Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: www.sprofix.com
I ran this command: sudo certbot --nginx
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Which names would you like to activate HTTPS for?
-------------------------------------------------------------------------------
3: sprofix.com
13: www.sprofix.com
-------------------------------------------------------------------------------
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 13
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for www.sprofix.com
nginx: [warn] conflicting server name "spotweb.sprofix.com" on 0.0.0.0:80, ignored
Waiting for verification...
Cleaning up challenges
nginx: [warn] conflicting server name "spotweb.sprofix.com" on 0.0.0.0:80, ignored
Failed authorization procedure. www.sprofix.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.sprofix.com/.well-known/acme-challenge/_J4PsyWMdVkhNn-Xj-IJLgCjYa12G83DAoDGIOCCl-I: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: www.sprofix.com
Type: unauthorized
Detail: Invalid response from
http://www.sprofix.com/.well-known/acme-challenge/_J4PsyWMdVkhNn-Xj-IJLgCjYa12G83DAoDGIOCCl-I:
"<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): nginx 1.10.3
The operating system my web server runs on is (include version): Ubuntu 16.04
My hosting provider, if applicable, is: Linode
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’ve about tried anything I can found on this site and nothing works for me. I have been using certbot for a couple years on this server without any issues and suddenly I am unable to get new certificates.
http://www.sprofix.com/.well-known/acme-challenge/test.html
I put a test file in my acme-challenge as seen above, which works fine.
I’ve also tried directly running with certonly --webroot which also gave the same error. Also tried reinstalling certbot but the issue persists. I even went as far as completely purging certbot (bad choice, now all my domains lost their cert) and that didnt help either.
My nginx config:
server {
server_name sprofix.com www.sprofix.com;
access_log /srv/www/www.sprofix.com/logs/access.log;
error_log /srv/www/www.sprofix.com/logs/error.log;
root /srv/www/www.sprofix.com/public_html;
listen 80;
location / {
index index.html index.htm;
}
location ~* .(woff|eot|ttf|svg|mp4|webm|jpg|jpeg|png|gif|ico|css|js)$ {
expires 365d;
}
location ~ /.well-known/acme-challenge/ {
allow all;
}
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /srv/www/www.sprofix.com/public_html$fastcgi_script_name;
}
}
Currently I am lost with what to do, maybe someone here has any suggestion? Thanks in advance!