Hi all,

I have read some docs on the internet and I created a domain cert. but also I need many subdomain certifications too.

When I started to this command, I always get the same error. I can not solve the problem yet, could someone help me with this issue?

Command

certbot  certonly --webroot -w /var/www/cert -d mydomain.com,example.mydomain.com,www.mydomain.com --expand

Error
Failed authorization procedure. nginx.intechbt.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://example.mydomain.com/.well-known/acme-challenge/TUCr0zqTzhrnCpXK8XpeACNn282eJP6l2n1jbAue9Dk [185.xxx.xx.xx]: "\r\nhead>404 Not Found\r\n<body bgcolor="white">\r\n

404 Not Found

\r\n

---

"

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: example.mydomain.com
  Type: unauthorized
  Detail: Invalid response from
  http://example.mydomain.com/.well-known/acme-challenge/TUCr0zqTzhrnCpXK8XpeACNn282eJP6l2n1jbAue9Dk
  [185.xxx.xx.xx]: "html>\r\n404 Not
  Found\r\n<body bgcolor="white">\r\n

  404
  Not Found

  \r\n

  ---

  "

  To fix these errors, please make sure that your domain name was
  entered correctly and the DNS A/AAAA record(s) for that domain
  contain(s) the right IP address.

Regards,

Does this directory appear anywhere in nginx's configuration files?

grep -r "/var/www/cert" /etc/nginx

root@nginx:/etc/nginx/sites-available# grep -r "/var/www/cert" /etc/nginx
root@nginx:/etc/nginx/sites-available#

No, it doesn't appear anywhere.

Then it’s wrong. Where does that command come from?

Run certbot with no options and answer all of its questions.

Thanks a lot, I am going to try asap.

I have done the following process before when I first created the domain cert.

Should I enter 2 again?

root@nginx:/# certbot
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Certbot doesn't know how to automatically configure the web server on this system. However, it can still get a certificate for you. Please run "certbot certonly" to do so. You'll need to manually configure your web server to use the resulting certificate.
root@nginx:/# certbot certonly
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?

---

1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)

---

Select the appropriate number [1-2] then [enter] (press 'c' to cancel):

Yes, you could also install the nginx plugin, though. Just tell certbot the actual nginx webroot this time.

I applied your solution suggestion but still get the same error and I can not understand why I was failed.

sonuncu1870×455 379 KB

Show me the command you ran. And your nginx configuration (nginx -T)

Certbot Command

certbot certonly --webroot -w /var/www/cert -d example.com,nginx.example.com,www.example.com --expand

My Nginx Conf. (For a Subdomain)

server {
listen 80;
server_name nginx.example.com;
root /var/www/html;
index index.html index.htm nginx.html;

}

server {
listen 443 ssl;
server_name nginx.example.com;

   root /var/www/html;
   index 404.html;

   location / {
           try_files $uri $uri/ =404;
   }

}

these need to be the same. both /var/www/html I'd say.

Yes, the problem was solved.

So thanks with my best regards,