2021-11-28 02:43:27,721:DEBUG:certbot.main:certbot version: 0.40.0 2021-11-28 02:43:27,722:DEBUG:certbot.main:Arguments: ['--standalone', '--pre-hook', '/bin/systemctl stop nginx', '--post-hook', '/bin/systemctl start nginx', '--quiet'] 2021-11-28 02:43:27,722:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-11-28 02:43:27,739:DEBUG:certbot.log:Root logging level set at 30 2021-11-28 02:43:27,739:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-11-28 02:43:27,754:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer 2021-11-28 02:43:27,755:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-28 02:43:27,755:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-28 02:43:27,755:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-28 02:43:27,769:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 02:43:27,770:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 02:43:27,771:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 02:43:27,774:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-28 02:43:27,774:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-28 02:43:27,774:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-28 02:43:27,778:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 02:43:27,779:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 02:43:27,779:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 02:43:27,782:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-28 02:43:27,783:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-28 02:43:27,783:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-28 02:43:27,787:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 02:43:27,789:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 02:43:27,789:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 02:43:27,792:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-28 02:43:27,793:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-28 02:43:27,793:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-28 02:43:27,797:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 02:43:27,797:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 02:43:27,798:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 02:43:27,803:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-28 02:43:27,803:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-28 02:43:27,803:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-28 02:43:27,809:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 02:43:27,811:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 02:43:27,812:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 02:43:27,814:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-28 02:43:27,819:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-11-28 02:43:27,819:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-11-28 02:43:27,819:INFO:certbot.renewal:Non-interactive renewal: random delay of 317.1207105751437 seconds 2021-11-28 02:48:45,036:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 02:48:45,434:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-28 02:48:45,435:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-11-28 02:48:45,436:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-28 02:48:45,436:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-11-28 02:48:45,444:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-28 02:48:45,446:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-28 02:48:45,450:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-28 02:48:45,608:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-28 02:48:45,609:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 07:48:45 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "PMLQpcnhfO8": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-11-28 02:48:45,610:INFO:certbot.hooks:Running pre-hook command: /bin/systemctl stop nginx 2021-11-28 02:48:50,644:INFO:certbot.main:Renewing an existing certificate 2021-11-28 02:48:50,754:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0452_key-certbot.pem 2021-11-28 02:48:50,763:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0452_csr-certbot.pem 2021-11-28 02:48:50,764:DEBUG:acme.client:Requesting fresh nonce 2021-11-28 02:48:50,764:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-28 02:48:50,815:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-28 02:48:50,816:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 07:48:50 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00020lZuwQ4PQ6Hac1Z4Ek97PO4c_2syj3MMhxm4udycvLk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-28 02:48:50,817:DEBUG:acme.client:Storing nonce: 00020lZuwQ4PQ6Hac1Z4Ek97PO4c_2syj3MMhxm4udycvLk 2021-11-28 02:48:50,817:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-11-28 02:48:50,820:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjBsWnV3UTRQUTZIYWMxWjRFazk3UE80Y18yc3lqM01NaHhtNHVkeWN2TGsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "pF7Ga-clGubBPUQA9G76fyup41xE73pPQuHu2Nx4LugMF9o0vVL7zCUW-iZFVGEE6ZDjA8mOSr2aeGF9PQRrNR_o0a6xOcM6rwXLTIx_oGQNKwlUKYwzJ0bQGVhEQGllt2kpZZpcjpa5QS8v6E_THMISIPvsBuc2Ml3MxZl8N2RjRLymJdoeI6YhBt2tVWbyK3GWooT-80oukQdZ3YvW-k60pH-dtxkgi4PqJhC9tx_wKnWX9fUHoRjw3YRXIt-a8-Pt5-0YRpyq4mMCsYyY53grPwzqLWFLsxFmdmXN0AATd3bNvPOXcPHx-oO6eGcxMG77yZcfYlPuNIq9GhsEAQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-11-28 02:48:50,938:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-11-28 02:48:50,939:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sun, 28 Nov 2021 07:48:50 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43085928630 Replay-Nonce: 0002d2KT-6AfyfFa1LXyWdJlaifkWYYVikWPf2aonCl7md4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-05T07:48:50Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53429949900" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43085928630" } 2021-11-28 02:48:50,939:DEBUG:acme.client:Storing nonce: 0002d2KT-6AfyfFa1LXyWdJlaifkWYYVikWPf2aonCl7md4 2021-11-28 02:48:50,940:DEBUG:acme.client:JWS payload: b'' 2021-11-28 02:48:50,941:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53429949900: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmQyS1QtNkFmeWZGYTFMWHlXZEpsYWlma1dZWVZpa1dQZjJhb25DbDdtZDQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDI5OTQ5OTAwIn0", "signature": "d3ZP0OGOkcH_wRVDqwXiA48Dpw-XH7JAwy3GzvuTVsyOCqhUzF6vwPgUklzGPAOkaeu2MqJyp3ZX0X7HV8fR35JW7RmjI8WD58-FndlIzVB-cu9duzCMkIIGJH_vZpeujlBApBskOMwW0Bo7zU_ofN1wWhN0cPP1hv1xmy58yCPtB_yBSVjcQHH5KLClNdpjiXm4G-QvD1zOL8FxqjOAv36qoHQaUL1kpN0dlk6zDP8iT3teOeN8C35t4FtAlO4krIm90C5S4LC4sNjXwFsImv2rMJo_s0vs5B1S-n6uy7L9rYv6MW7NoROMxkb8zywXNOXS9zD3VXK1qLVMwc_FeA", "payload": "" } 2021-11-28 02:48:51,020:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53429949900 HTTP/1.1" 200 792 2021-11-28 02:48:51,021:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 07:48:51 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002ewuzwuUd-zQmlrmr9My0hRwhBHPHQfQSLvPxJkCsJFQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-05T07:48:50Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429949900/Oa38ww", "token": "EhXTerT9UKFG51h1lrF_73plaIoheiNjVyUTPxmbUZg" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429949900/wdMKZA", "token": "EhXTerT9UKFG51h1lrF_73plaIoheiNjVyUTPxmbUZg" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429949900/G-u-6g", "token": "EhXTerT9UKFG51h1lrF_73plaIoheiNjVyUTPxmbUZg" } ] } 2021-11-28 02:48:51,022:DEBUG:acme.client:Storing nonce: 0002ewuzwuUd-zQmlrmr9My0hRwhBHPHQfQSLvPxJkCsJFQ 2021-11-28 02:48:51,023:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-28 02:48:51,023:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-28 02:48:51,024:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-11-28 02:48:51,024:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-11-28 02:48:51,028:INFO:certbot.auth_handler:Waiting for verification... 2021-11-28 02:48:51,029:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-28 02:48:51,031:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429949900/Oa38ww: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmV3dXp3dVVkLXpRbWxybXI5TXkwaFJ3aEJIUEhRZlFTTHZQeEprQ3NKRlEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNDI5OTQ5OTAwL09hMzh3dyJ9", "signature": "UyeuttuYROwl1VgyuDxJkHRFffPNB3yXABbNtQ4AIiDGX_gAuzYrKhzug7eQj9M69oRjPDsgs3sf5PLWOBp5aWVUFjk0hefJ-h-sDZjlodRYVIDGkSMhoiI_fVjO83flHSoRUfCX-SzxWD3BRAPm6zsVQXlqIWmMeBFPWzqAEdQc0JoJ45t-SUh5f32mIt0KJsWe6VjPTg8iPwOwClGxU5nL5mEc1J9uTv_Ut2qKA1Iq7NCIMSc2nMOjANYgOQrQoHVMGL2dT3KpOmOIuR2SQ8oMsxnRscpDkL53h9B3mO5udTIqz-GRNfk-EkGwJD6hJQT3iJgA6j6B0aGFZr2e1Q", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-28 02:48:51,122:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53429949900/Oa38ww HTTP/1.1" 200 186 2021-11-28 02:48:51,123:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 07:48:51 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429949900/Oa38ww Replay-Nonce: 00022gKsFdJJcTuaYqxMGosU_RSesLZ5FcY95hKvKnirP_8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429949900/Oa38ww", "token": "EhXTerT9UKFG51h1lrF_73plaIoheiNjVyUTPxmbUZg" } 2021-11-28 02:48:51,124:DEBUG:acme.client:Storing nonce: 00022gKsFdJJcTuaYqxMGosU_RSesLZ5FcY95hKvKnirP_8 2021-11-28 02:48:52,125:DEBUG:acme.client:JWS payload: b'' 2021-11-28 02:48:52,128:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53429949900: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjJnS3NGZEpKY1R1YVlxeE1Hb3NVX1JTZXNMWjVGY1k5NWhLdktuaXJQXzgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDI5OTQ5OTAwIn0", "signature": "OR_5FjiCavw0TZRThS9aXHCoMC12hxd20nTT6xJDtahgp6zULcpJg_uJI93QHyz3Aas0Z9aJhHZeUZk_vgYSlzYV1_NaAwZl8zv-BC_G_cCUHb3nwO8uvCP1A-GHz6lmdjocSXDQj6jxAOEtlYrfDB56ebIILbL7pQ3HFatoWbITmZcgTaoQzojmWgo_phl1x2koMGmutU0-4lXkpFY9CxYn7_rUNAM-gH_0XI3MaCBQhDJg6SHzS5uftSe-u9wbaoo9MF-JbcFR3Xpe63SlC-4v5HLvevsrCRPJYffqx7X5gRtRYAZuIbnwoXIxrFZkMt_iA9_kvEasIBPCKjGxTA", "payload": "" } 2021-11-28 02:48:52,234:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53429949900 HTTP/1.1" 200 792 2021-11-28 02:48:52,235:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 07:48:52 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001ybsID7-Od8sBMIP9DCdZcHLDHeP-6x7IEEAhvByKUbI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-05T07:48:50Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429949900/Oa38ww", "token": "EhXTerT9UKFG51h1lrF_73plaIoheiNjVyUTPxmbUZg" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429949900/wdMKZA", "token": "EhXTerT9UKFG51h1lrF_73plaIoheiNjVyUTPxmbUZg" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429949900/G-u-6g", "token": "EhXTerT9UKFG51h1lrF_73plaIoheiNjVyUTPxmbUZg" } ] } 2021-11-28 02:48:52,235:DEBUG:acme.client:Storing nonce: 0001ybsID7-Od8sBMIP9DCdZcHLDHeP-6x7IEEAhvByKUbI 2021-11-28 02:48:55,239:DEBUG:acme.client:JWS payload: b'' 2021-11-28 02:48:55,241:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53429949900: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXlic0lENy1PZDhzQk1JUDlEQ2RaY0hMREhlUC02eDdJRUVBaHZCeUtVYkkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDI5OTQ5OTAwIn0", "signature": "AejVshjVlHUNMSiblnfW2uvKrbLSv2FdAqSMD2Zbwm8UAkQy4QMigX4G7_DgbIezCOKnJ-KZ2-BDARk4sFnv8-P9_VULrzZp5cLriPt5v56FY9dkTF9XRLRGO_WXWyx_X7pK7crJ92wPqmBX3Ms5NT0HgHWeE5QQzS0cxstDgtV3dhBuul8vS2s6jGfwHmL_bGAO-SnxragbqzQwIS64n7UUCOUoxw519ugMtVu4pKNdFbGZCSxuZEFcLICLpQCRHIDXu3UJRGYRv8pz2_ApXPboDThcHSU_pLapGlo6K7j0xG8ZcQxIcB9rtDxkh4IKBoFdSKXM5YN18pS7tS7U2g", "payload": "" } 2021-11-28 02:48:55,306:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53429949900 HTTP/1.1" 200 1505 2021-11-28 02:48:55,307:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 07:48:55 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001pgWs_Enmq_mhBEC07l8nZ5kZy-sxoRA1sm0k6e_Ya58 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-05T07:48:50Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/EhXTerT9UKFG51h1lrF_73plaIoheiNjVyUTPxmbUZg [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429949900/Oa38ww", "token": "EhXTerT9UKFG51h1lrF_73plaIoheiNjVyUTPxmbUZg", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/EhXTerT9UKFG51h1lrF_73plaIoheiNjVyUTPxmbUZg", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/EhXTerT9UKFG51h1lrF_73plaIoheiNjVyUTPxmbUZg", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-28T07:48:51Z" } ] } 2021-11-28 02:48:55,307:DEBUG:acme.client:Storing nonce: 0001pgWs_Enmq_mhBEC07l8nZ5kZy-sxoRA1sm0k6e_Ya58 2021-11-28 02:48:55,308:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-28 02:48:55,308:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-28 02:48:55,308:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/EhXTerT9UKFG51h1lrF_73plaIoheiNjVyUTPxmbUZg [75.2.60.5]: "\n\n\n \n Prep: True 2021-11-28 02:48:55,805:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-11-28 02:48:55,805:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-28 02:48:55,806:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-11-28 02:48:55,809:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-28 02:48:55,810:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-28 02:48:55,812:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-28 02:48:55,973:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-28 02:48:55,974:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 07:48:55 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "_bT3Zlpn9Ds": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-11-28 02:48:55,974:INFO:certbot.hooks:Pre-hook command already run, skipping: /bin/systemctl stop nginx 2021-11-28 02:48:55,974:INFO:certbot.main:Renewing an existing certificate 2021-11-28 02:48:56,103:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0453_key-certbot.pem 2021-11-28 02:48:56,113:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0453_csr-certbot.pem 2021-11-28 02:48:56,114:DEBUG:acme.client:Requesting fresh nonce 2021-11-28 02:48:56,114:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-28 02:48:56,166:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-28 02:48:56,167:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 07:48:56 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001hAww3e-rHU8PrXjQddvWnOuT6EDZD5Dn2-AeU-h10ok X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-28 02:48:56,168:DEBUG:acme.client:Storing nonce: 0001hAww3e-rHU8PrXjQddvWnOuT6EDZD5Dn2-AeU-h10ok 2021-11-28 02:48:56,168:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-11-28 02:48:56,171:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWhBd3czZS1ySFU4UHJYalFkZHZXbk91VDZFRFpENURuMi1BZVUtaDEwb2siLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "qn7uxyZXorsq_ViJ7Erbi7nYbSYMP-g4asscb8P1zLwAOq1KPKuvgocYWejM6ZxRXEc4jk7gm-n5UuXkt-V7T2lJneCfdFGSn0rSRK9LYcMeY7ICrlpCm0jFxporzCCuO_b3FYazYNzMwwWtolhjjI5u_XZ0evwKWV1Q0MHzWKmnGzn9QzuRzZIXcKESfM6ubnursQL8KHKFc-7ZRLZgUtYr_KMvyPH_wAV4R4MoZplws00Hsltnn4zSzhy92HAIYO4Ly2U6GsGqQJ6fMF0RFDJ0jGW0orN70d87M9vu-uUtcQCrQdJxIZ1AZwMqE9xgKPBz6clG4YrqCetMEP67wQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-11-28 02:48:56,788:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-11-28 02:48:56,789:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sun, 28 Nov 2021 07:48:56 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43085940430 Replay-Nonce: 0001zmMPvM1lMVkex4qXMxNVIhU3gO93mJ5hiSwaeaOMrJY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-05T07:48:56Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53429964300", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53429964310" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43085940430" } 2021-11-28 02:48:56,790:DEBUG:acme.client:Storing nonce: 0001zmMPvM1lMVkex4qXMxNVIhU3gO93mJ5hiSwaeaOMrJY 2021-11-28 02:48:56,790:DEBUG:acme.client:JWS payload: b'' 2021-11-28 02:48:56,793:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53429964300: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXptTVB2TTFsTVZrZXg0cVhNeE5WSWhVM2dPOTNtSjVoaVN3YWVhT01ySlkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDI5OTY0MzAwIn0", "signature": "qVBxJ64Hmb64XoNxugchd_6DechnvgMIG33S7Ssq2ETD32hmqO8ZLEDUwCGLne8-XuQWMUzGmJ8AEmvACaFZK_F4ovEwUSaqyuXi5QuEve3kHRk3TGNE117X8QlvjCPuDqTcqzcNSz6OhVJT5hi0uIUqWKD3JZdyGkgByjkCQ5mFoGylSDqpH_7yz7LE34DHr4PL4Qz9A0sMMrYHY4t4SSolcSQKtWzsHH4ZX-uI74EgzwQfSXgzhi6VEa4vUfT_5LFFIkdEkGMM5n0FgKA0ujMRXKSBKqp3-SvifakIKAmlnV11LqqZAud4qx7EIWEHsDynITEO_AbST4UEVSwQUw", "payload": "" } 2021-11-28 02:48:56,860:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53429964300 HTTP/1.1" 200 792 2021-11-28 02:48:56,861:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 07:48:56 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002hYG1ZiMVhLYOmFcfWZUAVdjFn3afdCwb3UHhlzBTQko X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-05T07:48:56Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429964300/htc-Sw", "token": "tEAIP7JAsveHNEB_pUWTzKGDPIpXvzhVLI9NUncPseg" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429964300/eHBN6g", "token": "tEAIP7JAsveHNEB_pUWTzKGDPIpXvzhVLI9NUncPseg" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429964300/C9eo1Q", "token": "tEAIP7JAsveHNEB_pUWTzKGDPIpXvzhVLI9NUncPseg" } ] } 2021-11-28 02:48:56,861:DEBUG:acme.client:Storing nonce: 0002hYG1ZiMVhLYOmFcfWZUAVdjFn3afdCwb3UHhlzBTQko 2021-11-28 02:48:56,862:DEBUG:acme.client:JWS payload: b'' 2021-11-28 02:48:56,864:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53429964310: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmhZRzFaaU1WaExZT21GY2ZXWlVBVmRqRm4zYWZkQ3diM1VIaGx6QlRRa28iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDI5OTY0MzEwIn0", "signature": "N0HZqHenAg0zyBxhrGcr0DZfsJqmM3msqQ_1kA9S2RHwAVKON9h4nb8XbOQB6CEObwVwkyF43XkLkX2VjzZBUPXIH-g3wU2bkLMToN3yKG47DBdc1MTNLRcL0UzgkfIWVxtvMUpaNCj8S-JyaiODdm3f5SnHsMMKGymjWuiK6f_Es1Zfs7M2dvVxSvPFcaqulO3p1WYjv_4RwvfDHlSitXfCCJ2BUy-QEz05hEqOQFhEsp_OdgSu20mIUoR0SGMCdGoUNneF6xUoJs_LlU5GsAsd7ncX-iCgM_2RqZJdIkoiGaRlgRrFQ24OXaX06zNfd4DFsnzU-ijv050EM5zPOw", "payload": "" } 2021-11-28 02:48:56,928:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53429964310 HTTP/1.1" 200 796 2021-11-28 02:48:56,928:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 07:48:56 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 000172cBlZOZzRMBpkVZJVlYLBjcphu6x1qUhBYoWN9et9E X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-05T07:48:56Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429964310/uGtUTw", "token": "bIj-3h10dv6mpTBP2C3mNG8hf1o3adaed1E_AUhC72M" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429964310/vfLMVw", "token": "bIj-3h10dv6mpTBP2C3mNG8hf1o3adaed1E_AUhC72M" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429964310/x_AsOQ", "token": "bIj-3h10dv6mpTBP2C3mNG8hf1o3adaed1E_AUhC72M" } ] } 2021-11-28 02:48:56,929:DEBUG:acme.client:Storing nonce: 000172cBlZOZzRMBpkVZJVlYLBjcphu6x1qUhBYoWN9et9E 2021-11-28 02:48:56,929:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-28 02:48:56,930:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-28 02:48:56,930:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-28 02:48:56,930:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-11-28 02:48:56,931:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-11-28 02:48:56,939:INFO:certbot.auth_handler:Waiting for verification... 2021-11-28 02:48:56,940:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-28 02:48:56,941:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429964300/htc-Sw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMTcyY0JsWk9aelJNQnBrVlpKVmxZTEJqY3BodTZ4MXFVaEJZb1dOOWV0OUUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNDI5OTY0MzAwL2h0Yy1TdyJ9", "signature": "e85DLuNHbgMN2AAUkL8qGepCwUOMoEGY7b64Z0_3sLthBUDz3Jc59vAnqov7VvWwiby53s1hZXDAqfWVg4Do2eiNth7zbF8PbPjd6CVB85UxgusBsu9ZXptvxyA8G-vs8C4U_Rpss2n7y74EjQ_cCPmFlXHP_R6P0axmr9GepYqglDHgQGYRinPIGnbBQOuEj8M-WiOU7_QKqpZEaArpeyUftsGDJkfnNW5xUzsYjE_dvfHvUbbvhLaLgDdXfBMhfaEUFDiWuPd7hKvDt8il5gGK3wYRP_yTFSEjZzcfXvsSLag-0FeSzb3LLwHWcODnyiUTw6_6l0KeiAOB6Yp1Ww", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-28 02:48:57,020:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53429964300/htc-Sw HTTP/1.1" 200 186 2021-11-28 02:48:57,021:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 07:48:57 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429964300/htc-Sw Replay-Nonce: 0001cfOaXk_CljXncLH6G6IDyQAGgk9SZFSzdDuAyLT7sD0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429964300/htc-Sw", "token": "tEAIP7JAsveHNEB_pUWTzKGDPIpXvzhVLI9NUncPseg" } 2021-11-28 02:48:57,021:DEBUG:acme.client:Storing nonce: 0001cfOaXk_CljXncLH6G6IDyQAGgk9SZFSzdDuAyLT7sD0 2021-11-28 02:48:57,021:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-28 02:48:57,024:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429964310/uGtUTw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWNmT2FYa19DbGpYbmNMSDZHNklEeVFBR2drOVNaRlN6ZER1QXlMVDdzRDAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNDI5OTY0MzEwL3VHdFVUdyJ9", "signature": "G5oe_hUpffkcmygBu2-jXwa7gWYpLMZ6opCLKMPlJcpomHDjYnEaR_pB3X_ESGuM18PUwT6hY9fSQ8xPRYvWxMu0SHiE9IYcno1HY6C6KHfU8EVE9bwpNOP-vk4YZsJW8oZbs7WQaUPj5v-6QftWj10N44y5HTSERGwXZtjcbvMlyiB3EVjAHqoundKEB4jgEBi4t5MslXof3hqLadfLMe99cy_RNNUQkgoyKIlEY1tbmEIn9ogFiEOjgwM_Unu4CuOFTYiqadLJnRZUbpfyh86FozBsTNuv2Ik26Lps_ZQo-aGLsoinF6OUhbHxkbwbDCV_fMggeAL4cr3Sbz6IPA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-28 02:48:57,092:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53429964310/uGtUTw HTTP/1.1" 200 186 2021-11-28 02:48:57,093:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 07:48:57 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429964310/uGtUTw Replay-Nonce: 0002_5WEgdP-D2-BbR05uhXJQ3242fDVEsovquZzw_dxNs4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429964310/uGtUTw", "token": "bIj-3h10dv6mpTBP2C3mNG8hf1o3adaed1E_AUhC72M" } 2021-11-28 02:48:57,093:DEBUG:acme.client:Storing nonce: 0002_5WEgdP-D2-BbR05uhXJQ3242fDVEsovquZzw_dxNs4 2021-11-28 02:48:58,095:DEBUG:acme.client:JWS payload: b'' 2021-11-28 02:48:58,097:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53429964300: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMl81V0VnZFAtRDItQmJSMDV1aFhKUTMyNDJmRFZFc292cXVaendfZHhOczQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDI5OTY0MzAwIn0", "signature": "gET_iGLh2YDvLtIHg_wDq0O9TkoWZ3IcBdRYlTiVZV6MKcvuvVE8FzNIgowaboNSeTgOVlqxjZqJOcRs05R1BnCMAR7FCtcKFEB30hlS_DuRieAJ9DzafxyhVS0RhJShVG70YLIwWbykc8bm0WxakOIxifm3D97P0E8QxNbaQwc8xm2HGU60Xxa9A5FKbwJ82NKvTFtmjjUxgqEQ2RMuN4XIfJoLXWLg4AamXMOYYqKsW-U7_nrM9dxgLqg8tggkrjOl7bUg9D-Aq1xPIAzyjvzjLtyfIFdGFMzV0jrBw1zJA8ZbwwgeQlt4tDEtOjj2o6gt3Ya-SkG0aQclKvh_6A", "payload": "" } 2021-11-28 02:48:58,162:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53429964300 HTTP/1.1" 200 1505 2021-11-28 02:48:58,163:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 07:48:58 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002r8p9Evg6yl6OQEGlkealhpzJnNvmZe8pPGXiA4pHG-I X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-05T07:48:56Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/tEAIP7JAsveHNEB_pUWTzKGDPIpXvzhVLI9NUncPseg [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429964300/htc-Sw", "token": "tEAIP7JAsveHNEB_pUWTzKGDPIpXvzhVLI9NUncPseg", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/tEAIP7JAsveHNEB_pUWTzKGDPIpXvzhVLI9NUncPseg", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/tEAIP7JAsveHNEB_pUWTzKGDPIpXvzhVLI9NUncPseg", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-28T07:48:56Z" } ] } 2021-11-28 02:48:58,163:DEBUG:acme.client:Storing nonce: 0002r8p9Evg6yl6OQEGlkealhpzJnNvmZe8pPGXiA4pHG-I 2021-11-28 02:48:58,164:DEBUG:acme.client:JWS payload: b'' 2021-11-28 02:48:58,166:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53429964310: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnI4cDlFdmc2eWw2T1FFR2xrZWFsaHB6Sm5Odm1aZThwUEdYaUE0cEhHLUkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDI5OTY0MzEwIn0", "signature": "VEmzD0puhujBszSU4m8tQL-SRAqFFbM9xhxgosp0hUdG1nPXbFkkwv2OB2q1OdaNXisHRgVPRSpK3CHXV8Bjkcdo4J7iGRw_6C3dD-SUPkq1HAvwn_-q2v-qoC-fWxxLIeN94kYrP_IHqnbavbTh0ThJkPvJ4r-rsXElrJ2CInr0sKZ4d07fSpykcXe1XJze9cnKwD_UTp0yyiSpcmw4gpDIsRpRBxc_NTgtPR3JnWPpUV1YggrYP_ypL22bpSijVbtfm5xs09obiZNcjo6XQwOQT2LcbK8YFBF8E3_zNjxEk7Sn3SM8SQnG6gqGTXrGfTvwB8_GQX4P4MPYPnvQLg", "payload": "" } 2021-11-28 02:48:58,231:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53429964310 HTTP/1.1" 200 796 2021-11-28 02:48:58,232:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 07:48:58 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001xX5R9Lz3wDimm6mc2ZuDNutCwU1Rjyp0y4oT6hBnjac X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-05T07:48:56Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429964310/uGtUTw", "token": "bIj-3h10dv6mpTBP2C3mNG8hf1o3adaed1E_AUhC72M" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429964310/vfLMVw", "token": "bIj-3h10dv6mpTBP2C3mNG8hf1o3adaed1E_AUhC72M" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429964310/x_AsOQ", "token": "bIj-3h10dv6mpTBP2C3mNG8hf1o3adaed1E_AUhC72M" } ] } 2021-11-28 02:48:58,233:DEBUG:acme.client:Storing nonce: 0001xX5R9Lz3wDimm6mc2ZuDNutCwU1Rjyp0y4oT6hBnjac 2021-11-28 02:48:58,233:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-28 02:49:01,237:DEBUG:acme.client:JWS payload: b'' 2021-11-28 02:49:01,240:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53429964310: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXhYNVI5THozd0RpbW02bWMyWnVETnV0Q3dVMVJqeXAweTRvVDZoQm5qYWMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDI5OTY0MzEwIn0", "signature": "Ne0d8rxEI0fULNb079i1q4tdJsKn4N89zR0RHJTc-o5lbPE97tBgGUxeSI3relr2-WAJjOdBWwapbg96esarP3KqzZrUlAd92GjYlXPRByFicfupeWHSm1kcoWRmQW7zys1ezgQTt4wYaKMjb9debL1NqT7APXvzfqvkpNMKNBkaNTjiLhDUMJDdAznTk6Uh7Jd8FGs6BawE4lADBXPlt7TOxcAWN6R3Xkokpr7wf_0-ZwDuNLJulhUb8HHcoU0Ryh5MhMB8kY6E4ToBLPdoTtuJ4m5eCvA-a9nL3n7u_oDgJi-JW9LyvrU46WdfUHkk66xFg4NAv0unPqwy07YKCQ", "payload": "" } 2021-11-28 02:49:01,305:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53429964310 HTTP/1.1" 200 1826 2021-11-28 02:49:01,306:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 07:49:01 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001WDSUFOTnrUGPmqzTy4BkT7J2oFKPt0nehvOX0E83LtE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-05T07:48:56Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/bIj-3h10dv6mpTBP2C3mNG8hf1o3adaed1E_AUhC72M [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53429964310/uGtUTw", "token": "bIj-3h10dv6mpTBP2C3mNG8hf1o3adaed1E_AUhC72M", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/bIj-3h10dv6mpTBP2C3mNG8hf1o3adaed1E_AUhC72M", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/bIj-3h10dv6mpTBP2C3mNG8hf1o3adaed1E_AUhC72M", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/bIj-3h10dv6mpTBP2C3mNG8hf1o3adaed1E_AUhC72M", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-28T07:48:57Z" } ] } 2021-11-28 02:49:01,306:DEBUG:acme.client:Storing nonce: 0001WDSUFOTnrUGPmqzTy4BkT7J2oFKPt0nehvOX0E83LtE 2021-11-28 02:49:01,306:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-11-28 02:49:01,306:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-28 02:49:01,307:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-28 02:49:01,307:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/tEAIP7JAsveHNEB_pUWTzKGDPIpXvzhVLI9NUncPseg [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-11-28 02:49:01,447:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-11-28 02:49:01,447:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-11-28 02:49:01,447:INFO:certbot.hooks:Running post-hook command: /bin/systemctl start nginx 2021-11-28 02:49:01,640:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-11-28 05:08:39,308:DEBUG:certbot.main:certbot version: 0.40.0 2021-11-28 05:08:39,308:DEBUG:certbot.main:Arguments: ['-q'] 2021-11-28 05:08:39,308:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-11-28 05:08:39,322:DEBUG:certbot.log:Root logging level set at 30 2021-11-28 05:08:39,323:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-11-28 05:08:39,337:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2021-11-28 05:08:39,349:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 05:08:39,350:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 05:08:39,350:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 05:08:39,355:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 05:08:39,356:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 05:08:39,356:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 05:08:39,361:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 05:08:39,361:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 05:08:39,362:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 05:08:39,366:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 05:08:39,366:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 05:08:39,367:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 05:08:39,372:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 05:08:39,373:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 05:08:39,373:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 05:08:39,377:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-11-28 05:08:39,377:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-11-28 05:08:39,377:INFO:certbot.renewal:Non-interactive renewal: random delay of 309.26381455903345 seconds 2021-11-28 05:13:48,728:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-11-28 05:13:49,084:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-28 05:13:49,085:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-28 05:13:49,085:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-28 05:13:49,085:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-11-28 05:13:49,090:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-28 05:13:49,092:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-28 05:13:49,094:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-28 05:13:49,248:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-28 05:13:49,250:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 10:13:49 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "6XMZw_Kpub0": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-11-28 05:13:49,250:INFO:certbot.main:Renewing an existing certificate 2021-11-28 05:13:49,326:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0454_key-certbot.pem 2021-11-28 05:13:49,333:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0454_csr-certbot.pem 2021-11-28 05:13:49,334:DEBUG:acme.client:Requesting fresh nonce 2021-11-28 05:13:49,334:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-28 05:13:49,388:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-28 05:13:49,389:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 10:13:49 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001stPsMgg3YFIeDMm7Ix7kvhWFYiQL23v3f_0eKMHm_kg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-28 05:13:49,389:DEBUG:acme.client:Storing nonce: 0001stPsMgg3YFIeDMm7Ix7kvhWFYiQL23v3f_0eKMHm_kg 2021-11-28 05:13:49,390:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-11-28 05:13:49,393:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXN0UHNNZ2czWUZJZURNbTdJeDdrdmhXRllpUUwyM3YzZl8wZUtNSG1fa2ciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "oeq5RYnS198rN4mcA_GwjAi7RMx5dq0b7P8OchpytL0MiLmM1kq8Wi5fNF0tsBhEjd92qD6ZdsK6Xzjf1vvZIRoWBqILuWv9x2TUR-itdqW5Ee-h6yUOsWOTdDFUk3Eh8iy76H2eABv8NM6NHCn5r_PN8iynY-HZPIqOg2K0VMnc4Pk02V41bs_IlB-TTZXhg4yfHUVmELnNk-XO6Rx7kpYdFNBBspvl_WPdkAo5ARcalgrM-NjDq3gjk7OrJ4JKEiwBLldGmsesSTIEyH2qBOwoD6LBS4w8Slbcs0WWO7Or6XEOlCCRiuZ7lSq2ohavyCn7kW5-fxD7bJTg8ev5bg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-11-28 05:13:49,841:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-11-28 05:13:49,842:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sun, 28 Nov 2021 10:13:49 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43111059080 Replay-Nonce: 0001X4FJIh4BMkJyqJzACjuISI2v-k2Y2y40bYQAeU2YG_g X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-05T10:13:49Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53460014010" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43111059080" } 2021-11-28 05:13:49,842:DEBUG:acme.client:Storing nonce: 0001X4FJIh4BMkJyqJzACjuISI2v-k2Y2y40bYQAeU2YG_g 2021-11-28 05:13:49,843:DEBUG:acme.client:JWS payload: b'' 2021-11-28 05:13:49,845:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53460014010: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVg0RkpJaDRCTWtKeXFKekFDanVJU0kydi1rMlkyeTQwYllRQWVVMllHX2ciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDYwMDE0MDEwIn0", "signature": "T2e3OFC9JQhzCDB6HMHcQPQfZVhPsZdCcR0BIcR8YphLF-yTKiFGjA8Omqvh_vqCdZij5xN-cLc_qikmk_x1605lYFyuHHVo9qPmarPtg2Zw9EUr7lJzdmKMcFmCWrPc9kuVc7ITLIQaZ6SDgt6x1T6L-nPBMMfll7FPJMEzc9zPMoGU6wBWC6023vBV34hpGKKkZo9hKEAY8qClkZ6pf_W7YpDzQ5LW_yP_e43IgO3ScKkaEElq8dn_43ifEG63QrYsgD4bzMNUG3TZxp-U26Aw6O9GlmtinFysWLeKnb38Je_Srdo4zDYvdLHvkswE_yAOGWBjiZt8bvOIkyBwGQ", "payload": "" } 2021-11-28 05:13:49,912:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53460014010 HTTP/1.1" 200 792 2021-11-28 05:13:49,913:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 10:13:49 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002wgfG-tFx_UcEjxuMoVqt3WUyz3e_LuBdBpoiPNu8wSc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-05T10:13:49Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460014010/j7-FYQ", "token": "1cNrrEE-MujXsZoGANaNmDctYDj6jumckq9Np2DjxDg" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460014010/kmT0IQ", "token": "1cNrrEE-MujXsZoGANaNmDctYDj6jumckq9Np2DjxDg" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460014010/HbTJVg", "token": "1cNrrEE-MujXsZoGANaNmDctYDj6jumckq9Np2DjxDg" } ] } 2021-11-28 05:13:49,913:DEBUG:acme.client:Storing nonce: 0002wgfG-tFx_UcEjxuMoVqt3WUyz3e_LuBdBpoiPNu8wSc 2021-11-28 05:13:49,914:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-28 05:13:49,914:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-28 05:13:49,949:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-11-28 05:13:49,950:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-11-28 05:13:49,951:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-11-28 05:13:49,951:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-11-28 05:13:49,951:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-11-28 05:13:49,952:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-11-28 05:13:49,952:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-11-28 05:13:49,953:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-11-28 05:13:49,953:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-11-28 05:13:49,954:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-11-28 05:13:49,954:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-11-28 05:13:49,954:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-11-28 05:13:49,955:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-11-28 05:13:49,956:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-11-28 05:13:49,958:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/1cNrrEE-MujXsZoGANaNmDctYDj6jumckq9Np2DjxDg{default_type text/plain;return 200 1cNrrEE-MujXsZoGANaNmDctYDj6jumckq9Np2DjxDg.