Using Certbot in Docker Containers - Cannot Pass HTTP Challenge - The client lacks sufficient authorization

I’ve found a few posts on here that have this problem, but the solutions I have found do not work.

My configuration is elastic beanstalk, with two containers. One nginx and the other is my app.

When curling I get a valid response (which maps to data/letsencrypt/.well-known/acme-challenge/test on my host).

I have run it in verbose mode and it appears to create the temporary files correctly

  • Removing /data/letsencrypt/.well-known/acme-challenge/ZeomZHDgadPz-M5NO-c
  • Removing /data/letsencrypt/.well-known/acme-challenge/S2cl3-TUSYuk

And I am running certbot via the container with the following command
sudo docker run -it --rm
-v certs:/etc/letsencrypt
-v certs-data:/data/letsencrypt
–webroot --webroot-path=/data/letsencrypt
-d -d

Any help is much appreciated. I’m out of ideas to debug.

hi @stolemyusername

I am having trouble following your troubleshooting

The questions in the help section are structured in a particular way so that it makes sense

A) You are using Docker Containers?
B) Are you running the commands as admin?
C) Do you have a full error message from the letsencrypt log?


Hi @stolemyusername, what error message do you see from Certbot when you run it?

--preferred-challenges=http is redundant with --webroot but that’s definitely not the source of the problem. I’m just letting you know so that you can make your eventual command line shorter. :slight_smile:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.