The client lacks sufficient authorization error Ubuntu


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: kohldclothing.com

I ran this command: sudo certbot --nginx -d kohldclothing.com -d www.kohldclothing.com

It produced this output:

Failed authorization procedure. www.kohldclothing.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.kohldclothing.com/.well-known/acme-challenge/lMvLD-PQMxZVTEsF8SnUGQyj7uwV9rUl80xLavoElVo: "<!doctype html> <meta name=“viewport” content=“width=device-width, user-scalable=no”, kohldclothing.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://kohldclothing.com/.well-known/acme-challenge/AZi5ZCSy3BoAa4b8SOzDLi2wo2iZl8rjD-k-72FtGjc: "<!doctype html> <meta name=“viewport” content=“width=device-width, user-scalable=no”

IMPORTANT NOTES:

My web server is (include version): nginx version: nginx/1.10.3 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 16.04 LTS

My hosting provider, if applicable, is: Transip VPS

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

Some extra information is: I created the folders .well-known and acme-challenge, chmodded them 755 and also created an index.html in the acme-challenge folder, which I can see in the browser via port 80.


#2

Over IPv6, the website is a page with the title “Domein Gereserveerd - Mijndomein.nl”.

kohldclothing.com.      (unsigned)  536  A     136.144.190.61
kohldclothing.com.      (unsigned)  536  AAAA  2a00:4e40:1:1::2:202
www.kohldclothing.com.  (unsigned)  579  A     136.144.190.61
www.kohldclothing.com.  (unsigned)  578  AAAA  2a00:4e40:1:1::2:202

Do you know why? Is the AAAA record correct?


#3

This was indeed not correct! Changed the ipv6 and it worked instant. Thank you!


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.