Unable to renew the certificate: lack of authorisation

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:www.corporate-compliance.es

I ran this command:certbot renew

It produced this output:[root@localhost conf]# certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Processing /etc/letsencrypt/renewal/www.corporate-compliance.es.conf

Attempting to parse the version 0.18.2 renewal configuration file found at /etc/letsencrypt/renewal/www.corporate-compliance.es.conf with version 0.18.1 of Certbot. This might not work.
Cert is due for renewal, auto-renewing…
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for www.corporate-compliance.es
Using the webroot path /opt/bitnami/apps/owncloud/htdocs for all unmatched domains.
Waiting for verification…
Cleaning up challenges
Unable to clean up challenge directory /opt/bitnami/apps/owncloud/htdocs/.well-known/acme-challenge
Attempting to renew cert (www.corporate-compliance.es) from /etc/letsencrypt/renewal/www.corporate-compliance.es.conf produced an unexpected error: Failed authorization procedure. www.corporate-compliance.es (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.corporate-compliance.es/.well-known/acme-challenge/WO6GfqMfH4bwhNGPQ3A_38DYxlLok_kbn4i6k7NA-qI: "

404 Not Found

Not Found

<p". Skipping. All renewal attempts failed. The following certs could not be renewed: /etc/letsencrypt/live/www.corporate-compliance.es/fullchain.pem (failure)

All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/www.corporate-compliance.es/fullchain.pem (failure)

1 renew failure(s), 0 parse failure(s)


My web server is (include version): Bitnami owncloud 10.0.1

The operating system my web server runs on is (include version): CentOS7

My hosting provider, if applicable, is: Arsys

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

If you create a file at /opt/bitnami/apps/owncloud/htdocs/.well-known/acme-challenge/test.txt can you see it at http://www.corporate-compliance.es/.well-known/acme-challenge/test.txt or do you also get an error?

This may be indicative of a permissions issue (but could also be harmless). What is the output of these two commands?

ls -ld /opt/bitnami/apps/owncloud/htdocs/.well-known
ls -lR /opt/bitnami/apps/owncloud/htdocs/.well-known

Solved it. The issue was that the configuration file of Apache pointed the DocumentRoot to other path.

Thanks a lot!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.