Unrecognized arguments: --dns-azure-config

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: caipo.link

I ran this command:

/snap/bin/certbot certonly \
  --authenticator dns-azure \
  --preferred-challenges dns \
  --noninteractive \
  --agree-tos \
  --email njh@yahoo.com \
  --dns-azure-config ~/.secrets/certbot/azure.ini \
  --domains caipo.link

It produced this output: certbot: error: unrecognized arguments: --dns-azure-config /home/azureuser/.secrets/certbot/azure.ini

My web server is (include version): cherrypy 18.8.0

The operating system my web server runs on is (include version): Ubuntu 22.04LTS

My hosting provider, if applicable, is: azure Ubuntu VM

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.29.0

I'm pretty sure that I've installed the 'certbot-dns-azure' plugin:

~$ sudo snap list
Name               Version        Rev    Tracking       Publisher     Notes
certbot            1.29.0         2192   latest/stable  certbot-eff✓  classic
certbot-dns-azure  1.5.0          1      latest/edge    terrz         -

Thanks for the clear report. I don't know the dns azure plug-in well. It looks to me like you are doing everything right. Another volunteer might have advice.

I suggest asking this same question at the github for certbot-dns-azure. The developer of the plug-in should reply.

Perhaps there is something we can't see in the command...
Try moving the line:

higher in the order
and moving

lower in the order

Also, has this command worked before?

@niujh Could you please also provide the output of the command certbot plugins ? You might have installed the plugin in Snap, but perhaps Certbot does not recognise it.

@Osiris, Here is the result:

~$ certbot plugins

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
* dns-azure
Description: Obtain certificates using a DNS TXT record (if you are using Azure
for DNS).
Interfaces: Authenticator, Plugin
Entry point: dns-azure = certbot_dns_azure._internal.dns_azure:Authenticator

* standalone
Description: Spin up a temporary webserver
Interfaces: Authenticator, Plugin
Entry point: standalone = certbot._internal.plugins.standalone:Authenticator

* webroot
Description: Place files in webroot directory
Interfaces: Authenticator, Plugin
Entry point: webroot = certbot._internal.plugins.webroot:Authenticator
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

@rg305 switching around doesnt work, unfortunately.
For me, it never workd. I used to use route53, just switched to Azure.

I'm just guessing but could this mean there is some setting in azure.ini that is faulty?

Nah, this really seems to be the argument parser..

@niujh Could you perhaps share the entire log file for this error at /var/log/letsencrypt/letsencrypt.log?

@Osiris Yeah I think you are right. Here is the log, but it doesn't seems problematic:

2022-08-11 05:54:58,537:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 97
2022-08-11 05:54:59,238:DEBUG:certbot._internal.main:certbot version: 1.29.0
2022-08-11 05:54:59,238:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/2192/bin/certbot
2022-08-11 05:54:59,238:DEBUG:certbot._internal.main:Arguments: ['-q', '--preconfigured-renewal']
2022-08-11 05:54:59,238:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2022-08-11 05:54:59,250:DEBUG:certbot._internal.log:Root logging level set at 40
2022-08-11 05:54:59,251:DEBUG:certbot._internal.display.obj:Notifying user: 
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2022-08-11 05:54:59,251:DEBUG:certbot._internal.display.obj:Notifying user: No renewals were attempted.
2022-08-11 05:54:59,251:DEBUG:certbot._internal.display.obj:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2022-08-11 05:54:59,252:DEBUG:certbot._internal.renewal:no renewal failures

@MikeMcQ Thanks for your thougt. I tried the empty file but still got the same error. It seems that the .ini file never get parsed.

Could this have something to do Ubuntu 22.04LTS kernel?

That's the entire log? That's not much unfortunately.. However, I'm not seeing the Azure DNS plugin in this line?

2022-08-11 05:54:59,238:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)

Where did it go?

@Osiris Yeah, that's all I got. I used:
sudo vim /var/log/letsencrypt/letsencrypt.log

Is there other place that I should be looking at?

I think you are on the spot. What does it mean if there is no azure-dns-plugin in that line? How to fix it? Thanks.

I don't think so, but perhaps you could run Certbot again but now with the --debug -vvvvv options. That should spit out a lot of details.

I dunno, a good amount of debugging info from Certbot is required for that.

