I’ve got a certificate that’s been working fine up till now for my mail server, but as of this renewal cycle I’m unable to renew. There was a minor update to the packages I’m running including some web content, but I’m not sure if that’s what has caused the problem.
The server is LinuxMagic’s Magicmail 3.0.1-2 which was released on the 20th.
My domain is:
https://mail.fpunet.com/
I ran this command:
/usr/bin/certbot renew
It produced this output:
/usr/bin/certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/mail.fpunet.com-0001.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for autodiscover.fpunet.com
http-01 challenge for imap.fpunet.com
http-01 challenge for imap4.fpunet.com
http-01 challenge for mail.fpunet.com
http-01 challenge for pop.fpunet.com
http-01 challenge for pop3.fpunet.com
http-01 challenge for smtp.fpunet.com
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (mail.fpunet.com-0001) from /etc/letsencrypt/renewal/mail.fpunet.com-0001.conf produced an unexpected error: Failed authorization procedure. imap4.fpunet.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://imap4.fpunet.com/.well-known/acme-challenge/aE9Xr9-jOubvbKkQXrpKbjMU4Mp6YNMMxbqaNiMKa_k: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p", pop3.fpunet.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://pop3.fpunet.com/.well-known/acme-challenge/ckehK944BNXQ1ukz8TXxvOeftUYwdgUYmHfKAnwQFCY: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p", autodiscover.fpunet.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://autodiscover.fpunet.com/.well-known/acme-challenge/1SWd7gMKQT6fdEpEMbtl3wVHOGQX8zyrEdPrHfjgRmY: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p", pop.fpunet.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://pop.fpunet.com/.well-known/acme-challenge/1XpCi_sMQSGFwjmzrK6Mq3NVcGhnvRxIrmf9a6L3iYQ: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p", smtp.fpunet.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://smtp.fpunet.com/.well-known/acme-challenge/cMBT9bNaaSzGtFtkUClg3Sd63uW9YjLebfrHEPFjEUA: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p", mail.fpunet.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://mail.fpunet.com/.well-known/acme-challenge/-4abX-xH9j2VDIdo4K8S85kLCcAlcL5f12_EJKHw_xE: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p", imap.fpunet.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://imap.fpunet.com/.well-known/acme-challenge/CuBsN9ST05bnHwXtEbOnj2U5fQfYLw50Ca7IbBXAIvs: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p". Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/mail.fpunet.com-0001/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/mail.fpunet.com-0001/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: imap4.fpunet.com
Type: unauthorized
Detail: Invalid response from
http://imap4.fpunet.com/.well-known/acme-challenge/aE9Xr9-jOubvbKkQXrpKbjMU4Mp6YNMMxbqaNiMKa_k:
"<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
Domain: pop3.fpunet.com
Type: unauthorized
Detail: Invalid response from
http://pop3.fpunet.com/.well-known/acme-challenge/ckehK944BNXQ1ukz8TXxvOeftUYwdgUYmHfKAnwQFCY:
"<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
Domain: autodiscover.fpunet.com
Type: unauthorized
Detail: Invalid response from
http://autodiscover.fpunet.com/.well-known/acme-challenge/1SWd7gMKQT6fdEpEMbtl3wVHOGQX8zyrEdPrHfjgRmY:
"<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
Domain: pop.fpunet.com
Type: unauthorized
Detail: Invalid response from
http://pop.fpunet.com/.well-known/acme-challenge/1XpCi_sMQSGFwjmzrK6Mq3NVcGhnvRxIrmf9a6L3iYQ:
"<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
Domain: smtp.fpunet.com
Type: unauthorized
Detail: Invalid response from
http://smtp.fpunet.com/.well-known/acme-challenge/cMBT9bNaaSzGtFtkUClg3Sd63uW9YjLebfrHEPFjEUA:
"<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
Domain: mail.fpunet.com
Type: unauthorized
Detail: Invalid response from
http://mail.fpunet.com/.well-known/acme-challenge/-4abX-xH9j2VDIdo4K8S85kLCcAlcL5f12_EJKHw_xE:
"<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
Domain: imap.fpunet.com
Type: unauthorized
Detail: Invalid response from
http://imap.fpunet.com/.well-known/acme-challenge/CuBsN9ST05bnHwXtEbOnj2U5fQfYLw50Ca7IbBXAIvs:
"<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
https://pastebin.com/hEB1ra1h (with -vvvvvv)
https://pastebin.com/AmN4WjbC (with --debug-challenges)
My web server is (include version):
Server version: Apache/2.4.7 (Ubuntu)
Server built: Apr 18 2018 15:36:26
The operating system my web server runs on is (include version):
Distributor ID: Ubuntu
Description: Ubuntu 14.04.5 LTS
Release: 14.04
Codename: trusty
My hosting provider, if applicable, is: None
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No
certbot 0.28.0