Using Certbot in Docker Containers - Cannot Pass HTTP Challenge - The client lacks sufficient authorization


#1

I’ve found a few posts on here that have this problem, but the solutions I have found do not work.

My configuration is elastic beanstalk, with two containers. One nginx and the other is my app.

When curling www.engauge.xyz/.well-known/acme-challenge/test I get a valid response (which maps to data/letsencrypt/.well-known/acme-challenge/test on my host).

I have run it in verbose mode and it appears to create the temporary files correctly

  • Removing /data/letsencrypt/.well-known/acme-challenge/ZeomZHDgadPz-M5NO-c
  • Removing /data/letsencrypt/.well-known/acme-challenge/S2cl3-TUSYuk

And I am running certbot via the container with the following command
sudo docker run -it --rm
-v certs:/etc/letsencrypt
-v certs-data:/data/letsencrypt
deliverous/certbot
certonly
–preferred-challenges=http
–webroot --webroot-path=/data/letsencrypt
-d engauge.xyz -d www.engauge.xyz

Any help is much appreciated. I’m out of ideas to debug.


#2

hi @stolemyusername

I am having trouble following your troubleshooting

The questions in the help section are structured in a particular way so that it makes sense

A) You are using Docker Containers?
B) Are you running the commands as admin?
C) Do you have a full error message from the letsencrypt log?

Andrei


#3

Hi @stolemyusername, what error message do you see from Certbot when you run it?

--preferred-challenges=http is redundant with --webroot but that’s definitely not the source of the problem. I’m just letting you know so that you can make your eventual command line shorter. :slight_smile:


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.