@Osiris Thank you. I'm trying out your suggestion.
I just used the following command:

sudo /snap/bin/certbot certonly
--authenticator dns-azure
--preferred-challenges dns
--noninteractive
--agree-tos
--email njh@yahoo.com
--dns-azure-config ~/.secrets/certbot/azure.ini
--domains caipo.link
--debug -vvvvv

It asks me to select:

1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)

Which one do you suggest?

@Osiris I've finished the debugging, and got a really long log here:

2022-08-11 06:13:55,133:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 97
2022-08-11 06:13:55,515:DEBUG:certbot._internal.main:certbot version: 1.29.0
2022-08-11 06:13:55,515:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/2192/bin/certbot
2022-08-11 06:13:55,515:DEBUG:certbot._internal.main:Arguments: ['--preconfigured-renewal']
2022-08-11 06:13:55,515:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2022-08-11 06:13:55,525:DEBUG:certbot._internal.log:Root logging level set at 30
2022-08-11 06:13:55,526:DEBUG:certbot._internal.plugins.selection:Requested authenticator None and installer None
2022-08-11 06:13:55,537:DEBUG:certbot.plugins.util:Failed to find executable apache2ctl in PATH: /snap/certbot/2192/bin:/snap/certbot/2192/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
2022-08-11 06:13:55,537:DEBUG:certbot._internal.plugins.disco:No installation (PluginEntryPoint#apache): Cannot find Apache executable apache2ctl
Traceback (most recent call last):
  File "/snap/certbot/2192/lib/python3.8/site-packages/certbot/_internal/plugins/disco.py", line 160, in prepare
    self._initialized.prepare()
  File "/snap/certbot/2192/lib/python3.8/site-packages/certbot_apache/_internal/configurator.py", line 347, in prepare
    self._verify_exe_availability(self.options.ctl)
  File "/snap/certbot/2192/lib/python3.8/site-packages/certbot_apache/_internal/configurator.py", line 468, in _verify_exe_availability
    raise errors.NoInstallationError(
certbot.errors.NoInstallationError: Cannot find Apache executable apache2ctl
2022-08-11 06:13:55,542:DEBUG:certbot._internal.plugins.disco:No installation (PluginEntryPoint#nginx): Could not find a usable 'nginx' binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.
Traceback (most recent call last):
  File "/snap/certbot/2192/lib/python3.8/site-packages/certbot/_internal/plugins/disco.py", line 160, in prepare
    self._initialized.prepare()
  File "/snap/certbot/2192/lib/python3.8/site-packages/certbot_nginx/_internal/configurator.py", line 194, in prepare
    raise errors.NoInstallationError(
certbot.errors.NoInstallationError: Could not find a usable 'nginx' binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.
2022-08-11 06:13:55,543:DEBUG:certbot._internal.plugins.selection:Multiple candidate plugins: * standalone
Description: Spin up a temporary webserver
Interfaces: Authenticator, Plugin
Entry point: standalone = certbot._internal.plugins.standalone:Authenticator
Initialized: <certbot._internal.plugins.standalone.Authenticator object at 0x7efd7db69400>
Prep: True

