My domain is:
www.maytelohace.ml
I ran this command:
(I’ve tried this several ways - using this guide: https://gist.github.com/cecilemuller/a26737699a7e70a7093d4dc115915de8)
certbot certonly --webroot --agree-tos --no-eff-email --email YOUR@EMAIL.COM -w /var/www/letsencrypt -d www.domain.com -d domain.com
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for www.maytelohace.ml
http-01 challenge for maytelohace.ml
Using the webroot path /var/www/letsencrypt for all unmatched domains.
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. maytelohace.ml (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://maytelohace.ml/.well-known/acme-challenge/AicOnG01AA65XyZyJztmaISktfZNMQDOY_nUnJZuP34: "
Not Found
<p", www.maytelohace.ml (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.maytelohace.ml/.well-known/acme-challenge/ryhpcPuPyvzmtPJXo7el9UUvEuHwCqj9R2FCmkN-Sg0: " 404 Not FoundNot Found
<p"IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: maytelohace.ml
404 Not Found
Type: unauthorized
Detail: Invalid response from
http://maytelohace.ml/.well-known/acme-challenge/AicOnG01AA65XyZyJztmaISktfZNMQDOY_nUnJZuP34:
"Not Found
<p"Domain: www.maytelohace.ml
404 Not Found
Type: unauthorized
Detail: Invalid response from
http://www.maytelohace.ml/.well-known/acme-challenge/ryhpcPuPyvzmtPJXo7el9UUvEuHwCqj9R2FCmkN-Sg0:
"Not Found
<p"To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version):
nginx - 1.12.1-0ubuntu2
The operating system my web server runs on is (include version):
Distributor ID: Ubuntu
Description: Ubuntu 17.10
Release: 17.10
Codename: artful
My hosting provider, if applicable, is:
Myself - DDNS
I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No - it’s basically a fresh server install
Nginx server blocks: (after following guide mentioned perfectly)
server {
listen 80;
listen [::]:80;
#listen 443 ssl http2;
#listen [::]:443 ssl http2;
server_name maytelohace.ml www.maytelohace.ml;
include /etc/nginx/snippets/ssl.conf/certbot.conf;
root /var/www/maytelohace.ml;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
location ~ /.well-known {
allow all;
}
}
Can you put a test file inside /var/www/maytelohace.ml/.well-known/acme-challenge/ and access it?
Yes, even though the guide I followed instructed me to mkdir /var/www/letsencrypt/.well-known/acme-challenge - I can access the file over the web. It seems like no matter what I do I keep getting the “unauthorized” 404 response from certbot 0.19.0 when I run certbot. I can’t access the .well-known folder from the web I get a 403 again.
My folder permissions look like this: (recursively)
(/var/www)
drwxr-xr-x 4 www-data www-data 4.0K Feb 3 10:47 letsencrypt
drwxr-xr-x 3 www-data www-data 4.0K Feb 2 20:31 maytelohace.ml
It seems like no matter what I do I keep getting the “unauthorized” response from certbot.
What am I missing here… DNS records are correct and I can access the site from outside of my network …
Help. (thank you).