Unable to get Certificate for


#1

FQDN: myit-soutions.net meet.myit-solutions.net

Command I ran: certbot-auto certonly -a webroot --webroot-path=/usr/share/nginx/html -d myit-solutions.net -d meet.myit-solutions.net

root@meet:/etc/nginx/sites-available# certbot-auto certonly -a webroot --webroot-path=/usr/share/nginx/html -d myit-solutions.net -d meet.myit-solutions.net
Saving debug log to /var/log/letsencrypt/letsencrypt.log


You have an existing certificate that contains a portion of the domains you
requested (ref: /etc/letsencrypt/renewal/myit-solutions.net.conf)

It contains these names: myit-solutions.net

You requested these names for the new certificate: myit-solutions.net,
meet.myit-solutions.net.

Do you want to expand and replace this existing certificate with the new
certificate?

(E)xpand/©ancel: E
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for myit-solutions.net
http-01 challenge for meet.myit-solutions.net
Using the webroot path /usr/share/nginx/html for all unmatched domains.
Waiting for verification…
Cleaning up challenges
Unable to clean up challenge directory /usr/share/nginx/html/.well-known/acme-challenge
Failed authorization procedure. meet.myit-solutions.net (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://meet.myit-solutions.net/.well-known/acme-challenge/NVloEsy_Nxa5WvF0Js1SviO9XHsJG69Qd42kSNgsNIc: "

404 Not Found

404 Not Found


"

IMPORTANT NOTES:

OS: Ubuntu 14.04 x64

Hosting: Self Hosting


#2

Does meet.myit-solutions.net use the same root in the nginx configuration as myit-solutions.net? Or does it use a different directory?


#3

@Osiris
Thanks for replying,
I am new to nginx so here is how it is configured
root in the default is root /usr/share/nginx/html;
root in the bigbluebutton is /var/www/bigbluebutton-default;

before trying to configure ssl I could type in http://meet.myit-solutions.net and the bigbluebutton page would work.
When trying to get the letsencrypt certificate It will produce one for myit-solutions.net but not meet.myit-solutions.net
I hope that makes sense!..


#4

You should also provide certbot with that webroot path for the corresponding hostname. So it would be:

certbot-auto certonly -a webroot --webroot-path=/usr/share/nginx/html -d myit-solutions.net -w /var/www/bigbluebutton-default -d meet.myit-solutions.net

(-w is a short version of --webroot-path.)


#5

:smile:
@Osiris
Thank you so much everything is working now.

I appreciate all your help… thanks a Million.


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.