* webroot
Description: Place files in webroot directory
Interfaces: Authenticator, Plugin
Entry point: webroot = certbot._internal.plugins.webroot:Authenticator
Initialized: <certbot._internal.plugins.webroot.Authenticator object at 0x7efd7db693d0>
Prep: True
2022-08-11 06:20:27,755:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.webroot.Authenticator object at 0x7efd7db693d0> and installer None
2022-08-11 06:20:27,756:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2022-08-11 06:20:57,431:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2022-08-11 06:20:57,432:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2022-08-11 06:20:57,533:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
2022-08-11 06:20:57,533:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 11 Aug 2022 06:20:57 GMT
Content-Type: application/json
Content-Length: 658
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "NhP2PtuonKo": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2022-08-11 06:21:03,444:DEBUG:acme.client:Requesting fresh nonce
2022-08-11 06:21:03,444:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2022-08-11 06:21:03,469:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2022-08-11 06:21:03,470:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 11 Aug 2022 06:21:03 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002KsV52jD3-hQO8tgfF02qPTtWtSlpDWVftzKRu9k-YZE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2022-08-11 06:21:03,470:DEBUG:acme.client:Storing nonce: 0002KsV52jD3-hQO8tgfF02qPTtWtSlpDWVftzKRu9k-YZE
2022-08-11 06:21:03,470:DEBUG:acme.client:JWS payload:
b'{\n  "contact": [\n    "mailto:njh@yahoo.com"\n  ],\n  "termsOfServiceAgreed": true\n}'
2022-08-11 06:21:03,472:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-acct:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAiandrIjogeyJuIjogInl5VnhrWFZDSWQ3N3B5T3N2cUd0X2xjRTFuSDA1eW9KZV82b3hKQnlyM2FqUkctaUliSlZ3RGFEcGZMMzl0VC1uQUhhUEZtWkxlOGV2eW53c2ZoOFB1aFdHWS1aZ043TUE3SUFKQjZtV0M3ajYtcnRUQUd4T2ZoUjhLVnZiOElQc09YMU95SmhNRXdOcVRkUHFaSzJ1d3J2akxXek1TWk9feDNJdTYwYUsteVY5T3FUaGpYYWYxRkFRRldZZjlxdVVWc0lQSFowdTZnZkU0WlFxSHpiM2lIdUVIQ09yNXk5Q0FPZTltdkJNaEdWb29tN05wMkkyVG1IczJRckZDdDNuWmVCU0JGc256TkJabEdfeUoyNHBEd3NrTTluNmJkU0x4MFNHT1drYThweTR1QW9YSm9tSGZMajItTzZSNFJLcHVaNDlndmRQZGlQV20wMjZ1SGwzUSIsICJlIjogIkFRQUIiLCAia3R5IjogIlJTQSJ9LCAibm9uY2UiOiAiMDAwMktzVjUyakQzLWhRTzh0Z2ZGMDJxUFR0V3RTbHBEV1ZmdHpLUnU5ay1ZWkUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1hY2N0In0",
  "signature": "H-qaW8RUUwdNoWqlnJw9r_arOGH1-nSh9HOrZGm0GguXzggu1k3iGS09Vx0ucwiUQQdVKA3N4ZLyerU1I2vEXt7NbdJs7pkfuql2dxe39YjSXH4uxrpx2X6XWJ4m_3GFYkuFmtkzbhnpFaHFgeQjja45qqDhraTHCU8_xkt6sML9Ql36ELxdYkD-086lStNSNXSxEA3xbuWGp6UYpBhIbCA5GN9kJiGtIxgV00ifX8ON1CuB1X0FcSVBfyNqkBR6rMCq3J3gyE9vY3sZ-sOftw-wrD00xE0P8To-ikO7ds0ARp5Qv1q1_2SYZ85jPC8jR72wGnn0Cy0qAzacWsm22w",
  "payload": "ewogICJjb250YWN0IjogWwogICAgIm1haWx0bzpuamhAeWFob28uY29tIgogIF0sCiAgInRlcm1zT2ZTZXJ2aWNlQWdyZWVkIjogdHJ1ZQp9"
}
2022-08-11 06:21:03,552:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-acct HTTP/1.1" 201 555
2022-08-11 06:21:03,553:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Thu, 11 Aug 2022 06:21:03 GMT
Content-Type: application/json
Content-Length: 555
Connection: keep-alive
Boulder-Requester: 671932727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf>;rel="terms-of-service"
Location: https://acme-v02.api.letsencrypt.org/acme/acct/671932727
Replay-Nonce: 0002I3MHA5RmxfK_mb2tLKSiWbsCSaYzdGv0WbqLSaml_aQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "key": {
    "kty": "RSA",
    "n": "yyVxkXVCId77pyOsvqGt_lcE1nH05yoJe_6oxJByr3ajRG-iIbJVwDaDpfL39tT-nAHaPFmZLe8evynwsfh8PuhWGY-ZgN7MA7IAJB6mWC7j6-rtTAGxOfhR8KVvb8IPsOX1OyJhMEwNqTdPqZK2uwrvjLWzMSZO_x3Iu60aK-yV9OqThjXaf1FAQFWYf9quUVsIPHZ0u6gfE4ZQqHzb3iHuEHCOr5y9CAOe9mvBMhGVoom7Np2I2TmHs2QrFCt3nZeBSBFsnzNBZlG_yJ24pDwskM9n6bdSLx0SGOWka8py4uAoXJomHfLj2-O6R4RKpuZ49gvdPdiPWm026uHl3Q",
    "e": "AQAB"
  },
  "contact": [
    "mailto:njh@yahoo.com"
  ],
  "initialIp": "20.38.170.26",
