Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: rpiweather.net
I ran this command: sudo certbot certonly --webroot -w /var/www/rpiweather.net -d rpiweather.net -d www.rpiweather.net
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Cert is due for renewal, auto-renewing...
Renewing an existing certificate for rpiweather.net and www.rpiweather.net
Performing the following challenges:
http-01 challenge for rpiweather.net
http-01 challenge for www.rpiweather.net
Using the webroot path /var/www/rpiweather.net for all unmatched domains.
Waiting for verification...
Challenge failed for domain rpiweather.net
Challenge failed for domain www.rpiweather.net
http-01 challenge for rpiweather.net
http-01 challenge for www.rpiweather.net
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: rpiweather.net
Type: unauthorized
Detail: 2600:4040:5050:ce00:d6c2:fe84:f82f:13a7: Invalid response
from
http://rpiweather.net/.well-known/acme-challenge/j2RK-aaFFA41TrzHXsP262ehIqME0NF8ZM-5XIfTOU0:
404
Domain: www.rpiweather.net
Type: unauthorized
Detail: 2600:4040:5050:ce00:d6c2:fe84:f82f:13a7: Invalid response
from
http://www.rpiweather.net/.well-known/acme-challenge/a-NOQCeXGYTuLyAx-4jkC9Agf245fgNVuDHdaoJK63A:
404
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): nginx/1.18.0
The operating system my web server runs on is (include version): Raspbian GNU/Linux 11 (bullseye)
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): certbot 1.12.0
This has been working since April of 2024 (see Adding a subdomain - #11 by MJHanagan) , but a few days ago the certificate renewal was not successful.
I don't see anything different in the A/AAAA record setup (DNS managed by dynu.com) and I can ping the IPV4 and IPV6 addresses and I can get a response from a curl command:
C:\Users\micha>curl -Ii4k https://rpiweather.net/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Wed, 26 Jun 2024 22:00:18 GMT
Content-Type: text/html
Content-Length: 1593
Last-Modified: Sun, 11 Feb 2024 22:19:04 GMT
Connection: keep-alive
ETag: "65c947d8-639"
Accept-Ranges: bytes
so I assume the Raspberry Pi is online.
Any ideas on what could be wrong?