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-11-28 05:13:50,995:INFO:certbot.auth_handler:Waiting for verification... 2021-11-28 05:13:50,996:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-28 05:13:51,000:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460014010/j7-FYQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMndnZkctdEZ4X1VjRWp4dU1vVnF0M1dVeXozZV9MdUJkQnBvaVBOdTh3U2MiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNDYwMDE0MDEwL2o3LUZZUSJ9", "signature": "h745eOw3etOskNtGNjTS8NrSDD3dVL-TstfZaCMNmAxNoKLs89JJyvhdJqua0qw2I7urO1HzTonZvZc44q6wHJUch9grA7XGFPJ24XQ83iAa41t4hlzegAoZNfNeZ_qc2ygMrSGzTysVHq2_ytjZzYVk1ZJ4J4ojIjbACWgG8x27XwK4spxq1QFhOz6rO39rXLb0he75XlPSQM_ojYREWmIba-7fnC569Aq8YZU1C8cCm8U9An7tNKy8LsSikUPBj3H8hGr1Hgt3qIe1OTZMMMXwweHlRUhs97mCamtpjzyDpXtmdhQcUm8Hnrc-av7RjIzSiVlUhqRV0xbmgWnapA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-28 05:13:51,072:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53460014010/j7-FYQ HTTP/1.1" 200 186 2021-11-28 05:13:51,073:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 10:13:51 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460014010/j7-FYQ Replay-Nonce: 0001Ne4TCC0ym7AJifXCpjL8UVL_rIdfMS4DCm1lCPnPd4c X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460014010/j7-FYQ", "token": "1cNrrEE-MujXsZoGANaNmDctYDj6jumckq9Np2DjxDg" } 2021-11-28 05:13:51,074:DEBUG:acme.client:Storing nonce: 0001Ne4TCC0ym7AJifXCpjL8UVL_rIdfMS4DCm1lCPnPd4c 2021-11-28 05:13:52,076:DEBUG:acme.client:JWS payload: b'' 2021-11-28 05:13:52,078:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53460014010: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMU5lNFRDQzB5bTdBSmlmWENwakw4VVZMX3JJZGZNUzREQ20xbENQblBkNGMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDYwMDE0MDEwIn0", "signature": "MJLtI1Ot9CKv8OJC3W9Ng7Tzr1BHtoQYEINngo_pByI-W6bYcWqedJI11M-cOSUvylueI2f9q9hEBPE5MPN7xlNH1GOaceKK10ZBGLGE3f-aNjT_xDpNu4w47KSJFIDL6nUtbeASSob40KAG0ivtu9kBTfZTPPhUOysezRNjn95PObxXdaipKXSxO06LPuxf3293FaFSOq9qF6My64NW0bOvoZUxnMPzY26govjyItG8inFHxE0pvGLVyYvq_SW_wSvbbaJBHgUgPUVxeduP9Vo-bpoS1UTGOHZvWXbL8AkQMM1XQFdmHTtD882ZsE2dvQeFpG1I1L6oY-5wY49V7Q", "payload": "" } 2021-11-28 05:13:52,147:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53460014010 HTTP/1.1" 200 792 2021-11-28 05:13:52,148:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 10:13:52 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001vlQNakC1gMTTWMCDB8Pj1luw-c9AfWnOUwWl6vUt46g X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-05T10:13:49Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460014010/j7-FYQ", "token": "1cNrrEE-MujXsZoGANaNmDctYDj6jumckq9Np2DjxDg" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460014010/kmT0IQ", "token": "1cNrrEE-MujXsZoGANaNmDctYDj6jumckq9Np2DjxDg" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460014010/HbTJVg", "token": "1cNrrEE-MujXsZoGANaNmDctYDj6jumckq9Np2DjxDg" } ] } 2021-11-28 05:13:52,148:DEBUG:acme.client:Storing nonce: 0001vlQNakC1gMTTWMCDB8Pj1luw-c9AfWnOUwWl6vUt46g 2021-11-28 05:13:55,152:DEBUG:acme.client:JWS payload: b'' 2021-11-28 05:13:55,155:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53460014010: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXZsUU5ha0MxZ01UVFdNQ0RCOFBqMWx1dy1jOUFmV25PVXdXbDZ2VXQ0NmciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDYwMDE0MDEwIn0", "signature": "FFTc6LCC8AlsaiJcbLe2hVzzjTt_ej46MizDy85c2CRVSZG4OJkNEnRrolqt9FDGZgKZ05HB1B8eW-IfzteSEaAckn3ElwY-TLDReLF7J7yFYh-3xIlHgjsxW09vukKoRXv1EyKG2MhuVXBnZS3PDpcQG3DlUv5aYLG9wRms6nIrIcYhQH91hUlu3OtCQl805NaYKArRrFdq76Wvo5iwEUeeIPQkYXFn4LiJvgdKIvPkT16CJTqa7K8_VcrsBWKKfUgi9ezXYE5x3M-vAW875EybQKx7HCwHuF-xvxQcXXmbvBJy9JcsYCw35MQcwiT8wZIpFvLAggKj65dtsMkQuw", "payload": "" } 2021-11-28 05:13:55,220:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53460014010 HTTP/1.1" 200 1505 2021-11-28 05:13:55,221:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 10:13:55 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001ForTSGPOcwoiDyECIiSUzVLMXB_XxMw2UqsR8Y5dbdU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-05T10:13:49Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/1cNrrEE-MujXsZoGANaNmDctYDj6jumckq9Np2DjxDg [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460014010/j7-FYQ", "token": "1cNrrEE-MujXsZoGANaNmDctYDj6jumckq9Np2DjxDg", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/1cNrrEE-MujXsZoGANaNmDctYDj6jumckq9Np2DjxDg", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/1cNrrEE-MujXsZoGANaNmDctYDj6jumckq9Np2DjxDg", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-28T10:13:51Z" } ] } 2021-11-28 05:13:55,221:DEBUG:acme.client:Storing nonce: 0001ForTSGPOcwoiDyECIiSUzVLMXB_XxMw2UqsR8Y5dbdU 2021-11-28 05:13:55,222:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-28 05:13:55,223:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-28 05:13:55,224:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/1cNrrEE-MujXsZoGANaNmDctYDj6jumckq9Np2DjxDg [75.2.60.5]: "\n\n\n \n Prep: True 2021-11-28 05:13:56,941:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-28 05:13:56,941:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-28 05:13:56,941:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-11-28 05:13:56,945:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-28 05:13:56,947:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-28 05:13:56,948:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-28 05:13:57,107:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-28 05:13:57,108:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 10:13:57 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "pKlP63b80hA": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-11-28 05:13:57,109:INFO:certbot.main:Renewing an existing certificate 2021-11-28 05:13:57,237:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0455_key-certbot.pem 2021-11-28 05:13:57,247:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0455_csr-certbot.pem 2021-11-28 05:13:57,248:DEBUG:acme.client:Requesting fresh nonce 2021-11-28 05:13:57,248:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-28 05:13:57,300:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-28 05:13:57,301:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 10:13:57 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00025QxAd6DJjN8WTdIKFrhtMNpRF-CnMhfrIFkol1JYHlM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-28 05:13:57,301:DEBUG:acme.client:Storing nonce: 00025QxAd6DJjN8WTdIKFrhtMNpRF-CnMhfrIFkol1JYHlM 2021-11-28 05:13:57,301:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-11-28 05:13:57,304:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjVReEFkNkRKak44V1RkSUtGcmh0TU5wUkYtQ25NaGZySUZrb2wxSllIbE0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "cIoCoLOVBBgOozFHLz5xoIfWPY_YOUI36HyIo7eLhHhkn9wpMlQphHlooTkOLHx5PhP6woySQKwW4P9YrULGc6gX-yj-GiEEmkqAjBDTZSS1Kd0SDjOa3scxkdewTsBtGfUib4L-ewPEWdyzRB4_uiwk1Mi4zKbm8vZBbUKk4KEQfwwJVeMLPBME2SV5lKcdaIPdur_LKaJRTqmEDiIMd2nYEZhV2U8vHJU8CeJyzMrWqRH0AEOer5Bvj2SGFOtbift9HRp3xH4ly8ep95TASCz_yTpT52VLeAy2heTrgRqMFI_a-uiku-1ny-myBnjNmvuWY7hiAT4QJk854Qwg8g", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-11-28 05:13:57,417:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-11-28 05:13:57,418:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sun, 28 Nov 2021 10:13:57 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43111074010 Replay-Nonce: 0001-cCVK78ZLCYxqpdC8KhSgdh4t7LSnxBtnTqB53Rh2Oc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-05T10:13:57Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53460033440", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53460033450" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43111074010" } 2021-11-28 05:13:57,419:DEBUG:acme.client:Storing nonce: 0001-cCVK78ZLCYxqpdC8KhSgdh4t7LSnxBtnTqB53Rh2Oc 2021-11-28 05:13:57,419:DEBUG:acme.client:JWS payload: b'' 2021-11-28 05:13:57,422:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53460033440: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMS1jQ1ZLNzhaTENZeHFwZEM4S2hTZ2RoNHQ3TFNueEJ0blRxQjUzUmgyT2MiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDYwMDMzNDQwIn0", "signature": "GNTZRSDG0WpBSyqIp3bf9KPd52XI1PqzgcgsB7Am1p1NLUIa8ljDz6MDu0YYiG934uEnl3VZonY0RIHWxOAscq2wHEFbZfOOj3bNWc7eoDtEOkQaBUAz20LjeQWBdbTNYstcgiZ0tJ5TvHda5G33xNKoMW4Zd-EnlzXq0iiGqPs7DTufvlmSkxMr47Z8f2WlSuBtmRZgiYH0NBbp3rMF_R77PpVJSHbNm8c4V4Y-lw4xA5cflRUVSxeqp21Y6N4vO_21mUXAsaKCGNKAi-fqS1CbIgVhAqL3TnaR3uUIGOhKTBFMWJdalHiakJ_m9o5Poz6WWsDMcyDENzVULcMR2Q", "payload": "" } 2021-11-28 05:13:57,494:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53460033440 HTTP/1.1" 200 792 2021-11-28 05:13:57,495:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 10:13:57 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001qve-RPpFipvl2fO-gqfjmuCMPg5aUdMRIGVnl7mmwy8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-05T10:13:57Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460033440/9om8WA", "token": "L9CF8eUcjn-5NVrcpiyBLQIsTrrmODvPB95LI3oqCx0" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460033440/g9NJCA", "token": "L9CF8eUcjn-5NVrcpiyBLQIsTrrmODvPB95LI3oqCx0" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460033440/62nQSA", "token": "L9CF8eUcjn-5NVrcpiyBLQIsTrrmODvPB95LI3oqCx0" } ] } 2021-11-28 05:13:57,495:DEBUG:acme.client:Storing nonce: 0001qve-RPpFipvl2fO-gqfjmuCMPg5aUdMRIGVnl7mmwy8 2021-11-28 05:13:57,496:DEBUG:acme.client:JWS payload: b'' 2021-11-28 05:13:57,499:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53460033450: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXF2ZS1SUHBGaXB2bDJmTy1ncWZqbXVDTVBnNWFVZE1SSUdWbmw3bW13eTgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDYwMDMzNDUwIn0", "signature": "en-WuSW62WFGytVXPV4Yj-zDybzcdc6AIRE21n6QWWo8o6GVSAiJOBp2zGHLkisOxVmAr1WzJGGY4263TyBtsL1gL84ekhGVwEAWs7U2nBvIcnVkp9gZOwogzI-HSy3yM3x1uWyoUTsvLEezld6PSjJEyy7XR0ub2uGATTONymxMffHKUvqDkjkPb7POdqsk1UpsOyFF-MbqfdXQ8ctZ4PiritFaQfLeheYrYBZv29H7884ruEUwJrvx2XYq0tw-hYJIx5ktevuKBCo83jboXc5By_K0jOAXVOenniEuSpDUu0qMTgg-NInpqnsAokq5d0A43yEVYi56shP2Z2e6ow", "payload": "" } 2021-11-28 05:13:57,564:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53460033450 HTTP/1.1" 200 796 2021-11-28 05:13:57,565:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 10:13:57 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002g8dU0GRspe9mHsbsT16CKoIeFvRbWNPUJMwEyNL6caQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-05T10:13:57Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460033450/hWyuDA", "token": "L5XMxBiXi_-K10s5DPnf6tlrkhB5cHTeY2OXL9CyzUA" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460033450/i3Le_g", "token": "L5XMxBiXi_-K10s5DPnf6tlrkhB5cHTeY2OXL9CyzUA" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460033450/jMBdwA", "token": "L5XMxBiXi_-K10s5DPnf6tlrkhB5cHTeY2OXL9CyzUA" } ] } 2021-11-28 05:13:57,565:DEBUG:acme.client:Storing nonce: 0002g8dU0GRspe9mHsbsT16CKoIeFvRbWNPUJMwEyNL6caQ 2021-11-28 05:13:57,566:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-28 05:13:57,566:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-28 05:13:57,566:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-28 05:13:57,652:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-11-28 05:13:57,653:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-11-28 05:13:57,653:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-11-28 05:13:57,654:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-11-28 05:13:57,654:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-11-28 05:13:57,655:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-11-28 05:13:57,655:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-11-28 05:13:57,655:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-11-28 05:13:57,656:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-11-28 05:13:57,656:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-11-28 05:13:57,656:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-11-28 05:13:57,657:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-11-28 05:13:57,657:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-11-28 05:13:57,658:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-11-28 05:13:57,660:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/L9CF8eUcjn-5NVrcpiyBLQIsTrrmODvPB95LI3oqCx0{default_type text/plain;return 200 L9CF8eUcjn-5NVrcpiyBLQIsTrrmODvPB95LI3oqCx0.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot location = /.well-known/acme-challenge/L5XMxBiXi_-K10s5DPnf6tlrkhB5cHTeY2OXL9CyzUA{default_type text/plain;return 200 L5XMxBiXi_-K10s5DPnf6tlrkhB5cHTeY2OXL9CyzUA.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-11-28 05:13:58,690:INFO:certbot.auth_handler:Waiting for verification... 2021-11-28 05:13:58,691:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-28 05:13:58,694:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460033440/9om8WA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmc4ZFUwR1JzcGU5bUhzYnNUMTZDS29JZUZ2UmJXTlBVSk13RXlOTDZjYVEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNDYwMDMzNDQwLzlvbThXQSJ9", "signature": "ngx-CKsTrBf5KXvKBwXWU8NwmmNIeuLVftd05m46mvI323QW61TlCjUPkjQmFbBdzX5RvfACjMBI6aWTExYz1ohU_pV0PbwYBgS2oZvd8jt1UBIrev5Jb-gcqv1gtxLsVauf6yC0MN0esIsbslWgBFTlW_sagzPMHVRR9Ac6_4A4GKJMhOxwZ1wXZ8XDfjut28WyXNzsqq33R49oS7Gpf9ubbvLmS0OuNWx9VS79sdOPrV32eJ7ghR_RYEvs_1d3gGV78_TB9rJcrW0nRCeZVTF2AzgWR0Sep9OEQE3dx-7Kno_DWtU7pxggpHRY-mYY0_GFXLnCXfDqhNKOgiqSRw", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-28 05:13:58,763:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53460033440/9om8WA HTTP/1.1" 200 186 2021-11-28 05:13:58,764:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 10:13:58 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460033440/9om8WA Replay-Nonce: 0002K5zI-br1CWtMWXBXz3mgzRWpwkWG7swc2i9RBx4RuHc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460033440/9om8WA", "token": "L9CF8eUcjn-5NVrcpiyBLQIsTrrmODvPB95LI3oqCx0" } 2021-11-28 05:13:58,765:DEBUG:acme.client:Storing nonce: 0002K5zI-br1CWtMWXBXz3mgzRWpwkWG7swc2i9RBx4RuHc 2021-11-28 05:13:58,765:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-28 05:13:58,767:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460033450/hWyuDA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMks1ekktYnIxQ1d0TVdYQlh6M21nelJXcHdrV0c3c3djMmk5UkJ4NFJ1SGMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNDYwMDMzNDUwL2hXeXVEQSJ9", "signature": "aaXo2yO78Ep25SBoZmpIUiFe70EeXp5bJMT_sK-bUvGWpAWx7REGFBRMzirR-VLH_QmjSRtrQ4pUSQ-DhesQWzrdjtqSNC6xfm_8cdz-1sE2hjRoQSb-_ZH0Wl9JXPpFZd7DAIMGvcm46bW4vX7daSMrfsDWX1wJdekRp6rgaixhk3FWBYTIH7iuOrnz3WnrB0nnpS5mHzdkm2fJ1GLvnmTkw2ou9b-qJ9i2fFO0qL4YvKqDAdaYUD4CvsxmjidsweKsl_ENekcTwn-6ToJokoc8GrQrTM5-ymSwER9-gchNSx9_hYafCxxxCxjCNNom0FTYT4N2CPJNku0UZB2kBg", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-28 05:13:58,854:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53460033450/hWyuDA HTTP/1.1" 200 186 2021-11-28 05:13:58,855:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 10:13:58 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460033450/hWyuDA Replay-Nonce: 0002dfu3mzV_ZNNmcQIs34ldY59YbWrmw3KJ7daxO_0lhRg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460033450/hWyuDA", "token": "L5XMxBiXi_-K10s5DPnf6tlrkhB5cHTeY2OXL9CyzUA" } 2021-11-28 05:13:58,855:DEBUG:acme.client:Storing nonce: 0002dfu3mzV_ZNNmcQIs34ldY59YbWrmw3KJ7daxO_0lhRg 2021-11-28 05:13:59,857:DEBUG:acme.client:JWS payload: b'' 2021-11-28 05:13:59,860:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53460033440: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmRmdTNtelZfWk5ObWNRSXMzNGxkWTU5WWJXcm13M0tKN2RheE9fMGxoUmciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDYwMDMzNDQwIn0", "signature": "p_BLUPuFtCZqJ5utwKxxf8ZlpTPzZfQGru0T1bqMUAfaCZacPAJV1hlH_4_0sHP04dJ0YWgPcwTQJbgrKuc6x2Er6q7Qe8THs6ltpDeOi62D8qHTOQGeZmGkLHwlq17nndPkCA_UWWYA0gF1vP513fbhlZ6bY_x5aMwaqegB3lSg7gOvtVQkvLQ4Dai1fNEMJ4jTSP7urV-M8g442YTmBLK2YPhqMEomX53mEZr2kT87AwKpcM8sSbyDRUOtLoTImzGGRjBtkN7C9m6LzgcXAHHwA4KR8nYsEEkEfUsIL6XU2M3BP7apA7pofpwhY0vqVffmA465viaUgBZ3uJmS5A", "payload": "" } 2021-11-28 05:13:59,924:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53460033440 HTTP/1.1" 200 1505 2021-11-28 05:13:59,925:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 10:13:59 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001wucU7g-MZYXJwPvJP3vcXTl61BFW8Bc1Mr4GmwoJaxk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-05T10:13:57Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/L9CF8eUcjn-5NVrcpiyBLQIsTrrmODvPB95LI3oqCx0 [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460033440/9om8WA", "token": "L9CF8eUcjn-5NVrcpiyBLQIsTrrmODvPB95LI3oqCx0", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/L9CF8eUcjn-5NVrcpiyBLQIsTrrmODvPB95LI3oqCx0", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/L9CF8eUcjn-5NVrcpiyBLQIsTrrmODvPB95LI3oqCx0", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-28T10:13:58Z" } ] } 2021-11-28 05:13:59,925:DEBUG:acme.client:Storing nonce: 0001wucU7g-MZYXJwPvJP3vcXTl61BFW8Bc1Mr4GmwoJaxk 2021-11-28 05:13:59,926:DEBUG:acme.client:JWS payload: b'' 2021-11-28 05:13:59,928:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53460033450: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXd1Y1U3Zy1NWllYSndQdkpQM3ZjWFRsNjFCRlc4QmMxTXI0R213b0pheGsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDYwMDMzNDUwIn0", "signature": "nt7krT5XuoKwjf4wBlZmQK6p59eA6W3YRdoXhkR1i0hwyBYXDo-N7u7pFe5PFdtZPGI9xPkPzJPD5eGZ7261xjqQvnM_bAGEIeDbC-FN9_UldQkmoUQbNRgPcZ15RpqreZ5Zpxp-D2HVzeLdCsALWCSWuNUDDVifZOtdBDo6HSDNVwdXhRqP5budQ5b-xaSLiOyYje7BInEOtxuK8yIJoeAnE_kMCsU0TQiC_HyodFidA5_XEd4LxTnDats8S6n2jDl2bXRYOlivYejdf4ogeotvL1vk2jA-ysERo7PN0mJ8gggNzKpSu_f6rW2okQkWocS6BRzGOIDf1B5v60sjFw", "payload": "" } 2021-11-28 05:13:59,991:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53460033450 HTTP/1.1" 200 1826 2021-11-28 05:13:59,992:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 10:13:59 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00015yiql-5HMN0l6nl1zejWfiibORoKwXUcM62WOig3SF8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-05T10:13:57Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/L5XMxBiXi_-K10s5DPnf6tlrkhB5cHTeY2OXL9CyzUA [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53460033450/hWyuDA", "token": "L5XMxBiXi_-K10s5DPnf6tlrkhB5cHTeY2OXL9CyzUA", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/L5XMxBiXi_-K10s5DPnf6tlrkhB5cHTeY2OXL9CyzUA", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/L5XMxBiXi_-K10s5DPnf6tlrkhB5cHTeY2OXL9CyzUA", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/L5XMxBiXi_-K10s5DPnf6tlrkhB5cHTeY2OXL9CyzUA", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-28T10:13:58Z" } ] } 2021-11-28 05:13:59,993:DEBUG:acme.client:Storing nonce: 00015yiql-5HMN0l6nl1zejWfiibORoKwXUcM62WOig3SF8 2021-11-28 05:13:59,993:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-28 05:13:59,994:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-11-28 05:13:59,994:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-28 05:13:59,994:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-28 05:13:59,994:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/L9CF8eUcjn-5NVrcpiyBLQIsTrrmODvPB95LI3oqCx0 [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-11-28 05:14:01,310:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-11-28 05:14:01,310:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-11-28 05:14:01,310:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-11-28 06:43:06,688:DEBUG:certbot.main:certbot version: 0.40.0 2021-11-28 06:43:06,688:DEBUG:certbot.main:Arguments: ['--standalone', '--pre-hook', '/bin/systemctl stop nginx', '--post-hook', '/bin/systemctl start nginx', '--quiet'] 2021-11-28 06:43:06,688:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-11-28 06:43:06,703:DEBUG:certbot.log:Root logging level set at 30 2021-11-28 06:43:06,704:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-11-28 06:43:06,717:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer 2021-11-28 06:43:06,717:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-28 06:43:06,717:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-28 06:43:06,717:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-28 06:43:06,731:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 06:43:06,732:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 06:43:06,733:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 06:43:06,735:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-28 06:43:06,735:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-28 06:43:06,735:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-28 06:43:06,738:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 06:43:06,739:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 06:43:06,740:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 06:43:06,741:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-28 06:43:06,741:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-28 06:43:06,742:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-28 06:43:06,745:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 06:43:06,746:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 06:43:06,747:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 06:43:06,748:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-28 06:43:06,748:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-28 06:43:06,748:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-28 06:43:06,751:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 06:43:06,751:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 06:43:06,752:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 06:43:06,753:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-28 06:43:06,754:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-28 06:43:06,754:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-28 06:43:06,758:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 06:43:06,759:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 06:43:06,760:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 06:43:06,761:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-28 06:43:06,765:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-11-28 06:43:06,765:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-11-28 06:43:06,765:INFO:certbot.renewal:Non-interactive renewal: random delay of 43.78077300138376 seconds 2021-11-28 06:43:50,577:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 06:43:50,897:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-28 06:43:50,898:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-11-28 06:43:50,898:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-28 06:43:50,899:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-11-28 06:43:50,902:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-28 06:43:50,904:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-28 06:43:50,906:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-28 06:43:51,064:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-28 06:43:51,065:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 11:43:51 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "1a8SF9Fj4t8": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-11-28 06:43:51,066:INFO:certbot.hooks:Running pre-hook command: /bin/systemctl stop nginx 2021-11-28 06:43:51,108:INFO:certbot.main:Renewing an existing certificate 2021-11-28 06:43:51,268:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0456_key-certbot.pem 2021-11-28 06:43:51,277:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0456_csr-certbot.pem 2021-11-28 06:43:51,278:DEBUG:acme.client:Requesting fresh nonce 2021-11-28 06:43:51,278:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-28 06:43:51,339:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-28 06:43:51,340:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 11:43:51 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001E6zsN0PVvHi0DemXVpLkUTr0TDWfJuJdBncCinkzBRo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-28 06:43:51,340:DEBUG:acme.client:Storing nonce: 0001E6zsN0PVvHi0DemXVpLkUTr0TDWfJuJdBncCinkzBRo 2021-11-28 06:43:51,340:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-11-28 06:43:51,343:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUU2enNOMFBWdkhpMERlbVhWcExrVVRyMFREV2ZKdUpkQm5jQ2lua3pCUm8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "sI9JyhkYXwG9-7Toql5iC1a2AdbbOJV1zmGdnE1J7Vgturp-lfndoqwG5cetbSoTzpy_Jjf4gd68cCvHu8pZS_fJfv8SZ5wSrQI5rns4ABkgfuW2joKExA9QF2G5b-IEwj43wWXrBwNLq0Kq7NdiN22-wlWHXl1MNkYo5kOTVT8iXxnhjL5DeS-8CN4S8xAKr_nZNIC4ns9DYvPOUgQc2rcpIXwpP6WTHD_LchfcEwpCxZ7jhMD3HHZALAv_GILFIXAnKHmLkH81GSOjVvEh3X8j1UH4GhkFZyzei73IeqrTqCgHoYzwxodZyaLLZAaZ2Te4Uut38lwtBdGAfJ2r0A", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-11-28 06:43:51,649:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-11-28 06:43:51,649:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sun, 28 Nov 2021 11:43:51 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43126328660 Replay-Nonce: 0001KIMTB_mkM8H3tsE2NPQ4f-vA8MKY5nlaC6Gon-ZsRMU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-05T11:43:51Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53478337560" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43126328660" } 2021-11-28 06:43:51,650:DEBUG:acme.client:Storing nonce: 0001KIMTB_mkM8H3tsE2NPQ4f-vA8MKY5nlaC6Gon-ZsRMU 2021-11-28 06:43:51,650:DEBUG:acme.client:JWS payload: b'' 2021-11-28 06:43:51,652:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53478337560: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUtJTVRCX21rTThIM3RzRTJOUFE0Zi12QThNS1k1bmxhQzZHb24tWnNSTVUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDc4MzM3NTYwIn0", "signature": "VMbRpmDslV_0RDRc3VeIaa1xGZ6dUuJEaJ0Hj48_POiWR2isVA-WzWGxJ4YK6KjRyMcnJMEi3h2-OjvNuo2OjHcoFiQdTZZEfqaKAK3fyiVF87UBSQeV1j4oH7IvKBju3-3hfcBBoFB_if12sUjZ-nr39rgct4nxZMBaTvZfFRI7EJoOZNU-I_niEiSXL6aLGch7IVqqGLAmoIsVuOkepa-dfhjSgRJOkvO4CrYIeOQzjVMRwkS2AKB-YHHRfDHDQklQmUveVYB1RhNAzHcKgCpsx6KPPoOocrHBHMaBcfQFNa4C-wDBkLjzLTG93uvVy2j5eaoP-VDsRmj8G0-XmA", "payload": "" } 2021-11-28 06:43:51,755:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53478337560 HTTP/1.1" 200 792 2021-11-28 06:43:51,756:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 11:43:51 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001MW0sGI36fyrSKS0vh_xo727jMWuxRz0lah8RY3DEdtc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-05T11:43:51Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478337560/s308Yw", "token": "SbqMs6XeHbyl-SBvczsHllxkVUXE3sa53D_cn0vj_iw" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478337560/RoAqJw", "token": "SbqMs6XeHbyl-SBvczsHllxkVUXE3sa53D_cn0vj_iw" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478337560/C7Bu4g", "token": "SbqMs6XeHbyl-SBvczsHllxkVUXE3sa53D_cn0vj_iw" } ] } 2021-11-28 06:43:51,756:DEBUG:acme.client:Storing nonce: 0001MW0sGI36fyrSKS0vh_xo727jMWuxRz0lah8RY3DEdtc 2021-11-28 06:43:51,756:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-28 06:43:51,757:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-28 06:43:51,757:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-11-28 06:43:51,757:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-11-28 06:43:51,761:INFO:certbot.auth_handler:Waiting for verification... 