPTkoQSRviu3truDx71Al4FamGxZiHGicnY71VMHex-Y66jZhQtpVmAtXRyUyK6iped5j9dZYW30_M4I6NGkXx4n7I3u-R8LnYb-6dRPVDj2dkr6WNFmi7du9SFOSU7PvRmYyEt-GVBzKKRl_7HvF6yz5kJX4Ca_Qt4EEdlirmUMqWYUSvwYumjZZpm1z_a_QD_LHdjDRa1YD64v2v53gDBjBnY3ZKOw",
"payload": ""
}
2024-09-07 03:07:24,220:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/13902850853 HTTP/1.1" 200 826
2024-09-07 03:07:24,220:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sat, 07 Sep 2024 03:07:24 GMT
Content-Type: application/json
Content-Length: 826
Connection: keep-alive
Boulder-Requester: 162283333
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: _yLDrU7Hs6qN-NDcNT9of3u9gH2_mlhjaBpsT5fSjKGEw4dzHZM
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "lightweightforyou.com"
},
"status": "pending",
"expires": "2024-09-14T03:07:23Z",
"challenges": [
{
"type": "http-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/13902850853/s-bZFA",
"status": "pending",
"token": "M6eOfB65Ltdjmj7RzQpcGGWSL8AF2uguk1EoQ7CLOU8"
},
{
"type": "tls-alpn-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/13902850853/snV90w",
"status": "pending",
"token": "M6eOfB65Ltdjmj7RzQpcGGWSL8AF2uguk1EoQ7CLOU8"
},
{
"type": "dns-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/13902850853/abmhYA",
"status": "pending",
"token": "M6eOfB65Ltdjmj7RzQpcGGWSL8AF2uguk1EoQ7CLOU8"
}
]
}
2024-09-07 03:07:24,221:DEBUG:acme.client:Storing nonce: _yLDrU7Hs6qN-NDcNT9of3u9gH2_mlhjaBpsT5fSjKGEw4dzHZM
2024-09-07 03:07:24,221:DEBUG:acme.client:JWS payload:
b''
2024-09-07 03:07:24,222:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/13902850863:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNjIyODMzMzMiLCAibm9uY2UiOiAiX3lMRHJVN0hzNnFOLU5EY05UOW9mM3U5Z0gyX21saGphQnBzVDVmU2pLR0V3NGR6SFpNIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzEzOTAyODUwODYzIn0",
"signature": "OtqS2t_p3Do8Ixkwlw1vToyrku5BjbFZQNF4rgDQU6fYP64d3BfwkPERLbd5YW4fatP-PILLI_e80OvSyfkSSDZGJdO4a_3NLhmdPt1-nLH-s3GY6JD4mvm6UZJtMf2S0cSUPh8nMceLU7fs5ddRkFZm2qtsIC08SzDK90A7SU487-K3rWBd2TDDGdM_A5WpWXg2Ghhl6JEIfRHG27Kogk6szhJL-i3tkSRzt5Fyf5cG_Lb5r1nhoEn1_j_qcOcnB-6rww1-IOPjvEeLmUmfe0yqMwJokvDL_dvtBFSNAJ7-A6OGOQQ_xDSflnkb3QABiioMT2JyP3RrOyJC-2MY4w",
"payload": ""
}
2024-09-07 03:07:24,469:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/13902850863 HTTP/1.1" 200 830
2024-09-07 03:07:24,469:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sat, 07 Sep 2024 03:07:24 GMT
Content-Type: application/json
Content-Length: 830
Connection: keep-alive
Boulder-Requester: 162283333
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: _yLDrU7HBRYhrLPWzh0uANVppcRQoAT9eq5tkYZVcqvtBLhj7zM
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "www.lightweightforyou.com"
},
"status": "pending",
"expires": "2024-09-14T03:07:23Z",
"challenges": [
{
"type": "tls-alpn-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/13902850863/Y-i1ow",
"status": "pending",
