Unauthorized error when execute letsencrypt-auto

I followed this tutorial to install letsencrypt on my server: https://digitaldavo.wordpress.com/2016/01/13/using-free-letsencrypt-https-ssl-on-bitnami-lamp-on-ec2/

Error I get while running:

sudo ./letsencrypt-auto certonly -w /home/bitnami/htdocs -d comunitaitaliana.com -d www.comunitaitaliana.com

IMPORTANT NOTES:

But my DNS is pointing correctly to my IP, the site is up in the air, see: http://www.comunitaitaliana.com

If the section in quotes you snipped from your post matches the HTML of your WordPress error page, your A record is correct.

I would guess you’re running into a common issue with WordPress where its .htaccess file for pretty URLs gets in the way of HTTP verification.

To override it, create a file /home/bitnami/htdocs/.well-known/acme-challenge/.htaccess with the following contents:

<IfModule mod_rewrite.c>
    RewriteEngine off
</IfModule>
Satisfy any

Then try obtaining a certificate again.

1 Like

Thanks for the help, buddy.

I tried to do what you said, and ran again to get the certificate, but it gave the same error :frowning:

If you create a file /home/bitnami/htdocs/.well-known/acme-challenge/test.txt can you see it at http://www.comunitaitaliana.com/.well-known/acme-challenge/test.txt or do you get an error?

If not, please share with us the contents of /home/bitnami/htdocs/.htaccess so we can try and figure out what’s blocking accesses to this directory.

1 Like

Thank you very much.

I was not really accessing this directory publicly by url as the example you asked, but before seeing your answer I turned on the old machine that already had the keys generated for my certificate and copied the /etc/letsencrypt directory to my new machine .

Then I took the step of editing http.conf, adding the path of these keys:

SSLCertificateFile "/etc/letsencrypt/live/comunitaitaliana.com/cert.pem"
SSLCertificateKeyFile "/etc/letsencrypt/live/comunitaitaliana.com/privkey.pem"
SSLCertificateChainFile "/etc/letsencrypt/live/comunitaitaliana.com/fullchain.pem"

After that, the https returned perfectly.

See: https://www.comunitaitaliana.com

Hugs and thanks for the help @Patches.

Copying the /etc/letsencrypt directory is fine, but if there’s any doubt remaining about the renewal process, it will still be good to figure out what’s going on with the challenges because your most recent certificate for that domain will expire on October 24. So you will eventually need to be able to pass challenges from the CA to get a renewed certificate…

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.