2021-11-28 06:43:51,762:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-28 06:43:51,763:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478337560/s308Yw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMU1XMHNHSTM2ZnlyU0tTMHZoX3hvNzI3ak1XdXhSejBsYWg4UlkzREVkdGMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNDc4MzM3NTYwL3MzMDhZdyJ9", "signature": "AijkP8sprxBMTjFim-ZltxYOEmlCfdvXpWfiGVGUStUHIjoDbcPJM1OGXLGh0v6SaYIqNLBaK6XnmNccQ_Z73guZB5gD9L2Oz9k1ZkU48TOU_YLqTuGuRFg89lHJr_R7dZ8BN98klR0rXopeRUebF8ei8Yl2IWobSQiV294JF9PzOG4PBm9vx-gpBJlf4wTpYVkFPqJT5WN5lU5Hxj18uUvlJOnnoJn0lrRLG4mj4AJ5LcgeW0Oc2YJjmcXgMwtfer-uEjF1-TFWYiI3nK29yIirtNtbw6nQ3BJLvggKOGZ3jRbDUD_jxp91d67zU9ais9Yho8K4LEh_4qFqyQppVg", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-28 06:43:51,830:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53478337560/s308Yw HTTP/1.1" 200 186 2021-11-28 06:43:51,831:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 11:43:51 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478337560/s308Yw Replay-Nonce: 0001J7kKJmEj_oNWvzLRPp6K_Pkf-FUELzQcOIUrNohiEiw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478337560/s308Yw", "token": "SbqMs6XeHbyl-SBvczsHllxkVUXE3sa53D_cn0vj_iw" } 2021-11-28 06:43:51,831:DEBUG:acme.client:Storing nonce: 0001J7kKJmEj_oNWvzLRPp6K_Pkf-FUELzQcOIUrNohiEiw 2021-11-28 06:43:52,833:DEBUG:acme.client:JWS payload: b'' 2021-11-28 06:43:52,836:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53478337560: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUo3a0tKbUVqX29OV3Z6TFJQcDZLX1BrZi1GVUVMelFjT0lVck5vaGlFaXciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDc4MzM3NTYwIn0", "signature": "Qz5Jc5PQkq76BvJQpmjE9qinEf9dcbMNENVKnzVSUBQ_O8nlOBiGBmQxZsJ4-jzgfnhp1yaLDI0ivHMkEkon8E7kA1g-DGPCDtx3h56REge8W9wh_aFEUEAGDkzNQ5DSi8D4Rg7zbBglntOeRXPFmgWj5xSX8ePPHEpDo8EK_W-dlux-9essgJ8uZUgpN3exFKv6ewhzIH2DHlBC_EItvvUjpSukCQKPPVUeVBitHmnwH0_7X5L3t5AFta9DVTf590nKO10EFf_yMCgSLFKkD0leR-2Bfvvwzkwpl5S525Kf-sIzlD2Xsh9iKcU1BU_csLKoGSJPbbV1iP25H5r2XQ", "payload": "" } 2021-11-28 06:43:52,903:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53478337560 HTTP/1.1" 200 792 2021-11-28 06:43:52,904:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 11:43:52 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00014R03DUEXkUq50x4mqZW85cHMIM4oihedk3w8BmKSSNo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-05T11:43:51Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478337560/s308Yw", "token": "SbqMs6XeHbyl-SBvczsHllxkVUXE3sa53D_cn0vj_iw" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478337560/RoAqJw", "token": "SbqMs6XeHbyl-SBvczsHllxkVUXE3sa53D_cn0vj_iw" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478337560/C7Bu4g", "token": "SbqMs6XeHbyl-SBvczsHllxkVUXE3sa53D_cn0vj_iw" } ] } 2021-11-28 06:43:52,904:DEBUG:acme.client:Storing nonce: 00014R03DUEXkUq50x4mqZW85cHMIM4oihedk3w8BmKSSNo 2021-11-28 06:43:55,909:DEBUG:acme.client:JWS payload: b'' 2021-11-28 06:43:55,911:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53478337560: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMTRSMDNEVUVYa1VxNTB4NG1xWlc4NWNITUlNNG9paGVkazN3OEJtS1NTTm8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDc4MzM3NTYwIn0", "signature": "ToPxe0CyyX5NgOY-64lw1haAuXeFPoL71uHFhmFVHjdjUtldLs8gg0LgcCGPpH_QmTwvDTb2BtFOaJnL_wGgUYtGm21TUAJDZvVtZedKvMEntJsvo1ywWAvgcDxoBngMnXLoq3Gn6Bwd_FHELUETYUi5yzRLjKWskpl5fZE-CrGziiKsX2lxj7wPYzJz9UHY6SzsAv0l4UMrRA9zlj51WsWVKFqIe__QhtuK08PQMQv2spTe8TvN24tnkQDpynEHqVr89ORssAdpbhEm0d7Ts6p_mJbiC88RpJYTTjrhYWegaeJYuw5q0O7tSvCSugQGPE5OH_SUOcXHaBRdRX_9DA", "payload": "" } 2021-11-28 06:43:55,980:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53478337560 HTTP/1.1" 200 1505 2021-11-28 06:43:55,981:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 11:43:55 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001g2T01xiYNDwZ3ds_AB37ldOZYeju_Yi6LWSsbCqDwWw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-05T11:43:51Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/SbqMs6XeHbyl-SBvczsHllxkVUXE3sa53D_cn0vj_iw [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478337560/s308Yw", "token": "SbqMs6XeHbyl-SBvczsHllxkVUXE3sa53D_cn0vj_iw", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/SbqMs6XeHbyl-SBvczsHllxkVUXE3sa53D_cn0vj_iw", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/SbqMs6XeHbyl-SBvczsHllxkVUXE3sa53D_cn0vj_iw", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-28T11:43:51Z" } ] } 2021-11-28 06:43:55,981:DEBUG:acme.client:Storing nonce: 0001g2T01xiYNDwZ3ds_AB37ldOZYeju_Yi6LWSsbCqDwWw 2021-11-28 06:43:55,982:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-28 06:43:55,982:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-28 06:43:55,982:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/SbqMs6XeHbyl-SBvczsHllxkVUXE3sa53D_cn0vj_iw [75.2.60.5]: "\n\n\n \n Prep: True 2021-11-28 06:43:56,617:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-11-28 06:43:56,618:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-28 06:43:56,618:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-11-28 06:43:56,621:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-28 06:43:56,622:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-28 06:43:56,624:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-28 06:43:56,776:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-28 06:43:56,777:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 11:43:56 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "vq5GUn0w_hY": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2021-11-28 06:43:56,778:INFO:certbot.hooks:Pre-hook command already run, skipping: /bin/systemctl stop nginx 2021-11-28 06:43:56,778:INFO:certbot.main:Renewing an existing certificate 2021-11-28 06:43:56,848:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0457_key-certbot.pem 2021-11-28 06:43:56,855:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0457_csr-certbot.pem 2021-11-28 06:43:56,856:DEBUG:acme.client:Requesting fresh nonce 2021-11-28 06:43:56,856:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-28 06:43:56,906:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-28 06:43:56,907:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 11:43:56 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002_apXVPmtsgDgS0WOUNUrs4jg6siYh_LnLpABu2SobmU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-28 06:43:56,907:DEBUG:acme.client:Storing nonce: 0002_apXVPmtsgDgS0WOUNUrs4jg6siYh_LnLpABu2SobmU 2021-11-28 06:43:56,907:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-11-28 06:43:56,909:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMl9hcFhWUG10c2dEZ1MwV09VTlVyczRqZzZzaVloX0xuTHBBQnUyU29ibVUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "CM0afj9Rwr7SDY33k3ZLoUETa7ZsWuQ4ZhuzS0Zml5SY3y6n-d2jMBnN-DdvagJok1nCWmJ5_LtnTFO34II3NmAMtwM0aHoy0X2FQvzxoKEpJL4rD7XseaSQYePcYoSPLXC9sLbOYger75k2A-eUaWBhq0BAsnTv5n3BWtoyY2H8A7fC7JknU1H1eKLLlletQkRsSQebHLleLe9R9ygjHJ5326ZqHOamU8CfZak_1kPF6zirCvo6lrrKO1A6TQeseDSTG_EkrEM5umKPVwi6lPJabeWtL7B8cf_8QayXV6KQU-b12oIM-ybRmyn5epVNm-7zwvJyfMHzNHzlT1m6gQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-11-28 06:43:57,443:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-11-28 06:43:57,444:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sun, 28 Nov 2021 11:43:57 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43126339910 Replay-Nonce: 0001oDo3356b5hftQsauefxWoyzQPhtmzYQADnpiSbnzcPw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-05T11:43:57Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53478352840", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53478352850" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43126339910" } 2021-11-28 06:43:57,444:DEBUG:acme.client:Storing nonce: 0001oDo3356b5hftQsauefxWoyzQPhtmzYQADnpiSbnzcPw 2021-11-28 06:43:57,445:DEBUG:acme.client:JWS payload: b'' 2021-11-28 06:43:57,446:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53478352840: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMW9EbzMzNTZiNWhmdFFzYXVlZnhXb3l6UVBodG16WVFBRG5waVNibnpjUHciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDc4MzUyODQwIn0", "signature": "I4PcA9z5D3NNDlNtwYjNUZWJ4j304gPB3EVogeWoAu7E12qiXLrHeitA2JAk3yG2snF24t_I4Tycl9hmzWV_yzISKdzhEi19RyQWYqAFNkASMmGgkN0zdYZY2NYikC8W0gN2k87AugIEmuHW7eneiUM8ExCcodqgzZ2vD-lzFsK1s_MAVHON0VyOSzI3Q5ME6NLMvTO96MMfp6o28hoX1REznR09XYNBqOlzLdKURDKzcfEzMu0MPn3gcLBsnX50YhoWxk8X4Zbh2KSDX5VcnsWdNRqEonSNqkLkABYYn-BkxR2z2Um8PWiFpICdOSXwgoMB9IFpgXk4aUaR7-2wBA", "payload": "" } 2021-11-28 06:43:57,518:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53478352840 HTTP/1.1" 200 792 2021-11-28 06:43:57,519:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 11:43:57 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002qFAsWYEOyWNpVuEvap7XZx-zlYFl_uPF8AMz2r7BwQA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-05T11:43:57Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478352840/epeNBw", "token": "tyXwZOJ7wyA57echkUbdFNheyRuT-nHokT0rXS-ChZ8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478352840/2PwqSQ", "token": "tyXwZOJ7wyA57echkUbdFNheyRuT-nHokT0rXS-ChZ8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478352840/-dVZJQ", "token": "tyXwZOJ7wyA57echkUbdFNheyRuT-nHokT0rXS-ChZ8" } ] } 2021-11-28 06:43:57,519:DEBUG:acme.client:Storing nonce: 0002qFAsWYEOyWNpVuEvap7XZx-zlYFl_uPF8AMz2r7BwQA 2021-11-28 06:43:57,520:DEBUG:acme.client:JWS payload: b'' 2021-11-28 06:43:57,521:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53478352850: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnFGQXNXWUVPeVdOcFZ1RXZhcDdYWngtemxZRmxfdVBGOEFNejJyN0J3UUEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDc4MzUyODUwIn0", "signature": "h2yyoNdQNdM6mUcP5ySWXXhWSIQZHWedp1ku1gHPQilKgXSVd6mmkCcmkiXa45jvdPXpl5C-HY9pZzDpFsc5kSFOS-mdcyXVJ_bTfOseyWB-Ar4mGthIlKelTy3fwWvwMQTZ3PC3wbbSfRemlI5zl1ZUC5ZMeJWftl5DEgUopSpVCycxCmXhABJSHii5UNbsDgkZbm6bHeXQDUBhi10LDVB9zhoG0W1HwIGNzs7DJxvRpb3WxEnCWsicEyem76tH-xuFiKZNpw58U4pfF43b2B7KhE0J06550a_J30hhh9FLpv1yOrInZ0Zs21MegUt8CwzJwVS-yHLQ7MDEpUFd-g", "payload": "" } 2021-11-28 06:43:57,580:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53478352850 HTTP/1.1" 200 796 2021-11-28 06:43:57,581:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 11:43:57 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002iS8cP9UuSaNokCd3MvvcIS7br83EDBllCHV3RMR19f0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-05T11:43:57Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478352850/e84qQA", "token": "tdpFWCCYJfFLV2e8gLWESj9bTmW99aqgfMVMjCS6w6Y" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478352850/DogmPA", "token": "tdpFWCCYJfFLV2e8gLWESj9bTmW99aqgfMVMjCS6w6Y" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478352850/81vfAA", "token": "tdpFWCCYJfFLV2e8gLWESj9bTmW99aqgfMVMjCS6w6Y" } ] } 2021-11-28 06:43:57,582:DEBUG:acme.client:Storing nonce: 0002iS8cP9UuSaNokCd3MvvcIS7br83EDBllCHV3RMR19f0 2021-11-28 06:43:57,582:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-28 06:43:57,582:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-28 06:43:57,583:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-28 06:43:57,583:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-11-28 06:43:57,583:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-11-28 06:43:57,592:INFO:certbot.auth_handler:Waiting for verification... 2021-11-28 06:43:57,592:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-28 06:43:57,594:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478352840/epeNBw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmlTOGNQOVV1U2FOb2tDZDNNdnZjSVM3YnI4M0VEQmxsQ0hWM1JNUjE5ZjAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNDc4MzUyODQwL2VwZU5CdyJ9", "signature": "DRSs7n2i09jcqsMlg7XH3RFgUtykivcK0GlVd9ii6VzKpO7-vN0BzmY5qOVuZUjMUAZHSvWT2-yHybvv0c-ldZ4QVRFgS9UjIoZc491eByisaflQ74b_U7QAk1PY4yGODnxtZLk8gn9gGYHnf_UarQIO_9Zy-bQOsGSuFSwkfvl2KEvPMJLokZv2fnf_PeLAut8v3gt6cvoPMnV9paBtZ3k7bf6q0P9V7xjTWAulBhMEpYupJlNQ8YL02XpyYOZK4Ocx0thbijcMBrlR2C3aBKegaWbHyjPsEstS3i0R_C9mFTMAWAoDk_7BgEwFZKdvo3ITBEpwuaBZomKWEEY5yA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-28 06:43:57,669:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53478352840/epeNBw HTTP/1.1" 200 186 2021-11-28 06:43:57,670:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 11:43:57 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478352840/epeNBw Replay-Nonce: 0002wSeT3UdVZ7l1nH_vj_jxnJSATX0anqXPdLhmeMPO7XI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478352840/epeNBw", "token": "tyXwZOJ7wyA57echkUbdFNheyRuT-nHokT0rXS-ChZ8" } 2021-11-28 06:43:57,670:DEBUG:acme.client:Storing nonce: 0002wSeT3UdVZ7l1nH_vj_jxnJSATX0anqXPdLhmeMPO7XI 2021-11-28 06:43:57,671:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-28 06:43:57,673:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478352850/e84qQA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMndTZVQzVWRWWjdsMW5IX3ZqX2p4bkpTQVRYMGFucVhQZExobWVNUE83WEkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNDc4MzUyODUwL2U4NHFRQSJ9", "signature": "aGHo1IMbztpAW0RXx6yIAwLxGC7fq3dLa_1EO1k6ev2M-GGHHqaZc3slHbpy7t9CmosZAgFScGg6Gw27p8KNAU6ajZcQlhgxlLWov5JzaiLsLkDwKuepmKhBrS7QxDl5G_DdxsrDuHNOpGlLFD2a2u5Ox0D0giZrRzX3H9d1GmzjdXbY9GU7Wh8NiVLdNV4YwAsS0jQ181vFwJgBdIw53qGbqe8N0Kuq42keOkw_N8FYSR_ep_QyaKiQbyGU1APw2tcUqP77Tb3g0DZK1lBxOEEtKnO8O2OPQnTkiL73DKw8A5mC0Oey5tcAhvcI88vhAwqjLX1PxZB1tRA7tgvyIw", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-28 06:43:57,738:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53478352850/e84qQA HTTP/1.1" 200 186 2021-11-28 06:43:57,739:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 11:43:57 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478352850/e84qQA Replay-Nonce: 0002BaGet07gT2qxTOzF9o8PbB2rkDECsksBoAPp7AU6IrM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478352850/e84qQA", "token": "tdpFWCCYJfFLV2e8gLWESj9bTmW99aqgfMVMjCS6w6Y" } 2021-11-28 06:43:57,739:DEBUG:acme.client:Storing nonce: 0002BaGet07gT2qxTOzF9o8PbB2rkDECsksBoAPp7AU6IrM 2021-11-28 06:43:58,741:DEBUG:acme.client:JWS payload: b'' 2021-11-28 06:43:58,744:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53478352840: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkJhR2V0MDdnVDJxeFRPekY5bzhQYkIycmtERUNza3NCb0FQcDdBVTZJck0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDc4MzUyODQwIn0", "signature": "Ts9YWjyoAPp5LQoT-YcUC_ob6EoiOPKJ9_n2pofs4m-sFhClx_c0bT5lQA30KCr7Vot7RWPWJWMfVoCJQbs-V5fahRcQbNK1sqQsSDCaE3IxSeMvmUP6KzldfJ5XF63o4sy_Hxy4BJvo4rMW4aaxT53j8djfqixicGH--Z6LalETUm7UXAOcLGSibGKKdcIsgcEFG5tRT9FWPupgfwYpN3Z4ZS-c3ELQpFETFcgVhaPgov0g4BF7-w8ilQ2kcKorQ1z_NYd7-AEn5ZhG86XJL3F6qKE6obJVeSZQPuDMiuYoyEZoBwF51YgJnSsEXfc9nMfvt46Bku5YnDi5uwfX5Q", "payload": "" } 2021-11-28 06:43:58,810:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53478352840 HTTP/1.1" 200 792 2021-11-28 06:43:58,811:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 11:43:58 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001HkjzreIFSAEXHWozYHy0vLJ_QoaA4SgOMuJ_l3UprEc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-05T11:43:57Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478352840/epeNBw", "token": "tyXwZOJ7wyA57echkUbdFNheyRuT-nHokT0rXS-ChZ8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478352840/2PwqSQ", "token": "tyXwZOJ7wyA57echkUbdFNheyRuT-nHokT0rXS-ChZ8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478352840/-dVZJQ", "token": "tyXwZOJ7wyA57echkUbdFNheyRuT-nHokT0rXS-ChZ8" } ] } 2021-11-28 06:43:58,811:DEBUG:acme.client:Storing nonce: 0001HkjzreIFSAEXHWozYHy0vLJ_QoaA4SgOMuJ_l3UprEc 2021-11-28 06:43:58,812:DEBUG:acme.client:JWS payload: b'' 2021-11-28 06:43:58,815:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53478352850: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUhranpyZUlGU0FFWEhXb3pZSHkwdkxKX1FvYUE0U2dPTXVKX2wzVXByRWMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDc4MzUyODUwIn0", "signature": "VUuT9JNzo2lTngn_vvnktICU9GaigWKRtoLGCaUs-06vibRc_fNRJWND7bdwWoxaDcxSJ2HrUt-Q54Pjo3tWUZd8uYqii69EtpOCL9H60DX8oavLCaWcWo1NUGbwfG9Yb07OCmD-FU5USQ51_obYIDS7MFkzZyRvt35w7DXQy6PeqDQ7zqFt17WRaJsEJks9TGross5FyPXe1K-2yv0EtFr1BvkMGxh7MZPxmY5o_d9wd3hKEXLY_V8aorZV9V16upeFnVuRHe8S_B2Qo9SNvUNaCHnV0WUKw3V8IHt_RQ-0mnarzERSRqQHPOzTxNJ22l24rhtAJyovf4SeAUf-fg", "payload": "" } 2021-11-28 06:43:58,896:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53478352850 HTTP/1.1" 200 1826 2021-11-28 06:43:58,897:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 11:43:58 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002zpZfPF9lGDsufRizXJy3NEJlTLs9v1Wim8krOn4b2D8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-05T11:43:57Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/tdpFWCCYJfFLV2e8gLWESj9bTmW99aqgfMVMjCS6w6Y [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478352850/e84qQA", "token": "tdpFWCCYJfFLV2e8gLWESj9bTmW99aqgfMVMjCS6w6Y", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/tdpFWCCYJfFLV2e8gLWESj9bTmW99aqgfMVMjCS6w6Y", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/tdpFWCCYJfFLV2e8gLWESj9bTmW99aqgfMVMjCS6w6Y", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/tdpFWCCYJfFLV2e8gLWESj9bTmW99aqgfMVMjCS6w6Y", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-28T11:43:57Z" } ] } 2021-11-28 06:43:58,897:DEBUG:acme.client:Storing nonce: 0002zpZfPF9lGDsufRizXJy3NEJlTLs9v1Wim8krOn4b2D8 2021-11-28 06:43:58,898:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-11-28 06:44:01,902:DEBUG:acme.client:JWS payload: b'' 2021-11-28 06:44:01,904:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53478352840: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnpwWmZQRjlsR0RzdWZSaXpYSnkzTkVKbFRMczl2MVdpbThrck9uNGIyRDgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNDc4MzUyODQwIn0", "signature": "nUktG4L4-j8egKLJNPaGNEhEXwFkb5PTDlEvU9cw_T_oRE7lTbATZ1zSFrz_kKg6acSusGQkgt0IF5wLMzRpEm_ed4O0aoIwrovNbhLZTrQkxXa018vcVyzL_4hoi1W6yHn8U_VC8FUx38F5lMwV8dRJrpjudEipbVCXdhmRivhrWu_y_zLSfdydF5Kn_vnWLL-qR0vXvuNvUSZZFfY-5j5lRJjen_t8fMIvXHuCPZwOZJlFaIhCtTmtlBTc_uCqg-wg2hp_jU3U1SsTxHaEMaKEykw9c5P6aRzaqo_TdgD9oFbMz-1RLRAnTl5UjgKZpwQw8RXha6qGo8s28c_Wgg", "payload": "" } 2021-11-28 06:44:01,966:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53478352840 HTTP/1.1" 200 1505 2021-11-28 06:44:01,967:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 11:44:01 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001Ff4X_WZUn_CLQShaWOpNWulLeeoaOEVZUPmTzCH4rSk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-05T11:43:57Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/tyXwZOJ7wyA57echkUbdFNheyRuT-nHokT0rXS-ChZ8 [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53478352840/epeNBw", "token": "tyXwZOJ7wyA57echkUbdFNheyRuT-nHokT0rXS-ChZ8", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/tyXwZOJ7wyA57echkUbdFNheyRuT-nHokT0rXS-ChZ8", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/tyXwZOJ7wyA57echkUbdFNheyRuT-nHokT0rXS-ChZ8", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-28T11:43:57Z" } ] } 2021-11-28 06:44:01,968:DEBUG:acme.client:Storing nonce: 0001Ff4X_WZUn_CLQShaWOpNWulLeeoaOEVZUPmTzCH4rSk 2021-11-28 06:44:01,968:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-28 06:44:01,969:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-28 06:44:01,970:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-28 06:44:01,970:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: www.whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/tdpFWCCYJfFLV2e8gLWESj9bTmW99aqgfMVMjCS6w6Y [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-11-28 06:44:02,101:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-11-28 06:44:02,101:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-11-28 06:44:02,102:INFO:certbot.hooks:Running post-hook command: /bin/systemctl start nginx 2021-11-28 06:44:02,325:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-11-28 15:06:39,460:DEBUG:certbot.main:certbot version: 0.40.0 2021-11-28 15:06:39,461:DEBUG:certbot.main:Arguments: ['-q'] 2021-11-28 15:06:39,461:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-11-28 15:06:39,475:DEBUG:certbot.log:Root logging level set at 30 2021-11-28 15:06:39,476:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-11-28 15:06:39,487:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2021-11-28 15:06:39,500:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 15:06:39,502:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 15:06:39,503:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 15:06:39,508:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 15:06:39,509:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 15:06:39,509:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 15:06:39,513:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 15:06:39,514:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 15:06:39,515:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 15:06:39,520:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 15:06:39,521:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 15:06:39,522:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 15:06:39,528:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-28 15:06:39,529:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-28 15:06:39,529:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-28 15:06:39,534:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-11-28 15:06:39,535:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-11-28 15:06:39,535:INFO:certbot.renewal:Non-interactive renewal: random delay of 254.26302247205163 seconds 2021-11-28 15:10:53,869:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-11-28 15:10:54,214:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-28 15:10:54,215:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-28 15:10:54,215:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-28 15:10:54,215:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-11-28 15:10:54,219:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-28 15:10:54,222:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-28 15:10:54,224:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-28 15:10:54,388:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-28 15:10:54,389:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 20:10:54 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "plzRacZFibQ": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-11-28 15:10:54,390:INFO:certbot.main:Renewing an existing certificate 2021-11-28 15:10:54,518:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0458_key-certbot.pem 2021-11-28 15:10:54,527:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0458_csr-certbot.pem 2021-11-28 15:10:54,528:DEBUG:acme.client:Requesting fresh nonce 2021-11-28 15:10:54,528:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-28 15:10:54,606:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-28 15:10:54,606:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 20:10:54 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002EzgOpiwEBlhb2yIGK507_x7bFeREzIVs9XBJ9OL6irk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-28 15:10:54,607:DEBUG:acme.client:Storing nonce: 0002EzgOpiwEBlhb2yIGK507_x7bFeREzIVs9XBJ9OL6irk 2021-11-28 15:10:54,607:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-11-28 15:10:54,610:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkV6Z09waXdFQmxoYjJ5SUdLNTA3X3g3YkZlUkV6SVZzOVhCSjlPTDZpcmsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "h9QiUIMafd5gHNUBv6EpWpYX3_-R7sd1rW_vvTQxLDi0lIUARxhlNBeAc6BAPy9AqA5yQZFcwlCRn-isIvMDLG0-URYzCwaylElN8lY5XBAA9TvN_KwiS1iJgmFkUIn2qrEe_-9arhUGpyU5J-BVeYzotTjRSVcdlCZy7i4YzgpElVvbQIfvneinjID8vrVvZxslMBD-4Juvh3bD_Gg4_Hsw98WBzK3fT8yCioVFGwLgFzbo8tSz_Z0xvBoBi2eDaF2YxYAa6bBQTWgNHDjV4YSTYYHkZbrybN42i03Ln311rHP3E_T41v2MTIdFgAulOEZ_UkPK6E1MGBIpOGs29w", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-11-28 15:10:54,722:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-11-28 15:10:54,722:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sun, 28 Nov 2021 20:10:54 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43212846380 Replay-Nonce: 0001LBWtG_XgSGJY9Viuhqz2JizrsyYDiwLafXL2s1vvXsI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-05T20:10:54Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53581591270" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43212846380" } 2021-11-28 15:10:54,723:DEBUG:acme.client:Storing nonce: 0001LBWtG_XgSGJY9Viuhqz2JizrsyYDiwLafXL2s1vvXsI 2021-11-28 15:10:54,723:DEBUG:acme.client:JWS payload: b'' 2021-11-28 15:10:54,725:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53581591270: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUxCV3RHX1hnU0dKWTlWaXVocXoySml6cnN5WURpd0xhZlhMMnMxdnZYc0kiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNTgxNTkxMjcwIn0", "signature": "ZXVM5KFoA9-S5dS6c6h2pYOZl8t6NWJP8Yr92fBLrWMpW-E_N9PQhd9Ync3sb0-w1yb9Mt-TKoH9Y_JS0_WTEQJeoHSYHms4kFNtUQIvVAd9E0xKkmcaq7PAN9o4cRUugN6in8fR2Z35znUxTjSOikDHRXDkUjXZHL5H4ktBbw5NUUOvWg7eJWyZrqg2aunPxxEbSW3ytBwXPRMpmEazsoeuAqV6iJKMv-UmVUqNK5UL8kEj_C9ioYMBb0HfK-Uh6l4REURPcDsbHgr42A5_0EX06AjBMay3OG39G3lBHhwgrXSJk7OKjNQTQq4FkbWakcRdp8BW0GPa9E_SB38B6w", "payload": "" } 2021-11-28 15:10:54,786:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53581591270 HTTP/1.1" 200 792 2021-11-28 15:10:54,787:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 20:10:54 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001Wn3Ya7FBqKh3imhR_Ob00ZfyeQR57HEW2Wd7QqfvkA4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-05T20:10:54Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581591270/IbsLlQ", "token": "8we0fYGOXTFGZNlRMJ8dUvNKWaiTXViBnbrAKvg8vzY" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581591270/i2Gk1Q", "token": "8we0fYGOXTFGZNlRMJ8dUvNKWaiTXViBnbrAKvg8vzY" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581591270/d9UTWQ", "token": "8we0fYGOXTFGZNlRMJ8dUvNKWaiTXViBnbrAKvg8vzY" } ] } 2021-11-28 15:10:54,787:DEBUG:acme.client:Storing nonce: 0001Wn3Ya7FBqKh3imhR_Ob00ZfyeQR57HEW2Wd7QqfvkA4 2021-11-28 15:10:54,788:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-28 15:10:54,788:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-28 15:10:54,820:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-11-28 15:10:54,821:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-11-28 15:10:54,822:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-11-28 15:10:54,822:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-11-28 15:10:54,823:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-11-28 15:10:54,823:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-11-28 15:10:54,823:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-11-28 15:10:54,824:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-11-28 15:10:54,824:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-11-28 15:10:54,824:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-11-28 15:10:54,825:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-11-28 15:10:54,825:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-11-28 15:10:54,825:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-11-28 15:10:54,826:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-11-28 15:10:54,828:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/8we0fYGOXTFGZNlRMJ8dUvNKWaiTXViBnbrAKvg8vzY{default_type text/plain;return 200 8we0fYGOXTFGZNlRMJ8dUvNKWaiTXViBnbrAKvg8vzY.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-11-28 15:10:55,858:INFO:certbot.auth_handler:Waiting for verification... 2021-11-28 15:10:55,859:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-28 15:10:55,861:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581591270/IbsLlQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVduM1lhN0ZCcUtoM2ltaFJfT2IwMFpmeWVRUjU3SEVXMldkN1FxZnZrQTQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNTgxNTkxMjcwL0lic0xsUSJ9", "signature": "CdWlw4MvKA8tlveBB85vOEqHIP5rtAaR9FHbtS3PhaxOwDmmXo89-QpTj_Mb4jyq_fbMk4cyFkBuJc4Bv9RngrL8dgRfR5ccBpWnYWzD88ksHvlGPcr7kPiM6B6lVthGZm3lZhUHHVBwkT-Oz13jRQTSs4MLsks_g6tMZY6_0ZNWxAfsKcn01h-yLyS36mdB3OPGxxX57NW9BAqkfi1llZBKQjpyR7k7Wc4eoQMFysfDq-Hhi_25dajyAiw7Xrw0dwe4df3eknqr2TL_-JDX1CtJ_ratQiaEmiYU0MfEyv0klu6IbRpC9KcjjIhy9z_W9NGTZIrnEP0hVEgFSA86eA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-28 15:10:55,931:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53581591270/IbsLlQ HTTP/1.1" 200 186 2021-11-28 15:10:55,932:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 20:10:55 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581591270/IbsLlQ Replay-Nonce: 0002ZVlrViUqxCpJl6Uq5pi8Dz0kRKpPHniQr7SqEqX18iE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581591270/IbsLlQ", "token": "8we0fYGOXTFGZNlRMJ8dUvNKWaiTXViBnbrAKvg8vzY" } 2021-11-28 15:10:55,932:DEBUG:acme.client:Storing nonce: 0002ZVlrViUqxCpJl6Uq5pi8Dz0kRKpPHniQr7SqEqX18iE 2021-11-28 15:10:56,934:DEBUG:acme.client:JWS payload: b'' 2021-11-28 15:10:56,936:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53581591270: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlpWbHJWaVVxeENwSmw2VXE1cGk4RHowa1JLcFBIbmlRcjdTcUVxWDE4aUUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNTgxNTkxMjcwIn0", "signature": "eytGpZWv7VWNp-p-FsrdQNCRZOcVlcZK6MWDwq2PZfpk1-CxxoZYTw96JUxwo8ShQ5DbKvsqaJmxiNt9Fu1C7Z9v4Qj9fMNL3X-_aovI8nK0SyYTrtq_p_qtqhIqnAK_5gW14aSyn0bih0h2wo_vzWCY28tbYmw-B6rGpNFPxqMq2yeDBGMMS4zizwk2uw6RUNQOQwvaqDJ70eF8wceN0jJHuK0jfS0OWmYsR1jep7vknpAkTapbe52W_OJhX3CkWZebRpKXco3unxdaA7lza39XKdPHsp0Z1C13oEwRssxygjxnmDwFuo2_Gd_zp1KTfCFsn224U2V6Ulyl-CCHcg", "payload": "" } 2021-11-28 15:10:56,999:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53581591270 HTTP/1.1" 200 1505 2021-11-28 15:10:57,000:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 20:10:56 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001-CrD0A14NF3LU7nT16-Om4UaRxQJQjOeLMCt76TeARU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-05T20:10:54Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/8we0fYGOXTFGZNlRMJ8dUvNKWaiTXViBnbrAKvg8vzY [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581591270/IbsLlQ", "token": "8we0fYGOXTFGZNlRMJ8dUvNKWaiTXViBnbrAKvg8vzY", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/8we0fYGOXTFGZNlRMJ8dUvNKWaiTXViBnbrAKvg8vzY", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/8we0fYGOXTFGZNlRMJ8dUvNKWaiTXViBnbrAKvg8vzY", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-28T20:10:55Z" } ] } 2021-11-28 15:10:57,000:DEBUG:acme.client:Storing nonce: 0001-CrD0A14NF3LU7nT16-Om4UaRxQJQjOeLMCt76TeARU 2021-11-28 15:10:57,002:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-28 15:10:57,002:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-28 15:10:57,002:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/8we0fYGOXTFGZNlRMJ8dUvNKWaiTXViBnbrAKvg8vzY [75.2.60.5]: "\n\n\n \n Prep: True 2021-11-28 15:10:58,540:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-28 15:10:58,540:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-28 15:10:58,540:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-11-28 15:10:58,545:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-28 15:10:58,546:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-28 15:10:58,548:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-28 15:10:58,708:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-28 15:10:58,709:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 20:10:58 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "fz4AtV8pfos": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-11-28 15:10:58,710:INFO:certbot.main:Renewing an existing certificate 2021-11-28 15:10:58,929:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0459_key-certbot.pem 2021-11-28 15:10:58,938:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0459_csr-certbot.pem 2021-11-28 15:10:58,939:DEBUG:acme.client:Requesting fresh nonce 2021-11-28 15:10:58,939:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-28 15:10:58,991:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-28 15:10:58,992:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 20:10:58 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00022TNe7YYSoH0Fa4VJchRQALyZYOXt7uJt_ZMkWrWlyas X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-28 15:10:58,992:DEBUG:acme.client:Storing nonce: 00022TNe7YYSoH0Fa4VJchRQALyZYOXt7uJt_ZMkWrWlyas 2021-11-28 15:10:58,993:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-11-28 15:10:58,995:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjJUTmU3WVlTb0gwRmE0VkpjaFJRQUx5WllPWHQ3dUp0X1pNa1dyV2x5YXMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "j8X2gWCz5RbWB38gaPoBfZeZYTDGDPNeAWHdQs0h_RrymeS5R-ozs6VJotGieZ1XWHCekElrZC7ZhExJyeAY70JM2bDucXGOSUN01WSS6zHLrHgVsrhRTE3T4qXZdQE9eS11Pc74ysZDP2KdShxEh8Zj6ZWr6WqG3JLC3o_7CKQ3zdsSq285cci1i_G1GKZhH3cVXbXS7gjUwr2YrTLyVykXqQnS-DGmT_WwteywcrmSWhoasu-ZcfLM0Mj1R8Cmw8DSJGqgiCa2Zxj2Jr4i5pLZCd2OnC0BLPBoF5KK7YYYJGz2fsxy_BYIDGzYL-Eu52VMfHmtV11ULG6wKpsd1w", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-11-28 15:10:59,297:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-11-28 15:10:59,298:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sun, 28 Nov 2021 20:10:59 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43212856240 Replay-Nonce: 0002Mpemnhi3Ob3cqUPwk4B0xQuxplLhTB7NSRTwuHGk7fY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-05T20:10:59Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53581603050", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53581603060" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43212856240" } 2021-11-28 15:10:59,298:DEBUG:acme.client:Storing nonce: 0002Mpemnhi3Ob3cqUPwk4B0xQuxplLhTB7NSRTwuHGk7fY 2021-11-28 15:10:59,299:DEBUG:acme.client:JWS payload: b'' 2021-11-28 15:10:59,301:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53581603050: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMk1wZW1uaGkzT2IzY3FVUHdrNEIweFF1eHBsTGhUQjdOU1JUd3VIR2s3ZlkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNTgxNjAzMDUwIn0", "signature": "IXajZ7K13DcDhibBOjT9mGRnxTgVSkArVhP0itmC_Y3YhGBGnorx5cGmwZVuRXxr242wA_g3CdwMUyKrtZVhryp6kP8Ew-JyX9wk0xpJgExHwg6jf7761AgJRsg7Z3FNgGU5J_rIfuXoLugeC_HOOdwcKthGcImAoZIs05-GRgAN0ItXeINAPKz1EufUzm9jJGp2ZxHxx4ZCELkgeAjL2_A4GM1RAjLoWkFaUuLo7uLzhVJm2J_bNtLKMiXPFn37Ph5QmVPlD2MrN5zAS-fmP48HPPSky-X7p5p2ToGi7i1qaDLgQGqLLmqb7Z5-jZ_fsu3bHbFGEMKqB-Z3p0bw8w", "payload": "" } 2021-11-28 15:10:59,371:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53581603050 HTTP/1.1" 200 792 2021-11-28 15:10:59,371:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 20:10:59 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001EQecW16zRmgicAPxA6oRXZDcDgEwS7XTQWo-MbI7ziI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-05T20:10:59Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603050/WCsjFQ", "token": "8fz-MbIYBkMYQgrGzmXpi6886314B811JUY5oqwh3OE" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603050/mxc4vw", "token": "8fz-MbIYBkMYQgrGzmXpi6886314B811JUY5oqwh3OE" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603050/UKPOcg", "token": "8fz-MbIYBkMYQgrGzmXpi6886314B811JUY5oqwh3OE" } ] } 2021-11-28 15:10:59,372:DEBUG:acme.client:Storing nonce: 0001EQecW16zRmgicAPxA6oRXZDcDgEwS7XTQWo-MbI7ziI 2021-11-28 15:10:59,372:DEBUG:acme.client:JWS payload: b'' 2021-11-28 15:10:59,375:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53581603060: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUVRZWNXMTZ6Um1naWNBUHhBNm9SWFpEY0RnRXdTN1hUUVdvLU1iSTd6aUkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNTgxNjAzMDYwIn0", "signature": "RrVpwt3eG8SlbRqh8L5ZMgCj9aAGyMDC5J2MsmxaS2eL-LQkKEqSNn31aN6hncB6UmVeTzovrtUSm_skC2D2BLLVdgiJ1_2F457zDsjz1USPVi1cAvIgMcGEPol2tTUKNpZwhlUQTIrbMjSEqOPpQhXSccnayG5wBYEzO6nOctkoGGAp4Gaw1vfzylY3vS_17CGHsuJl3bNWP4y4YDzYCD5BKcHaiJEPjqTBWM0TFwjU9GVbe8O2WAHWBLLk1Qcb9X9YvFowXjYJyRxyAe-4DR9JRtpH-bm6lEfKTTy9UZOiG3xgGEuT19DSYVFzotZCZ5xnq7mCbanLC5GdjOER4A", "payload": "" } 2021-11-28 15:10:59,456:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53581603060 HTTP/1.1" 200 796 2021-11-28 15:10:59,457:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 20:10:59 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002JlYgNenZKkt4hQKZpQ48pwx6ZcVwzDt1U-CzV-ecBeg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-05T20:10:59Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603060/4OfTQw", "token": "sBsp1PUxo682YdbQKk5ou53UFfhwTg48W7pF_gS0R-Q" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603060/w7uvVQ", "token": "sBsp1PUxo682YdbQKk5ou53UFfhwTg48W7pF_gS0R-Q" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603060/yZk_rg", "token": "sBsp1PUxo682YdbQKk5ou53UFfhwTg48W7pF_gS0R-Q" } ] } 2021-11-28 15:10:59,458:DEBUG:acme.client:Storing nonce: 0002JlYgNenZKkt4hQKZpQ48pwx6ZcVwzDt1U-CzV-ecBeg 2021-11-28 15:10:59,458:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-28 15:10:59,458:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-28 15:10:59,459:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-28 15:10:59,525:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-11-28 15:10:59,526:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-11-28 15:10:59,526:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-11-28 15:10:59,527:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-11-28 15:10:59,527:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-11-28 15:10:59,527:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-11-28 15:10:59,527:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-11-28 15:10:59,528:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-11-28 15:10:59,528:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-11-28 15:10:59,528:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-11-28 15:10:59,528:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-11-28 15:10:59,529:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-11-28 15:10:59,529:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-11-28 15:10:59,531:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-11-28 15:10:59,532:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/8fz-MbIYBkMYQgrGzmXpi6886314B811JUY5oqwh3OE{default_type text/plain;return 200 8fz-MbIYBkMYQgrGzmXpi6886314B811JUY5oqwh3OE.