The client lacks sufficient authorization error Ubuntu

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: kohldclothing.com

I ran this command: sudo certbot --nginx -d kohldclothing.com -d www.kohldclothing.com

It produced this output:

Failed authorization procedure. www.kohldclothing.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.kohldclothing.com/.well-known/acme-challenge/lMvLD-PQMxZVTEsF8SnUGQyj7uwV9rUl80xLavoElVo: "<!doctype html> <meta name=“viewport” content=“width=device-width, user-scalable=no”, kohldclothing.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://kohldclothing.com/.well-known/acme-challenge/AZi5ZCSy3BoAa4b8SOzDLi2wo2iZl8rjD-k-72FtGjc: "<!doctype html> <meta name=“viewport” content=“width=device-width, user-scalable=no”

IMPORTANT NOTES:

My web server is (include version): nginx version: nginx/1.10.3 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 16.04 LTS

My hosting provider, if applicable, is: Transip VPS

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

Some extra information is: I created the folders .well-known and acme-challenge, chmodded them 755 and also created an index.html in the acme-challenge folder, which I can see in the browser via port 80.

Over IPv6, the website is a page with the title "Domein Gereserveerd - Mijndomein.nl".

kohldclothing.com.      (unsigned)  536  A     136.144.190.61
kohldclothing.com.      (unsigned)  536  AAAA  2a00:4e40:1:1::2:202
www.kohldclothing.com.  (unsigned)  579  A     136.144.190.61
www.kohldclothing.com.  (unsigned)  578  AAAA  2a00:4e40:1:1::2:202

Do you know why? Is the AAAA record correct?

1 Like

This was indeed not correct! Changed the ipv6 and it worked instant. Thank you!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.