Type: unauthorized Detail: Invalid response from


#1

Excuse me for my English:

At the time of making “sudo certbot renew” I get the following error.


Domain: www.mydominio.co
Type: unauthorized
Detail: Invalid response from
https://www.mydominio.co/.well-known/acme-challenge/XXXXX
[111.111.111.111]: "\n\n \n \n <meta charset=“utf-8”>\n

<meta name=\"viewpor"

Domain: www.mydominio.cl
Type: unauthorized
Detail: Invalid response from
https://www.mydominio.cl/.well-known/acme-challenge/XXXX
[111.111.111.111]: "\n\n \n \n <meta charset=“utf-8”>\n

<meta name=\"viewpor"

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

There are 20 domains and in all it throws the same.
Check each one on the following site https://letsdebug.net/ “http-01” “dns-01” and “tls-alpn-01” and it tells me that the configuration is ok

Formerly with IPv4 and IPv6 the DNS is now only with IPV4

Nginx server
Ubuntu


#2

It’s hard to offer any ideas if we do not know your real domain names.

Can you include the full output of Certbot, from the very start? So we can at least see what authenticator it is using?


#3

the domain is catalogoarquitectura.cl


Waiting for verification…
Cleaning up challenges
Failed authorization procedure. www.catalogoarquitectura.co (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://www.catalogoarquitectura.co/.well-known/acme-challenge/XXXXXXX [111.111.111.111]: "\n\n \n \n <meta charset=“utf-8”>\n <meta name=“viewpor”, www.catalogoarquitectura.cl (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://www.catalogoarquitectura.cl/.well-known/acme-challenge/XXXXXXX [111.111.111.111]: "\n\n \n \n <meta charset=“utf-8”>\n <meta name=“viewpor”, www.catalogoarquitectura.pe (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://www.catalogoarquitectura.pe/.well-known/acme-challenge/XXXXXXX [111.111.111.111]: "\n\n \n \n <meta charset=“utf-8”>\n <meta name=“viewpor”, www.catalogoarquitectura.ec (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://www.catalogoarquitectura.ec/.well-known/acme-challenge/XXXXXXX [111.111.111.111]: "\n\n \n \n <meta charset=“utf-8”>\n <meta name=“viewpor”

IMPORTANT NOTES:



#4

please help me, today the certificate expires


#5

The beginning of Certbot’s output was not included again.

I have two ideas for you anywya.

Number one, check what authenticator you are using. Check if this succeeds:

certbot renew -a nginx --dry-run

The other thing I would check is if your nginx port 80 server looks anything like this:

server {
    listen 80;
    server_name ...;
    return 301 https://$host$request_uri;
}

If so, try changing that last line by wrapping it in a location:

location / {
  return 301 https://$host$request_uri;
}

as it might otherwise interfere with the Certbot authenticator.


#6

Hi @vsolari

your domain has a certificate with a lot of domain names:

CN=catalogoarquitectura.cl
	21.12.2018
	21.03.2019
expires in 0 days	catalogoarquitectura.cl, catalogoarquitectura.co, 
catalogoarquitectura.com.co, catalogoarquitectura.com.mx, 
catalogoarquitectura.com.pe, catalogoarquitectura.com.uy, 
catalogoarquitectura.ec, catalogoarquitectura.mx, 
catalogoarquitectura.pe, catalogoarquitectura.uy, 
www.catalogoarquitectura.cl, www.catalogoarquitectura.co, 
www.catalogoarquitectura.com.co, www.catalogoarquitectura.com.mx, 
www.catalogoarquitectura.com.pe, www.catalogoarquitectura.com.uy, 
www.catalogoarquitectura.ec, www.catalogoarquitectura.mx, 
www.catalogoarquitectura.pe, www.catalogoarquitectura.uy - 20 entries 

Have all these domains the same root definition?

Your main configuration

looks ok, redirects http -> https, then a redirect to the www version, there the correct http status 404, if the file is not found.

But I didn’t check the other domains (first - https://check-your-website.server-daten.de/?q=catalogoarquitectura.cl ).

So try

certbot --dry-run -a webroot -w yourRoot

and check, if that works.


#7

I see, you have checked your next domain ( https://check-your-website.server-daten.de/?q=catalogoarquitectura.ec ). Perhaps add

skip Content-Check

the next time, there are 500 additional urls.

Do you have one vHost or do you have different vHosts (every domain + www one vHost)?

If you have different vHosts, perhaps it’s easier you create new certificates per domain + www.

One vHost -> one certificate.


#8

The problem we had is that when we made the webroot path we did not include the public folder of the project, we were just placing the root of the nginx.

The next command made the solution.

sudo letsencrypt certonly -a webroot --webroot-path = / xxx / www / projects / public_html / project / public -d domain.cl -d domain.co


closed #9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.