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot location = /.well-known/acme-challenge/sBsp1PUxo682YdbQKk5ou53UFfhwTg48W7pF_gS0R-Q{default_type text/plain;return 200 sBsp1PUxo682YdbQKk5ou53UFfhwTg48W7pF_gS0R-Q.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-11-28 15:11:00,563:INFO:certbot.auth_handler:Waiting for verification... 2021-11-28 15:11:00,564:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-28 15:11:00,566:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603050/WCsjFQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkpsWWdOZW5aS2t0NGhRS1pwUTQ4cHd4NlpjVnd6RHQxVS1DelYtZWNCZWciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNTgxNjAzMDUwL1dDc2pGUSJ9", "signature": "fGHCoippv4IHzgAS2SRr62BaqQAZsgNmG7VeGKJV0Y3zdmip8o8CIXoZw4J01zLMERHWGz8ETUivPaOLAAHkBs0ulophGhpRE3MVrasbRekOeUpePkWsPc2tkrdB2JCe7sAVlgJvSEeqG2M1EevfCVQJe7OeD6MIoLmTHQir3nqPy7oXoVlPuMkpUtn_4XPNlGGiXSNEnQSkYDGiK_WsE9ehXRWHq3auzUIahhZ1XOy8palm95JnI8RQU_jAIX1qpit9a6PlIXjZD22YthHzjNk_O33J1IUtfASoiaJL1BmZtbZ5ySXixyPee1nrMyIGtihN5IXT2_wSHOJJrWzjpw", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-28 15:11:00,689:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53581603050/WCsjFQ HTTP/1.1" 200 186 2021-11-28 15:11:00,690:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 20:11:00 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603050/WCsjFQ Replay-Nonce: 0001Jam82Tid4DsU6OAl116AD7zue3CjCGX6D0ibK1fNSoE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603050/WCsjFQ", "token": "8fz-MbIYBkMYQgrGzmXpi6886314B811JUY5oqwh3OE" } 2021-11-28 15:11:00,690:DEBUG:acme.client:Storing nonce: 0001Jam82Tid4DsU6OAl116AD7zue3CjCGX6D0ibK1fNSoE 2021-11-28 15:11:00,690:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-28 15:11:00,692:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603060/4OfTQw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUphbTgyVGlkNERzVTZPQWwxMTZBRDd6dWUzQ2pDR1g2RDBpYksxZk5Tb0UiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNTgxNjAzMDYwLzRPZlRRdyJ9", "signature": "bxaNmQ8F-M9ELLWSnzv4XM0AarnmaWekd6FBd_LsaEEyYVWC4qL3HpI6SjyH7TmFAM8vGP88A4E2i2VPzdp3eJrP1kxFsF35NGzC5ug3NA6sWIyCEONySft_nIzY0KtDI698bVzwkZhZGkw68eAzaGBMHY5IYbdR6GKRZ1uT0dzVQTQDXbn2COlhjkc21Ov8ylAS7czQ1Lk27Wpy1ufx8ymYVm2QuokY_cQxeAKIjKShOAurFFPgeb--WhkiZhJxJ604ndVDuxi3GJhIsm-aUU9PmK8Mti7yyOMHRdZpMKXiU2fBp0w_AJCP4SVZamEV07ssMBQVQNsTcPOxWcXXwA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-28 15:11:00,766:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53581603060/4OfTQw HTTP/1.1" 200 186 2021-11-28 15:11:00,767:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 20:11:00 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603060/4OfTQw Replay-Nonce: 0002U3MDlH6RJdPAyFaQ6kDqMxASQ4VcGDKS5210v7l0JTw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603060/4OfTQw", "token": "sBsp1PUxo682YdbQKk5ou53UFfhwTg48W7pF_gS0R-Q" } 2021-11-28 15:11:00,767:DEBUG:acme.client:Storing nonce: 0002U3MDlH6RJdPAyFaQ6kDqMxASQ4VcGDKS5210v7l0JTw 2021-11-28 15:11:01,768:DEBUG:acme.client:JWS payload: b'' 2021-11-28 15:11:01,770:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53581603050: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlUzTURsSDZSSmRQQXlGYVE2a0RxTXhBU1E0VmNHREtTNTIxMHY3bDBKVHciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNTgxNjAzMDUwIn0", "signature": "mmnxooKohj2fYqmLlqZH8gGiMykHMsNSYADcuHpQ5m3btchLCb-PdTnzCtcHccseMa8x_rxygflamXPSDnr39HellUnkeiJBgQwPNEmWHR_P_l01nXZLFf7IKgQH9EeFNDd6Ol8WL9Ll8ASUI6lDLgNlNQFo0IDPmzMi6W2UVSerN4PkvdeMEaeEFznoXelwlLQieJNU24BjQecSpPyc7JbwkP35yHbdhvcorBELpeLZiw0t8zT7PgtfsJbJct5F1kICmhDNncFarka8C5qHu9MTVbOmJaK-nwGVL7seraO_3ojtXoMiFDTOZApJaKy5dhxXgAX2hWjmyrGZtrkRTw", "payload": "" } 2021-11-28 15:11:01,834:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53581603050 HTTP/1.1" 200 792 2021-11-28 15:11:01,835:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 20:11:01 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002XdaWvrGAtz7v0yEWJvraV5gDANwFw-wgCOGC0m61ciU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-05T20:10:59Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603050/WCsjFQ", "token": "8fz-MbIYBkMYQgrGzmXpi6886314B811JUY5oqwh3OE" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603050/mxc4vw", "token": "8fz-MbIYBkMYQgrGzmXpi6886314B811JUY5oqwh3OE" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603050/UKPOcg", "token": "8fz-MbIYBkMYQgrGzmXpi6886314B811JUY5oqwh3OE" } ] } 2021-11-28 15:11:01,835:DEBUG:acme.client:Storing nonce: 0002XdaWvrGAtz7v0yEWJvraV5gDANwFw-wgCOGC0m61ciU 2021-11-28 15:11:01,836:DEBUG:acme.client:JWS payload: b'' 2021-11-28 15:11:01,838:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53581603060: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlhkYVd2ckdBdHo3djB5RVdKdnJhVjVnREFOd0Z3LXdnQ09HQzBtNjFjaVUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNTgxNjAzMDYwIn0", "signature": "Fm9aDibDePJfOE0iGBmNftzPrNcKij5eLUQh5kO1nk2AxlXQTSrP8tQjCVG9NR2WRtCYT0G-YsepG7jTdV20VtrkbiE9i95cAiRrA3xsAwN0RnC3Y54AmNYZyCr1ohRFM7T0zXoglDyczsUkOSezlewGCwoixmcn6DXrhvNvuVuZqk5j_aAd9iAMayzBxPJfl5JY_KhufN7fPnKFrwBT7SEqW-50nvTHBPkFqH7uDgwyvDaYLEUPEP2kx-xzICDy47j-6EmtfUbnfBGcdYuT9jdLz5uj1h-cicv26S-oO8XH-QjrTU5qmv71w_oDEvlzVnzIg0tm7sbXJXaG5xI0dQ", "payload": "" } 2021-11-28 15:11:01,908:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53581603060 HTTP/1.1" 200 796 2021-11-28 15:11:01,909:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 20:11:01 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001uwiLN0FlDnqtfnhEJTmp-XEJfO_cvi00KFOcYmEs2V8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-05T20:10:59Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603060/4OfTQw", "token": "sBsp1PUxo682YdbQKk5ou53UFfhwTg48W7pF_gS0R-Q" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603060/w7uvVQ", "token": "sBsp1PUxo682YdbQKk5ou53UFfhwTg48W7pF_gS0R-Q" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603060/yZk_rg", "token": "sBsp1PUxo682YdbQKk5ou53UFfhwTg48W7pF_gS0R-Q" } ] } 2021-11-28 15:11:01,909:DEBUG:acme.client:Storing nonce: 0001uwiLN0FlDnqtfnhEJTmp-XEJfO_cvi00KFOcYmEs2V8 2021-11-28 15:11:04,914:DEBUG:acme.client:JWS payload: b'' 2021-11-28 15:11:04,916:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53581603050: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXV3aUxOMEZsRG5xdGZuaEVKVG1wLVhFSmZPX2N2aTAwS0ZPY1ltRXMyVjgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNTgxNjAzMDUwIn0", "signature": "ig9LzBK_P7FL0hbSRJsf1SAFocst3mq0rR0MnhZXWn4qvlx1aD_wlIv77uiJmZThnE6jv2VaoMC755rlGI3MImMJJkj62bzbUL4-5BiidPRBj_xlpMofRqnNeSODBb5d0JiklASlLxw49TGuR8vlEfC6dM9yM171qwj0ZP2oylG2AsbKNmddWkl0pUC-U_hNKngvfODR2yAg-1V4KYWdbPYsDb6LlX86eJirZaUIPAdAq8wUISyzvbaFm5aPJAAicBO2iOuoXTPJVQ0E5V0UzR7oNoMfgTizguOofX6NEUgyJMM0sDAJvEf_WWgXSui6BCyCqf8Ddvso_KWi1CnlNQ", "payload": "" } 2021-11-28 15:11:04,988:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53581603050 HTTP/1.1" 200 1505 2021-11-28 15:11:04,989:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 20:11:04 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001b-uM2_MWjsJ0_2ljGQ3sCV3qQ5q7Gac5LM8RYukrHHs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-05T20:10:59Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/8fz-MbIYBkMYQgrGzmXpi6886314B811JUY5oqwh3OE [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603050/WCsjFQ", "token": "8fz-MbIYBkMYQgrGzmXpi6886314B811JUY5oqwh3OE", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/8fz-MbIYBkMYQgrGzmXpi6886314B811JUY5oqwh3OE", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/8fz-MbIYBkMYQgrGzmXpi6886314B811JUY5oqwh3OE", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-28T20:11:00Z" } ] } 2021-11-28 15:11:04,989:DEBUG:acme.client:Storing nonce: 0001b-uM2_MWjsJ0_2ljGQ3sCV3qQ5q7Gac5LM8RYukrHHs 2021-11-28 15:11:04,989:DEBUG:acme.client:JWS payload: b'' 2021-11-28 15:11:04,992:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53581603060: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWItdU0yX01XanNKMF8ybGpHUTNzQ1YzcVE1cTdHYWM1TE04Ull1a3JISHMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNTgxNjAzMDYwIn0", "signature": "C2alriHO995VFqDgNyy_85BehuXBwgTvSd1zmTV6I9RICFx7LYUZiPKdD4dLbn3EOhC9Lm8Itc8lz2mlUENUY20fCOHivjUOcDWdkVfhhLPzPe0O4OpnDWeHsdxjhRP0Muuln8li1jC0piCpuw17xs6qSDISHTBs4YSOzl5nWewsB8giu_CKJAI7Ctebh6qttprBhhpjTCRKUv_BJNFQ-6M2whah__XbMLpmTtfaykpceeL-L1xH2bbZbhohcoW_yqNdbSaG53w9CR0dnBluw8Pr_R8MHc7Z545pUX1qnpVtMrQbYlMNquurYmB51-KhpE_uWG38fTvv4Z0NE1Tdcw", "payload": "" } 2021-11-28 15:11:05,090:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53581603060 HTTP/1.1" 200 1826 2021-11-28 15:11:05,091:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 28 Nov 2021 20:11:05 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002G6Rd5HqQ70qzw2Aii_aIBGeJK5_Aey23kcOmntuUhjo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-05T20:10:59Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/sBsp1PUxo682YdbQKk5ou53UFfhwTg48W7pF_gS0R-Q [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53581603060/4OfTQw", "token": "sBsp1PUxo682YdbQKk5ou53UFfhwTg48W7pF_gS0R-Q", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/sBsp1PUxo682YdbQKk5ou53UFfhwTg48W7pF_gS0R-Q", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/sBsp1PUxo682YdbQKk5ou53UFfhwTg48W7pF_gS0R-Q", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/sBsp1PUxo682YdbQKk5ou53UFfhwTg48W7pF_gS0R-Q", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-28T20:11:00Z" } ] } 2021-11-28 15:11:05,091:DEBUG:acme.client:Storing nonce: 0002G6Rd5HqQ70qzw2Aii_aIBGeJK5_Aey23kcOmntuUhjo 2021-11-28 15:11:05,092:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-28 15:11:05,092:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-11-28 15:11:05,092:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-28 15:11:05,093:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-28 15:11:05,093:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/8fz-MbIYBkMYQgrGzmXpi6886314B811JUY5oqwh3OE [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-11-28 15:11:06,357:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-11-28 15:11:06,357:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-11-28 15:11:06,357:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-11-29 01:46:39,751:DEBUG:certbot.main:certbot version: 0.40.0 2021-11-29 01:46:39,752:DEBUG:certbot.main:Arguments: ['-q'] 2021-11-29 01:46:39,752:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-11-29 01:46:39,769:DEBUG:certbot.log:Root logging level set at 30 2021-11-29 01:46:39,770:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-11-29 01:46:39,786:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2021-11-29 01:46:39,801:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 01:46:39,802:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 01:46:39,803:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 01:46:39,810:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 01:46:39,811:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 01:46:39,812:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 01:46:39,818:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 01:46:39,819:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 01:46:39,820:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 01:46:39,829:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 01:46:39,830:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 01:46:39,831:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 01:46:39,841:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 01:46:39,842:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 01:46:39,842:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 01:46:39,850:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-11-29 01:46:39,850:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-11-29 01:46:39,850:INFO:certbot.renewal:Non-interactive renewal: random delay of 473.22632083061376 seconds 2021-11-29 01:54:33,154:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-11-29 01:54:33,579:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-29 01:54:33,580:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-29 01:54:33,580:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-29 01:54:33,580:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-11-29 01:54:33,585:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-29 01:54:33,587:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-29 01:54:33,590:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-29 01:54:33,755:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-29 01:54:33,756:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 06:54:33 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "R1wPDLtGwCA": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-11-29 01:54:33,758:INFO:certbot.main:Renewing an existing certificate 2021-11-29 01:54:33,840:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0460_key-certbot.pem 2021-11-29 01:54:33,863:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0460_csr-certbot.pem 2021-11-29 01:54:33,863:DEBUG:acme.client:Requesting fresh nonce 2021-11-29 01:54:33,864:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-29 01:54:33,917:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-29 01:54:33,918:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 06:54:33 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002bDu797kljtugHK02073AEmBE6GgL_H6SibqiQk_HmhA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-29 01:54:33,918:DEBUG:acme.client:Storing nonce: 0002bDu797kljtugHK02073AEmBE6GgL_H6SibqiQk_HmhA 2021-11-29 01:54:33,919:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-11-29 01:54:33,922:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmJEdTc5N2tsanR1Z0hLMDIwNzNBRW1CRTZHZ0xfSDZTaWJxaVFrX0htaEEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "jnnt7keJupj2xPuZ9Ftn0vuEXFKFIIcp8VoLK8Llbj4bAmIDQKoZ4OaPPVu07YHPkO_qYSdtWVoHPfV0ieorq76UtQnU4xhtgTn8Z0XBluZTN0PtzyrpHffme0iGI0x7mifNF0KzCdYdXTAAluum_Ij4NxR6jLhz7yXY3A-tQviStdSrommEqgn21tCPBcvrlFhl8NzJJQDqXDC7qEP4JUur4tp0b1hFGJ7ceIn1Fpb8s5sVUHJmAk3On4Fvg8uK8NRORbSLNLg4xrgeVbPVWecA0fXEn0CXyRQPDd2KmAojTRh-wNpwa3m0QnVA99ZbRBLshxPN_NP-BwVd1pDjWQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-11-29 01:54:34,046:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-11-29 01:54:34,046:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Mon, 29 Nov 2021 06:54:34 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43328246490 Replay-Nonce: 0002oSBcd4oNbrHuclffqVjotkv1Wp0fOg3DH2EzRSGZoLo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-06T06:54:34Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53721687760" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43328246490" } 2021-11-29 01:54:34,047:DEBUG:acme.client:Storing nonce: 0002oSBcd4oNbrHuclffqVjotkv1Wp0fOg3DH2EzRSGZoLo 2021-11-29 01:54:34,047:DEBUG:acme.client:JWS payload: b'' 2021-11-29 01:54:34,049:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53721687760: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMm9TQmNkNG9OYnJIdWNsZmZxVmpvdGt2MVdwMGZPZzNESDJFelJTR1pvTG8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzIxNjg3NzYwIn0", "signature": "A1St8J3atI1J8EDjTTaq9vwaC6Z_yqMoO2OzVQ-RJaH93lrxAQALPz4B0UQUUFm8kSdqndtluTigBADi6sePCb7kMl-6ZLm_Rz5WHsUVBAqf3NO7oVMhiUbMd7iLp44acKvH6g23Ngbsk1h5dTwgSou5oUvHmtV-jp0MKC9aT4Slk1ZKIX_5NeDEErZLLMDSdzAkg_JG-kolMG1ubkFmqNvli9fgw3Ds9VhjGRq0f-2vyoQZB12YzGF3kSGJO2FsgT11bOiwVoWsDy_qcm26SYM91tdEVe6PZidtG63L7ShQOANZSZZA8Kwj-jPhpt7i1MeDCHBSv1M_KSPFnkPbyg", "payload": "" } 2021-11-29 01:54:34,140:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53721687760 HTTP/1.1" 200 792 2021-11-29 01:54:34,140:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 06:54:34 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001ThFCy06bwG2Kv5wZu0CTnLrL6D6TwYYwCA7iXoAiVzU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-06T06:54:34Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721687760/pF_aRg", "token": "Qp21b-3pIJJl0TiReMUUcb4Cf9KuvXU-oYHbtyOk2yE" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721687760/2owksQ", "token": "Qp21b-3pIJJl0TiReMUUcb4Cf9KuvXU-oYHbtyOk2yE" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721687760/XrjGDg", "token": "Qp21b-3pIJJl0TiReMUUcb4Cf9KuvXU-oYHbtyOk2yE" } ] } 2021-11-29 01:54:34,141:DEBUG:acme.client:Storing nonce: 0001ThFCy06bwG2Kv5wZu0CTnLrL6D6TwYYwCA7iXoAiVzU 2021-11-29 01:54:34,141:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-29 01:54:34,142:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-29 01:54:34,174:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-11-29 01:54:34,175:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-11-29 01:54:34,176:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-11-29 01:54:34,176:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-11-29 01:54:34,176:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-11-29 01:54:34,176:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-11-29 01:54:34,177:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-11-29 01:54:34,177:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-11-29 01:54:34,177:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-11-29 01:54:34,177:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-11-29 01:54:34,178:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-11-29 01:54:34,178:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-11-29 01:54:34,178:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-11-29 01:54:34,179:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-11-29 01:54:34,181:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/Qp21b-3pIJJl0TiReMUUcb4Cf9KuvXU-oYHbtyOk2yE{default_type text/plain;return 200 Qp21b-3pIJJl0TiReMUUcb4Cf9KuvXU-oYHbtyOk2yE.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-11-29 01:54:35,223:INFO:certbot.auth_handler:Waiting for verification... 2021-11-29 01:54:35,224:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-29 01:54:35,226:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721687760/pF_aRg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVRoRkN5MDZid0cyS3Y1d1p1MENUbkxyTDZENlR3WVl3Q0E3aVhvQWlWelUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNzIxNjg3NzYwL3BGX2FSZyJ9", "signature": "c7ziTnbrg9j8-C-FXYtbPocLgyNPE7wg7cIzatmEpJ1aC6Y-ioWnfjCZ36ukiLIxy4R2BtOzxk2dNiAbOjLe7xQeQAwQI86t-H9vxn60xlNikxHCuccWf_zC2FwWC9XiML9Fxr4p-mko0wWC98kFdX96HCiMhHa7oVv5gCTNBcmsJZ38-imduE4VgZW0snHslwYQtPgSNFXtbrg1DgGR5ARru6kNSwWK-GHVgmBt-XfLYCJRE_Fg8h6J1SSE7GZtdjcUozBgUGcYpLCFhfOg2wSfU8WSbPBY41E-ouENmJiJwu_079m_eECbTY16cUPtvdokK0fHrDr3AWKP8WY1tA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-29 01:54:35,302:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53721687760/pF_aRg HTTP/1.1" 200 186 2021-11-29 01:54:35,303:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 06:54:35 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721687760/pF_aRg Replay-Nonce: 0001BGsms1JUhneYXDwCK18L3m2Qa2MoZct6KgPmETLymVc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721687760/pF_aRg", "token": "Qp21b-3pIJJl0TiReMUUcb4Cf9KuvXU-oYHbtyOk2yE" } 2021-11-29 01:54:35,304:DEBUG:acme.client:Storing nonce: 0001BGsms1JUhneYXDwCK18L3m2Qa2MoZct6KgPmETLymVc 2021-11-29 01:54:36,306:DEBUG:acme.client:JWS payload: b'' 2021-11-29 01:54:36,307:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53721687760: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUJHc21zMUpVaG5lWVhEd0NLMThMM20yUWEyTW9aY3Q2S2dQbUVUTHltVmMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzIxNjg3NzYwIn0", "signature": "rLERgGjygtB9DozK6EojiUSVchfUP2HJKNiDJYDKi7FZGx8yRHCKfalB_kSCB7c0_yYj8EWU58uEeF9Ckg9KWRirEXofCUm4i0RTNXdeXMS33j_ivYZ0NHo56Goqxk1joNaOUOqe-lfkHLxnZ770C2zrDIOal5eIXp4BEOjCvNdiwesZF8mbJ6taQXfcyAjk4yYCf8xTKzAjWWn9PMFdK1BujtoGaWse3sg-mt72amC-x9OSDbsLdAsvpfBkL8A56m3q5vWIl25o7EpETgS7Ofzaux-Catfn3-b41YK4V5ZXxIQgx7ARJo8hrZARVUZgqrs3S8_qDu4rmiM8yZZZCA", "payload": "" } 2021-11-29 01:54:36,370:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53721687760 HTTP/1.1" 200 792 2021-11-29 01:54:36,371:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 06:54:36 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002skHSjlVZVE12M28VCadlT6C80_uYczUl2DvRs44Vzvc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-06T06:54:34Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721687760/pF_aRg", "token": "Qp21b-3pIJJl0TiReMUUcb4Cf9KuvXU-oYHbtyOk2yE" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721687760/2owksQ", "token": "Qp21b-3pIJJl0TiReMUUcb4Cf9KuvXU-oYHbtyOk2yE" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721687760/XrjGDg", "token": "Qp21b-3pIJJl0TiReMUUcb4Cf9KuvXU-oYHbtyOk2yE" } ] } 2021-11-29 01:54:36,371:DEBUG:acme.client:Storing nonce: 0002skHSjlVZVE12M28VCadlT6C80_uYczUl2DvRs44Vzvc 2021-11-29 01:54:39,373:DEBUG:acme.client:JWS payload: b'' 2021-11-29 01:54:39,376:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53721687760: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnNrSFNqbFZaVkUxMk0yOFZDYWRsVDZDODBfdVljelVsMkR2UnM0NFZ6dmMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzIxNjg3NzYwIn0", "signature": "j6P1hgURNSrM24FgqxuZKQOo10OjHK9lZ3kuoKb3o9Wx3FNDeEGfAN6Y0irkwul738C-Hgd2R9DaAcgIR7eXBw_6wzOCg-2reep-WMioz8MAlL78x3liUtSY7Zi87Ns9UqC6IR_bGVLTzAOlPtYGuu0BMT2_DrPOQdkfG9VSF_4U1R8wQ0C_OQx6X4GBlKH23NZKjWysOR4Tzh1w54mOqQG76uD4ZcS3pbOuwnyH7pJ2nLGcyLYRsJhNgJKk1qBytEmWwr9tudJJOC39K9Tu3J5qGoghlootWrKqaJaFMXTocCWcxXFmgyM5En2gCpPGjJIFTvd8TLEhqr4vg0Q5lw", "payload": "" } 2021-11-29 01:54:39,445:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53721687760 HTTP/1.1" 200 1505 2021-11-29 01:54:39,446:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 06:54:39 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002STdQgAcM00_GZdAOZjCNI0afHFhf7981-OPunthjz9k X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-06T06:54:34Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/Qp21b-3pIJJl0TiReMUUcb4Cf9KuvXU-oYHbtyOk2yE [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721687760/pF_aRg", "token": "Qp21b-3pIJJl0TiReMUUcb4Cf9KuvXU-oYHbtyOk2yE", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/Qp21b-3pIJJl0TiReMUUcb4Cf9KuvXU-oYHbtyOk2yE", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/Qp21b-3pIJJl0TiReMUUcb4Cf9KuvXU-oYHbtyOk2yE", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-29T06:54:35Z" } ] } 2021-11-29 01:54:39,446:DEBUG:acme.client:Storing nonce: 0002STdQgAcM00_GZdAOZjCNI0afHFhf7981-OPunthjz9k 2021-11-29 01:54:39,446:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-29 01:54:39,447:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-29 01:54:39,447:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/Qp21b-3pIJJl0TiReMUUcb4Cf9KuvXU-oYHbtyOk2yE [75.2.60.5]: "\n\n\n \n Prep: True 2021-11-29 01:54:41,027:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-29 01:54:41,027:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-29 01:54:41,027:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-11-29 01:54:41,031:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-29 01:54:41,032:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-29 01:54:41,038:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-29 01:54:41,191:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-29 01:54:41,191:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 06:54:41 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "wpfMvRFTqOc": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2021-11-29 01:54:41,192:INFO:certbot.main:Renewing an existing certificate 2021-11-29 01:54:41,273:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0461_key-certbot.pem 2021-11-29 01:54:41,280:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0461_csr-certbot.pem 2021-11-29 01:54:41,281:DEBUG:acme.client:Requesting fresh nonce 2021-11-29 01:54:41,281:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-29 01:54:41,332:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-29 01:54:41,332:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 06:54:41 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002e2GKmJ_h64gYK1kZOg8b150FVAqONGj3qFNHqgTygWk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-29 01:54:41,333:DEBUG:acme.client:Storing nonce: 0002e2GKmJ_h64gYK1kZOg8b150FVAqONGj3qFNHqgTygWk 2021-11-29 01:54:41,333:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-11-29 01:54:41,335:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmUyR0ttSl9oNjRnWUsxa1pPZzhiMTUwRlZBcU9OR2ozcUZOSHFnVHlnV2siLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "kvF3PDmAOjCHFxF7l6-6820iIRvnze-QDiJfwTxUjVne4c6YmAz6yzMEazWuC7WTtN80Ri4RMRExxZX9u1mghi-Q7AALnP5-Lr4MWkcy9xtT9gAHwc5KPjnlybXwTRswws2JG-7-r9md9v2YlA5FAtVoNjcUCRD6fYoT3BetUCcnkdoWWl5xJaOvXhj0fAzi-g5_OAnRdGjGzjLqyXqbqQgsHjsrirQbMIHNV54bLiFg7xe321EHaeKdqtO-aWgQWVLCgFIJiGfi9xqoQB8HqmmDh48-GYxkN42nxRR4MR9GCVMUW_W6ovEMfCexexCzLAEfE54i202Sgw4Ui4iyHw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-11-29 01:54:41,447:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-11-29 01:54:41,448:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Mon, 29 Nov 2021 06:54:41 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43328263270 Replay-Nonce: 0002wErDFlz6JVCQk4ecBZWy18LdDI7P88vVsAduQcMrRME X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-06T06:54:41Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53721708330", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53721708340" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43328263270" } 2021-11-29 01:54:41,448:DEBUG:acme.client:Storing nonce: 0002wErDFlz6JVCQk4ecBZWy18LdDI7P88vVsAduQcMrRME 2021-11-29 01:54:41,449:DEBUG:acme.client:JWS payload: b'' 2021-11-29 01:54:41,451:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53721708330: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMndFckRGbHo2SlZDUWs0ZWNCWld5MThMZERJN1A4OHZWc0FkdVFjTXJSTUUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzIxNzA4MzMwIn0", "signature": "DEqL0tJteZKOySlof11QzHUyYHMUKEh_Vjh-KmWIXVZlI2MudsU5xu-a1NOK1EbBvmCSIUOyJyk1MnpMPC6MwNP1D5ohrcibBiwDma0FAtydc4cWW7WaHjsxuhwGmBEAHcuuqdXahodevmcuSWzqRvcd8kD_fru67hD1-LqOa5krWdEl7k0p2T2otMsvwfwUJlUZbZ5TErWjDL3cnpi8E1E1l6_t7qFPNLyfQg3OZDWz9uRkTPXCYZhhUnVWAvyawV1GYkTSbKgpAsG0FqcEmq3bp5yES4la73ao0l3dr0F6xOokQt2HDCqCzuY1nqRINri_c8R95XxAEUTuA11tmw", "payload": "" } 2021-11-29 01:54:41,512:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53721708330 HTTP/1.1" 200 792 2021-11-29 01:54:41,513:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 06:54:41 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002NWKucoZ87g3w1eANk-o8m8fcDCJte3bmdzKHpilEBts X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-06T06:54:41Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721708330/9X0B7Q", "token": "SUhrva_Jzj59Aon5xgZzV5hMkdn4BPSz0VvK6IgPMIU" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721708330/kYhW6w", "token": "SUhrva_Jzj59Aon5xgZzV5hMkdn4BPSz0VvK6IgPMIU" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721708330/Dd6ieQ", "token": "SUhrva_Jzj59Aon5xgZzV5hMkdn4BPSz0VvK6IgPMIU" } ] } 2021-11-29 01:54:41,513:DEBUG:acme.client:Storing nonce: 0002NWKucoZ87g3w1eANk-o8m8fcDCJte3bmdzKHpilEBts 2021-11-29 01:54:41,514:DEBUG:acme.client:JWS payload: b'' 2021-11-29 01:54:41,516:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53721708340: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMk5XS3Vjb1o4N2czdzFlQU5rLW84bThmY0RDSnRlM2JtZHpLSHBpbEVCdHMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzIxNzA4MzQwIn0", "signature": "JRlRaHWzocBPVIwbOGilLJfTVLvHZn8diLSSHvqFSLRCmbZoVSxc-tYzOqrcicM8Uy-9CdufHIIXwgg3OsltdqSjPvq7fuD-9otsMr7zj8uRcYB7Xj5enzTL5mK3Tp04ZjSozCn662pv-vi_AKmQQAoSsV14Xdx115h5VrhfHKbfLspUwsrdJXwacA_mBoFs-TXj3IZYSK_k7o7oPm3Gn9vYzDp73wIaKGcyGhqChbFICaPJn719riqND_fJOU7QLIbOgMfpxzEMVw0zeTF6OOOPcUJqz16XASq9fHf14FfDCpfBWlCrgh0Pqj8I-Kco4t75EKixlutKlpiULg2lhQ", "payload": "" } 2021-11-29 01:54:41,584:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53721708340 HTTP/1.1" 200 796 2021-11-29 01:54:41,585:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 06:54:41 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002E9GSSM1lRh3JysKuOuP_lVvchGZUh4sGt5fKuWBpgvs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-06T06:54:41Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721708340/odF3mw", "token": "iS-WCG-6PKqPqsjbXr_c2itMBykmA1YRZo9Irpfi7ig" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721708340/JjVy8Q", "token": "iS-WCG-6PKqPqsjbXr_c2itMBykmA1YRZo9Irpfi7ig" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721708340/x7vDsQ", "token": "iS-WCG-6PKqPqsjbXr_c2itMBykmA1YRZo9Irpfi7ig" } ] } 2021-11-29 01:54:41,585:DEBUG:acme.client:Storing nonce: 0002E9GSSM1lRh3JysKuOuP_lVvchGZUh4sGt5fKuWBpgvs 2021-11-29 01:54:41,586:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-29 01:54:41,586:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-29 01:54:41,586:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-29 01:54:41,653:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-11-29 01:54:41,654:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-11-29 01:54:41,654:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-11-29 01:54:41,654:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-11-29 01:54:41,655:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-11-29 01:54:41,655:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-11-29 01:54:41,656:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-11-29 01:54:41,656:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-11-29 01:54:41,656:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-11-29 01:54:41,656:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-11-29 01:54:41,657:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-11-29 01:54:41,657:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-11-29 01:54:41,657:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-11-29 01:54:41,658:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-11-29 01:54:41,659:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/SUhrva_Jzj59Aon5xgZzV5hMkdn4BPSz0VvK6IgPMIU{default_type text/plain;return 200 SUhrva_Jzj59Aon5xgZzV5hMkdn4BPSz0VvK6IgPMIU.