  "createdAt": "2022-08-11T06:21:03.536193362Z",
  "status": "valid"
}
2022-08-11 06:21:03,553:DEBUG:acme.client:Storing nonce: 0002I3MHA5RmxfK_mb2tLKSiWbsCSaYzdGv0WbqLSaml_aQ
2022-08-11 06:21:12,547:DEBUG:certbot._internal.display.obj:Notifying user: Account registered.
2022-08-11 06:21:12,547:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7efd7db608e0>)>), contact=('mailto:njh@yahoo.com',), agreement=None, status='valid', terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/671932727', new_authzr_uri=None, terms_of_service='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'), 53fcc2b29f907778f0e3755e564e8c75, Meta(creation_dt=datetime.datetime(2022, 8, 11, 6, 21, 3, tzinfo=<UTC>), creation_host='powercaipo.internal.cloudapp.net', register_to_eff='njh@yahoo.com'))>
2022-08-11 06:21:12,548:DEBUG:certbot.display.ops:No installer, picking names manually
2022-08-11 06:21:22,946:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for caipo.link
2022-08-11 06:21:22,993:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0000_key-certbot.pem
2022-08-11 06:21:22,996:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0000_csr-certbot.pem
2022-08-11 06:21:22,997:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "caipo.link"\n    }\n  ]\n}'
2022-08-11 06:21:22,998:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNjcxOTMyNzI3IiwgIm5vbmNlIjogIjAwMDJJM01IQTVSbXhmS19tYjJ0TEtTaVdic0NTYVl6ZEd2MFdicUxTYW1sX2FRIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
  "signature": "CP82npi47pGjMybhMMH5D6dEUhUafziHxVhnPSQjrYAx0fXDYfGh0knbFdH2hBx0WgLGtrKNFYspmm3RTdkRgSctZ5Mo93OPAtPI0840CMKkhZV2CvIsXmCbJ3jOyevXz598c9jZEVSQFsMoXumlyMD0Bu0UH7RdLzzA0zDmcApi7HiU_dKKl9EAAIjUKPvnYo4kKrMdH6LDKlR2YbvMFsZoKtzEpDJ7p7oRUXt9zlJq8mj7A3d1hGylwx2hVSZuVoskd6VSSOCyjT9OgxGAqC6ZpsjyFZhhwbr7AC7s0TfENyBiW0bBbWE36QTaG6C5w4JEW-vKciF4Qna8EekLZA",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNhaXBvLmxpbmsiCiAgICB9CiAgXQp9"
}
2022-08-11 06:21:23,217:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335
2022-08-11 06:21:23,218:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Thu, 11 Aug 2022 06:21:23 GMT
Content-Type: application/json
Content-Length: 335
Connection: keep-alive
Boulder-Requester: 671932727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/671932727/115123393607
Replay-Nonce: 0001dSNoSh3CdPAXnuSJkhYf6bWBy9eAMO7wkrESPtcix50
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "pending",
  "expires": "2022-08-18T06:21:23Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "caipo.link"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/140748518017"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/671932727/115123393607"
}
2022-08-11 06:21:23,218:DEBUG:acme.client:Storing nonce: 0001dSNoSh3CdPAXnuSJkhYf6bWBy9eAMO7wkrESPtcix50
2022-08-11 06:21:23,219:DEBUG:acme.client:JWS payload:
b''
2022-08-11 06:21:23,220:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/140748518017:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNjcxOTMyNzI3IiwgIm5vbmNlIjogIjAwMDFkU05vU2gzQ2RQQVhudVNKa2hZZjZiV0J5OWVBTU83d2tyRVNQdGNpeDUwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDA3NDg1MTgwMTcifQ",
  "signature": "BvXfO7ToZZl_g3S_pdg9cKAJcdjwcYdYGZNfUxqqX0PeKcDgfd3m-w_cmd3B5j2GOZkaaqQl_vR10QaOcGI3aAQSTzvDcJ6c81lTWmkCPCPjLGxeSReKU21LPtHjwPuH-BUTvKlzZ6Q8T_xhWmMGhmImqpzMnZk57PU5t-za8QbTvGYIvWFiuk84M-qXpY4dL8n8EAg6KWsdWGXxrj2uG9t0JLDfv4K_DCCyzFFTPrqhJlffpUmJ_fHWqT7yUOhVnHCan67-Q6C7mRKPh_BX4xUvaZGzW7JysdvLApAcCsFm9tZlP8mObIZfkX_HPx1RXFv3Thxvh1i3Dkc2VF1eNg",
  "payload": ""
}
2022-08-11 06:21:23,251:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/140748518017 HTTP/1.1" 200 794
2022-08-11 06:21:23,251:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 11 Aug 2022 06:21:23 GMT
Content-Type: application/json
Content-Length: 794
Connection: keep-alive
Boulder-Requester: 671932727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 00017k9KuT-LRqa9FCe-SE5SZkLwEtTEeLWtKZqVEfL8eXw
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "caipo.link"
  },
  "status": "pending",
