Trying to create Subdomain Cert

Hi all,

I have read some docs on the internet and I created a domain cert. but also I need many subdomain certifications too.

When I started to this command, I always get the same error. I can not solve the problem yet, could someone help me with this issue?

Command

certbot  certonly --webroot -w /var/www/cert -d mydomain.com,example.mydomain.com,www.mydomain.com --expand

Error
Failed authorization procedure. nginx.intechbt.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://example.mydomain.com/.well-known/acme-challenge/TUCr0zqTzhrnCpXK8XpeACNn282eJP6l2n1jbAue9Dk [185.xxx.xx.xx]: “\r\nhead>404 Not Found\r\n<body bgcolor=“white”>\r\n

404 Not Found

\r\n

IMPORTANT NOTES:

Regards,

1 Like

Does this directory appear anywhere in nginx’s configuration files?

grep -r "/var/www/cert" /etc/nginx

1 Like

root@nginx:/etc/nginx/sites-available# grep -r “/var/www/cert” /etc/nginx
root@nginx:/etc/nginx/sites-available#

No, it doesn’t appear anywhere.

1 Like

Then it’s wrong. Where does that command come from?

Run certbot with no options and answer all of its questions.

1 Like

Thanks a lot, I am going to try asap.

1 Like

I have done the following process before when I first created the domain cert.

Should I enter 2 again?

root@nginx:/# certbot
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Certbot doesn’t know how to automatically configure the web server on this system. However, it can still get a certificate for you. Please run “certbot certonly” to do so. You’ll need to manually configure your web server to use the resulting certificate.
root@nginx:/# certbot certonly
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?


1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)


Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel):

1 Like

Yes, you could also install the nginx plugin, though. Just tell certbot the actual nginx webroot this time.

1 Like

I applied your solution suggestion but still get the same error and I can not understand why I was failed.

Show me the command you ran. And your nginx configuration (nginx -T)

Certbot Command

certbot certonly --webroot -w /var/www/cert -d example.com,nginx.example.com,www.example.com --expand

My Nginx Conf. (For a Subdomain)

server {
listen 80;
server_name nginx.example.com;
root /var/www/html;
index index.html index.htm nginx.html;

}

server {
listen 443 ssl;
server_name nginx.example.com;

   root /var/www/html;
   index 404.html;

   location / {
           try_files $uri $uri/ =404;
   }

}

these need to be the same. both /var/www/html I’d say.

Yes, the problem was solved.

So thanks with my best regards,

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.