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot location = /.well-known/acme-challenge/iS-WCG-6PKqPqsjbXr_c2itMBykmA1YRZo9Irpfi7ig{default_type text/plain;return 200 iS-WCG-6PKqPqsjbXr_c2itMBykmA1YRZo9Irpfi7ig.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-11-29 01:54:42,687:INFO:certbot.auth_handler:Waiting for verification... 2021-11-29 01:54:42,688:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-29 01:54:42,690:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721708330/9X0B7Q: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkU5R1NTTTFsUmgzSnlzS3VPdVBfbFZ2Y2hHWlVoNHNHdDVmS3VXQnBndnMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNzIxNzA4MzMwLzlYMEI3USJ9", "signature": "fCHGWZkxCGVN1D4lSIjLGLQCDZCdXKTJnld0fQJ-HcnG6-jjTx4x1Yrw6eiB74c2lKHbWTr9_m6l-e55h5UfLZMv4nbjRZYSLCkD8aZMKa53iJ-FuYHROrvI2IlHIT6FUEMmRbmRpoZd5FvaIdBUA7pAXkU9mP8ulQevwjP8RiWCyXiLf6sUSnKies1rtLuox4IHcGuJ0iCOJQd7aFG2TbUk3QPiqdwrevucgEGAEkJrkV_yXMb23y6WMiN4ccYxoGOiFz2Oz7sGW27wdn4E8FMEmGrXWEgbLFhfPp8wrrPQea3KQerC_odeBeYgxyMhBz0LM7PA7Q_cH7g0SvK2dQ", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-29 01:54:42,757:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53721708330/9X0B7Q HTTP/1.1" 200 186 2021-11-29 01:54:42,758:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 06:54:42 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721708330/9X0B7Q Replay-Nonce: 0002I5kLY-v7t5ToFLcryD-B6vgtCUwTpmEVKGtuLRmVEU0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721708330/9X0B7Q", "token": "SUhrva_Jzj59Aon5xgZzV5hMkdn4BPSz0VvK6IgPMIU" } 2021-11-29 01:54:42,758:DEBUG:acme.client:Storing nonce: 0002I5kLY-v7t5ToFLcryD-B6vgtCUwTpmEVKGtuLRmVEU0 2021-11-29 01:54:42,759:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-29 01:54:42,761:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721708340/odF3mw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkk1a0xZLXY3dDVUb0ZMY3J5RC1CNnZndENVd1RwbUVWS0d0dUxSbVZFVTAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNzIxNzA4MzQwL29kRjNtdyJ9", "signature": "ACetSeOZvFOcDnv8NtsHHV9gvD4tHA0bOmA4FIJXvVklEUNKnCzLlJpGaFaf8PRXqZAWy92ZbbqSu7onDEUHQBs2H5Z8i54ks3S8SPcZXXWJBl368fBPddIpX3Taxl02BonJdJcal1Y_lENDI9A57yrfg6OA762MoiHqw57pajsrd10PBcSW_e0EVxgFsOMQAeuOWAy-F9YkE_G2CHDkkRh5LOxjeOz7ESieT8epGe1T-PwJI3Vk9fJIeEy73NN-PyXs7f2-7cRiNvxpMn5TfJdimvDa8c6JCU0OBFpKorxyIc27MlyPki5fXnTVEsWIhN3ZB-YW9-Ozeoegwmo-cA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-29 01:54:42,840:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53721708340/odF3mw HTTP/1.1" 200 186 2021-11-29 01:54:42,841:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 06:54:42 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721708340/odF3mw Replay-Nonce: 0002RhzUslWEjluEM30Si6vSu9bQUZBkOLaFuy3u36PCjPk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721708340/odF3mw", "token": "iS-WCG-6PKqPqsjbXr_c2itMBykmA1YRZo9Irpfi7ig" } 2021-11-29 01:54:42,841:DEBUG:acme.client:Storing nonce: 0002RhzUslWEjluEM30Si6vSu9bQUZBkOLaFuy3u36PCjPk 2021-11-29 01:54:43,843:DEBUG:acme.client:JWS payload: b'' 2021-11-29 01:54:43,845:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53721708330: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlJoelVzbFdFamx1RU0zMFNpNnZTdTliUVVaQmtPTGFGdXkzdTM2UENqUGsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzIxNzA4MzMwIn0", "signature": "UpdLoc9WiCV5HcejV8aiquyFih-Afi3n3pKUDionhNaZZUBDJ8FBB4K2dwstgtSTmXnrEpl8a-Zvsw-ChrHlUeIcwY8tScqE4Bt8o3omSQzbJG_Ab8vyztRaInfUqiHdNqXw-uJ2vqlmD8cx4JjtW1QhCsBDbDOnpN3rrpso55kdKRpEUS7ZJfcxraiPKetcEYOuE4LGjrHCQYrPCDoz9Sgr3NU22UFYihGZr6nBldc_gDGPsXXhiy_ROcmpTkGT2D3sgn_AV_UGUnocUZSi8GcjDAzNTg6uaEHbd4pnA2vOETJCxqoW4XpxxWbF-e3UXX8-1F-Cf4wiNGzdSWUdXw", "payload": "" } 2021-11-29 01:54:43,909:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53721708330 HTTP/1.1" 200 1505 2021-11-29 01:54:43,910:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 06:54:43 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002LUnVG7KMttNWBS6mLNVhvp7Wd07WJBlZFca1hn0MnBA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-06T06:54:41Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/SUhrva_Jzj59Aon5xgZzV5hMkdn4BPSz0VvK6IgPMIU [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721708330/9X0B7Q", "token": "SUhrva_Jzj59Aon5xgZzV5hMkdn4BPSz0VvK6IgPMIU", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/SUhrva_Jzj59Aon5xgZzV5hMkdn4BPSz0VvK6IgPMIU", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/SUhrva_Jzj59Aon5xgZzV5hMkdn4BPSz0VvK6IgPMIU", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-29T06:54:42Z" } ] } 2021-11-29 01:54:43,910:DEBUG:acme.client:Storing nonce: 0002LUnVG7KMttNWBS6mLNVhvp7Wd07WJBlZFca1hn0MnBA 2021-11-29 01:54:43,911:DEBUG:acme.client:JWS payload: b'' 2021-11-29 01:54:43,912:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53721708340: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkxVblZHN0tNdHROV0JTNm1MTlZodnA3V2QwN1dKQmxaRmNhMWhuME1uQkEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzIxNzA4MzQwIn0", "signature": "aHJH2nevTLzEELatL7EF0wL5--SFj2lB5fmdtN8jS0mUaacEf7OSi2Ohgs6AqJA0soIygqPw-cO0FriPwBKV2msoAufRvQ3P71PHWGoNoqkWbE3Fbr-XU6zgaUZYS3PBnhq7O57fyb599M8N-vAsiCUsRCGN6W_MhWPFybsSgf_7DkZ1YynKdpaGTOrVBVKpacxTQOu8tkuIIRO4HZpk5IjAPvsqUJ_lLTKZdK2HzqWyB29Q1BJxVSMuksYPKlLm17rH0UUWmtXP8TYXB8ovyvXdObcW0VNu2LNFeKeCtt2SytCBJ4SEPIZtHOt20M6iwlTZQUnuD8JGh76v-jEM9g", "payload": "" } 2021-11-29 01:54:43,973:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53721708340 HTTP/1.1" 200 796 2021-11-29 01:54:43,974:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 06:54:43 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001sltr6r1Px_Kb5K8HIfyEQ923h791kbnV3d7rxNrHdvE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-06T06:54:41Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721708340/odF3mw", "token": "iS-WCG-6PKqPqsjbXr_c2itMBykmA1YRZo9Irpfi7ig" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721708340/JjVy8Q", "token": "iS-WCG-6PKqPqsjbXr_c2itMBykmA1YRZo9Irpfi7ig" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721708340/x7vDsQ", "token": "iS-WCG-6PKqPqsjbXr_c2itMBykmA1YRZo9Irpfi7ig" } ] } 2021-11-29 01:54:43,974:DEBUG:acme.client:Storing nonce: 0001sltr6r1Px_Kb5K8HIfyEQ923h791kbnV3d7rxNrHdvE 2021-11-29 01:54:43,975:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-29 01:54:46,979:DEBUG:acme.client:JWS payload: b'' 2021-11-29 01:54:46,981:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53721708340: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXNsdHI2cjFQeF9LYjVLOEhJZnlFUTkyM2g3OTFrYm5WM2Q3cnhOckhkdkUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzIxNzA4MzQwIn0", "signature": "a3BeXawXsJwYUtlfFw8H4DaXTJvLegsYC_3LGHmdBfdaEYSvTYR7vRm0w2wwR-kfApoelnRPE8AEFMnS2dfCRZSiJs45NRJYHLxBmYsgNDBE2nxSojrtEtqO7ndAtgsKagQcxtcxYGPystE9vVPkQ2Cuk6gCVIva5skeS0xrLDRwR9GhFL7XawG2X3KxUktr1vAOxMzUJv4d30LL-eIhdfkavKQigmvbPee68iucLwklV_fFBfvQzR8CAEtAQFUfeCegkgaQ-mqfvjb2mgWivcKg9JTHA0Om3jMklyMjjYobb1tzFvRgfzVArN7otvzlXlUCW5H5P3zPQlV1TQ2etQ", "payload": "" } 2021-11-29 01:54:47,046:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53721708340 HTTP/1.1" 200 1826 2021-11-29 01:54:47,047:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 06:54:47 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002ReMDXVzXXsx9xCkCc9_Xae01R-GEqbj_NOsxYQlLO5c X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-06T06:54:41Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/iS-WCG-6PKqPqsjbXr_c2itMBykmA1YRZo9Irpfi7ig [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53721708340/odF3mw", "token": "iS-WCG-6PKqPqsjbXr_c2itMBykmA1YRZo9Irpfi7ig", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/iS-WCG-6PKqPqsjbXr_c2itMBykmA1YRZo9Irpfi7ig", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/iS-WCG-6PKqPqsjbXr_c2itMBykmA1YRZo9Irpfi7ig", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/iS-WCG-6PKqPqsjbXr_c2itMBykmA1YRZo9Irpfi7ig", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-29T06:54:42Z" } ] } 2021-11-29 01:54:47,047:DEBUG:acme.client:Storing nonce: 0002ReMDXVzXXsx9xCkCc9_Xae01R-GEqbj_NOsxYQlLO5c 2021-11-29 01:54:47,048:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-11-29 01:54:47,048:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-29 01:54:47,048:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-29 01:54:47,048:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/SUhrva_Jzj59Aon5xgZzV5hMkdn4BPSz0VvK6IgPMIU [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-11-29 01:54:48,282:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-11-29 01:54:48,282:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-11-29 01:54:48,283:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-11-29 02:43:01,468:DEBUG:certbot.main:certbot version: 0.40.0 2021-11-29 02:43:01,469:DEBUG:certbot.main:Arguments: ['--standalone', '--pre-hook', '/bin/systemctl stop nginx', '--post-hook', '/bin/systemctl start nginx', '--quiet'] 2021-11-29 02:43:01,469:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-11-29 02:43:01,486:DEBUG:certbot.log:Root logging level set at 30 2021-11-29 02:43:01,487:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-11-29 02:43:01,500:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer 2021-11-29 02:43:01,501:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-29 02:43:01,501:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-29 02:43:01,501:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-29 02:43:01,520:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 02:43:01,521:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 02:43:01,522:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 02:43:01,524:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-29 02:43:01,524:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-29 02:43:01,524:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-29 02:43:01,528:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 02:43:01,529:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 02:43:01,530:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 02:43:01,532:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-29 02:43:01,532:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-29 02:43:01,532:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-29 02:43:01,536:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 02:43:01,537:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 02:43:01,538:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 02:43:01,540:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-29 02:43:01,540:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-29 02:43:01,540:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-29 02:43:01,544:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 02:43:01,545:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 02:43:01,545:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 02:43:01,547:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-29 02:43:01,547:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-29 02:43:01,547:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-29 02:43:01,553:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 02:43:01,555:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 02:43:01,555:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 02:43:01,557:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-29 02:43:01,560:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-11-29 02:43:01,560:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-11-29 02:43:01,560:INFO:certbot.renewal:Non-interactive renewal: random delay of 26.30235819872229 seconds 2021-11-29 02:43:27,868:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 02:43:28,194:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-29 02:43:28,195:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-11-29 02:43:28,195:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-29 02:43:28,195:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-11-29 02:43:28,200:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-29 02:43:28,202:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-29 02:43:28,205:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-29 02:43:28,371:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-29 02:43:28,372:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 07:43:28 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "tGkDO7G3ad8": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2021-11-29 02:43:28,372:INFO:certbot.hooks:Running pre-hook command: /bin/systemctl stop nginx 2021-11-29 02:43:28,413:INFO:certbot.main:Renewing an existing certificate 2021-11-29 02:43:28,508:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0462_key-certbot.pem 2021-11-29 02:43:28,518:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0462_csr-certbot.pem 2021-11-29 02:43:28,519:DEBUG:acme.client:Requesting fresh nonce 2021-11-29 02:43:28,519:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-29 02:43:28,571:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-29 02:43:28,572:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 07:43:28 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002GsuKhhVnW2qzxjDxq_HW-qba_7guxnkWlNUhkezkkPE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-29 02:43:28,572:DEBUG:acme.client:Storing nonce: 0002GsuKhhVnW2qzxjDxq_HW-qba_7guxnkWlNUhkezkkPE 2021-11-29 02:43:28,573:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-11-29 02:43:28,576:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkdzdUtoaFZuVzJxenhqRHhxX0hXLXFiYV83Z3V4bmtXbE5VaGtlemtrUEUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "LGgVEIZzPAYuJm_oBe8SzsV50sbAt2ISQJbGUXiPYmPgB7uGBboNSvwBS_hRdkkojARvLXTy_RYSpF7befZ7TuhEe4qgB6R584qqCyYR4dHhEr8cGKuGNtA3NAtj65R_toBTsG25JhrsBBhvEaWJwaeMJ80zfggXlbaOACBRBOdYNzHKgVrvQzW6UjyEwgHaMpVXZwX7D0b3a83gFo5K-UDI3mx_Gso7pLUtklJUcOZU_7j-g_y1ZSck_Dp8wfsvuVjN6M8lWPdPcEtP4zEDGCvAm9GwnOT44hL_K0wc7oyGCbJpqzeBXxZaz8PQjLMhSfADPoNbI5692r48Ew4siQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-11-29 02:43:29,418:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-11-29 02:43:29,419:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Mon, 29 Nov 2021 07:43:29 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43336921170 Replay-Nonce: 0002yOgIm2qWZnCQidjqYFWfi95pOiivh8_AiZcQpP2jXoc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-06T07:43:29Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53732040220" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43336921170" } 2021-11-29 02:43:29,419:DEBUG:acme.client:Storing nonce: 0002yOgIm2qWZnCQidjqYFWfi95pOiivh8_AiZcQpP2jXoc 2021-11-29 02:43:29,420:DEBUG:acme.client:JWS payload: b'' 2021-11-29 02:43:29,422:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53732040220: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnlPZ0ltMnFXWm5DUWlkanFZRldmaTk1cE9paXZoOF9BaVpjUXBQMmpYb2MiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzMyMDQwMjIwIn0", "signature": "eUaN0bwaXtMmzgibjfLr2nKehbm6O96x5DY8bjNL6tRnBLJuaud4W64RDgXwOz2T9fGcJBEfUp0BnjoKdk-7Be-RXPza9lnyVgrqUUmxlIIOW_apnbHnJv2iw2YeoCDV8lXZsSYLzhUzMuDFv1AscmV1ddTjGz6yfIBC8U3MPbe-PyeL6ww2GrZWkeWaZruQQaym52rWfEAAe5jh6ZqpKlsy37TOkzqTNXu7FiIBYMj1L1EF9wBkfhk0ky2rCTTEE-yVAEsM6SfUiu580Kd_2Aj00XKHdmebhRUQlHRXegcW6c_NC6AtEox3z2C2OcNCoO51T33tmTwMbmB7SCIIjQ", "payload": "" } 2021-11-29 02:43:29,485:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53732040220 HTTP/1.1" 200 792 2021-11-29 02:43:29,486:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 07:43:29 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002QqGbNpMhq2IOYkuMMxwDGvnvwBTGkTHKV08t120QwK0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-06T07:43:29Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732040220/4fBnPg", "token": "CKzfbGzfUDTh5QEGLLtDeWeu_d-cjlTpd86synedxOM" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732040220/sOOJNw", "token": "CKzfbGzfUDTh5QEGLLtDeWeu_d-cjlTpd86synedxOM" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732040220/T9S0QA", "token": "CKzfbGzfUDTh5QEGLLtDeWeu_d-cjlTpd86synedxOM" } ] } 2021-11-29 02:43:29,486:DEBUG:acme.client:Storing nonce: 0002QqGbNpMhq2IOYkuMMxwDGvnvwBTGkTHKV08t120QwK0 2021-11-29 02:43:29,487:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-29 02:43:29,487:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-29 02:43:29,487:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-11-29 02:43:29,487:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-11-29 02:43:29,491:INFO:certbot.auth_handler:Waiting for verification... 2021-11-29 02:43:29,491:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-29 02:43:29,493:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732040220/4fBnPg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlFxR2JOcE1ocTJJT1lrdU1NeHdER3ZudndCVEdrVEhLVjA4dDEyMFF3SzAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNzMyMDQwMjIwLzRmQm5QZyJ9", "signature": "diif0zsXt22qsy2sJeLK_V8lFyAe-IhuOM8xpbMx9TAGK96zEhiZLzyjJ9AR23Twx9NyTjbBkZTbv4FDHWHgxssyQLo6mYwdgAA_BZX7dNm5TueIF11cYIpxC6hwvDTzo-A3QvobXaF6gbdy4vG6R8BEfmZQfDP4yoNuIgy0QQuBKmmptQUx3iGnGDS0Sbu_bJGgKFK-lQxnBxuDXPDGKsAGhrjrFp04pMLVOBVjjChCDvKiItcLkHEGf-pWfrLu_eq9JJZSSbacOOJQ5EWHQlIFu-58Oq5w6p8w57M9zEtHIwe7EvAKFV4QLhbKhDnqYjdbTs9OkH-Ozqv6v-9N1g", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-29 02:43:29,562:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53732040220/4fBnPg HTTP/1.1" 200 186 2021-11-29 02:43:29,563:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 07:43:29 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732040220/4fBnPg Replay-Nonce: 0002wmI4CXVBL8OVQY4PeW5IpqFTqzO7XF5LgprylFZwqvU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732040220/4fBnPg", "token": "CKzfbGzfUDTh5QEGLLtDeWeu_d-cjlTpd86synedxOM" } 2021-11-29 02:43:29,563:DEBUG:acme.client:Storing nonce: 0002wmI4CXVBL8OVQY4PeW5IpqFTqzO7XF5LgprylFZwqvU 2021-11-29 02:43:30,565:DEBUG:acme.client:JWS payload: b'' 2021-11-29 02:43:30,568:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53732040220: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMndtSTRDWFZCTDhPVlFZNFBlVzVJcHFGVHF6TzdYRjVMZ3ByeWxGWndxdlUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzMyMDQwMjIwIn0", "signature": "KYyuJiVJTEt2xomb7NAxAV9ZBhDR53UKeUWtUuCpe5ohzi_X-vqCPp2AmzxTSnmeUV63KZPeWwEXk-x9Njzfmg5G8JQ5TsnLk12I1xp_pk3FLHiUOFEpgwA7P31rfl8A_ARb-L3ELac1uBR-kO4Ut30BVldSSr6U1u-xxWNsuXLAk48J-oqLVela2VCEJFYu80xZoyjgOuf3_4shbIzdw9ytUFbwP3GrAmtquDnXCIKPS1KPDrl4uNwvVabQmCuolJ2RC5Yg_xHMQfLlpWkOn4PdQoqH_l6rXpgCpIsZ7LeK9E9yNgnpNvPGHDkolhwHiQuf_L9ll7ff_56ACaRf5w", "payload": "" } 2021-11-29 02:43:30,644:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53732040220 HTTP/1.1" 200 792 2021-11-29 02:43:30,645:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 07:43:30 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001RAU4kB2Eag0_7ZtvXs20vOzsQcxH8g8h-mb1kPh9XqY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-06T07:43:29Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732040220/4fBnPg", "token": "CKzfbGzfUDTh5QEGLLtDeWeu_d-cjlTpd86synedxOM" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732040220/sOOJNw", "token": "CKzfbGzfUDTh5QEGLLtDeWeu_d-cjlTpd86synedxOM" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732040220/T9S0QA", "token": "CKzfbGzfUDTh5QEGLLtDeWeu_d-cjlTpd86synedxOM" } ] } 2021-11-29 02:43:30,645:DEBUG:acme.client:Storing nonce: 0001RAU4kB2Eag0_7ZtvXs20vOzsQcxH8g8h-mb1kPh9XqY 2021-11-29 02:43:33,649:DEBUG:acme.client:JWS payload: b'' 2021-11-29 02:43:33,651:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53732040220: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVJBVTRrQjJFYWcwXzdadHZYczIwdk96c1FjeEg4ZzhoLW1iMWtQaDlYcVkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzMyMDQwMjIwIn0", "signature": "JqoTAd8wsq-3-Muk40Txbg6jBRRKBsBsaB5IVf23QipPtt1vrNwAjpJiGyGQufF3pSNWx8QPDrQuNaOK7_hz52mIudousgkYOFsQgBv3TxKXemqaco8Ep7faabchmJN5sciyH4GAFP-JocWrmS7svVylLlhQUjc4N4W-_fD52ZTWR9llp1bbsKdBRvtxapcx4bx8o9BaL19C94bpSIs7R6IPf2z_ORLWz0mAt0CDTO1iohlfVVecrn2P-_Gx7QRdnDvVYDCjNVTnHR8flk-tqgFzn9Ld_frXc5QitMonrvJ_pBNjnZFy9oc_ubjxj5Dp6QjXzaHKbu7v_VqM1mHV4w", "payload": "" } 2021-11-29 02:43:33,714:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53732040220 HTTP/1.1" 200 1505 2021-11-29 02:43:33,715:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 07:43:33 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002Z6FOfHGMolBOP64XL0BOkAEYnI3rAE2CwbJPp-AgqyI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-06T07:43:29Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/CKzfbGzfUDTh5QEGLLtDeWeu_d-cjlTpd86synedxOM [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732040220/4fBnPg", "token": "CKzfbGzfUDTh5QEGLLtDeWeu_d-cjlTpd86synedxOM", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/CKzfbGzfUDTh5QEGLLtDeWeu_d-cjlTpd86synedxOM", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/CKzfbGzfUDTh5QEGLLtDeWeu_d-cjlTpd86synedxOM", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-29T07:43:29Z" } ] } 2021-11-29 02:43:33,715:DEBUG:acme.client:Storing nonce: 0002Z6FOfHGMolBOP64XL0BOkAEYnI3rAE2CwbJPp-AgqyI 2021-11-29 02:43:33,716:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-29 02:43:33,716:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-29 02:43:33,717:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/CKzfbGzfUDTh5QEGLLtDeWeu_d-cjlTpd86synedxOM [75.2.60.5]: "\n\n\n \n Prep: True 2021-11-29 02:43:34,239:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-11-29 02:43:34,239:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-29 02:43:34,239:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-11-29 02:43:34,242:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-29 02:43:34,243:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-29 02:43:34,245:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-29 02:43:34,397:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-29 02:43:34,397:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 07:43:34 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "5kNCJJNs3jw": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-11-29 02:43:34,398:INFO:certbot.hooks:Pre-hook command already run, skipping: /bin/systemctl stop nginx 2021-11-29 02:43:34,398:INFO:certbot.main:Renewing an existing certificate 2021-11-29 02:43:34,430:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0463_key-certbot.pem 2021-11-29 02:43:34,436:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0463_csr-certbot.pem 2021-11-29 02:43:34,437:DEBUG:acme.client:Requesting fresh nonce 2021-11-29 02:43:34,437:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-29 02:43:34,488:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-29 02:43:34,488:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 07:43:34 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002ZYp572RUNZzQx65JEbt97gjMZD96FJIBARXC3GYKfdM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-29 02:43:34,489:DEBUG:acme.client:Storing nonce: 0002ZYp572RUNZzQx65JEbt97gjMZD96FJIBARXC3GYKfdM 2021-11-29 02:43:34,489:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-11-29 02:43:34,491:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlpZcDU3MlJVTlp6UXg2NUpFYnQ5N2dqTVpEOTZGSklCQVJYQzNHWUtmZE0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "BdbR0fBej5Upws4Li5UlYlYyU75L8WvDeSsf5p73Knnsj5DcoYsVzOO7-TF6CQpy5iFvtv5lTTdceTnJdWIvyAQQ1QX2WyW_6yP9C4hwW7D9L0pU0CpgRXpaooOzTVG6HiUs5bk88qDcyn59-xNT0TMv-P1-_7--TZ8KIXMvvfwMVA4V9P8UrcO1dk6W3MqeE6vYOZzeLpehKwPpOXivHPPQ6_hedDcxc1pKoHsne4Th8cAnEnhYbe1r54TXdgQ3o6qq7ddwwiJmzWhfnH0Xm-8U7ZhnKDWmudmD_utUTwR-1HFf7rNYpjK3lbLjSYpYTxVyUwewzN-fjMoku-KWTQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-11-29 02:43:34,622:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-11-29 02:43:34,623:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Mon, 29 Nov 2021 07:43:34 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43336934610 Replay-Nonce: 0002xYaEBYSvQLkETw4g6Z0vAk7sVr_oOX0helW-zeQldqU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-06T07:43:34Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53732056460", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53732056470" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43336934610" } 2021-11-29 02:43:34,623:DEBUG:acme.client:Storing nonce: 0002xYaEBYSvQLkETw4g6Z0vAk7sVr_oOX0helW-zeQldqU 2021-11-29 02:43:34,624:DEBUG:acme.client:JWS payload: b'' 2021-11-29 02:43:34,626:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53732056460: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnhZYUVCWVN2UUxrRVR3NGc2WjB2QWs3c1ZyX29PWDBoZWxXLXplUWxkcVUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzMyMDU2NDYwIn0", "signature": "NGsGbZGEC0vkhkLGYF67Dfd3glL8JYK0b5cF7ncx5kBJv4OelCfrkLZC_pG9nB2iLYZrZN6KT4qJmDY1xyorMnWTYtuhqVoleSaCtxMPf63ceQggFYbIYrFQahISFmafLcL8AMzBztwbgqIGj2NKpswtc-FoNwyFp6ePwEKEEbzLImB13FRP9vPOVnFowQkEnvTuIw0PsEgBaLdxTQpei9N_ZsEUzM8CWemEhDpOvJwiCxxzIp9o8n0HRed04fbmmNjtCNcbgrCrD_fOY-qYWAGRYUBWkQSXlEH9-mSJ_WLnSn04qj6HdLsRdBNa1m5-JdEMMptsUCzUykwCimVO6Q", "payload": "" } 2021-11-29 02:43:34,686:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53732056460 HTTP/1.1" 200 792 2021-11-29 02:43:34,687:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 07:43:34 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001GxIS_Kq_MynR7NBln3n_IZcMQgKuk3jHz6G7SL8v-DI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-06T07:43:34Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732056460/78IHQA", "token": "6Ji9c6yE5Wal7HawPoeGfesI7v0TU2q6RbS4EKML8as" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732056460/tF91fQ", "token": "6Ji9c6yE5Wal7HawPoeGfesI7v0TU2q6RbS4EKML8as" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732056460/T2Aq0w", "token": "6Ji9c6yE5Wal7HawPoeGfesI7v0TU2q6RbS4EKML8as" } ] } 2021-11-29 02:43:34,688:DEBUG:acme.client:Storing nonce: 0001GxIS_Kq_MynR7NBln3n_IZcMQgKuk3jHz6G7SL8v-DI 2021-11-29 02:43:34,688:DEBUG:acme.client:JWS payload: b'' 2021-11-29 02:43:34,690:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53732056470: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUd4SVNfS3FfTXluUjdOQmxuM25fSVpjTVFnS3VrM2pIejZHN1NMOHYtREkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzMyMDU2NDcwIn0", "signature": "Ly_-5jfpcuIISf_ZGlTLIt_yoEe9Q9O9TOHZq5-jvjc-7IP93J-3iYQgVThhKg9SZPKot8ut1DvKe3GVNR3KLd8KGyIjE1b6TuUwXkbCnjd4OE0NVgNb10JBbt5nro59LNGR30bFYE3_RWTFS5U-0-6p_QT2f9zqDrWCLlAX3OE3YOQN3LEjEi9sxEhPpDqRc-scayDZ5v8_-BlADSBAS-IJYWINvELD9bwm4zVSaxpdeb1I5uP9mSUt3WX_Nxc6dzp1A43-yg45203IoCKbLVTgk9bG6Tq01nNgEwAy1NI4tgPPEWfzrUHFwBWZ5swYS0tXyzJPVMg0tq8f3qdcfg", "payload": "" } 2021-11-29 02:43:34,755:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53732056470 HTTP/1.1" 200 796 2021-11-29 02:43:34,756:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 07:43:34 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002e05P5oEjm1TrttAwGQG-fwPOLKQrTIvprcZHPr5ojs8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-06T07:43:34Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732056470/3ZNfmA", "token": "gI5DaHND0S6bGgrNvwQyOcvDJ_ZYQuVTU6Z_S1VLqMY" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732056470/iltnaw", "token": "gI5DaHND0S6bGgrNvwQyOcvDJ_ZYQuVTU6Z_S1VLqMY" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732056470/5_P6Dw", "token": "gI5DaHND0S6bGgrNvwQyOcvDJ_ZYQuVTU6Z_S1VLqMY" } ] } 2021-11-29 02:43:34,756:DEBUG:acme.client:Storing nonce: 0002e05P5oEjm1TrttAwGQG-fwPOLKQrTIvprcZHPr5ojs8 2021-11-29 02:43:34,756:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-29 02:43:34,757:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-29 02:43:34,757:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-29 02:43:34,757:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-11-29 02:43:34,757:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-11-29 02:43:34,763:INFO:certbot.auth_handler:Waiting for verification... 