"token": "PEWy4cwY8NRyWNFFJ8Gu3PhlKcB7XJ-5na4wnFazUtY"
},
{
"type": "dns-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/13902850863/-qRbDA",
"status": "pending",
"token": "PEWy4cwY8NRyWNFFJ8Gu3PhlKcB7XJ-5na4wnFazUtY"
},
{
"type": "http-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/13902850863/Lb_Dng",
"status": "pending",
"token": "PEWy4cwY8NRyWNFFJ8Gu3PhlKcB7XJ-5na4wnFazUtY"
}
]
}
2024-09-07 03:07:24,469:DEBUG:acme.client:Storing nonce: _yLDrU7HBRYhrLPWzh0uANVppcRQoAT9eq5tkYZVcqvtBLhj7zM
2024-09-07 03:07:24,470:INFO:certbot._internal.auth_handler:Performing the following challenges:
2024-09-07 03:07:24,470:INFO:certbot._internal.auth_handler:http-01 challenge for lightweightforyou.com
2024-09-07 03:07:24,470:INFO:certbot._internal.auth_handler:http-01 challenge for www.lightweightforyou.com
2024-09-07 03:07:24,480:DEBUG:certbot_nginx._internal.http_01:Generated server block:
[]
2024-09-07 03:07:24,480:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types
2024-09-07 03:07:24,481:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/default
2024-09-07 03:07:24,481:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lightweightforyou.com
2024-09-07 03:07:24,481:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf
2024-09-07 03:07:24,481:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
error_log /var/log/nginx/error.log;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
server_names_hash_bucket_size 128;
include /etc/letsencrypt/le_http_01_cert_challenge.conf;
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
2024-09-07 03:07:24,482:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/lightweightforyou.com:
server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot
rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot
listen 80;
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name lightweightforyou.com www.lightweightforyou.com;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location = /.well-known/acme-challenge/M6eOfB65Ltdjmj7RzQpcGGWSL8AF2uguk1EoQ7CLOU8{default_type text/plain;return 200 M6eOfB65Ltdjmj7RzQpcGGWSL8AF2uguk1EoQ7CLOU8.Ln_1V-a2y4AtnaPPY2wnmwP5lxDNs470WRA2ATOQq3k;} # managed by Certbot
location = /.well-known/acme-challenge/PEWy4cwY8NRyWNFFJ8Gu3PhlKcB7XJ-5na4wnFazUtY{default_type text/plain;return 200 PEWy4cwY8NRyWNFFJ8Gu3PhlKcB7XJ-5na4wnFazUtY.Ln_1V-a2y4AtnaPPY2wnmwP5lxDNs470WRA2ATOQq3k;} # managed by Certbot
}
2024-09-07 03:07:25,491:DEBUG:acme.client:JWS payload:
b'{}'
2024-09-07 03:07:25,493:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/13902850853/s-bZFA:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNjIyODMzMzMiLCAibm9uY2UiOiAiX3lMRHJVN0hCUllockxQV3poMHVBTlZwcGNSUW9BVDllcTV0a1laVmNxdnRCTGhqN3pNIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzEzOTAyODUwODUzL3MtYlpGQSJ9",