  "expires": "2022-08-18T06:21:23Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/5-bjHQ",
      "token": "STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/qH5SFw",
      "token": "STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/j4IeZg",
      "token": "STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo"
    }
  ]
}
2022-08-11 06:21:23,251:DEBUG:acme.client:Storing nonce: 00017k9KuT-LRqa9FCe-SE5SZkLwEtTEeLWtKZqVEfL8eXw
2022-08-11 06:21:23,252:INFO:certbot._internal.auth_handler:Performing the following challenges:
2022-08-11 06:21:23,252:INFO:certbot._internal.auth_handler:http-01 challenge for caipo.link
2022-08-11 06:22:50,053:DEBUG:certbot._internal.plugins.webroot:Creating root challenges validation dir at /caipo_mountpoint/caipo/.well-known/acme-challenge
2022-08-11 06:22:50,056:DEBUG:certbot._internal.plugins.webroot:Attempting to save validation to /caipo_mountpoint/caipo/.well-known/acme-challenge/STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo
2022-08-11 06:22:50,056:DEBUG:acme.client:JWS payload:
b'{}'
2022-08-11 06:22:50,058:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/5-bjHQ:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNjcxOTMyNzI3IiwgIm5vbmNlIjogIjAwMDE3azlLdVQtTFJxYTlGQ2UtU0U1U1prTHdFdFRFZUxXdEtacVZFZkw4ZVh3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8xNDA3NDg1MTgwMTcvNS1iakhRIn0",
  "signature": "TwD6rjT09JOSd_kycc6eg7PtZHrBC93MkSXjlKRnvCaaUPSI756H36s3hqPQM70E_CqqxGX2Y50bVSYItQydkN07bW3CKsHzCzmbQmYjIUyyjiC2Lnm7VMukEsF4nR5XuKIPtJQ542q2XFRmVqcIXFOYf_pDxvd-5EvlhzRd3DR0_4QBA3g-XYevLQPUP55mlBMPE80Gs5zEa4Ihm57tOKE9YVZMc_sNfb0hgxV7INKu-_2LkRah4-W15cwtOcAac_T2h6_xSQf_ByUQ3x5SLEkSxl_i-sB7a8llChadP8JllY2039802BxSEQFLI3n4iDOFn4E68vDMqm652yGQgw",
  "payload": "e30"
}
2022-08-11 06:22:50,094:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/140748518017/5-bjHQ HTTP/1.1" 200 187
2022-08-11 06:22:50,094:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 11 Aug 2022 06:22:50 GMT
Content-Type: application/json
Content-Length: 187
Connection: keep-alive
Boulder-Requester: 671932727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/140748518017>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/5-bjHQ
Replay-Nonce: 0002DNwcmSxi0s7jHGVR6yUTWacLk8TsgQaGKXzcskeWiTw
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/5-bjHQ",
  "token": "STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo"
}
2022-08-11 06:22:50,095:DEBUG:acme.client:Storing nonce: 0002DNwcmSxi0s7jHGVR6yUTWacLk8TsgQaGKXzcskeWiTw
2022-08-11 06:22:50,095:INFO:certbot._internal.auth_handler:Waiting for verification...
2022-08-11 06:22:51,096:DEBUG:acme.client:JWS payload:
b''
2022-08-11 06:22:51,097:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/140748518017:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNjcxOTMyNzI3IiwgIm5vbmNlIjogIjAwMDJETndjbVN4aTBzN2pIR1ZSNnlVVFdhY0xrOFRzZ1FhR0tYemNza2VXaVR3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDA3NDg1MTgwMTcifQ",
  "signature": "dOHsOEIsXPHyPKAtNZDrs2Hy33Cbd-zzwqz2iLqk38fQSkymTwwtWzy7YMNMbJCoC0UYRXF9NS3eAsR3os_SlUhj7dGW_74cCrDEdDo4PqJZjWzSsI60IJWlmZLdQBy8dwRc0CDrk5fKmmBsWzIeegHAiyfZmrdqUol8OozO3F0sVSAjcT7bW_n4iVheEcChj2JIweQVmmjVDu3APZxXi7qhtxCfveuAM4T4zHeHjev1b5rVT5EUzkgqjL-GcTPPDcVYwbc-naUBSmDPl7rK97dCq_g9NiPL_BCVpOIPLrqkgbBNKAJDMdTk8PNN3-wrzfLjHcVT9zmjlnEaGkzl8w",
  "payload": ""
}
2022-08-11 06:22:51,127:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/140748518017 HTTP/1.1" 200 794
2022-08-11 06:22:51,128:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 11 Aug 2022 06:22:51 GMT
Content-Type: application/json
Content-Length: 794
Connection: keep-alive
Boulder-Requester: 671932727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0001wwADBhTRh7lCz9IaiAN6XzaKRLgC3wck_qKlO8JszCc
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "caipo.link"
  },
  "status": "pending",
  "expires": "2022-08-18T06:21:23Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/5-bjHQ",
      "token": "STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/qH5SFw",
      "token": "STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/j4IeZg",