2021-11-29 02:43:34,763:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-29 02:43:34,765:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732056460/78IHQA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmUwNVA1b0VqbTFUcnR0QXdHUUctZndQT0xLUXJUSXZwcmNaSFByNW9qczgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNzMyMDU2NDYwLzc4SUhRQSJ9", "signature": "eepuoevOYf2YooN95o93nX2dEac-iv1mKsWSYSgJLaFAcQI3O6ZJ_1q3vgN8scTXKAPd81XAeAqqIOZ5DFRV0NWWBYq7W92IFQvke1hfV3XPUenqoCnH3-RxQhxtCA8369rhlNGzrotQRj8lEcpYgdjkNxv4jI1FBrHWbD9RljNyQQQtoVgFacfRNhXdr9vCPVdhBTURujNmHQbuk5Qc47vhnb4naBr3_trzCNfux0M852B3xn7mkTmN1YT_4LYBlDInJKRoSAPHVwZaYpZSKBEf13C0Quwq3cd8hIG8hwbbHSp_iYtjZ7FU5oG-3Oz8CTJ1Ut5CPTxx6_llF36d8A", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-29 02:43:34,832:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53732056460/78IHQA HTTP/1.1" 200 186 2021-11-29 02:43:34,833:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 07:43:34 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732056460/78IHQA Replay-Nonce: 0002teObllcelmQJWxwfMRRAmiES5qFkYfz-uUT8Dn4Gugg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732056460/78IHQA", "token": "6Ji9c6yE5Wal7HawPoeGfesI7v0TU2q6RbS4EKML8as" } 2021-11-29 02:43:34,833:DEBUG:acme.client:Storing nonce: 0002teObllcelmQJWxwfMRRAmiES5qFkYfz-uUT8Dn4Gugg 2021-11-29 02:43:34,833:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-29 02:43:34,835:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732056470/3ZNfmA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnRlT2JsbGNlbG1RSld4d2ZNUlJBbWlFUzVxRmtZZnotdVVUOERuNEd1Z2ciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNzMyMDU2NDcwLzNaTmZtQSJ9", "signature": "CXAw1eHVsC9t8XB6Yr4O4-Nf_GCt8npBK84bnajbFrjF46qVAYefumFM5V4yH7PQVvDWE0zNRbiOPo2_LG-VUMLlKjYp_zGQdWy5nKUXhfRWwqmqYV36XXKDg_LjCbUf5tAaB2pliH2VqhILf68iVMoFGAE3EMgn6yXMbXTlit5XwJBrovAkB1iDJQiO7zAUmYWOkbTXReJ6Z_QAf8wQL7rNLAlIGQvvdvDV8rbPuiMp04m1MPuU4myy8ZUVI6_v-dal2Ri3G8fGjFEtRqaSZ1oP04X8Et_kgMlht4nycobEZE3Sqwbr9SRdiFRF_rmPs3hq8y_yBhXoBoldllu1Xw", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-29 02:43:34,905:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53732056470/3ZNfmA HTTP/1.1" 200 186 2021-11-29 02:43:34,905:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 07:43:34 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732056470/3ZNfmA Replay-Nonce: 00026bpwJUt7bMNFwbYqOejGXWK-9vEYiNa2sL0G0R82aiw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732056470/3ZNfmA", "token": "gI5DaHND0S6bGgrNvwQyOcvDJ_ZYQuVTU6Z_S1VLqMY" } 2021-11-29 02:43:34,906:DEBUG:acme.client:Storing nonce: 00026bpwJUt7bMNFwbYqOejGXWK-9vEYiNa2sL0G0R82aiw 2021-11-29 02:43:35,907:DEBUG:acme.client:JWS payload: b'' 2021-11-29 02:43:35,910:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53732056460: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjZicHdKVXQ3Yk1ORndiWXFPZWpHWFdLLTl2RVlpTmEyc0wwRzBSODJhaXciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzMyMDU2NDYwIn0", "signature": "B0TY-Xf6kOoikK0fnX1WChXskAkyjSVDNFHqUl96yhbsqEdWO134ldwogaW7IlITkuhzmQ4XOxkaG_T2HvDCiqA9FQjG3KoAQ9Rs8yymA1yLuatOH9FsAKVjdXYotLpkf6bZs7Lzv3-Mgtx0IC_fbKeQrX7MvgPpTxf_enERCppsYyk3c7lzqW5jsssH_CRYhmstaqmQ_VLtxeNIhHVul3jZecSYmaNe4Z8GKIBNyT8oohlid5aLc8nuItqV7hm03jm---zCVny7McX1btnr615q2kNzhG6xfpirNHuozlb8GbMTRYex5qPlGhpD3sqeJ9QnUMg4vDEep5dvqpAjZg", "payload": "" } 2021-11-29 02:43:35,969:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53732056460 HTTP/1.1" 200 1505 2021-11-29 02:43:35,970:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 07:43:35 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00026k_Y7ApB-BHvuq5vNX1NiyMAkxEeqU-9rzKi228yJb0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-06T07:43:34Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/6Ji9c6yE5Wal7HawPoeGfesI7v0TU2q6RbS4EKML8as [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732056460/78IHQA", "token": "6Ji9c6yE5Wal7HawPoeGfesI7v0TU2q6RbS4EKML8as", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/6Ji9c6yE5Wal7HawPoeGfesI7v0TU2q6RbS4EKML8as", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/6Ji9c6yE5Wal7HawPoeGfesI7v0TU2q6RbS4EKML8as", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-29T07:43:34Z" } ] } 2021-11-29 02:43:35,970:DEBUG:acme.client:Storing nonce: 00026k_Y7ApB-BHvuq5vNX1NiyMAkxEeqU-9rzKi228yJb0 2021-11-29 02:43:35,971:DEBUG:acme.client:JWS payload: b'' 2021-11-29 02:43:35,973:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53732056470: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjZrX1k3QXBCLUJIdnVxNXZOWDFOaXlNQWt4RWVxVS05cnpLaTIyOHlKYjAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzMyMDU2NDcwIn0", "signature": "H36jYD-owjfejJiuYJ3x216kiNhBhHAnuGNU-wmnjkwMktagVz-oBQ9hSg6giBCsA4CSu1g77bbpzkWlkq7sVRpCpBQ64igzDLrjAXJ2nVxrjkkM6GittR2wH594DpqhnnYdDmezfKtXbTln3CpisVAZbEPPtij-glTYrctjFSQabA1_n05jd7xvumjZWfia_134aM16WMzX7sr-GN1c1wRy4TEj6GCWjYeI7oIEHdDV4w-JgGSuhE6J5emIjk1G79v3vJCEjc02hAZHtQyGTFLDCaYcLKf110750ayFmNpcwtErJDlMaKPhOZXo1Ya4P_xijTTNOUNfKQDi19hM1Q", "payload": "" } 2021-11-29 02:43:36,038:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53732056470 HTTP/1.1" 200 796 2021-11-29 02:43:36,039:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 07:43:36 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002yfaydU3HVyaExWkUxRu2TYVUgo_ehsPBTJVrRefboG0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-06T07:43:34Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732056470/3ZNfmA", "token": "gI5DaHND0S6bGgrNvwQyOcvDJ_ZYQuVTU6Z_S1VLqMY" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732056470/iltnaw", "token": "gI5DaHND0S6bGgrNvwQyOcvDJ_ZYQuVTU6Z_S1VLqMY" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732056470/5_P6Dw", "token": "gI5DaHND0S6bGgrNvwQyOcvDJ_ZYQuVTU6Z_S1VLqMY" } ] } 2021-11-29 02:43:36,039:DEBUG:acme.client:Storing nonce: 0002yfaydU3HVyaExWkUxRu2TYVUgo_ehsPBTJVrRefboG0 2021-11-29 02:43:36,040:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-29 02:43:39,043:DEBUG:acme.client:JWS payload: b'' 2021-11-29 02:43:39,045:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53732056470: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnlmYXlkVTNIVnlhRXhXa1V4UnUyVFlWVWdvX2Voc1BCVEpWclJlZmJvRzAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzMyMDU2NDcwIn0", "signature": "YdNZMHBtmBpI6JUCOMqQuJPAWsWedFwDtLSYKmFUfiZ1PTg7w6sF0nZAU2Ggv9sGP4tStmdh0dnpNcfXGI7sbgQmLjKhAKTRVH2dLE8owaoUJAj9GWjPU6XXtL7OgkHrQUIkYzrxpGQpBpw2SI1wH68GH6Ud8SSWQSIbSc65du2dtyBmBjnU-SOsJ6j4RWiOF2DaweDRuNWaymRhIlBkO6WdZGAa3_3bNS-1Ceat1ZxILkSFzUviQOoNSpU30_WrRDo6NUIUwWCY3b1GTgclsOErH-jeApxdSMNye0P7ibRNmZgX4tQCgZo1XWh3sUlfANwRtyrne5HG8VRPhGSEZQ", "payload": "" } 2021-11-29 02:43:39,108:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53732056470 HTTP/1.1" 200 1826 2021-11-29 02:43:39,109:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 07:43:39 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002sjDrGbyOMJSn91-A3WUha50OuPGCE5EPHia9gC1Mq-M X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-06T07:43:34Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/gI5DaHND0S6bGgrNvwQyOcvDJ_ZYQuVTU6Z_S1VLqMY [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53732056470/3ZNfmA", "token": "gI5DaHND0S6bGgrNvwQyOcvDJ_ZYQuVTU6Z_S1VLqMY", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/gI5DaHND0S6bGgrNvwQyOcvDJ_ZYQuVTU6Z_S1VLqMY", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/gI5DaHND0S6bGgrNvwQyOcvDJ_ZYQuVTU6Z_S1VLqMY", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/gI5DaHND0S6bGgrNvwQyOcvDJ_ZYQuVTU6Z_S1VLqMY", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-29T07:43:34Z" } ] } 2021-11-29 02:43:39,109:DEBUG:acme.client:Storing nonce: 0002sjDrGbyOMJSn91-A3WUha50OuPGCE5EPHia9gC1Mq-M 2021-11-29 02:43:39,110:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-11-29 02:43:39,110:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-29 02:43:39,110:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-29 02:43:39,110:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/6Ji9c6yE5Wal7HawPoeGfesI7v0TU2q6RbS4EKML8as [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-11-29 02:43:39,271:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-11-29 02:43:39,271:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-11-29 02:43:39,271:INFO:certbot.hooks:Running post-hook command: /bin/systemctl start nginx 2021-11-29 02:43:39,347:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-11-29 06:43:13,325:DEBUG:certbot.main:certbot version: 0.40.0 2021-11-29 06:43:13,326:DEBUG:certbot.main:Arguments: ['--standalone', '--pre-hook', '/bin/systemctl stop nginx', '--post-hook', '/bin/systemctl start nginx', '--quiet'] 2021-11-29 06:43:13,326:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-11-29 06:43:13,340:DEBUG:certbot.log:Root logging level set at 30 2021-11-29 06:43:13,341:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-11-29 06:43:13,353:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer 2021-11-29 06:43:13,353:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-29 06:43:13,354:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-29 06:43:13,354:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-29 06:43:13,365:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 06:43:13,365:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 06:43:13,366:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 06:43:13,367:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-29 06:43:13,368:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-29 06:43:13,368:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-29 06:43:13,371:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 06:43:13,372:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 06:43:13,373:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 06:43:13,375:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-29 06:43:13,375:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-29 06:43:13,375:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-29 06:43:13,378:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 06:43:13,379:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 06:43:13,379:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 06:43:13,381:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-29 06:43:13,381:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-29 06:43:13,381:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-29 06:43:13,383:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 06:43:13,384:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 06:43:13,385:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 06:43:13,386:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-29 06:43:13,386:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-29 06:43:13,386:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-29 06:43:13,390:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 06:43:13,391:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 06:43:13,392:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 06:43:13,393:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-29 06:43:13,396:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-11-29 06:43:13,396:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-11-29 06:43:13,396:INFO:certbot.renewal:Non-interactive renewal: random delay of 192.33829919052462 seconds 2021-11-29 06:46:25,817:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 06:46:26,178:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-29 06:46:26,179:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-11-29 06:46:26,179:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-29 06:46:26,179:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-11-29 06:46:26,183:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-29 06:46:26,185:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-29 06:46:26,187:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-29 06:46:26,349:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-29 06:46:26,350:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 11:46:26 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "knAX942HhYU": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-11-29 06:46:26,351:INFO:certbot.hooks:Running pre-hook command: /bin/systemctl stop nginx 2021-11-29 06:46:26,403:INFO:certbot.main:Renewing an existing certificate 2021-11-29 06:46:26,554:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0464_key-certbot.pem 2021-11-29 06:46:26,564:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0464_csr-certbot.pem 2021-11-29 06:46:26,565:DEBUG:acme.client:Requesting fresh nonce 2021-11-29 06:46:26,565:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-29 06:46:26,618:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-29 06:46:26,620:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 11:46:26 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001yOUPnUlpfcjHcjaI5PUMWm8PscXa_pWXvqmXaNB95ps X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-29 06:46:26,620:DEBUG:acme.client:Storing nonce: 0001yOUPnUlpfcjHcjaI5PUMWm8PscXa_pWXvqmXaNB95ps 2021-11-29 06:46:26,621:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-11-29 06:46:26,625:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXlPVVBuVWxwZmNqSGNqYUk1UFVNV204UHNjWGFfcFdYdnFtWGFOQjk1cHMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "VSVz4w6pX4Fe7lIaEGd9G2qcT4EBhPrjPwg0voFcd9GHTIxKkWHZOe9rH85mDdfHwIFQSXyUjcxU0vcgSJ9MYjPksSR8vpytp5cu0SpYMb3D7_2Pl5D_bhgiKwQ6OWBaWizPfAyNu68fOJ22ZerThBtTh3pVvrcSiM964Ml3zl5TStZ1DSAbUhsp-hvdWL8af-yq8gSFHNM7AaHexpUNKbAgI9_T1xSGswi5NBB59aNInCkaTJKiMdaBMdDGWuxT3GF0FHdKBwUtHL0iI9LLeFCoN9MD1WXG7PqIf9tqs8eG1o5Sy46DQAMOZhXP1cuBv7-RODnBT6EmvnFu2cMGBg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-11-29 06:46:26,830:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-11-29 06:46:26,831:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Mon, 29 Nov 2021 11:46:26 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43379418170 Replay-Nonce: 0002c3Cr6JzooijMEkWs2BS3-bRvmYDVTy36-NUGTNvU0BI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-06T11:46:26Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53783031380" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43379418170" } 2021-11-29 06:46:26,831:DEBUG:acme.client:Storing nonce: 0002c3Cr6JzooijMEkWs2BS3-bRvmYDVTy36-NUGTNvU0BI 2021-11-29 06:46:26,832:DEBUG:acme.client:JWS payload: b'' 2021-11-29 06:46:26,834:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53783031380: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmMzQ3I2Snpvb2lqTUVrV3MyQlMzLWJSdm1ZRFZUeTM2LU5VR1ROdlUwQkkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzgzMDMxMzgwIn0", "signature": "BRA5ugWHMPkdidN-2FrRnHhmt5vEm3Af8Kk4a015um4jzK7s-meVLeQaDsRfkaeWmlT4vkgjIaqK3lT2MXa5llGJ9ToSYhh7HBD10wkYP1SRX53RGmxq8tKlq6kDo8L0KcG8trG9jaiMmhOqGL2RA0xOkLy_lEFr5dr6gG4Mit34HEb7QIkHkT0ZA9g225JQHDZD24UnRsSX6OflZqS7gA12Ws8uIl06TCFIK6u5jeVvUHWWWroIDHs1J8anzbBNAgXlvDVvnkUqg1Yw57yN2jNxfGy-fZKITZdAydlYEJ_NamenIOwfEtqF7kK1qPNR90vL2VZaigc8Fzez3q4gOg", "payload": "" } 2021-11-29 06:46:26,899:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53783031380 HTTP/1.1" 200 792 2021-11-29 06:46:26,901:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 11:46:26 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001kzPMG3Eun2JENXJSfXkLTmvfwUQcGJSzD5aS7F622BE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-06T11:46:26Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783031380/NEm4Qg", "token": "Npz4n2QvnKJoXTRVKM4vEIdEr4V7_tjSyCsaosInCno" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783031380/S8LBnw", "token": "Npz4n2QvnKJoXTRVKM4vEIdEr4V7_tjSyCsaosInCno" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783031380/2W_4bA", "token": "Npz4n2QvnKJoXTRVKM4vEIdEr4V7_tjSyCsaosInCno" } ] } 2021-11-29 06:46:26,901:DEBUG:acme.client:Storing nonce: 0001kzPMG3Eun2JENXJSfXkLTmvfwUQcGJSzD5aS7F622BE 2021-11-29 06:46:26,902:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-29 06:46:26,902:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-29 06:46:26,903:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-11-29 06:46:26,903:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-11-29 06:46:26,907:INFO:certbot.auth_handler:Waiting for verification... 2021-11-29 06:46:26,908:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-29 06:46:26,910:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783031380/NEm4Qg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWt6UE1HM0V1bjJKRU5YSlNmWGtMVG12ZndVUWNHSlN6RDVhUzdGNjIyQkUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNzgzMDMxMzgwL05FbTRRZyJ9", "signature": "Xp8g1-ZDt65o9zf6SzgNsonPzaSAfBoXyDMLEnym0iXvMEhkOfFMZBI9ooFxPCeXTNbkCwEf9xHXVMbx6nh848i85FTiJFU6qltZWF-Fcw_OWdLYL1YflkVqeXSBWKSLra91K3F5ouYlpASDvVfkU7gBJ8YkXUKtkschizpt3Y6tFG5979oqcTBZ8X0MeoOAVDrv_wL8o75jckB6pM8J-_D_wsaanehBJbWWoNrFMWU_8QWValgeq-rkNfJvGOBcUFzUgJcWh_CIlZrzLKnD3Ahc-Xiv0hSG6xAscogAPDcYOkzlrnpUkUtnT6uDiRN2Kq60oV41-K0L_ZcoXIkHxA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-29 06:46:26,983:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53783031380/NEm4Qg HTTP/1.1" 200 186 2021-11-29 06:46:26,984:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 11:46:26 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783031380/NEm4Qg Replay-Nonce: 0002EMBdYRBuqXTPc-Axn6iTk3apAvd9yqs8EkHzzobPDHM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783031380/NEm4Qg", "token": "Npz4n2QvnKJoXTRVKM4vEIdEr4V7_tjSyCsaosInCno" } 2021-11-29 06:46:26,984:DEBUG:acme.client:Storing nonce: 0002EMBdYRBuqXTPc-Axn6iTk3apAvd9yqs8EkHzzobPDHM 2021-11-29 06:46:27,986:DEBUG:acme.client:JWS payload: b'' 2021-11-29 06:46:27,989:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53783031380: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkVNQmRZUkJ1cVhUUGMtQXhuNmlUazNhcEF2ZDl5cXM4RWtIenpvYlBESE0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzgzMDMxMzgwIn0", "signature": "axvrEbUULgb_Wj8eY2svozVbNYfbuFpio1F0GJ2gUZcxosDFw0jyWRJmB64vL2mLCTMoP6wptfyVGIFGVky_6Vgg0Y3zd-5T_zf8eYecRonaBft2EPzm1yRbS_ofFngla_zSDgtL8SjRsu6m2v-lpzjpEwNMdkg3B0bOnAcgdzoHHsxmC7SwUmqfOJc8Etb84OoTVypE3LRw3AMRnvfWzTh6D72G4DpiwbJQXvdPBXuevCrhQpD1K1yepZCTEzc8I_Inpe_lE3i6kkjDiTGSWoV3d6-mCvb5gOjZFVmfKDddEF0HwmsuBoEkmpSNea0dZ8LQxiY1HRzO693p4pv3-A", "payload": "" } 2021-11-29 06:46:28,086:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53783031380 HTTP/1.1" 200 792 2021-11-29 06:46:28,087:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 11:46:28 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001hXPvrph-XG_DIZL0NK1BF9x2jMrIFOnOmgWdG1gEJiM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-06T11:46:26Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783031380/NEm4Qg", "token": "Npz4n2QvnKJoXTRVKM4vEIdEr4V7_tjSyCsaosInCno" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783031380/S8LBnw", "token": "Npz4n2QvnKJoXTRVKM4vEIdEr4V7_tjSyCsaosInCno" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783031380/2W_4bA", "token": "Npz4n2QvnKJoXTRVKM4vEIdEr4V7_tjSyCsaosInCno" } ] } 2021-11-29 06:46:28,087:DEBUG:acme.client:Storing nonce: 0001hXPvrph-XG_DIZL0NK1BF9x2jMrIFOnOmgWdG1gEJiM 2021-11-29 06:46:31,092:DEBUG:acme.client:JWS payload: b'' 2021-11-29 06:46:31,093:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53783031380: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWhYUHZycGgtWEdfRElaTDBOSzFCRjl4MmpNcklGT25PbWdXZEcxZ0VKaU0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzgzMDMxMzgwIn0", "signature": "O4uT__iwQWkCv9rBRVnNFgEet9MEj69-ehrhqxhG7RZVmPW1SYOMumCERpGiCbjkmgsJ0UhDdelHW1Vq_LQn7Vy9qLUW4aZ5l65xnpTkekvQDoZ1eh2wLMQIrVywG_3f2uBNnyXarZesu3ad13bhzsxh2MxnmHyPRi4ssCDJV_XRXCzdckCFIiJP6E2qIYGFaO6aTkj13yvvgm8uD7XIJJs1qswrtHE6N_QzjWjKBHIkhaC85skwkOXW6hgFqkzcinl8PBDztiSRMF1WGCJL3Ot70s2Qbexy7knBOQdXlSEA3Lt8iTKc4w4E847i5uMDGTIUpHE3tWU7Rd9b-ANoRQ", "payload": "" } 2021-11-29 06:46:31,156:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53783031380 HTTP/1.1" 200 1505 2021-11-29 06:46:31,157:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 11:46:31 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001mlmdZ7uJqK_IbuKHAbWtTG0UVONO1bDVe-QPiGGD38Q X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-06T11:46:26Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/Npz4n2QvnKJoXTRVKM4vEIdEr4V7_tjSyCsaosInCno [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783031380/NEm4Qg", "token": "Npz4n2QvnKJoXTRVKM4vEIdEr4V7_tjSyCsaosInCno", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/Npz4n2QvnKJoXTRVKM4vEIdEr4V7_tjSyCsaosInCno", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/Npz4n2QvnKJoXTRVKM4vEIdEr4V7_tjSyCsaosInCno", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-29T11:46:26Z" } ] } 2021-11-29 06:46:31,157:DEBUG:acme.client:Storing nonce: 0001mlmdZ7uJqK_IbuKHAbWtTG0UVONO1bDVe-QPiGGD38Q 2021-11-29 06:46:31,158:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-29 06:46:31,158:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-29 06:46:31,159:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/Npz4n2QvnKJoXTRVKM4vEIdEr4V7_tjSyCsaosInCno [75.2.60.5]: "\n\n\n \n Prep: True 2021-11-29 06:46:31,673:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-11-29 06:46:31,673:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-29 06:46:31,674:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-11-29 06:46:31,678:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-29 06:46:31,680:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-29 06:46:31,682:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-29 06:46:31,842:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-29 06:46:31,843:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 11:46:31 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "6Wv_pXTFXkg": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-11-29 06:46:31,843:INFO:certbot.hooks:Pre-hook command already run, skipping: /bin/systemctl stop nginx 2021-11-29 06:46:31,843:INFO:certbot.main:Renewing an existing certificate 2021-11-29 06:46:31,931:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0465_key-certbot.pem 2021-11-29 06:46:31,937:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0465_csr-certbot.pem 2021-11-29 06:46:31,938:DEBUG:acme.client:Requesting fresh nonce 2021-11-29 06:46:31,938:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-29 06:46:31,991:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-29 06:46:31,992:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 11:46:31 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002CrkK7faswZcYpJaoxsX-EGHcgh0slrc1kPxU3KUmEmY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-29 06:46:31,992:DEBUG:acme.client:Storing nonce: 0002CrkK7faswZcYpJaoxsX-EGHcgh0slrc1kPxU3KUmEmY 2021-11-29 06:46:31,992:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-11-29 06:46:31,994:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkNya0s3ZmFzd1pjWXBKYW94c1gtRUdIY2doMHNscmMxa1B4VTNLVW1FbVkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "F22LtHx-RqBy1XI2OG0zvnuN6FwCeAx8Xx0kfoRgnBCjCL0cgQIjRvaSmDB6WhBVpAJVjLj_RXnw9Z9GA2SWrBo_UE5Mu-RzrjB2Wd7cc_262_9OyWLHUxug4QqUbF6L21RoKMzDcJRItq3XnoEOs0FWYtL6MpIVQQoRgQwy3kIFToDAIM87Nin4G9S9jgMFTXs9cGqTxN7wiYou-8iKHm8aAe_DSfLbW2B5Ipc1M2X0tlrTF6gYWux-ujNx0JymE6Hk_h1DJWyztI13hjcxU-rbI8UBBkQGqCG7JXD0nHIGsrwaDQg8GHqnaknWBOobASXPCfYNT-3MVkLvbcPadg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-11-29 06:46:32,113:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-11-29 06:46:32,114:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Mon, 29 Nov 2021 11:46:32 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43379430900 Replay-Nonce: 0002-q38DzRhMXTf0envdKKsgcTuMs6lXV73Vcp508ScBeM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-06T11:46:32Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53783046890", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53783046900" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43379430900" } 2021-11-29 06:46:32,114:DEBUG:acme.client:Storing nonce: 0002-q38DzRhMXTf0envdKKsgcTuMs6lXV73Vcp508ScBeM 2021-11-29 06:46:32,114:DEBUG:acme.client:JWS payload: b'' 2021-11-29 06:46:32,116:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53783046890: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMi1xMzhEelJoTVhUZjBlbnZkS0tzZ2NUdU1zNmxYVjczVmNwNTA4U2NCZU0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzgzMDQ2ODkwIn0", "signature": "ZiZ8Mvzn2YprnLYWjpL8Aijh_8W8u2drOZNo7xJHd2dxNjsBzVKD-LJz3aCdV2LIrzsfjhL9rnSnC47t9Id6NevDgbzhaSVxMq4NmNf6UvKNfy7D8Ao3yihtg_LEO7axGHBjPbM1SFt2iX3WzDkDJI59RmnDULMFcROA1uVrQro9VZL9lsls-pKI2o_2HZ5ONrrUZruETwJZzxOt7l_qZZCXC_6zo4ofqpjJM_nT6JpJN_Uvg3EwYk3RZ8OWcpFxJ-10WVLKYpfF-pK-8vKgG5NNycvNLp69G7HbwPhYo_3CZTIpfH-BDgrj7_dm3unx-86eQLkPsE1jdl1xz544Ug", "payload": "" } 2021-11-29 06:46:32,180:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53783046890 HTTP/1.1" 200 792 2021-11-29 06:46:32,181:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 11:46:32 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001mNTHAqdc8j2S6d4EyRaCiBvTB5g3Bpi0FCuf80JJpxo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-06T11:46:32Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783046890/Hcqung", "token": "HrZYtbpZ7gkmC7Frm64fmnPgrVR8jxlA1GTcYHrNtZE" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783046890/Lw6FEg", "token": "HrZYtbpZ7gkmC7Frm64fmnPgrVR8jxlA1GTcYHrNtZE" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783046890/hg0LUQ", "token": "HrZYtbpZ7gkmC7Frm64fmnPgrVR8jxlA1GTcYHrNtZE" } ] } 2021-11-29 06:46:32,181:DEBUG:acme.client:Storing nonce: 0001mNTHAqdc8j2S6d4EyRaCiBvTB5g3Bpi0FCuf80JJpxo 2021-11-29 06:46:32,181:DEBUG:acme.client:JWS payload: b'' 2021-11-29 06:46:32,183:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53783046900: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMW1OVEhBcWRjOGoyUzZkNEV5UmFDaUJ2VEI1ZzNCcGkwRkN1ZjgwSkpweG8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzgzMDQ2OTAwIn0", "signature": "f0gYB-EoqZgmWpNMuIPWVkQAmOhwFI_KZiQcjbcvrgUj6hgSv-7GGwqPlnZwpsZ8rJr9Ty_yRMIIzLstLtxi5rDOdSHrS5JWGUGi0s5SA5jmLL9g5v4KdG3osJ8lWEPI7hXvmjdVZBiSjosTzLe3vETXKWtxOjGKzuTDBcrEQPpyoJAvL9_GBjG4GH4JanPsghQ08qx0IsIKv6rwX4KHlq7G8ulxLI6KSc7xnBOL_0vbpdfW2AbslHTht7jwM6zc0W407A8m5RWXPL8PlRg6vEu1i2Er09qD1WfpYHCZpoaNWaRRQhTRTSAOotbBen8fKK_qMNsTNBiO6E2tEIY0PQ", "payload": "" } 2021-11-29 06:46:32,250:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53783046900 HTTP/1.1" 200 796 2021-11-29 06:46:32,250:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 11:46:32 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002_DY-Ut3oI29MLkMiqieUCmLi4VsqOQt-zg73jmt8VjQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-06T11:46:32Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783046900/y0P4mg", "token": "LQBPv8tvuU2WuQUShnDiG3kr4ekF3Pt7IIamoL3KtQk" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783046900/CLu0jA", "token": "LQBPv8tvuU2WuQUShnDiG3kr4ekF3Pt7IIamoL3KtQk" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783046900/_-lx2w", "token": "LQBPv8tvuU2WuQUShnDiG3kr4ekF3Pt7IIamoL3KtQk" } ] } 2021-11-29 06:46:32,251:DEBUG:acme.client:Storing nonce: 0002_DY-Ut3oI29MLkMiqieUCmLi4VsqOQt-zg73jmt8VjQ 2021-11-29 06:46:32,251:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-29 06:46:32,251:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-29 06:46:32,251:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-29 06:46:32,252:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-11-29 06:46:32,252:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-11-29 06:46:32,259:INFO:certbot.auth_handler:Waiting for verification... 2021-11-29 06:46:32,259:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-29 06:46:32,261:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783046890/Hcqung: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMl9EWS1VdDNvSTI5TUxrTWlxaWVVQ21MaTRWc3FPUXQtemc3M2ptdDhWalEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNzgzMDQ2ODkwL0hjcXVuZyJ9", "signature": "HRcYHq4vD7kbuomiz96HrLyb3-QoBgl6y2h3Ycep07YpIybbHv0AajIzIaANoAZleJclLVdu0qO9wh5pMg6P7ir8vwSAaT_95vi8hJjIbHGXIgB8pKH_j4cNyNUtCkjP__79eMbbYP-9rwSpRKwLDIp3Kv9uWMFEspSFTYNFB_Qq3wityQkQ-Xo5f1XlU9CJ7I36kfD4r1cjutsna6QMkU_62NcBvASkKIUuUjbD8aKKPD4jrR6MWCJMp-P3Hd70oFD7Y5SSa5IT1jG1eBKk-uHiSsyUsNxGuPrH_0ANpBrhLrHG_JyHZBqQrt8WGT54ye0OTUVxoQJ_hwV0mg2G9A", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-29 06:46:32,329:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53783046890/Hcqung HTTP/1.1" 200 186 2021-11-29 06:46:32,330:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 11:46:32 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783046890/Hcqung Replay-Nonce: 0001kaz7eB2qBvkeLciQ0AAsgmctdspdDbItoFxljmQOS1g X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783046890/Hcqung", "token": "HrZYtbpZ7gkmC7Frm64fmnPgrVR8jxlA1GTcYHrNtZE" } 2021-11-29 06:46:32,330:DEBUG:acme.client:Storing nonce: 0001kaz7eB2qBvkeLciQ0AAsgmctdspdDbItoFxljmQOS1g 2021-11-29 06:46:32,330:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-29 06:46:32,332:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783046900/y0P4mg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWthejdlQjJxQnZrZUxjaVEwQUFzZ21jdGRzcGREYkl0b0Z4bGptUU9TMWciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzNzgzMDQ2OTAwL3kwUDRtZyJ9", "signature": "jup1_QbvzOcDderZEgIQeC562H8DQf-VqHCeslX6G2OSRtyYxKDkzLeNnt0k8ndH-f-I0sRbPquponD2E1skLG2WfJzE8i4x9Lo9rBGG5NFwdPp23YEXcD3EE_KN_cM4Xs41Ff6KxeCbHDBLEZM24Y0u9NVVLkzm2I0NbFI65b4uW1Z1VCR-mdq0xl6ALGb1FeJp0BuDWnafKm3DBv4kXzg_1Tp59Y0R1f-f07ZqQcmrTAnrqWW7nAXu1rnP6DdFQMyMAowUD0_RXZd9MK83Ogck-tnOXDDSB2Gt_unW7xfZZyjvwPhGloaMnHhV4fF83DELYgNog55Y6uisycdFDw", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-29 06:46:32,409:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53783046900/y0P4mg HTTP/1.1" 200 186 2021-11-29 06:46:32,409:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 11:46:32 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783046900/y0P4mg Replay-Nonce: 0002AcCelq34UX_4Zmq6gAOM5WBs150GzBAoVsswJ3HFx6U X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783046900/y0P4mg", "token": "LQBPv8tvuU2WuQUShnDiG3kr4ekF3Pt7IIamoL3KtQk" } 2021-11-29 06:46:32,410:DEBUG:acme.client:Storing nonce: 0002AcCelq34UX_4Zmq6gAOM5WBs150GzBAoVsswJ3HFx6U 2021-11-29 06:46:33,411:DEBUG:acme.client:JWS payload: b'' 2021-11-29 06:46:33,413:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53783046890: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkFjQ2VscTM0VVhfNFptcTZnQU9NNVdCczE1MEd6QkFvVnNzd0ozSEZ4NlUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzgzMDQ2ODkwIn0", "signature": "hfUOy0UC8sdQxYXU_qI8wgMRb2BExa5UrkZAZ9WHGXiTKpj6sT2XAGbupA1St4OsFMxBdPVIkrtIK_MoAYUgZCfQgqRcXM6GHbfp0cjj7hk2p0PYinDGWzd5xQF6MTNxS5ez7jdQ7xgLhUb-Wha1edTatr8UaS-rkPVz7WP0fXmxm30OG5slRH2NM8MnN1sQxzrhC9bQ3toOCS14yKOT8I8bPqiJfrYlybdYfq4uDI69YiGeJz3G2gaGaKG4XewD1e8mCN_7HWAw8JtW-nIKINuldlPtyRNQw4i7NeygOOQVcAt_mwKNLRQRUG-OhPkOYbGs8Yxc_bsSLnrCm2bRXA", "payload": "" } 2021-11-29 06:46:33,490:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53783046890 HTTP/1.1" 200 1505 2021-11-29 06:46:33,491:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 11:46:33 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001C9B-vQoxjdFdgqi6YlgqTnTuRZ-BSq8BVmKUS8AJgp4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-06T11:46:32Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/HrZYtbpZ7gkmC7Frm64fmnPgrVR8jxlA1GTcYHrNtZE [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783046890/Hcqung", "token": "HrZYtbpZ7gkmC7Frm64fmnPgrVR8jxlA1GTcYHrNtZE", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/HrZYtbpZ7gkmC7Frm64fmnPgrVR8jxlA1GTcYHrNtZE", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/HrZYtbpZ7gkmC7Frm64fmnPgrVR8jxlA1GTcYHrNtZE", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-29T11:46:32Z" } ] } 2021-11-29 06:46:33,492:DEBUG:acme.client:Storing nonce: 0001C9B-vQoxjdFdgqi6YlgqTnTuRZ-BSq8BVmKUS8AJgp4 2021-11-29 06:46:33,492:DEBUG:acme.client:JWS payload: b'' 2021-11-29 06:46:33,494:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53783046900: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUM5Qi12UW94amRGZGdxaTZZbGdxVG5UdVJaLUJTcThCVm1LVVM4QUpncDQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzgzMDQ2OTAwIn0", "signature": "dtPDPigjvsuQJbywusyelOi5_HJfUBn-ISvlfLzOXwDCP18Pb6UGB-UVln0Z17HJHTheoUXL27iLN31GPNzrKNA82e1wMcg1RwZ3Yp7vXqDNV5M45OC-WO0GLigAEO_ptSzg0wsmIJYaaVUDQooFpsq1fRPw5TG0a4cmZ1sFmBqy6O6Mmh0wNd2S0WKLnQHYx_FOfv2_A1fO8zYtqpFX_2ap8FTbdkjNr4GM16gn2whhQ40QoAih7hs4Pfn57bb0frQe_cY1sIkdBC2QYYu6svxKC4h7mYjW725GLrAQM6-TF7yZg5bIGd9Jmn7O9tUz8v4CrigBOzyK8rIT1ziHNQ", "payload": "" } 2021-11-29 06:46:33,579:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53783046900 HTTP/1.1" 200 796 2021-11-29 06:46:33,580:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 11:46:33 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002ypTT1cFaUYs9M5FMH0ZkEK3l7fptgsqVE_dMg5GFGT8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-06T11:46:32Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783046900/y0P4mg", "token": "LQBPv8tvuU2WuQUShnDiG3kr4ekF3Pt7IIamoL3KtQk" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783046900/CLu0jA", "token": "LQBPv8tvuU2WuQUShnDiG3kr4ekF3Pt7IIamoL3KtQk" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783046900/_-lx2w", "token": "LQBPv8tvuU2WuQUShnDiG3kr4ekF3Pt7IIamoL3KtQk" } ] } 2021-11-29 06:46:33,580:DEBUG:acme.client:Storing nonce: 0002ypTT1cFaUYs9M5FMH0ZkEK3l7fptgsqVE_dMg5GFGT8 2021-11-29 06:46:33,581:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-29 06:46:36,585:DEBUG:acme.client:JWS payload: b'' 2021-11-29 06:46:36,587:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53783046900: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnlwVFQxY0ZhVVlzOU01Rk1IMFprRUszbDdmcHRnc3FWRV9kTWc1R0ZHVDgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzNzgzMDQ2OTAwIn0", "signature": "G89hS1nRNVPSTHXCWSkvBQMKF_Z10tukATJ3s_azpO3kxTVmi71Vj7qggLYkw8qWmr9FVd8AUJKjgxLADIv6izPuxX6xLY0pmUGWNu1ILLLKAajvAXhVYFoqtdvlbXwEwob5WZvFcAs2GXiksl0bfKK3frucQO1TEVd8e2O5YY2QsV9jDU02odU4AYz7hOI05jAa6vWVt_SYGfYvb4wbndbzE4HKby88LbJ4fThzIAGrC_sTSV5Hz5RfhTXf4WxIRK-GMh6B1hIMY90h7Hy67Vtvu0OZMbSpYhsK9JSEU-ZPORigLps6i85ED4doLkEJJGW85XJTyFZoR10csxic5Q", "payload": "" } 2021-11-29 06:46:36,666:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53783046900 HTTP/1.1" 200 1826 2021-11-29 06:46:36,667:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 11:46:36 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001v7COeoZorA2-UfXxQiZyq1oZcO32Ff1pp2EGR38pjPU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-06T11:46:32Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/LQBPv8tvuU2WuQUShnDiG3kr4ekF3Pt7IIamoL3KtQk [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53783046900/y0P4mg", "token": "LQBPv8tvuU2WuQUShnDiG3kr4ekF3Pt7IIamoL3KtQk", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/LQBPv8tvuU2WuQUShnDiG3kr4ekF3Pt7IIamoL3KtQk", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/LQBPv8tvuU2WuQUShnDiG3kr4ekF3Pt7IIamoL3KtQk", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/LQBPv8tvuU2WuQUShnDiG3kr4ekF3Pt7IIamoL3KtQk", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-29T11:46:32Z" } ] } 2021-11-29 06:46:36,667:DEBUG:acme.client:Storing nonce: 0001v7COeoZorA2-UfXxQiZyq1oZcO32Ff1pp2EGR38pjPU 2021-11-29 06:46:36,668:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-11-29 06:46:36,668:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-29 06:46:36,668:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-29 06:46:36,669:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/HrZYtbpZ7gkmC7Frm64fmnPgrVR8jxlA1GTcYHrNtZE [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-11-29 06:46:36,766:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-11-29 06:46:36,766:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-11-29 06:46:36,766:INFO:certbot.hooks:Running post-hook command: /bin/systemctl start nginx 2021-11-29 06:46:36,848:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-11-29 17:02:15,279:DEBUG:certbot.main:certbot version: 0.40.0 2021-11-29 17:02:15,280:DEBUG:certbot.main:Arguments: ['-q'] 2021-11-29 17:02:15,280:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-11-29 17:02:15,295:DEBUG:certbot.log:Root logging level set at 30 2021-11-29 17:02:15,296:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-11-29 17:02:15,311:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2021-11-29 17:02:15,327:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 17:02:15,328:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 17:02:15,329:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 17:02:15,336:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 17:02:15,337:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 17:02:15,338:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 17:02:15,344:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 17:02:15,346:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 17:02:15,346:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 17:02:15,351:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 17:02:15,352:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 17:02:15,353:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 17:02:15,358:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-29 17:02:15,359:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-29 17:02:15,360:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-29 17:02:15,363:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-11-29 17:02:15,363:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-11-29 17:02:15,363:INFO:certbot.renewal:Non-interactive renewal: random delay of 411.2781825249557 seconds 2021-11-29 17:09:06,697:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-11-29 17:09:07,021:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-29 17:09:07,022:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-29 17:09:07,023:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-29 17:09:07,023:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-11-29 17:09:07,027:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-29 17:09:07,029:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-29 17:09:07,031:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-29 17:09:07,192:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-29 17:09:07,193:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 22:09:07 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "X_QJKQ8qbq8": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-11-29 17:09:07,194:INFO:certbot.main:Renewing an existing certificate 2021-11-29 17:09:07,316:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0466_key-certbot.pem 2021-11-29 17:09:07,323:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0466_csr-certbot.pem 2021-11-29 17:09:07,324:DEBUG:acme.client:Requesting fresh nonce 2021-11-29 17:09:07,324:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-29 17:09:07,377:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-29 17:09:07,378:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 22:09:07 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002I4_rKSW2snd0nZtfRI4MxlNzcuv6MQMSF-VEPTOvKRA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-29 17:09:07,378:DEBUG:acme.client:Storing nonce: 0002I4_rKSW2snd0nZtfRI4MxlNzcuv6MQMSF-VEPTOvKRA 2021-11-29 17:09:07,378:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-11-29 17:09:07,381:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkk0X3JLU1cyc25kMG5adGZSSTRNeGxOemN1djZNUU1TRi1WRVBUT3ZLUkEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "ZGyNG0UQAcgUNc41Wt71duJKMNKA8TNMdr79ROVOlGzugHLXxJu5je6hcSBkKVnfPjnewKiXrgmVziYbOolQY3DuhwYvnhqm-VrKGPggJXOLL5gaMnA4PiumBhweFmKKQGrd4AfNbh-_Y-vGL0pTldkROO-Is2vLPuABVSVmz76NK6wCZOWyB4NJ0HT1QhIJwuPoW0jQX35E1zjfQ2rVeAjezVTNKHf4-IXQaVz8SzeK4LqTpRsd6VW2cJo31P4LWWyzk1kMqcMBGbCrGWj77FTt9KH2Yjs3YxfUAIEWwCl0x_zMiic63hcxQSaKVcpLd0TyOkdJgJ9A7o0rPwXuMg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-11-29 17:09:07,515:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-11-29 17:09:07,516:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Mon, 29 Nov 2021 22:09:07 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43486107740 Replay-Nonce: 00014PbwnoyxtA8AFTJ2EAdmPSxgYyekZLdS7gRoNWDOPjo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-06T22:09:07Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53911272960" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43486107740" } 2021-11-29 17:09:07,516:DEBUG:acme.client:Storing nonce: 00014PbwnoyxtA8AFTJ2EAdmPSxgYyekZLdS7gRoNWDOPjo 2021-11-29 17:09:07,517:DEBUG:acme.client:JWS payload: b'' 2021-11-29 17:09:07,519:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53911272960: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMTRQYndub3l4dEE4QUZUSjJFQWRtUFN4Z1l5ZWtaTGRTN2dSb05XRE9Qam8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzOTExMjcyOTYwIn0", "signature": "Fbq5CKq4wgMHcUXhtQ1HgmtetI7cof7RpWE5lhAuib_Cb_PiUNqA5uJMDJ_RELGCVi2pWKc9WgXcGKOlumtpe6tsNKpawwhiAP9qD8WMdBoo4K0TkuDmPXFP_y_ziWEmlYQIUld-veqlxFePRp2s_pcdv5qPP4J0rKzxjqNlPC0YJlzUCmyenAYYDSrETz9tYl8yvK00CV6nHbdaoFC3UOWuOev9MTrOpDhj1m_zhnET6-SG373AFubzw1TwDn38OVfp2XwLmgNfQJir5U5ERbG-YUPD55eohgt-ZLQab9Kd5N4NFlfN4ODRzoCJR5OL_R_zoHNFDSEnEpWuSs7KZA", "payload": "" } 2021-11-29 17:09:07,597:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53911272960 HTTP/1.1" 200 792 2021-11-29 17:09:07,598:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 22:09:07 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001gGtBQLNAhXRgVutVUEeo4ph5n8KQtZ2rQmZDCsl1k44 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-06T22:09:07Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911272960/CmShAw", "token": "KC0MzZjdBF-wc7lAFmF_9asR2Bg64UX2ycVI55xoUV8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911272960/pacY7A", "token": "KC0MzZjdBF-wc7lAFmF_9asR2Bg64UX2ycVI55xoUV8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911272960/Jrv9bA", "token": "KC0MzZjdBF-wc7lAFmF_9asR2Bg64UX2ycVI55xoUV8" } ] } 2021-11-29 17:09:07,599:DEBUG:acme.client:Storing nonce: 0001gGtBQLNAhXRgVutVUEeo4ph5n8KQtZ2rQmZDCsl1k44 2021-11-29 17:09:07,599:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-29 17:09:07,599:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-29 17:09:07,634:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-11-29 17:09:07,635:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-11-29 17:09:07,636:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-11-29 17:09:07,636:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-11-29 17:09:07,636:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-11-29 17:09:07,636:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-11-29 17:09:07,637:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-11-29 17:09:07,637:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-11-29 17:09:07,637:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-11-29 17:09:07,637:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-11-29 17:09:07,638:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-11-29 17:09:07,638:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-11-29 17:09:07,638:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-11-29 17:09:07,639:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-11-29 17:09:07,641:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/KC0MzZjdBF-wc7lAFmF_9asR2Bg64UX2ycVI55xoUV8{default_type text/plain;return 200 KC0MzZjdBF-wc7lAFmF_9asR2Bg64UX2ycVI55xoUV8.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-11-29 17:09:08,669:INFO:certbot.auth_handler:Waiting for verification... 2021-11-29 17:09:08,670:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-29 17:09:08,673:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911272960/CmShAw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWdHdEJRTE5BaFhSZ1Z1dFZVRWVvNHBoNW44S1F0WjJyUW1aRENzbDFrNDQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzOTExMjcyOTYwL0NtU2hBdyJ9", "signature": "l3ZWPiLv6K6tZzsQnEMUhC77229UV_DyVYKVuYzqjpBfhfM0y-YQcRJO84jUe1kvksYyMei5Ii7Fmk6udn8nb2aZqGVm05hA5bEz-zg3_Sf-aQgJOS1XpBP7knVJBtLAQ1GvNAEluPY5SOAWlGYuUBEB63BS5jP5eXglwOG3Eey36QvZYnnDuOF6bqRTyKu5nYHZ0xkSy3cSkYpmDHjb-NSTm5z20yYA_GEn6BZvE8zuciA57OxWLqc_yIW_Z3GnP1QVGa0XwJhvLzaf2g0kiQx0lGPT969OJDbe7ZgfjQreRE8VbMSTmnxiMclSuq8V_I3v0A04Snpm08G9FuVrkg", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-29 17:09:08,753:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53911272960/CmShAw HTTP/1.1" 200 186 2021-11-29 17:09:08,754:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 22:09:08 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911272960/CmShAw Replay-Nonce: 0002XkHyr_B8Xejf-6bYeXOeu0LJ4yjI9wMKRoqUdJKtTDg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911272960/CmShAw", "token": "KC0MzZjdBF-wc7lAFmF_9asR2Bg64UX2ycVI55xoUV8" } 2021-11-29 17:09:08,755:DEBUG:acme.client:Storing nonce: 0002XkHyr_B8Xejf-6bYeXOeu0LJ4yjI9wMKRoqUdJKtTDg 2021-11-29 17:09:09,756:DEBUG:acme.client:JWS payload: b'' 2021-11-29 17:09:09,759:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53911272960: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlhrSHlyX0I4WGVqZi02YlllWE9ldTBMSjR5akk5d01LUm9xVWRKS3RURGciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzOTExMjcyOTYwIn0", "signature": "abebRTTt1ER7l9jM76yTkc1wOnINfkkVGAkRkKbbKjZ9C7gh37hFwMv9thOMlBcrZQLYsN6NkTG_bo00HGk05Nh90qwDhrA0lZ-JklREPBXgSKXfpp984VHEAsCYow5m4lMoUC2tMHKQgUrBzYeRRxyIH-E2Rb_uKP3Czq-DQIDKuSNUe33SLfK223EU_W0qrgYFPisu62XdOhATbl-Kj29k_9uR-AZhVgt99UGLUgySqwwC6QARTcIIK2LCQmzPAW0SR0ZPszBKgOfBmuYnedUX-iW6Vifk-aesSDFAFccmReKBT-jHk6friL9Ddkl-gnaQNQUoFRR5U60-L8CINQ", "payload": "" } 2021-11-29 17:09:09,830:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53911272960 HTTP/1.1" 200 792 2021-11-29 17:09:09,830:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 22:09:09 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002yYsbMr2ZXLrfrtUBg1Y1QWmnS9WVSdYtam9bImrN5Gg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-06T22:09:07Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911272960/CmShAw", "token": "KC0MzZjdBF-wc7lAFmF_9asR2Bg64UX2ycVI55xoUV8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911272960/pacY7A", "token": "KC0MzZjdBF-wc7lAFmF_9asR2Bg64UX2ycVI55xoUV8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911272960/Jrv9bA", "token": "KC0MzZjdBF-wc7lAFmF_9asR2Bg64UX2ycVI55xoUV8" } ] } 2021-11-29 17:09:09,831:DEBUG:acme.client:Storing nonce: 0002yYsbMr2ZXLrfrtUBg1Y1QWmnS9WVSdYtam9bImrN5Gg 2021-11-29 17:09:12,834:DEBUG:acme.client:JWS payload: b'' 2021-11-29 17:09:12,837:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53911272960: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnlZc2JNcjJaWExyZnJ0VUJnMVkxUVdtblM5V1ZTZFl0YW05Ykltck41R2ciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzOTExMjcyOTYwIn0", "signature": "RKsck07mN00kraKVvsI-KRpG86RCXj2pv2us0it1k-WdZMh6dAK5b1l3Yydv09_sL9Mh9dAwMOi8JJIUm4AO_LEapJQSKmjA5p-I9I-_SaVs2njQwtEUwjs2_4e-lW42bmIxKLEJdpIXf7OPauT2LPwHVe9MmF774YWOJqmq3pYxe2hHUgUbwNfSXo45yHNBc_5_FUdCBY7UEaQ--5jqe5S_wG5ElUa6gHNQB1YB_4mgyd6HAVhb_tl5aPiFcefniUTs66oXJTeRhxr5r4BPCdF6leBEzVEQKEc7oE2oDrn-yd1FtuWzIwmkm0G-rVaD4U28q-iz9ItarrF5Be9g0g", "payload": "" } 2021-11-29 17:09:12,913:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53911272960 HTTP/1.1" 200 1505 2021-11-29 17:09:12,914:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 22:09:12 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001S2ofC1c0ufzJ94X4LeU3o5BoqhCB_Ic6Xx-e0wcO5Nc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-06T22:09:07Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/KC0MzZjdBF-wc7lAFmF_9asR2Bg64UX2ycVI55xoUV8 [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911272960/CmShAw", "token": "KC0MzZjdBF-wc7lAFmF_9asR2Bg64UX2ycVI55xoUV8", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/KC0MzZjdBF-wc7lAFmF_9asR2Bg64UX2ycVI55xoUV8", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/KC0MzZjdBF-wc7lAFmF_9asR2Bg64UX2ycVI55xoUV8", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-29T22:09:08Z" } ] } 2021-11-29 17:09:12,914:DEBUG:acme.client:Storing nonce: 0001S2ofC1c0ufzJ94X4LeU3o5BoqhCB_Ic6Xx-e0wcO5Nc 2021-11-29 17:09:12,915:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-29 17:09:12,915:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-29 17:09:12,915:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/KC0MzZjdBF-wc7lAFmF_9asR2Bg64UX2ycVI55xoUV8 [75.2.60.5]: "\n\n\n \n Prep: True 2021-11-29 17:09:14,520:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-29 17:09:14,520:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-29 17:09:14,520:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-11-29 17:09:14,523:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-29 17:09:14,524:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-29 17:09:14,526:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-29 17:09:14,681:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-29 17:09:14,682:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 22:09:14 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "eRDFBPwNLLw": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-11-29 17:09:14,682:INFO:certbot.main:Renewing an existing certificate 2021-11-29 17:09:14,814:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0467_key-certbot.pem 2021-11-29 17:09:14,821:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0467_csr-certbot.pem 2021-11-29 17:09:14,822:DEBUG:acme.client:Requesting fresh nonce 2021-11-29 17:09:14,822:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-29 17:09:14,873:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-29 17:09:14,874:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 22:09:14 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002eBbeyHcbZu0o23vfiOIdggedrHCdRS_q00lW3jw9KfY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-29 17:09:14,874:DEBUG:acme.client:Storing nonce: 0002eBbeyHcbZu0o23vfiOIdggedrHCdRS_q00lW3jw9KfY 2021-11-29 17:09:14,874:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-11-29 17:09:14,876:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmVCYmV5SGNiWnUwbzIzdmZpT0lkZ2dlZHJIQ2RSU19xMDBsVzNqdzlLZlkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "oJHjdz8sjKJD_t7_AxBopHoW3YE_Tm9vj_P_eMEhmynp1QJdc7zfecK3hkT2LgD4iO1aD8pdl57thapKaonXuPF5XWJh83qfFDxGvxP5n3gRexrw8OsPJ58i4vyKT2bAdM0koJqiHN8Ev3gqW7FTBtdXIPkgLdnMc8JtBpXiw-EKn2yhNyJsR-fjAzsbU8LVicKFmrohH6AzB_Gvgd7V8CwB2KdeZQgunaukx2n67cV08nJqMCbaB9T65GAHUb0KiDCRmEThSzf2HcWilgAYAQaDKT4_wZURrxnFUDEORqOS5sb_hInI9lSO9_ngD_WbpQEIeGWsAwgdYqCatYIFRw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-11-29 17:09:15,206:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-11-29 17:09:15,207:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Mon, 29 Nov 2021 22:09:15 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43486139330 Replay-Nonce: 0002cj-RbdfGA7urIQKLNB5YnL0_POjk1EneQAmjXFlSxgY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-06T22:09:15Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53911309820", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/53911309830" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43486139330" } 2021-11-29 17:09:15,207:DEBUG:acme.client:Storing nonce: 0002cj-RbdfGA7urIQKLNB5YnL0_POjk1EneQAmjXFlSxgY 2021-11-29 17:09:15,207:DEBUG:acme.client:JWS payload: b'' 2021-11-29 17:09:15,210:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53911309820: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmNqLVJiZGZHQTd1cklRS0xOQjVZbkwwX1BPamsxRW5lUUFtalhGbFN4Z1kiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzOTExMzA5ODIwIn0", "signature": "CwTaf2IzxUTeun21gyTks4jAMBlT0L0IE60WRWCNSoraJ7lcApxB2z7dkpd52p4sCTy3T15ip36sdVJuX9H0A5orbDFTfKJWvhK0izJ82dVY72UvLRVodksNugE75EclHTHDZkd9g0DDjEYCCiF3DB46l9wTQg-XyyZm1yy9RroVZcnNKcvYPgmtbls8PYKRSDQBmqjStggQWt4OjvUVD6YykAjXVmHC6VDgWgriYjGbdUUe9hBq5DFAcyY0W6_XuEFCStzw-esWi3ojmUiYebvYCt8c-dRUMvXkhR0W7ISZGAZ0OdcTVROd1l8uN-kNaABQaNHs0YQxteDk5XIQgg", "payload": "" } 2021-11-29 17:09:15,272:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53911309820 HTTP/1.1" 200 792 2021-11-29 17:09:15,273:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 22:09:15 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002ui3xfbLP8xaOf0fs_eiiNC__3m63hCmNSIMqZ2EmWOU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-06T22:09:15Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911309820/HewKYg", "token": "TAPVEo0jYrWip6gpFOeQLMezBHxoqrkb-cU-HiEqI5I" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911309820/vQjLig", "token": "TAPVEo0jYrWip6gpFOeQLMezBHxoqrkb-cU-HiEqI5I" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911309820/M1V_EQ", "token": "TAPVEo0jYrWip6gpFOeQLMezBHxoqrkb-cU-HiEqI5I" } ] } 2021-11-29 17:09:15,273:DEBUG:acme.client:Storing nonce: 0002ui3xfbLP8xaOf0fs_eiiNC__3m63hCmNSIMqZ2EmWOU 2021-11-29 17:09:15,274:DEBUG:acme.client:JWS payload: b'' 2021-11-29 17:09:15,275:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53911309830: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnVpM3hmYkxQOHhhT2YwZnNfZWlpTkNfXzNtNjNoQ21OU0lNcVoyRW1XT1UiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzOTExMzA5ODMwIn0", "signature": "HLVd5fwbc35gKMs7UVCIPG3V4Y7h4xcRR8zm780etsjO4dOqLa6JMF5mclAjOiX0VoKmY6bX2ff_3o1CoR46m2WpWeiZouPhuJk072v6BXzkzBYTMSrCrflILLvdfPRy3I6zsiktCNow4XuDBJx6-FjDrYFvyc5SvNY4zP5p0k0fjkFXSjD9aY2_df0ETmIH1_vxswwU189kHhhrCQYo3oOjgaF24fIH2IbmHbiwfaf4LnqnRHv73SpVxtMNWcHTS1YlxsVZaSgx-A6kE_aQHji4RV0VJPeyqORhFhCwNyEJD_I93KIIrN5vVl1s8F4qOEH61Y27iDIUKxEsSbk_Wg", "payload": "" } 2021-11-29 17:09:15,342:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53911309830 HTTP/1.1" 200 796 2021-11-29 17:09:15,343:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 22:09:15 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001TX8Cb_2q1PhGCiniic5SzwIfvIzDbZkoAZC2j7UJBr0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-06T22:09:15Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911309830/_cxeZQ", "token": "sJRfXb15uXQHDN7FC8w9dwubZPctTzq7pekzRf_X8Zk" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911309830/sz3X5w", "token": "sJRfXb15uXQHDN7FC8w9dwubZPctTzq7pekzRf_X8Zk" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911309830/i8iKLg", "token": "sJRfXb15uXQHDN7FC8w9dwubZPctTzq7pekzRf_X8Zk" } ] } 2021-11-29 17:09:15,343:DEBUG:acme.client:Storing nonce: 0001TX8Cb_2q1PhGCiniic5SzwIfvIzDbZkoAZC2j7UJBr0 2021-11-29 17:09:15,344:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-29 17:09:15,345:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-29 17:09:15,345:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-29 17:09:15,413:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-11-29 17:09:15,414:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-11-29 17:09:15,414:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-11-29 17:09:15,414:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-11-29 17:09:15,414:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-11-29 17:09:15,415:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-11-29 17:09:15,415:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-11-29 17:09:15,415:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-11-29 17:09:15,415:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-11-29 17:09:15,416:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-11-29 17:09:15,416:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-11-29 17:09:15,416:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-11-29 17:09:15,416:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-11-29 17:09:15,417:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-11-29 17:09:15,419:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/TAPVEo0jYrWip6gpFOeQLMezBHxoqrkb-cU-HiEqI5I{default_type text/plain;return 200 TAPVEo0jYrWip6gpFOeQLMezBHxoqrkb-cU-HiEqI5I.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot location = /.well-known/acme-challenge/sJRfXb15uXQHDN7FC8w9dwubZPctTzq7pekzRf_X8Zk{default_type text/plain;return 200 sJRfXb15uXQHDN7FC8w9dwubZPctTzq7pekzRf_X8Zk.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-11-29 17:09:16,445:INFO:certbot.auth_handler:Waiting for verification... 2021-11-29 17:09:16,446:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-29 17:09:16,449:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911309820/HewKYg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVRYOENiXzJxMVBoR0NpbmlpYzVTendJZnZJekRiWmtvQVpDMmo3VUpCcjAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzOTExMzA5ODIwL0hld0tZZyJ9", "signature": "ILvJ2AhhXT4HJEdkRfk5HqWPh1-DvLkntVCPXmNYnUwZznd0uo5oJ2VVM1gnNgS4_McR8Pzdk5cWmjFQv1GqRvT7wDE9zWF0uUOuhMoBFdu8EIkKu3RQ9XpaNTVgQ4mBY4Sg_-gLlpKfYByrwSRdFWML2MKIp3fMFrF2FifmpqJpzj1s26E-zIk0aOU1081FBWTLaLza8LDFfJV247UVENWJ-YaMXyQYTPA5rNmFDN_w6-u3fnfrWjmIqIlGy8LMD7hIw2La6HQ6Ba9emH3idC1mb1UBMOMS_N9W9qE4uABxh6o4EqbiXHBZGafyusoybRwZ60GD0c5jeV8Xz0Holg", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-29 17:09:16,554:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53911309820/HewKYg HTTP/1.1" 200 186 2021-11-29 17:09:16,555:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 22:09:16 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911309820/HewKYg Replay-Nonce: 0002zY9OUe4R2eGck3khnVZiHCFNo65pqM9z3Q3hUegQJ2w X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911309820/HewKYg", "token": "TAPVEo0jYrWip6gpFOeQLMezBHxoqrkb-cU-HiEqI5I" } 2021-11-29 17:09:16,555:DEBUG:acme.client:Storing nonce: 0002zY9OUe4R2eGck3khnVZiHCFNo65pqM9z3Q3hUegQJ2w 2021-11-29 17:09:16,556:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-29 17:09:16,557:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911309830/_cxeZQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnpZOU9VZTRSMmVHY2sza2huVlppSENGTm82NXBxTTl6M1EzaFVlZ1FKMnciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzUzOTExMzA5ODMwL19jeGVaUSJ9", "signature": "T9GkZPvdPKP-ee5PK_Ss9sjI_HAabF499KnRqk4zn5xPRFsDyqvOSJ-GY3mydKU385jSGhlNdxwrJ16CzBfk2WKDe1k-qAmMYL_W1HaPF61o2d2K2-j7HGs_dT8DMyzOoh90qdKSNKVKe077N-2CrKDbw8SPbqx04s1uy2_0inCvw8MLGdnKtapIBFZlrkQ-w6pHpJJZYJpbKH4I5x7l6BVoHHfl_hIPLlHX98rBFovmekFCMKRUZ9sswzN46FI3Q7kW3d32u3YX84HkgpcyCmG0-0qiGaJVytnD-Nebg8J5Aitt8YyVjmuiHX-9rAJXaF2yL1Iq3Ki-J7fqB2h0kw", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-29 17:09:16,644:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/53911309830/_cxeZQ HTTP/1.1" 200 186 2021-11-29 17:09:16,645:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 22:09:16 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911309830/_cxeZQ Replay-Nonce: 0002oXUAcl243RKh3GUJbe4KIB9lYIGDnfMllfJcKJdsRo4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911309830/_cxeZQ", "token": "sJRfXb15uXQHDN7FC8w9dwubZPctTzq7pekzRf_X8Zk" } 2021-11-29 17:09:16,645:DEBUG:acme.client:Storing nonce: 0002oXUAcl243RKh3GUJbe4KIB9lYIGDnfMllfJcKJdsRo4 2021-11-29 17:09:17,647:DEBUG:acme.client:JWS payload: b'' 2021-11-29 17:09:17,649:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53911309820: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMm9YVUFjbDI0M1JLaDNHVUpiZTRLSUI5bFlJR0RuZk1sbGZKY0tKZHNSbzQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzOTExMzA5ODIwIn0", "signature": "Gt8ZebK6gnLdb2yvOAWYrTKOEWdL5B4Si56z3ni7CGzblWbGy19H5tVnMSu4gnNsb0mSJq5FioA2rO5PUIsdVDI9KYrvhMBYImEViVdTODlvpoyr1-GsMLo4LBbaNeS_DAvk5gAoPhqjSiKJ5uzBPiMOr2EBSJ9zGoOWRZE_Y49ack2jRT0-AUdqKnwkRfwk_eANM8h2v3hPb7B4YTITbAkFL1IlHzOypVVeJ4IeGnCdv5-qHlgy54Tkb70jlvKtMagR_5wxfadrQMHDrqA3DtiA-8TmCuuRkFtX-8lW7KHLjIc-jaxsYZrbmKPVqfiF5iOeATx33N9VDHlhXBy5RQ", "payload": "" } 2021-11-29 17:09:17,723:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53911309820 HTTP/1.1" 200 792 2021-11-29 17:09:17,724:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 22:09:17 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001Q7IXi43TawfZTaHoRSFtQK89UoKYWOLnUnTPuLJVQ_c X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-06T22:09:15Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911309820/HewKYg", "token": "TAPVEo0jYrWip6gpFOeQLMezBHxoqrkb-cU-HiEqI5I" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911309820/vQjLig", "token": "TAPVEo0jYrWip6gpFOeQLMezBHxoqrkb-cU-HiEqI5I" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911309820/M1V_EQ", "token": "TAPVEo0jYrWip6gpFOeQLMezBHxoqrkb-cU-HiEqI5I" } ] } 2021-11-29 17:09:17,724:DEBUG:acme.client:Storing nonce: 0001Q7IXi43TawfZTaHoRSFtQK89UoKYWOLnUnTPuLJVQ_c 2021-11-29 17:09:17,725:DEBUG:acme.client:JWS payload: b'' 2021-11-29 17:09:17,726:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53911309830: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVE3SVhpNDNUYXdmWlRhSG9SU0Z0UUs4OVVvS1lXT0xuVW5UUHVMSlZRX2MiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzOTExMzA5ODMwIn0", "signature": "orJ-ZGiy62-OtTZhExdTH4eRB4YxMvB5W4oFFWz4-05KiPQCzEkS-7uo01vrAc7Yanot2YNXoV4S0_9uAyWlkKSQ4JckmsHyd1ZoSe_gaRyJKlC1BJCawUubMADJO92FZQtWpjuLN1A066bSarq0KemjLBDuxvIoSjqOVuy2vJbZYL2wR0d2qQUJHLX4Ksh-7Y5Pq4c_vgxUztwjfRX-GDsV3rSJ6wc3grF5nzb-JrScKG1QmyXOSuWznjB-Fz9ylyW1NtBKxL-Zv9VD44i1QTWgCyo0bbBZA73EUxSa2u4Kjn98So0gkiZfk7PpOTtNDqV5Ewd8daa7ctLo9sJYSw", "payload": "" } 2021-11-29 17:09:17,792:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53911309830 HTTP/1.1" 200 1826 2021-11-29 17:09:17,792:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 22:09:17 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00013qwPAvPk0wwvfGfTbh0aPV6LB4eSOd43exFut3Xj8Rc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-06T22:09:15Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/sJRfXb15uXQHDN7FC8w9dwubZPctTzq7pekzRf_X8Zk [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911309830/_cxeZQ", "token": "sJRfXb15uXQHDN7FC8w9dwubZPctTzq7pekzRf_X8Zk", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/sJRfXb15uXQHDN7FC8w9dwubZPctTzq7pekzRf_X8Zk", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/sJRfXb15uXQHDN7FC8w9dwubZPctTzq7pekzRf_X8Zk", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/sJRfXb15uXQHDN7FC8w9dwubZPctTzq7pekzRf_X8Zk", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-29T22:09:16Z" } ] } 2021-11-29 17:09:17,793:DEBUG:acme.client:Storing nonce: 00013qwPAvPk0wwvfGfTbh0aPV6LB4eSOd43exFut3Xj8Rc 2021-11-29 17:09:17,793:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-11-29 17:09:20,795:DEBUG:acme.client:JWS payload: b'' 2021-11-29 17:09:20,797:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/53911309820: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMTNxd1BBdlBrMHd3dmZHZlRiaDBhUFY2TEI0ZVNPZDQzZXhGdXQzWGo4UmMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzUzOTExMzA5ODIwIn0", "signature": "oWGGn9mYS9-yoZJz44adLjlXkuRUAc9nsHTlN7kw9p9luzkfUousS2JwJ3CEDzCGqerns058tZjzgVzgScGF4Y7-PIBbs3oCYzQj58MlaeVfsBNAft3JJnl1VdaE-HwEYuJZW_R7r2Fyz8c4KP9xzeWimc-EuKniyrAATuDjUy1EiXNtQ24FIQV30vEbF3Vw739_pSK_d9yggvHC3P-wxSTPMDg8P1jMSOtOr_XWEOFh7-vm3CkmZDKIPvgWAxBWx8ZDd6wiNA6R-elr0hjtM9trR7S87SH_Mq5-EkxCjhYLu-W0MO8wQlLPAM9jYKwcxPGZa00zGNmkFS-r83-CFw", "payload": "" } 2021-11-29 17:09:20,906:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/53911309820 HTTP/1.1" 200 1505 2021-11-29 17:09:20,906:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 29 Nov 2021 22:09:20 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002fkDoTdmKKCFylKKdhJIb9guiMSH03DZql8ZJb5RS30c X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-06T22:09:15Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/TAPVEo0jYrWip6gpFOeQLMezBHxoqrkb-cU-HiEqI5I [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/53911309820/HewKYg", "token": "TAPVEo0jYrWip6gpFOeQLMezBHxoqrkb-cU-HiEqI5I", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/TAPVEo0jYrWip6gpFOeQLMezBHxoqrkb-cU-HiEqI5I", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/TAPVEo0jYrWip6gpFOeQLMezBHxoqrkb-cU-HiEqI5I", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-29T22:09:16Z" } ] } 2021-11-29 17:09:20,907:DEBUG:acme.client:Storing nonce: 0002fkDoTdmKKCFylKKdhJIb9guiMSH03DZql8ZJb5RS30c 2021-11-29 17:09:20,907:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-29 17:09:20,908:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-29 17:09:20,908:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-29 17:09:20,908:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: www.whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/sJRfXb15uXQHDN7FC8w9dwubZPctTzq7pekzRf_X8Zk [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-11-29 17:09:22,187:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-11-29 17:09:22,187:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-11-29 17:09:22,187:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-11-30 02:43:15,563:DEBUG:certbot.main:certbot version: 0.40.0 2021-11-30 02:43:15,564:DEBUG:certbot.main:Arguments: ['--standalone', '--pre-hook', '/bin/systemctl stop nginx', '--post-hook', '/bin/systemctl start nginx', '--quiet'] 2021-11-30 02:43:15,564:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-11-30 02:43:15,582:DEBUG:certbot.log:Root logging level set at 30 2021-11-30 02:43:15,582:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-11-30 02:43:15,603:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer 2021-11-30 02:43:15,604:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-30 02:43:15,604:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-30 02:43:15,604:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-30 02:43:15,620:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 02:43:15,622:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 02:43:15,622:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 02:43:15,626:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-30 02:43:15,626:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-30 02:43:15,627:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-30 02:43:15,631:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 02:43:15,632:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 02:43:15,632:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 02:43:15,647:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-30 02:43:15,648:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-30 02:43:15,648:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-30 02:43:15,654:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 02:43:15,656:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 02:43:15,657:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 02:43:15,661:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-30 02:43:15,662:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-30 02:43:15,662:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-30 02:43:15,667:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 02:43:15,668:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 02:43:15,669:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 