"signature": "iRsqAGxj0KwXgFd72J9p-VJljYUdPTyxhCfwncM4aja6zdyx2MYpW3iiDgw_zLwffcQIbgt_nUTxQQDckuwcmC5_YZZgkP4VBlxDl6c5VCfn5d3lOM_q8LYHDf0uVqmFQGVTDPCjiIrnNOimWo0d-QJ_8QZOQzpD4uQC34anr-IjE-55Vy5KkXhrb03db_6W_AubkCMrJ7Ni-im0vT5p7uDPeu-H7gDluGl7DqxfQcptkJnrOLaupHAcK0MvnFWcbAq4_W6HLftm_43EGZXUHwtW1AmGv_P_blMgQxbypAgSIwNqTNYBryK-JkrcHhnjGZCFXdx-EaaGkPckMbHIBg",
"payload": "e30"
}
2024-09-07 03:07:25,744:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/13902850853/s-bZFA HTTP/1.1" 200 194
2024-09-07 03:07:25,745:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sat, 07 Sep 2024 03:07:25 GMT
Content-Type: application/json
Content-Length: 194
Connection: keep-alive
Boulder-Requester: 162283333
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/13902850853>;rel="up"
Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/13902850853/s-bZFA
Replay-Nonce: 6wrlOJ0TiUX2DBU9YSwWWxmJVI63_jq7Xs2b5ZfoV8ELsJg3Too
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"type": "http-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/13902850853/s-bZFA",
"status": "pending",
"token": "M6eOfB65Ltdjmj7RzQpcGGWSL8AF2uguk1EoQ7CLOU8"
}
2024-09-07 03:07:25,745:DEBUG:acme.client:Storing nonce: 6wrlOJ0TiUX2DBU9YSwWWxmJVI63_jq7Xs2b5ZfoV8ELsJg3Too
2024-09-07 03:07:25,745:DEBUG:acme.client:JWS payload:
b'{}'
2024-09-07 03:07:25,746:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/13902850863/Lb_Dng:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNjIyODMzMzMiLCAibm9uY2UiOiAiNndybE9KMFRpVVgyREJVOVlTd1dXeG1KVkk2M19qcTdYczJiNVpmb1Y4RUxzSmczVG9vIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzEzOTAyODUwODYzL0xiX0RuZyJ9",
"signature": "VZBTIbfBEz_alf5DsZ_TlKL7Ldi20-9ULhJMA2rniAVMKZiZoybKVVUpOgJzErqUJZ9Y8NeqfjU4V6g2Yn3R-tdC-bHaUYTt7qEaiwiO1QIZe0Q1NtwrH-lsQcITnoyvAdJe78TQMTkj9XYiN8dR1VoxlVkzpo4pGkH1-_Ub0-xP2xA0f0cuN-S5fVItLkQ_1PUAXbMLKUoS7jgEqgU8rIt8TZ1Wg9vaE_GxLHlLFm_Clt6u9UvWwPUcLK8h9HdhubD1jLkCK3QH0NmBkGMzEhgY03jjUduLCMazHAzeNc3DZLSjrHx-oeqV0yz23hG3AygCKr9vuNnOOZOyGW1YEA",
"payload": "e30"
}
2024-09-07 03:07:25,995:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/13902850863/Lb_Dng HTTP/1.1" 200 194
2024-09-07 03:07:25,995:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sat, 07 Sep 2024 03:07:25 GMT
Content-Type: application/json
Content-Length: 194
Connection: keep-alive
Boulder-Requester: 162283333
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/13902850863>;rel="up"
Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/13902850863/Lb_Dng
Replay-Nonce: 6wrlOJ0TqD8hOex2yXmY_0ZuCjdRHQlXeYb6CpXuE5GvJF-UZI0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"type": "http-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/13902850863/Lb_Dng",
"status": "pending",
"token": "PEWy4cwY8NRyWNFFJ8Gu3PhlKcB7XJ-5na4wnFazUtY"
}
2024-09-07 03:07:25,995:DEBUG:acme.client:Storing nonce: 6wrlOJ0TqD8hOex2yXmY_0ZuCjdRHQlXeYb6CpXuE5GvJF-UZI0
2024-09-07 03:07:25,995:INFO:certbot._internal.auth_handler:Waiting for verification...
