While I am installing the renewal the ssl certificate its throwing unauthorised error

avinash.meduri · August 30, 2023, 10:51am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: postfixadmin.aptagrim.co

I ran this command: certbot

It produced this output: Challenge failed for domain postfixadmin.aptagrim.co
http-01 challenge for postfixadmin.aptagrim.co
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

The following errors were reported by the server:

Domain: postfixadmin.aptagrim.co
Type: unauthorized
Detail: 216.48.183.168: Invalid response from
http://postfixadmin.aptagrim.co/.well-known/acme-challenge/O4bgSQv87wOISpTri49tg3B4Bfs6i4QcRa6XMKwtol8:
400

My web server is (include version): ubuntu 20.

I can login to a root shell on my machine (yes or no, or I don't know): yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 0.40.0

results of
sudo apachectl -t -D DUMP_VHOSTS
VirtualHost configuration:
*:443 aptagrim.co (/etc/apache2/sites-enabled/postfixadmin.aptagrim.co-le-ssl.conf:1)
*:80 aptagrim.co (/etc/apache2/sites-enabled/postfixadmin.aptagrim.co.conf:1)
*:8081 aptagrim.co (/etc/apache2/sites-enabled/postfixapi.conf:1)

thanks

MikeMcQ · August 30, 2023, 12:02pm

Can you post the contents of this file? Please add 3 backticks before and after so we do not lose important tags like
```
contents of file
```

Also, your Certbot 0.40 is very old. With Ubuntu 20 you should be able to install the snap version to get to version 2.6. Just follow these instructions carefully

avinash.meduri · August 30, 2023, 12:23pm

my postfixadmin.co.conf like

<VirtualHost *:80>

        DocumentRoot /var/www/postfixadmin/public
        ServerName aptagrim.co
        ServerAlias postfixadmin.aptagrim.co

        <Directory /var/www/postfixadmin/>
                Options FollowSymlinks
                AllowOverride All
                Require all granted
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
#ServerAlias mails.aptagrim.co
SSLCertificateFile /etc/letsencrypt/live/postfixadmin.aptagrim.co/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/postfixadmin.aptagrim.co/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
#</IfModule>

danb35 · August 30, 2023, 12:32pm

Isn't this thread a duplicate of:

griffin · August 30, 2023, 12:42pm

Yes. Yes it is.

MikeMcQ · August 30, 2023, 12:48pm

These 3 lines

Must be removed from this config file. Certs are not used in port 80 VirtualHosts

rg305 · August 30, 2023, 1:05pm

I closed the other one - this one has more info.
I think I'll merge those posts into this one.

Well that was more complicated than it should have been

avinash.meduri · August 30, 2023, 5:59am

hello while iam renewing my ssl certificate its throwing this error, i had a certifiacte for my domain,

what could be the error ?

Osiris · August 30, 2023, 6:06am

Your thread is more suitable for the Help section instead of the Issuance Tech category.

If you would have opened this thread in the Help section, you would have been provided with a questionnaire. Please fill out the questionnaire below to the best of your knowledge:

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Also, please post the output of:

sudo apachectl -t -D DUMP_VHOSTS

MikeMcQ · August 30, 2023, 12:45pm

Please note a new thread with more info was started here

MikeMcQ · August 30, 2023, 1:17pm

Yeah And actually messier than it was before since I'd already noted better info existed here. Probably better if you'd just closed the original.

MikeMcQ · August 30, 2023, 1:19pm

Just showing link to this past post as it is most current for this thread