      "token": "STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo"
    }
  ]
}
2022-08-11 06:22:51,128:DEBUG:acme.client:Storing nonce: 0001wwADBhTRh7lCz9IaiAN6XzaKRLgC3wck_qKlO8JszCc
2022-08-11 06:22:54,131:DEBUG:acme.client:JWS payload:
b''
2022-08-11 06:22:54,133:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/140748518017:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNjcxOTMyNzI3IiwgIm5vbmNlIjogIjAwMDF3d0FEQmhUUmg3bEN6OUlhaUFONlh6YUtSTGdDM3dja19xS2xPOEpzekNjIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDA3NDg1MTgwMTcifQ",
  "signature": "Ag-HGhWSkkUYqoOtek44UoReBkwQVa6bNIVX0WckW2WlYof3xCAvZwjJZvRae83DYL9FtUzuz2099sYOfwob-eJDkS8rQHX2WDhUJcVnbruVVJplb_sAmPmP-HQNLg_S2Nx-aZRh3vWtNzV_2xE-qI8OD9f7Vxzcs8b-EYqt1XaVyTZHFuD5gOL-NtsxLrHxFhhBVfGmRuc77EfXNIXnkr4KucxFxvSoZGQNOjTh2GiaC7zEimqa26pwpbFr_jVPdt9_9_PweXpFsKBCWoQUkUYsRWpIfYntaSELk5l3vaI8jH3f1LZeolyg518mmk9hbV75BANRuWt26dRUQh48Mw",
  "payload": ""
}
2022-08-11 06:22:54,162:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/140748518017 HTTP/1.1" 200 794
2022-08-11 06:22:54,162:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 11 Aug 2022 06:22:54 GMT
Content-Type: application/json
Content-Length: 794
Connection: keep-alive
Boulder-Requester: 671932727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0001JEaY9x9Hh8ZVhcLMW7TVQngY-IEhUcmCj-HINPKQIW0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "caipo.link"
  },
  "status": "pending",
  "expires": "2022-08-18T06:21:23Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/5-bjHQ",
      "token": "STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/qH5SFw",
      "token": "STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/j4IeZg",
      "token": "STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo"
    }
  ]
}
2022-08-11 06:22:54,163:DEBUG:acme.client:Storing nonce: 0001JEaY9x9Hh8ZVhcLMW7TVQngY-IEhUcmCj-HINPKQIW0
2022-08-11 06:22:57,166:DEBUG:acme.client:JWS payload:
b''
2022-08-11 06:22:57,167:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/140748518017:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNjcxOTMyNzI3IiwgIm5vbmNlIjogIjAwMDFKRWFZOXg5SGg4WlZoY0xNVzdUVlFuZ1ktSUVoVWNtQ2otSElOUEtRSVcwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDA3NDg1MTgwMTcifQ",
  "signature": "w4eIoCH3mX_FcxMdP9P6G4_rZmfdh8lx_w3j_PuXu7cTwTJPGgvunOqn2i7WKhviX3SIUL3l-mhFrNnzYmk81No7Y3KtA8_xkGHUgLcyuLuJG6GnIhGDyulgVnM_sJ12rXxSn8t9NZX2NFeuhnxiLSG4XtrWDdTpHtOMq9dZ_PuviGrbUdIpUdA9grpgPGXBc_WvApbAQhLDLhuU8eR_nCxoh2dXbTDuDVZExeXQO7wSFiQG1_M-SSB6KMpDhFv91H29Yfzl76txlpsjmTKxqeYz1-LO8xqkiEDVs0ereHNJi59QuMP-wYVhdhdZYaqKgXfuzAAVb9oMkvS9eGnUuw",
  "payload": ""
}
2022-08-11 06:22:57,197:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/140748518017 HTTP/1.1" 200 794
2022-08-11 06:22:57,197:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 11 Aug 2022 06:22:57 GMT
Content-Type: application/json
Content-Length: 794
Connection: keep-alive
Boulder-Requester: 671932727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002jOBcRQ_U4sEqLBr8lZ-ZIwV-2TP5J6J3BcuTB9lmTH4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "caipo.link"
  },
  "status": "pending",
  "expires": "2022-08-18T06:21:23Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/5-bjHQ",
      "token": "STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/qH5SFw",
      "token": "STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/j4IeZg",
      "token": "STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo"
    }
  ]
}
2022-08-11 06:22:57,197:DEBUG:acme.client:Storing nonce: 0002jOBcRQ_U4sEqLBr8lZ-ZIwV-2TP5J6J3BcuTB9lmTH4
2022-08-11 06:23:00,201:DEBUG:acme.client:JWS payload:
b''
2022-08-11 06:23:00,202:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/140748518017:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNjcxOTMyNzI3IiwgIm5vbmNlIjogIjAwMDJqT0JjUlFfVTRzRXFMQnI4bFotWkl3Vi0yVFA1SjZKM0JjdVRCOWxtVEg0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDA3NDg1MTgwMTcifQ",
