I’m aware that this appeared many times, but no solution seems to work for me. I’m using the standalone plugin, no nginx or apache. the renewal worked for previous versions, now suddenly it doesn’t. It’s on an alibaba server,I think there are some problems with its configuration, because on other aws servers it just works.
My domain is: cn.api.metamusic.ai
I ran this command: sudo certbot renew
It produced this output:
Processing /etc/letsencrypt/renewal/cn.api.metamusic.ai.conf
Cert is due for renewal, auto-renewing…
Plugins selected: Authenticator standalone, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for cn.api.metamusic.ai
Waiting for verification…
Exception happened during processing of request from (’::ffff:66.133.109.36’, 46004, 0, 0)
Traceback (most recent call last):
File “/usr/lib/python3.5/socketserver.py”, line 313, in _handle_request_noblock
self.process_request(request, client_address)
File “/usr/lib/python3.5/socketserver.py”, line 341, in process_request
self.finish_request(request, client_address)
File “/usr/lib/python3.5/socketserver.py”, line 354, in finish_request
self.RequestHandlerClass(request, client_address, self)
File “/usr/lib/python3/dist-packages/acme/standalone.py”, line 206, in init
BaseHTTPServer.BaseHTTPRequestHandler.init(self, *args, **kwargs)
File “/usr/lib/python3.5/socketserver.py”, line 681, in init
self.handle()
File “/usr/lib/python3/dist-packages/acme/standalone.py”, line 215, in handle
BaseHTTPServer.BaseHTTPRequestHandler.handle(self)
File “/usr/lib/python3.5/http/server.py”, line 422, in handle
self.handle_one_request()
File “/usr/lib/python3.5/http/server.py”, line 410, in handle_one_request
method()
File “/usr/lib/python3/dist-packages/acme/standalone.py”, line 221, in do_GET
self.handle_simple_http_resource()
File “/usr/lib/python3/dist-packages/acme/standalone.py”, line 246, in handle_simple_http_resource
self.end_headers()
File “/usr/lib/python3.5/http/server.py”, line 524, in end_headers
self.flush_headers()
File “/usr/lib/python3.5/http/server.py”, line 528, in flush_headers
self.wfile.write(b"".join(self._headers_buffer))
File “/usr/lib/python3.5/socket.py”, line 593, in write
return self._sock.send(b)
ConnectionResetError: [Errno 104] Connection reset by peer
Cleaning up challenges
Attempting to renew cert (cn.api.metamusic.ai) from /etc/letsencrypt/renewal/cn.api.metamusic.ai.conf produced an unexpected error: Failed authorization procedure. cn.api.metamusic.ai (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://cn.api.metamusic.ai/.well-known/acme-challenge/7aBEwd8iq_uRKuxtkXlvtxYScq_M17y7kVIDhRCXTR8 [120.26.102.220]: “\n\n<meta http-equiv=“Content-Type” content=“textml;charset=UTF-8” />\n body{background-color:#FFFFFF}”. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/cn.api.metamusic.ai/fullchain.pem (failure)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/cn.api.metamusic.ai/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: cn.api.metamusic.ai
body{background-color:#FFFFFF}"
Type: unauthorized
Detail: Invalid response from
http://cn.api.metamusic.ai/.well-known/acme-challenge/7aBEwd8iq_uRKuxtkXlvtxYScq_M17y7kVIDhRCXTR8
[120.26.102.220]: "\n\n<meta
http-equiv=“Content-Type” content=“textml;charset=UTF-8” />\nTo fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): none? did not need until now
The operating system my web server runs on is (include version): ubuntu 16
My hosting provider, if applicable, is: godaddy
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot): 0.31.0