2024-09-07 03:07:26,997:DEBUG:acme.client:JWS payload:
b''
2024-09-07 03:07:26,998:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/13902850853:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNjIyODMzMzMiLCAibm9uY2UiOiAiNndybE9KMFRxRDhoT2V4MnlYbVlfMFp1Q2pkUkhRbFhlWWI2Q3BYdUU1R3ZKRi1VWkkwIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzEzOTAyODUwODUzIn0",
"signature": "AXSeS5Za6MV4TGYISynNBdNyVtKS4TPQmq9yxTtLKBHDRVN5II4yws79xkiI2n4Fj5z8kQS9zP5r2jylYMrHJFfN7FV-PXaS8HqmD34EsevYO0kgCIBFv0VoVaS8E2wQE15tL0ZOSTdXwQM9ugRwFmyqyh5XyopjoZKBx78OeEzx9vrvGHk0S5CCXJEGhtt66wnbB4jpnoaTMBxzt8_7ojRXa-Fky9QIOL9SsAobgPItHj99Q_coxVpSqOQ1ja40DVqqDBfo9cZ7KcEhXvTc5GTu9VhXVYnW1BuCg1EIebxdlFKA7dx7ACIPZnLMvKYc5RNEPfxjBHs_W0jeHmSBjw",
"payload": ""
}
2024-09-07 03:07:27,245:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/13902850853 HTTP/1.1" 200 1109
2024-09-07 03:07:27,245:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sat, 07 Sep 2024 03:07:27 GMT
Content-Type: application/json
Content-Length: 1109
Connection: keep-alive
Boulder-Requester: 162283333
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 6wrlOJ0Tneybdw_AKlb07b1yomdBdiojiFG7NtvDqMm9oV31-NI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "lightweightforyou.com"
},
"status": "invalid",
"expires": "2024-09-14T03:07:23Z",
"challenges": [
{
"type": "http-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/13902850853/s-bZFA",
"status": "invalid",
"validated": "2024-09-07T03:07:25Z",
"error": {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "2a02:4780:12:e89f::1: Invalid response from http://lightweightforyou.com/.well-known/acme-challenge/M6eOfB65Ltdjmj7RzQpcGGWSL8AF2uguk1EoQ7CLOU8: 404",
"status": 403
},
"token": "M6eOfB65Ltdjmj7RzQpcGGWSL8AF2uguk1EoQ7CLOU8",
"validationRecord": [
{
"url": "http://lightweightforyou.com/.well-known/acme-challenge/M6eOfB65Ltdjmj7RzQpcGGWSL8AF2uguk1EoQ7CLOU8",
"hostname": "lightweightforyou.com",
"port": "80",
"addressesResolved": [
"88.222.244.47",
"2a02:4780:12:e89f::1"
],
"addressUsed": "2a02:4780:12:e89f::1"
}
]
}
]
}
2024-09-07 03:07:27,246:DEBUG:acme.client:Storing nonce: 6wrlOJ0Tneybdw_AKlb07b1yomdBdiojiFG7NtvDqMm9oV31-NI
2024-09-07 03:07:27,246:DEBUG:acme.client:JWS payload:
b''
2024-09-07 03:07:27,247:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/13902850863:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNjIyODMzMzMiLCAibm9uY2UiOiAiNndybE9KMFRuZXliZHdfQUtsYjA3YjF5b21kQmRpb2ppRkc3TnR2RHFNbTlvVjMxLU5JIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzEzOTAyODUwODYzIn0",
"signature": "ktPUXY5t_hFrMxdq3QhTBcb5yBJy_hc5QqCCEMH6RH73M_rsFfZJL_99ksOfQrY0288D5O4FeNwmeGWBNOt2OU5tuoZgzRb0hsEuoXp-XoBC95SP6tNRNo7chkQV5nssY4_dSVBjslqpqfbDBtKUZoAa6HSDvneXsmIZGdiwXkvB-SpR3e561he4UM4E-EXRKVwMw5sxj0LfGcHj7G3ryYXe7qb8Fkh2Kw4Of_kTNsIOQPNbpxTOjC-4YNSwCkEGDAJty2wL2tigbKGbwWeA_swsC0AQNsEDOk85tuDm96Uu0N9c2fRpu3_L5tFmSyPeyW7QrMSEppvY5_YwqpRujQ",
"payload": ""
}
2024-09-07 03:07:27,492:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/13902850863 HTTP/1.1" 200 1125
2024-09-07 03:07:27,493:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sat, 07 Sep 2024 03:07:27 GMT
Content-Type: application/json
Content-Length: 1125
Connection: keep-alive
Boulder-Requester: 162283333
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: _yLDrU7HOPuGXOPGr7NCcwpFnFahq8z7pC10bOwrYx9TEDdl5UE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "www.lightweightforyou.com"
},
"status": "invalid",
"expires": "2024-09-14T03:07:23Z",
"challenges": [