  "signature": "ha0EMUPz3JKe2Iu5vARkbBr83-BSvm1b6eb6cT1NdILlRu17Rkf90AYIY_8w-nxETAyMIbOtNsCjUUoqcGkz3Qv8EIjHUcJ4W1CsrCWQSz53Fs5iRs22zpmuOTQdikn2VYylAkDL9I-Zwdj-bM0SjLkaCj_xkBB8qgBZmHnbhl-Er69Ad0xmaP5s0Ftfd0wApyyFVsEkxuhfeaM6X8Q27sPm6NwghTLGnl3boHf69d5BHgV9NyT3ndKGfkwlFomP1fO8h6kqFGtD1aw7iDCjntP9ZrzdvVXxV1CurqxRgtoSaklZHk2D4t70BeeRuTqo9Y0TYqtmSvKVAar89E8zqg",
  "payload": ""
}
2022-08-11 06:23:00,231:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/140748518017 HTTP/1.1" 200 794
2022-08-11 06:23:00,231:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 11 Aug 2022 06:23:00 GMT
Content-Type: application/json
Content-Length: 794
Connection: keep-alive
Boulder-Requester: 671932727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002df1FkAXBcGuohq6pth55mEGESjcaAhyB00b6ENldLBQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "caipo.link"
  },
  "status": "pending",
  "expires": "2022-08-18T06:21:23Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/5-bjHQ",
      "token": "STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/qH5SFw",
      "token": "STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/j4IeZg",
      "token": "STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo"
    }
  ]
}
2022-08-11 06:23:00,231:DEBUG:acme.client:Storing nonce: 0002df1FkAXBcGuohq6pth55mEGESjcaAhyB00b6ENldLBQ
2022-08-11 06:23:03,235:DEBUG:acme.client:JWS payload:
b''
2022-08-11 06:23:03,236:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/140748518017:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNjcxOTMyNzI3IiwgIm5vbmNlIjogIjAwMDJkZjFGa0FYQmNHdW9ocTZwdGg1NW1FR0VTamNhQWh5QjAwYjZFTmxkTEJRIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8xNDA3NDg1MTgwMTcifQ",
  "signature": "bSI-bWn6rywtMFji3o55yJZugCsSvMaiZLVtFDpPnJctU7reLaymnnNzv40tCR_ET8aYDAv-GyoFeItut_JjcCQWSJe-ojQebPDMG-ueo9aotwS9wXAunrQCxGPz_LzVxqyKp-ZIwt2iNKMZQIunHr42glkZwjSnLHhBxQqHlzqh1dtiNdqWH0lKcVde_1MEfx5VF79nIftPQmXOoN9ZPuV66sqBrFey-waWikAB_VX5176pzRZZdDehkf83jTdMfRpNg05Pi3FhfPP7z9Yx_Lrit3XGnCNdl6DKj3oTEKW4qpljLG3wlT61oGpRpQW4-oHuYZtZva5SD1ncFMM8DQ",
  "payload": ""
}
2022-08-11 06:23:03,266:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/140748518017 HTTP/1.1" 200 1035
2022-08-11 06:23:03,266:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 11 Aug 2022 06:23:03 GMT
Content-Type: application/json
Content-Length: 1035
Connection: keep-alive
Boulder-Requester: 671932727
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0001x_tYEp2etRgJgx7YJVeWljlZNvnfaIbjWEa2X1kJQ08
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "caipo.link"
  },
  "status": "invalid",
  "expires": "2022-08-18T06:21:23Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:connection",
        "detail": "20.38.170.26: Fetching http://caipo.link/.well-known/acme-challenge/STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo: Timeout during connect (likely firewall problem)",
        "status": 400
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/140748518017/5-bjHQ",
      "token": "STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo",
      "validationRecord": [
        {
          "url": "http://caipo.link/.well-known/acme-challenge/STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo",
          "hostname": "caipo.link",
          "port": "80",
          "addressesResolved": [
            "20.38.170.26"
          ],
          "addressUsed": "20.38.170.26"
        }
      ],
      "validated": "2022-08-11T06:22:50Z"
    }
  ]
}
2022-08-11 06:23:03,267:DEBUG:acme.client:Storing nonce: 0001x_tYEp2etRgJgx7YJVeWljlZNvnfaIbjWEa2X1kJQ08
2022-08-11 06:23:03,267:INFO:certbot._internal.auth_handler:Challenge failed for domain caipo.link
2022-08-11 06:23:03,267:INFO:certbot._internal.auth_handler:http-01 challenge for caipo.link
2022-08-11 06:23:03,267:DEBUG:certbot._internal.display.obj:Notifying user: 
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
  Domain: caipo.link
  Type:   connection
  Detail: 20.38.170.26: Fetching http://caipo.link/.well-known/acme-challenge/STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo: Timeout during connect (likely firewall problem)

