Trying to create cert for, fail,fail

Help. As a small project (since we are all currently social distancing) I decided to set up a simple home cloud server using NextCloud on a RPi 3.
I initially installed NextCloudPi and everything worked correctly from within my network so I enabled the automatic Lets Encrypt client to work with my existing DDNS domain - Fail (as shown below).
After much head-scratching and googling I decided to work from first principles, so I made a clean Raspbian Lite installation (with a static IP) followed by Apache, PHP, and certbot. I haven’t changed any system settings.
Then I tried to create a certificate and - Fail - with the same error as before.
After much more googling I thought this must be a permissions issue so I manually created .well-known and acme-challenge directories and put a test file in acme-challenge.
This works fine - I can read the test file from the internet via my mobile phone browser.
My router port-forwarding seems to be ok.
In desperation I started changing permissions to 777 - but that was getting me nowhere. I still constantly get this same 403 error.
I am thinking of setting fire to this, so I would be very grateful for any insight into what must be a simple but fundamental error.
Thank you.

My domain is:

I ran this command: sudo certbot --apache
and: sudo letsencrypt certonly -a webroot --webroot-path=/var/www/html -d
and several others.

It produced this output:
Type: unauthorized
Detail: Invalid response from
[]: “

Not Found

The requested URL
was not found on thi”

My web server is (include version): Apache/2.4.38 (Raspbian)

The operating system my web server runs on is (include version): Raspbian Lite (Buster)

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site: No

The version of my client is: certbot 0.31.0


It seems like you didn’t setup port forwarding correctly.
Instead of seeing your NextCloud server, i saw Luci - OpenWRT UI.

Thank you

1 Like

Steven - Thank you. You are right. There was a bad firewall rule.
Next, I need to set up the port forwarding correctly…


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.