I have been using lets encrypt for my digital ocean servers , but for the new one, I have a problem in generating ssl for one of my domain , since its a client domain i have replaced with mydomain in the log below.
I have all the required permission , I can create file dynamically using php script in /var/www/mydomain/.well-known/acme-challange/
I am using Nginx, the virtual host is straight forward there is no rewrite and i can access the file that is written manually in .well-known folder via http .
/opt/letsencrypt/letsencrypt-auto certonly -a webroot --webroot-path=/var/www/html/mydomain -d mydomain.com -d www.mydomain.com --debug …
mkdir: cannot create directory ‘/var/www/html/mydomain/.well-known’: File exists
Checking for new version…
Upgrading letsencrypt-auto 0.5.0 to 0.7.0…
Replacing letsencrypt-auto…
cp -p /opt/letsencrypt/letsencrypt-auto /tmp/tmp.Vyxpw8QVNS/letsencrypt-auto.permission-clone
cp /tmp/tmp.Vyxpw8QVNS/letsencrypt-auto /tmp/tmp.Vyxpw8QVNS/letsencrypt-auto.permission-clone
mv -f /tmp/tmp.Vyxpw8QVNS/letsencrypt-auto.permission-clone /opt/letsencrypt/letsencrypt-auto
Creating virtual environment…
Installing Python packages…
Installation succeeded.
Traceback (most recent call last):
File “/root/.local/share/letsencrypt/bin/letsencrypt”, line 11, in
sys.exit(main())
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py”, line 693, in main
return config.func(config, plugins)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py”, line 512, in obtain_cert
_, action = _auth_from_domains(le_client, config, domains, lineage)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py”, line 93, in _auth_from_domains
lineage = le_client.obtain_and_enroll_certificate(domains)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py”, line 276, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py”, line 247, in obtain_certificate
self.config.allow_subset_of_names)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/auth_handler.py”, line 74, in get_authorizations
self._respond(resp, best_effort)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/auth_handler.py”, line 131, in _respond
self._poll_challenges(chall_update, best_effort)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/auth_handler.py”, line 195, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. www.mydomain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization ::