Hello dear community,
I have a problem with the authorization of my sub-domain.
I would like to create a certificate via ACME-Cert-Bot.
The IP settings and the DNS settings should actually be correct ...
If the information is needed: A V-Server with Apache 2 is installed. It is only a subdomain. The FQDN itself does not have a certificate, as the hoster does not want it to be.
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: studip.dim.sc
I ran this command: sudo certbot --apache -d studip.dim.sc -d www.studip.dim.sc
It produced this output: - The following errors were reported by the server:
Domain: studip.dim.sc
Type: unauthorized
Detail: During secondary validation: Invalid response from
http://studip.dim.sc/.well-known/acme-challenge/LAEtAJE6oAHRj82tyw4MvsM5zhVwTNxNivfpcEuPy2A
[2a00:17d8:200::271]: "\n\n403
Forbidden\n\n
Forbidden
\n<p"To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): Apache2
The operating system my web server runs on is (include version): Ubuntu 18.04.5 LTS
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): 0.31.0
Complete SSH-Out:
root@v2202101102336138985:~# sudo certbot --apache -d studip.dim.sc -d www.studip.dim.sc
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for studip.dim.sc
Enabled Apache rewrite module
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. studip.dim.sc (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: During secondary v alidation: Invalid response from http://studip.dim.sc/.well-known/acme-challenge/LAEtAJE6oAHRj82tyw4MvsM5zhVwTNxNivfpcEuPy2A [2a00:17d8:200::271]: "\n\n403 Forbidden\n\n
Forbidden
\n<p"IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: studip.dim.sc
Type: unauthorized
Detail: During secondary validation: Invalid response from
http://studip.dim.sc/.well-known/acme-challenge/LAEtAJE6oAHRj82tyw4MvsM5zhVwTNxNivfpcEuPy2A
[2a00:17d8:200::271]: "\n\n403
Forbidden\n\nForbidden
\n<p"To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
root@v2202101102336138985:~# nslookup
studip.dim.sc
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
Name: studip.dim.sc
Address: 94.16.106.213
Name: studip.dim.sc
Address: 2a03:4000:50:e9b:9408:2eff:febe:87fd
Name: studip.dim.sc
Address: 2a00:17d8:200::271
^Croot@v2202101102336138985:~# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 94.16.106.213 netmask 255.255.252.0 broadcast 94.16.107.255
inet6 fe80::9408:2eff:febe:87fd prefixlen 64 scopeid 0x20
inet6 2a03:4000:50:e9b:9408:2eff:febe:87fd prefixlen 64 scopeid 0x0
ether 96:08:2e:be:87:fd txqueuelen 1000 (Ethernet)
RX packets 3799885 bytes 401600506 (401.6 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 212869 bytes 37143738 (37.1 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 1000 (Local Loopback)
RX packets 332 bytes 31640 (31.6 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 332 bytes 31640 (31.6 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0