Using Certbot in Docker Containers - Cannot Pass HTTP Challenge - The client lacks sufficient authorization

I’ve found a few posts on here that have this problem, but the solutions I have found do not work.

My configuration is elastic beanstalk, with two containers. One nginx and the other is my app.

When curling www.engauge.xyz/.well-known/acme-challenge/test I get a valid response (which maps to data/letsencrypt/.well-known/acme-challenge/test on my host).

I have run it in verbose mode and it appears to create the temporary files correctly

• Removing /data/letsencrypt/.well-known/acme-challenge/ZeomZHDgadPz-M5NO-c
• Removing /data/letsencrypt/.well-known/acme-challenge/S2cl3-TUSYuk

And I am running certbot via the container with the following command
sudo docker run -it --rm
-v certs:/etc/letsencrypt
-v certs-data:/data/letsencrypt
deliverous/certbot
certonly
–preferred-challenges=http
–webroot --webroot-path=/data/letsencrypt
-d engauge.xyz -d www.engauge.xyz

Any help is much appreciated. I’m out of ideas to debug.

hi @stolemyusername

I am having trouble following your troubleshooting

The questions in the help section are structured in a particular way so that it makes sense

A) You are using Docker Containers?
B) Are you running the commands as admin?
C) Do you have a full error message from the letsencrypt log?

Andrei

Hi @stolemyusername, what error message do you see from Certbot when you run it?

--preferred-challenges=http is redundant with --webroot but that’s definitely not the source of the problem. I’m just letting you know so that you can make your eventual command line shorter.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.