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

2022-08-11 06:23:03,268:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/snap/certbot/2192/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 106, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, best_effort)
  File "/snap/certbot/2192/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 206, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

2022-08-11 06:23:03,268:DEBUG:certbot._internal.error_handler:Calling registered functions
2022-08-11 06:23:03,268:INFO:certbot._internal.auth_handler:Cleaning up challenges
2022-08-11 06:23:03,268:DEBUG:certbot._internal.plugins.webroot:Removing /caipo_mountpoint/caipo/.well-known/acme-challenge/STAxu4VKHwJE8UX-MNr3YHnW8ohM2v4De-6TiAkaDHo
2022-08-11 06:23:03,269:DEBUG:certbot._internal.plugins.webroot:All challenges cleaned up
2022-08-11 06:23:03,269:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/snap/certbot/2192/bin/certbot", line 8, in <module>
    sys.exit(main())
  File "/snap/certbot/2192/lib/python3.8/site-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
  File "/snap/certbot/2192/lib/python3.8/site-packages/certbot/_internal/main.py", line 1744, in main
    return config.func(config, plugins)
  File "/snap/certbot/2192/lib/python3.8/site-packages/certbot/_internal/main.py", line 1591, in certonly
    lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
  File "/snap/certbot/2192/lib/python3.8/site-packages/certbot/_internal/main.py", line 141, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
  File "/snap/certbot/2192/lib/python3.8/site-packages/certbot/_internal/client.py", line 530, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
  File "/snap/certbot/2192/lib/python3.8/site-packages/certbot/_internal/client.py", line 442, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/snap/certbot/2192/lib/python3.8/site-packages/certbot/_internal/client.py", line 510, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
  File "/snap/certbot/2192/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 106, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, best_effort)
  File "/snap/certbot/2192/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 206, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2022-08-11 06:23:03,271:ERROR:certbot._internal.log:Some challenges have failed.

Try:

sudo /snap/bin/certbot certonly \
--authenticator dns-azure \
--preferred-challenges dns \
--noninteractive \
--agree-tos \
--email njh@yahoo.com \
--dns-azure-config ~/.secrets/certbot/azure.ini \
--domains caipo.link

@rg305 Yes that's what I input, the formatted version automatically leaves out the \ when posting my question. But thanks, I wish the problem could easily be solved:)

I see that now.

I find it very strange that you are asking it to use:

--authenticator dns-azure
--preferred-challenges dns 

and it asks you:

@rg305
The choice part only happens when I added --debug -vvvvv. Without that debugging parameter, it doesn't show any questoin, just straight to the error.