{
"type": "http-01",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/13902850863/Lb_Dng",
"status": "invalid",
"validated": "2024-09-07T03:07:25Z",
"error": {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "2a02:4780:12:e89f::1: Invalid response from http://www.lightweightforyou.com/.well-known/acme-challenge/PEWy4cwY8NRyWNFFJ8Gu3PhlKcB7XJ-5na4wnFazUtY: 404",
"status": 403
},
"token": "PEWy4cwY8NRyWNFFJ8Gu3PhlKcB7XJ-5na4wnFazUtY",
"validationRecord": [
{
"url": "http://www.lightweightforyou.com/.well-known/acme-challenge/PEWy4cwY8NRyWNFFJ8Gu3PhlKcB7XJ-5na4wnFazUtY",
"hostname": "www.lightweightforyou.com",
"port": "80",
"addressesResolved": [
"88.222.244.47",
"2a02:4780:12:e89f::1"
],
"addressUsed": "2a02:4780:12:e89f::1"
}
]
}
]
}
2024-09-07 03:07:27,493:DEBUG:acme.client:Storing nonce: _yLDrU7HOPuGXOPGr7NCcwpFnFahq8z7pC10bOwrYx9TEDdl5UE
2024-09-07 03:07:27,493:INFO:certbot._internal.auth_handler:Challenge failed for domain lightweightforyou.com
2024-09-07 03:07:27,493:INFO:certbot._internal.auth_handler:Challenge failed for domain www.lightweightforyou.com
2024-09-07 03:07:27,493:INFO:certbot._internal.auth_handler:http-01 challenge for lightweightforyou.com
2024-09-07 03:07:27,493:INFO:certbot._internal.auth_handler:http-01 challenge for www.lightweightforyou.com
2024-09-07 03:07:27,493:DEBUG:certbot._internal.display.obj:Notifying user:
Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
Domain: lightweightforyou.com
Type: unauthorized
Detail: 2a02:4780:12:e89f::1: Invalid response from http://lightweightforyou.com/.well-known/acme-challenge/M6eOfB65Ltdjmj7RzQpcGGWSL8AF2uguk1EoQ7CLOU8: 404
Domain: www.lightweightforyou.com
Type: unauthorized
Detail: 2a02:4780:12:e89f::1: Invalid response from http://www.lightweightforyou.com/.well-known/acme-challenge/PEWy4cwY8NRyWNFFJ8Gu3PhlKcB7XJ-5na4wnFazUtY: 404
Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.
2024-09-07 03:07:27,494:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2024-09-07 03:07:27,494:DEBUG:certbot._internal.error_handler:Calling registered functions
2024-09-07 03:07:27,494:INFO:certbot._internal.auth_handler:Cleaning up challenges
2024-09-07 03:07:28,553:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/snap/certbot/3834/bin/certbot", line 8, in <module>
sys.exit(main())
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/main.py", line 19, in main
return internal_main.main(cli_args)
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/main.py", line 1894, in main
return config.func(config, plugins)
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/main.py", line 1450, in run
new_lineage = _get_and_save_cert(le_client, config, domains,
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/main.py", line 143, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/client.py", line 517, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/client.py", line 428, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/client.py", line 496, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
File "/snap/certbot/3834/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2024-09-07 03:07:28,554:ERROR:certbot._internal.log:Some challenges have failed.
My web server is (include version): nginx/1.24.0 (Ubuntu)
The operating system my web server runs on is (include version): Ubuntu 24.04.1 LTS
My hosting provider, if applicable, is: Hostinger VPS. But domain acquired from Squarespace
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): certbot 2.11.0