Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: ampache.sopel.dev
I ran this command: sudo certbot
It produced this output:
**http-01 challenge for ampache.sopel.dev**
**Waiting for verification...**
**Challenge failed for domain ampache.sopel.dev**
**http-01 challenge for ampache.sopel.dev**
**Cleaning up challenges**
**Some challenges have failed.**
**IMPORTANT NOTES:**
** - The following errors were reported by the server:**
** Domain: ampache.sopel.dev**
** Type: unauthorized**
** Detail: 185.222.21.139: Invalid response from**
** http://ampache.sopel.dev/.well-known/acme-challenge/DPlm-LIGhhMcmLsLJR7jKbH72cWaUt0ErBELD28ZMKU:**
** 404**
** To fix these errors, please make sure that your domain name was**
** entered correctly and the DNS A/AAAA record(s) for that domain**
** contain(s) the right IP address.**
**s0ap@ampache:~$**
My web server is (include version):
Server version: Apache/2.4.48 (Ubuntu)
The operating system my web server runs on is (include version):
Ubuntu 21.10 x86_64
My hosting provider, if applicable, is:
Domain host is Njal.la
I can login to a root shell on my machine (yes or no, or I don't know):
Yes
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 1.12.0
More information:
Hello- thank you for helping! I've only found about certbot a few weeks ago and I am very grateful that this project exists as all of my previous ventures involved purchasing SSL's... So what I did prior to setting up all my stuff, I started by creating a nextcloud server. Instead of adding an A record for my domain only and CNAME for nextcloud I have added two A records, one for sopel.dev and one for nextcloud.sopel.dev. When I generated my certificate for nextcloud it worked fine until I wanted to generate another one. I have realised what boo boo I've done and I have changed my DNS settings to only have one A record and everything else as CNAMES. When I tried generating a certificate for the issue above, it just fails. My CNAME domain for ampache resolves correctly so that record is working. Any ideas on what to do? I have read about changing domains using certbot switches but I am unsure about the whole process and I don't want to mess any more things up.
Thank you for the help.
EDIT: I have port 80/443 forwarded on my webserver so it's not an issue at this stage.
Thanks for getting back. there are no other output lines containing what you mentioned, it's the usual certbot stuff, the actual log starts as I copied it.
That's what I can see by running the command, it doesn't produce anything meaningful.
s0ap@ampache:/etc/apache2$ sudo grep -ir location /etc/apache2
/etc/apache2/conf-available/localized-error-pages.conf:# SetHandler directive in a <Location /> context somewhere. Adding
/etc/apache2/conf-available/localized-error-pages.conf:# the following three lines AFTER the <Location /> context should
/etc/apache2/conf-available/localized-error-pages.conf:# <Location /error/>
/etc/apache2/conf-available/localized-error-pages.conf:# </Location>
/etc/apache2/envvars:# temporary state file location. This might be changed to /run in Wheezy+1
/etc/apache2/apache2.conf:# ErrorLog: The location of the error log file.
/etc/apache2/mods-available/ldap.conf:<Location /ldap-status>
/etc/apache2/mods-available/ldap.conf:</Location>
/etc/apache2/mods-available/actions.conf:# Format: Action media/type /cgi-script/location
/etc/apache2/mods-available/actions.conf:# Format: Action handler-name /cgi-script/location
/etc/apache2/mods-available/status.conf: <Location /server-status>
/etc/apache2/mods-available/status.conf: </Location>
/etc/apache2/mods-available/proxy_balancer.conf: # <Location /balancer-manager>
/etc/apache2/mods-available/proxy_balancer.conf: # </Location>
/etc/apache2/mods-available/proxy_html.conf:# at top level, but can also be used in a <Location>.
/etc/apache2/mods-available/proxy_html.conf:# <Location /my-gateway/>
/etc/apache2/mods-available/proxy_html.conf:# </Location>
/etc/apache2/mods-available/info.conf: <Location /server-info>
/etc/apache2/mods-available/info.conf: </Location>
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer apache
Requesting a certificate for ampache.sopel.dev
Performing the following challenges:
http-01 challenge for ampache.sopel.dev
Using the webroot path /var/www/html/ampache for all unmatched domains.
Waiting for verification...
Challenge failed for domain ampache.sopel.dev
http-01 challenge for ampache.sopel.dev
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: ampache.sopel.dev
Type: unauthorized
Detail: 185.222.21.139: Invalid response from
http://ampache.sopel.dev/.well-known/acme-challenge/8uybqe4jkYxp4zkVC0Z1ZFCZXV3q_BHDyNHmv4hltMk:
404
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
s0ap@ampache:~$ sudo apachectl -t -D DUMP_VHOSTS
VirtualHost configuration:
*:80 is a NameVirtualHost
default server localhost (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost localhost (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost ampache.sopel.dev (/etc/apache2/sites-enabled/ampache.conf:1)
Contents of 000-default.conf
s0ap@ampache:~$ cat /etc/apache2/sites-enabled/000-default.conf
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Somehow that's not being followed. Are you sure you're working on the right server? Check if curl -4 ifconfig.co and nslookup ampache.sopel.dev give the same address.