Hello, i have around 10 subdomain managed on my server and for some reason i don't understand well, i can renew some and some i cannot... so i would like some help to figure it out please.
My domain is: *.sign-art.app
I ran this command:
sudo certbot renew
or example for a specific subdomain
sudo certbot -d alpha.sign-art.app --force-renewal
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for alpha.sign-art.app
nginx: [warn] conflicting server name "alpha.sign-art.app" on 0.0.0.0:80, ignored
Waiting for verification...
Challenge failed for domain alpha.sign-art.app
http-01 challenge for alpha.sign-art.app
Cleaning up challenges
nginx: [warn] conflicting server name "alpha.sign-art.app" on 0.0.0.0:80, ignored
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: alpha.sign-art.app
Type: unauthorized
Detail: Invalid response from
https://alpha.sign-art.app/.well-known/acme-challenge/l2ufCh7IRQUR0dWquVWUL6S7y2EW14sdJjujfWB6QBY
[139.59.225.139]: "<!DOCTYPE html><html prefix=\"og:
http://ogp.me/ns#\"><head><meta charset=UTF-8><meta name=viewport
content=\"width=device-width,in"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version):
nginx version: nginx/1.17.10 (Ubuntu)
The operating system my web server runs on is (include version):
Ubuntun 18.04
My hosting provider, if applicable, is:
Digital Ocean
I can login to a root shell on my machine (yes or no, or I don't know):
Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):
certbot 0.40.0
The same command, on some other sub domain works, on some others it does the same...
Im also using cloudflare but i set it to no proxy for the subdomain i want renew before doing it.
i also get this for several sub domains:
nginx: [warn] conflicting server name "alpha.sign-art.app" on 0.0.0.0:80, ignored
Here an example of the config on one of the subdomain:
server {
root /home/user/alpha.sign-art.app/dist;
index index.html;
server_name alpha.sign-art.app;
location / {
try_files $uri $uri/ /index.html;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/alpha.sign-art.app/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/alpha.sign-art.app/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = alpha.sign-art.app) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name alpha.sign-art.app;
listen 80;
return 404; # managed by Certbot
}
Any help to finally figure it out would greatly help