02:43:15,674:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-30 02:43:15,674:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-30 02:43:15,674:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-30 02:43:15,680:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 02:43:15,682:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 02:43:15,683:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 02:43:15,686:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-30 02:43:15,691:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-11-30 02:43:15,691:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-11-30 02:43:15,691:INFO:certbot.renewal:Non-interactive renewal: random delay of 102.18842453376742 seconds 2021-11-30 02:44:57,951:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 02:44:58,307:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-30 02:44:58,308:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-11-30 02:44:58,308:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-30 02:44:58,308:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-11-30 02:44:58,316:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-30 02:44:58,318:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-30 02:44:58,321:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-30 02:44:58,479:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-30 02:44:58,480:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 07:44:58 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "vKv8A4ooI3k": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2021-11-30 02:44:58,481:INFO:certbot.hooks:Running pre-hook command: /bin/systemctl stop nginx 2021-11-30 02:44:58,526:INFO:certbot.main:Renewing an existing certificate 2021-11-30 02:44:58,735:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0468_key-certbot.pem 2021-11-30 02:44:58,748:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0468_csr-certbot.pem 2021-11-30 02:44:58,749:DEBUG:acme.client:Requesting fresh nonce 2021-11-30 02:44:58,749:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-30 02:44:58,800:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-30 02:44:58,801:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 07:44:58 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00012gUswaRB5QmCy2lea4FmfcVbCjRVpFCFWZbCs7l3BU4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-30 02:44:58,802:DEBUG:acme.client:Storing nonce: 00012gUswaRB5QmCy2lea4FmfcVbCjRVpFCFWZbCs7l3BU4 2021-11-30 02:44:58,802:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-11-30 02:44:58,805:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMTJnVXN3YVJCNVFtQ3kybGVhNEZtZmNWYkNqUlZwRkNGV1piQ3M3bDNCVTQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "gO1bqFjqU95RDxlR7hzbfj3y5QU1BJuCuVTZn-_bT8PqD_GGW7WhuBQAWqj78p0yjltLIQebaK7cGyHwuDFBhK3TVMkhLhuco88CdIzEDkk8SJlzq2ixhMjSzTdQguZVThexcmIjwsaAvNnQZQXXhn80Xwzi6fA4bPzvugDAm9VUOuXBfnRphLLox9R448PrPXv86pIGUrJwkLC-9N-xoqn6Kl-aBR8xVifw1kAgBiPoEzwf6Mn6OfCB_MG1BBuS5xLt5yCMOtt2Uz-lU9Bj2an7NJvxJXGMOn9wR-PKINEjzWD-hMGZORX4cl4GEQyU5EGFPBZ16F1k1B6VZyiyiQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-11-30 02:44:59,235:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-11-30 02:44:59,236:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Tue, 30 Nov 2021 07:44:59 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43590793580 Replay-Nonce: 0002BiZZ_NdPHzSEz9R_Q49fBinCbKU-8gArFjUX_SzWqBM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-07T07:44:59Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54037013760" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43590793580" } 2021-11-30 02:44:59,237:DEBUG:acme.client:Storing nonce: 0002BiZZ_NdPHzSEz9R_Q49fBinCbKU-8gArFjUX_SzWqBM 2021-11-30 02:44:59,237:DEBUG:acme.client:JWS payload: b'' 2021-11-30 02:44:59,239:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54037013760: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkJpWlpfTmRQSHpTRXo5Ul9RNDlmQmluQ2JLVS04Z0FyRmpVWF9TeldxQk0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MDM3MDEzNzYwIn0", "signature": "qICpxs0Mztj4YlYrFHn2m9b-ryjaJTkSSR31WOJ-7QMOxHy3eNajBzaxWkCcyUvvXZm8_kcVNvzCM51QJI4bxQsiayYX8Cn02jLIGfzqONxEQHaxFO7-h6NmT8Zy2K7AoI5mNEZokuF_-F5GL4QtWHp8GYTk6_-aqA0zmlgtjuaOQ2_HtlaZAWrLcCvAzWMAXzXphSCtl7Kgl61VxXw5-lfAH-8NVVXe6NIPbAVFP3luhH7rJitLTGpKWSYYO7POSVXG36OHt2PsbrMhdvveLgi-RA6jCO53EYedKvn1sW1UHIb4cAbt8y4EQbaNwKl7u5gNHEU18sTRWQ2dve10jg", "payload": "" } 2021-11-30 02:44:59,313:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54037013760 HTTP/1.1" 200 792 2021-11-30 02:44:59,314:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 07:44:59 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00023TYazIdCuI9ymcalWU7jEkitU4oPKiNnPwNWJOPPqO4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-07T07:44:59Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037013760/xBkeZg", "token": "KQiREgIddu7hVej3b2SSAMTbT4qaQWMhcLoqK75ZtW8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037013760/nYe41Q", "token": "KQiREgIddu7hVej3b2SSAMTbT4qaQWMhcLoqK75ZtW8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037013760/kCH47Q", "token": "KQiREgIddu7hVej3b2SSAMTbT4qaQWMhcLoqK75ZtW8" } ] } 2021-11-30 02:44:59,314:DEBUG:acme.client:Storing nonce: 00023TYazIdCuI9ymcalWU7jEkitU4oPKiNnPwNWJOPPqO4 2021-11-30 02:44:59,315:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-30 02:44:59,315:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-30 02:44:59,316:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-11-30 02:44:59,316:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-11-30 02:44:59,320:INFO:certbot.auth_handler:Waiting for verification... 2021-11-30 02:44:59,320:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-30 02:44:59,321:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037013760/xBkeZg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjNUWWF6SWRDdUk5eW1jYWxXVTdqRWtpdFU0b1BLaU5uUHdOV0pPUFBxTzQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0MDM3MDEzNzYwL3hCa2VaZyJ9", "signature": "l-49WROyM_E4exeD8YaHh-3vlhNvOqr9zBOX2419wZxoCf-ES4v8d2cOa1KMz9St67bzT9o0mXwSTnkVj_h_HuT-o1l_gNg3ejOKAwiy-V5CLuf795bQ_4Vwl9MG3LEsZF2QJflM0dSlRuEeuhVIxLJH100A9BIHljoJn8bFtOwmGA0vUgYJC-AQWDeOgBECui8Ge1I_MjZEZBKYxzZ-xvn1wS-x6fh3kCKMFFiqMpkFkSoDTtdV7pMCgrRjDGa_qWcd2q-BRlAOJLTVL8NnUZ0TeEu1do9GMMkXIrCylA0D87aST4_DEr60XTUeTtAw7al1UPs37aKHQccT9erC6g", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-30 02:44:59,392:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54037013760/xBkeZg HTTP/1.1" 200 186 2021-11-30 02:44:59,393:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 07:44:59 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037013760/xBkeZg Replay-Nonce: 0002qNAF3yFsDd8HCcaohmX6NZkubQ9wG_m3mCMqb_gtXyg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037013760/xBkeZg", "token": "KQiREgIddu7hVej3b2SSAMTbT4qaQWMhcLoqK75ZtW8" } 2021-11-30 02:44:59,393:DEBUG:acme.client:Storing nonce: 0002qNAF3yFsDd8HCcaohmX6NZkubQ9wG_m3mCMqb_gtXyg 2021-11-30 02:45:00,395:DEBUG:acme.client:JWS payload: b'' 2021-11-30 02:45:00,397:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54037013760: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnFOQUYzeUZzRGQ4SENjYW9obVg2TlprdWJROXdHX20zbUNNcWJfZ3RYeWciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MDM3MDEzNzYwIn0", "signature": "i9RfaiH-C78wY724jH8uzloY-R-G2RZVfj6uTKhW-tUJCInSDjBMhjmxi4mXg9pxqSFfDECJFfcfI1yZD_hFdA1gJE2jyC_7pVFdQsgeKZHWOg_c3qf3Q4NX_47lPH-xzRyf5ryKqgaZe384hlfSBD1CubD_cdFK0hZsfVykNqPih8jihnVDC_TGroR-_S9ZbKujXxTrBU9QkrNXkc2j0FJFU5pQPz6u7cqV4NC8W4OglmfdBvs0zafg6aj9Kkt2DysBOZ3PHS4xtjRoqg0XUmapX1akPq3RtM5-UAUlXsTSFrnhGcjCUk809MQjp8Ez9x0RY-Kw0esbUMwzgzKTiQ", "payload": "" } 2021-11-30 02:45:00,457:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54037013760 HTTP/1.1" 200 792 2021-11-30 02:45:00,458:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 07:45:00 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002vXuKDAmtnfZKl0A8eX3IqUA8jL3xPn0_dGgJhxb0lhc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-07T07:44:59Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037013760/xBkeZg", "token": "KQiREgIddu7hVej3b2SSAMTbT4qaQWMhcLoqK75ZtW8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037013760/nYe41Q", "token": "KQiREgIddu7hVej3b2SSAMTbT4qaQWMhcLoqK75ZtW8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037013760/kCH47Q", "token": "KQiREgIddu7hVej3b2SSAMTbT4qaQWMhcLoqK75ZtW8" } ] } 2021-11-30 02:45:00,458:DEBUG:acme.client:Storing nonce: 0002vXuKDAmtnfZKl0A8eX3IqUA8jL3xPn0_dGgJhxb0lhc 2021-11-30 02:45:03,462:DEBUG:acme.client:JWS payload: b'' 2021-11-30 02:45:03,465:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54037013760: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnZYdUtEQW10bmZaS2wwQThlWDNJcVVBOGpMM3hQbjBfZEdnSmh4YjBsaGMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MDM3MDEzNzYwIn0", "signature": "bKT7eKs9IAh5ADnmFb5DS9d5Zb83EFq7ombw6eKyM11VSU7yd_IZqgZGOpNG-9uBCz4hjFWjRkfPiVVZ0OCVZrr7tPPXfzRYkvlMePkxVroYrciqxt09O5W_1Q4NSk5c9R9B4p6Zr_6qhCnH-HfbQXqv6o2IiOMQuTojfudLyoZ6FgY-BBkIklD9hcHt5H_6Sf80W4JFbGmdOvbSnhjmCpx_eyYKfWSCU0D8-dPdvCDMUamSF4OavZPa0GatYu_29w4Gmd0-4C95HH98YXsAFr2tM2kX8HP8rGNJaIQBs0kMw5HGAMHRG39lkO5-HUgok9B2LseBHuzLgi9ZXXb85Q", "payload": "" } 2021-11-30 02:45:03,566:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54037013760 HTTP/1.1" 200 1505 2021-11-30 02:45:03,567:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 07:45:03 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00012V1OH3zKm8wEkp4xpboXh1eqD7mbSyObRM7tslL22MY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-07T07:44:59Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/KQiREgIddu7hVej3b2SSAMTbT4qaQWMhcLoqK75ZtW8 [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037013760/xBkeZg", "token": "KQiREgIddu7hVej3b2SSAMTbT4qaQWMhcLoqK75ZtW8", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/KQiREgIddu7hVej3b2SSAMTbT4qaQWMhcLoqK75ZtW8", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/KQiREgIddu7hVej3b2SSAMTbT4qaQWMhcLoqK75ZtW8", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-30T07:44:59Z" } ] } 2021-11-30 02:45:03,568:DEBUG:acme.client:Storing nonce: 00012V1OH3zKm8wEkp4xpboXh1eqD7mbSyObRM7tslL22MY 2021-11-30 02:45:03,569:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-30 02:45:03,569:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-30 02:45:03,569:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/KQiREgIddu7hVej3b2SSAMTbT4qaQWMhcLoqK75ZtW8 [75.2.60.5]: "\n\n\n \n Prep: True 2021-11-30 02:45:04,141:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-11-30 02:45:04,141:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-30 02:45:04,141:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-11-30 02:45:04,145:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-30 02:45:04,146:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-30 02:45:04,148:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-30 02:45:04,306:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-30 02:45:04,307:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 07:45:04 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "ijT1j3Z5lJg": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-11-30 02:45:04,308:INFO:certbot.hooks:Pre-hook command already run, skipping: /bin/systemctl stop nginx 2021-11-30 02:45:04,308:INFO:certbot.main:Renewing an existing certificate 2021-11-30 02:45:04,745:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0469_key-certbot.pem 2021-11-30 02:45:04,751:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0469_csr-certbot.pem 2021-11-30 02:45:04,752:DEBUG:acme.client:Requesting fresh nonce 2021-11-30 02:45:04,752:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-30 02:45:04,803:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-30 02:45:04,804:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 07:45:04 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002mah2_7XFnIwhmAEj6WnUK_P2bx2lz-oja06tCq62Hcs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-30 02:45:04,804:DEBUG:acme.client:Storing nonce: 0002mah2_7XFnIwhmAEj6WnUK_P2bx2lz-oja06tCq62Hcs 2021-11-30 02:45:04,805:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-11-30 02:45:04,808:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMm1haDJfN1hGbkl3aG1BRWo2V25VS19QMmJ4Mmx6LW9qYTA2dENxNjJIY3MiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "LAVCgqYee7mk-1KL2-Zd3kL0pqsx2njrCRFyNlgYTL-cf_pPI0xJPJAlLzpWWlsTR_0cw-vKr7B6poqSq2ngB626UwDbU2mMrghS1apOpWgox3g_lg7B6ac3w29TDxOD7IvRzaucV5j3QC54EgOpdDzGqLMWH67H28sAfyp2pKySWr5XMYt0pvQ8QHtn4bE2S3W2nsaOz28WVBlr43AT6ugCynfOgvi6Fo2_fMvS7ZJVs-BdhoobqK_r54aMELjHDgaqhEUUlgbn5PlbYEqBy1n0-34UKH9U6cjpKe-50WgnqOJuETCN-uiJ5EbBZfxPheAgtc4DIWq39povz1guNw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-11-30 02:45:06,916:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-11-30 02:45:06,917:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Tue, 30 Nov 2021 07:45:06 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43590841880 Replay-Nonce: 0001cXW_EmVogxCnFkc54QgbHq5jUD464_QqS3BG0QkEIaw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-07T07:45:06Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54037063710", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54037063720" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43590841880" } 2021-11-30 02:45:06,917:DEBUG:acme.client:Storing nonce: 0001cXW_EmVogxCnFkc54QgbHq5jUD464_QqS3BG0QkEIaw 2021-11-30 02:45:06,918:DEBUG:acme.client:JWS payload: b'' 2021-11-30 02:45:06,920:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54037063710: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWNYV19FbVZvZ3hDbkZrYzU0UWdiSHE1alVENDY0X1FxUzNCRzBRa0VJYXciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MDM3MDYzNzEwIn0", "signature": "WChZ9bMxJ77ZH4zm6yPt5AJcoMR0MfLMAnGwRNtcuS46jb2ZLdGGRRqbl4kVHb6gTZsUULxaObq1c2WziL8wyZo15ei329tI2GhM0DTomRIZtA_eGx04NmKNgFWOLF3MdI8rbUuxM8Bs-2tDFngsHJXY7RT8GfgPM1PgZPp8W7NzJPSJQOFzd8ff1W5ERB9ZIqPt72VK_oN_8_3Oh73N7HNLH7gqI5gJRh8MAKAcVIAosGh14GNb-xK44BnEWVJ4kfxYQTWvfHGJ4py-KTeb6vJ_1x_Q01veV9rGF5tdMNBIZqFCGgirETXtzEbeTWRP4R7eVC8R3pvQ6tnSKMXEGQ", "payload": "" } 2021-11-30 02:45:06,982:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54037063710 HTTP/1.1" 200 792 2021-11-30 02:45:06,983:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 07:45:06 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002C-r45qtAWAUWDy0fKgp0iVE4emOrIKMpoIUUxOIjv5E X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-07T07:45:06Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063710/HyTBxQ", "token": "Xu4sHFqchWWrFpeRrdff7OL2oPLX2LzC68YKjZGWzSU" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063710/xhEojQ", "token": "Xu4sHFqchWWrFpeRrdff7OL2oPLX2LzC68YKjZGWzSU" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063710/8Ha4gQ", "token": "Xu4sHFqchWWrFpeRrdff7OL2oPLX2LzC68YKjZGWzSU" } ] } 2021-11-30 02:45:06,983:DEBUG:acme.client:Storing nonce: 0002C-r45qtAWAUWDy0fKgp0iVE4emOrIKMpoIUUxOIjv5E 2021-11-30 02:45:06,984:DEBUG:acme.client:JWS payload: b'' 2021-11-30 02:45:06,986:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54037063720: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkMtcjQ1cXRBV0FVV0R5MGZLZ3AwaVZFNGVtT3JJS01wb0lVVXhPSWp2NUUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MDM3MDYzNzIwIn0", "signature": "Eeg3X7DeZYvU2KTSCNvLxYUy4AooicCi__biu5E19aloNgOhEKWBQs-Pu_wGcQVqx2hlSvAXAqmOhWZ6ki8Tixx3QxQn-VFEQG2C6mPOr8QhsNl7YamxeA91rOlQzKe_PvxvA9ft1MYTww6kGlntO0-dskfVUEAlRyrYYc-alOAvwypmRcyCpA9WzjIuy4UmfZqrLOA4gAP1G5oHWU-dacGcKkgOGmqxiX0s3Ki1dc905GtwI--fAIYqGRq5wkxTeA5kNJA_2Uh_ILEINz45sYp_OtoJ1nIw-pOyZyWZG3ELX7F2RkHn6LTu37d2W9oL40zvfWhFUsN_Xo1u_sittg", "payload": "" } 2021-11-30 02:45:07,087:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54037063720 HTTP/1.1" 200 796 2021-11-30 02:45:07,088:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 07:45:07 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001S2fhYkT5drsBPOFjZav9OCuImyAdIkRWziUcr29mXQ4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-07T07:45:06Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063720/GNNtaA", "token": "L6iURBJqGofZK9sJXwD-P-wzymnfAMQRLx07578jnXs" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063720/htBOGg", "token": "L6iURBJqGofZK9sJXwD-P-wzymnfAMQRLx07578jnXs" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063720/f-bpGw", "token": "L6iURBJqGofZK9sJXwD-P-wzymnfAMQRLx07578jnXs" } ] } 2021-11-30 02:45:07,089:DEBUG:acme.client:Storing nonce: 0001S2fhYkT5drsBPOFjZav9OCuImyAdIkRWziUcr29mXQ4 2021-11-30 02:45:07,089:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-30 02:45:07,090:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-30 02:45:07,090:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-30 02:45:07,090:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-11-30 02:45:07,091:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-11-30 02:45:07,097:INFO:certbot.auth_handler:Waiting for verification... 2021-11-30 02:45:07,098:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-30 02:45:07,100:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063710/HyTBxQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVMyZmhZa1Q1ZHJzQlBPRmpaYXY5T0N1SW15QWRJa1JXemlVY3IyOW1YUTQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0MDM3MDYzNzEwL0h5VEJ4USJ9", "signature": "TkdTkEtccSy9YVvfKW_f-uDJHNw2iziFIElb9D8ZV2FxAbs_bm3hdDnpPphmDn5z-1HZChB3WuMdo4X33x80ZPwGnmptZhgViKWk-2vxuLt4lXhvrxKDBW8d7UDBrqLpzZu5oAQwDZnYue3DI1eHqNZX4vOCKZxWciKKf01M5sKfbzDG3I6loh50jWHCXzz5gWFflvEkboceEs2oMo5CsQmRddeIUbk7cEMjLVjKfKT3MWnUwBI7byNk4Jufk5xZpr-GJlThv301-ZBBbVJ06Nl2WfeuV2Q-lgRdLoWesk1CNFOnGSWxyFgWYbteyU9chE644j_vW5XOpzEDLtsH2w", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-30 02:45:07,184:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54037063710/HyTBxQ HTTP/1.1" 200 186 2021-11-30 02:45:07,185:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 07:45:07 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063710/HyTBxQ Replay-Nonce: 0002VJ6pOFSUN2_UXRNFNcpqsZtklnuO-08hEaix5W9eYRg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063710/HyTBxQ", "token": "Xu4sHFqchWWrFpeRrdff7OL2oPLX2LzC68YKjZGWzSU" } 2021-11-30 02:45:07,186:DEBUG:acme.client:Storing nonce: 0002VJ6pOFSUN2_UXRNFNcpqsZtklnuO-08hEaix5W9eYRg 2021-11-30 02:45:07,186:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-30 02:45:07,188:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063720/GNNtaA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlZKNnBPRlNVTjJfVVhSTkZOY3Bxc1p0a2xudU8tMDhoRWFpeDVXOWVZUmciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0MDM3MDYzNzIwL0dOTnRhQSJ9", "signature": "IViSLaA9cTgXxtC-GPslXo1kRi2Tt9cKFuc06kaMZNIbCm-X5tbK49De_1PNxxwlZeqYKy0ced_6ej8g20DiWSGdhGMMfSvHUHsBFyY9tKBjGTN36wG4Pyk_QDQ6trA9QNkS9M5yRM-lsh3T_hscLbnR16CoZGXJ73AIlNxyV82jG2_qd7vYQN93nRhjRfBvq6TKTWULXKeaGBomhNSjh-oWkbVdS_oH3htDFGQrkkNeDQzeCNVVcQ-JWkvDH0cdH0SKzwat4VwfdnoQMgCcs1pB1GEJXnBn_yv5FI8awU0fwFPb9vlTLgGU8B7oBD9ST8UP0WrJmGd5Vc4CyH8vbA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-30 02:45:07,259:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54037063720/GNNtaA HTTP/1.1" 200 186 2021-11-30 02:45:07,260:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 07:45:07 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063720/GNNtaA Replay-Nonce: 00015wklU_VGTzCPiS4k3RuFR0mlbN-BXP_Iau2Vv6ymQ4k X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063720/GNNtaA", "token": "L6iURBJqGofZK9sJXwD-P-wzymnfAMQRLx07578jnXs" } 2021-11-30 02:45:07,260:DEBUG:acme.client:Storing nonce: 00015wklU_VGTzCPiS4k3RuFR0mlbN-BXP_Iau2Vv6ymQ4k 2021-11-30 02:45:08,262:DEBUG:acme.client:JWS payload: b'' 2021-11-30 02:45:08,265:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54037063710: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMTV3a2xVX1ZHVHpDUGlTNGszUnVGUjBtbGJOLUJYUF9JYXUyVnY2eW1RNGsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MDM3MDYzNzEwIn0", "signature": "dQ0yAnC37UwWXAulgHwUvGjIa5ufpWrFDinqPQ1Xm7fc3hiFiUr3h4r5dnY8BLjn5UVkOqW8CQsTljgfDJxqv70JOetNPtdvIhwg5a0ds-8vQYIoLQXpP8Ax8sUjawk48Zf1YMZg34qbEHQpEF4N7bqp3t5bfU99PxUcIgG649joQ5Hc9v9epWGrmFFtYtULVxUFePixVtAdcUfROsA-uq-3-QG9nCkm7ZecEuyGwleKV8RaAvU0gQ793vKGazIgbIXLkCmvtUfpsZn1uRWfLetox1C82RZCMNusRHvysnAxeOLr6uLc0j2lOeMhpoDxoHBd2WHmZpysLnhWZVNGjA", "payload": "" } 2021-11-30 02:45:08,356:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54037063710 HTTP/1.1" 200 792 2021-11-30 02:45:08,357:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 07:45:08 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001XY3jotRzMyNMeVbS8UdYSiMWP1I_Qbk-lWW5WiOIpiQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-07T07:45:06Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063710/HyTBxQ", "token": "Xu4sHFqchWWrFpeRrdff7OL2oPLX2LzC68YKjZGWzSU" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063710/xhEojQ", "token": "Xu4sHFqchWWrFpeRrdff7OL2oPLX2LzC68YKjZGWzSU" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063710/8Ha4gQ", "token": "Xu4sHFqchWWrFpeRrdff7OL2oPLX2LzC68YKjZGWzSU" } ] } 2021-11-30 02:45:08,357:DEBUG:acme.client:Storing nonce: 0001XY3jotRzMyNMeVbS8UdYSiMWP1I_Qbk-lWW5WiOIpiQ 2021-11-30 02:45:08,358:DEBUG:acme.client:JWS payload: b'' 2021-11-30 02:45:08,360:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54037063720: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVhZM2pvdFJ6TXlOTWVWYlM4VWRZU2lNV1AxSV9RYmstbFdXNVdpT0lwaVEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MDM3MDYzNzIwIn0", "signature": "bXPN111MwkxLJ82uKXjy8NK1CjMRtQQDklFbMA-n0sCqz-setNOsGFpze8qXZRlmtrdn3d4czhB-8cbugogjtg1pQGFoGtcW8qXydgJ-QTKpHhgNlNNh5c_8wmhZiR5xefN7hnYDa-lUGKf-CTmLRn5VupeDuC6gtaGe6ASHI3H15KMvaUE9A6jhBEBJUwtxwME7VRvBd1eHm3x63xJNAQgBSnqVWyU4c93Aw6PXBePXWiPKL4wyfN4_D3ei5dpX-yqxWGMIgl47qnNnd5c1dP4pVOObmYh9LLAJJegbUXbcWuTGcseerXRxf1RP7oPiEKdFNA1bLrVwk967_yJTdw", "payload": "" } 2021-11-30 02:45:08,445:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54037063720 HTTP/1.1" 200 796 2021-11-30 02:45:08,446:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 07:45:08 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002RCuvhmCenYGOVJEmCyhGOJY5TP5kIAaAsAW__YzVe6c X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-07T07:45:06Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063720/GNNtaA", "token": "L6iURBJqGofZK9sJXwD-P-wzymnfAMQRLx07578jnXs" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063720/htBOGg", "token": "L6iURBJqGofZK9sJXwD-P-wzymnfAMQRLx07578jnXs" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063720/f-bpGw", "token": "L6iURBJqGofZK9sJXwD-P-wzymnfAMQRLx07578jnXs" } ] } 2021-11-30 02:45:08,446:DEBUG:acme.client:Storing nonce: 0002RCuvhmCenYGOVJEmCyhGOJY5TP5kIAaAsAW__YzVe6c 2021-11-30 02:45:11,450:DEBUG:acme.client:JWS payload: b'' 2021-11-30 02:45:11,453:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54037063710: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlJDdXZobUNlbllHT1ZKRW1DeWhHT0pZNVRQNWtJQWFBc0FXX19ZelZlNmMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MDM3MDYzNzEwIn0", "signature": "NZwi8QrsPDbIiSL6bt0N8UOf2AbuQmTnANuwIwrV9fdrhx30w-qq1eavJ01sCGbGskR4aZTf54__iINGvRZX_ic7MQN1ZNDuPJXtt4RddAAb19efY6TuPnXz5T7I23HBXACKZKqFWZVHQPseE4KGV_8GZ70tV2-mQZn45Wrsu3uR51NcyORTG7M8YN8PIQlUA75f08YGwASABbHSXbC3zModqxvGGCQ_zPIzyEFUSAevSaTMEav8RVQyiWl9yoagPmL9FCQ3P1g1nY1r6jlIGGDbs-sPLMAt4tR-1pWyNaLOBjF5MV7buvt4p50mdkpf160VBaPU-Ux-JuTN0_w0EA", "payload": "" } 2021-11-30 02:45:11,518:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54037063710 HTTP/1.1" 200 1505 2021-11-30 02:45:11,519:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 07:45:11 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001hthnnNFA5vyCXFPWjJAF2hJ2s70c799F_pMzDzpkTwQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-07T07:45:06Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/Xu4sHFqchWWrFpeRrdff7OL2oPLX2LzC68YKjZGWzSU [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063710/HyTBxQ", "token": "Xu4sHFqchWWrFpeRrdff7OL2oPLX2LzC68YKjZGWzSU", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/Xu4sHFqchWWrFpeRrdff7OL2oPLX2LzC68YKjZGWzSU", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/Xu4sHFqchWWrFpeRrdff7OL2oPLX2LzC68YKjZGWzSU", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-30T07:45:07Z" } ] } 2021-11-30 02:45:11,519:DEBUG:acme.client:Storing nonce: 0001hthnnNFA5vyCXFPWjJAF2hJ2s70c799F_pMzDzpkTwQ 2021-11-30 02:45:11,520:DEBUG:acme.client:JWS payload: b'' 2021-11-30 02:45:11,522:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54037063720: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWh0aG5uTkZBNXZ5Q1hGUFdqSkFGMmhKMnM3MGM3OTlGX3BNekR6cGtUd1EiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MDM3MDYzNzIwIn0", "signature": "Rjwspw3x_nkvcY48H54Zw0HUS6IiZWD-KjodbfJj-qNSE9UrdtEcCVmd_XnEAqRpAHyyVWiZhtXtjLXUZODHIUG5VV9_BGH9ij9vypXGVSJun0_YrMJeV5Ba4JXovtLOh1j50EVCeYuBPH3MtwE9pqezh7XN4y3BCQ0BzHB97PxCHQjHGWouL1J3GnrlPp3RdHLG6vSq-dxqlK978CXIKf8dEOBrbzxaQ3yHYAXfoe8SP985_Wq8n7xUZTMCJL3Q8qffcOzrpsXx4wB7tCFi8DQI7NMWVggczBjIueqlDTlHeITqgTSbw1-iieoge1q5WG0Yzq-fT76h-fiRCWY5zA", "payload": "" } 2021-11-30 02:45:11,588:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54037063720 HTTP/1.1" 200 1826 2021-11-30 02:45:11,589:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 07:45:11 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001KP0S62Lmm24WWM79yZfrb7CtKoTazoV4c2j0QqKJI54 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-07T07:45:06Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/L6iURBJqGofZK9sJXwD-P-wzymnfAMQRLx07578jnXs [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54037063720/GNNtaA", "token": "L6iURBJqGofZK9sJXwD-P-wzymnfAMQRLx07578jnXs", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/L6iURBJqGofZK9sJXwD-P-wzymnfAMQRLx07578jnXs", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/L6iURBJqGofZK9sJXwD-P-wzymnfAMQRLx07578jnXs", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/L6iURBJqGofZK9sJXwD-P-wzymnfAMQRLx07578jnXs", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-30T07:45:07Z" } ] } 2021-11-30 02:45:11,590:DEBUG:acme.client:Storing nonce: 0001KP0S62Lmm24WWM79yZfrb7CtKoTazoV4c2j0QqKJI54 2021-11-30 02:45:11,590:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-30 02:45:11,590:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-11-30 02:45:11,591:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-30 02:45:11,591:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-30 02:45:11,591:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/Xu4sHFqchWWrFpeRrdff7OL2oPLX2LzC68YKjZGWzSU [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-11-30 02:45:11,609:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-11-30 02:45:11,609:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-11-30 02:45:11,609:INFO:certbot.hooks:Running post-hook command: /bin/systemctl start nginx 2021-11-30 02:45:11,719:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-11-30 06:43:14,937:DEBUG:certbot.main:certbot version: 0.40.0 2021-11-30 06:43:14,937:DEBUG:certbot.main:Arguments: ['--standalone', '--pre-hook', '/bin/systemctl stop nginx', '--post-hook', '/bin/systemctl start nginx', '--quiet'] 2021-11-30 06:43:14,938:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-11-30 06:43:14,949:DEBUG:certbot.log:Root logging level set at 30 2021-11-30 06:43:14,950:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-11-30 06:43:14,961:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer 2021-11-30 06:43:14,961:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-30 06:43:14,962:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-30 06:43:14,962:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-30 06:43:14,974:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 06:43:14,975:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 06:43:14,976:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 06:43:14,978:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-30 06:43:14,978:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-30 06:43:14,978:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-30 06:43:14,981:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 06:43:14,982:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 06:43:14,982:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 06:43:14,984:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-30 06:43:14,984:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-30 06:43:14,984:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-30 06:43:14,987:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 06:43:14,988:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 06:43:14,989:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 06:43:14,990:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-30 06:43:14,990:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-30 06:43:14,991:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-30 06:43:14,993:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 06:43:14,994:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 06:43:14,995:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 06:43:14,996:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-30 06:43:14,996:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-11-30 06:43:14,997:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-11-30 06:43:15,001:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 06:43:15,002:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 06:43:15,003:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 06:43:15,004:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-11-30 06:43:15,007:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-11-30 06:43:15,007:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-11-30 06:43:15,007:INFO:certbot.renewal:Non-interactive renewal: random delay of 252.35849945173766 seconds 2021-11-30 06:47:27,441:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 06:47:27,754:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-30 06:47:27,755:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-11-30 06:47:27,755:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-30 06:47:27,755:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-11-30 06:47:27,759:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-30 06:47:27,761:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-30 06:47:27,764:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-30 06:47:27,924:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-30 06:47:27,925:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 11:47:27 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "PEKPaQ831u0": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-11-30 06:47:27,925:INFO:certbot.hooks:Running pre-hook command: /bin/systemctl stop nginx 2021-11-30 06:47:27,968:INFO:certbot.main:Renewing an existing certificate 2021-11-30 06:47:28,053:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0470_key-certbot.pem 2021-11-30 06:47:28,061:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0470_csr-certbot.pem 2021-11-30 06:47:28,062:DEBUG:acme.client:Requesting fresh nonce 2021-11-30 06:47:28,062:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-30 06:47:28,116:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-30 06:47:28,117:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 11:47:28 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002Q62vGP3inGWGP1ImGzez-bVMwSGKmL_R8lQQNsCEpgU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-30 06:47:28,118:DEBUG:acme.client:Storing nonce: 0002Q62vGP3inGWGP1ImGzez-bVMwSGKmL_R8lQQNsCEpgU 2021-11-30 06:47:28,118:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-11-30 06:47:28,122:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlE2MnZHUDNpbkdXR1AxSW1HemV6LWJWTXdTR0ttTF9SOGxRUU5zQ0VwZ1UiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "LxlxnOi1IfWbNEPv6fQp6ZpUBexwTj8iS4mFmpn1dWkgXQHSgDpKgsf8ioX82PoSyypsJt8aTwh6R9PF5tWU30lvsErNhVSrDooJizyZS34CHZbShVFuPxcDYhMtJuPeKDVohYc7SZVE3AOwP6zcwW46Vy2NLFp15IhIa2xdfHJR32Nmxl5YraGgL8UTWWn47zZi6x5YDuHqAy_8Gu8LFG9OJYxLFc1ykl3AIXGoXfwWNE6yNAJdYbZW3kq0lvOAbO90QcvwsIcJg3Vzmf2_Jo-okgXJlW5l8eRhkWcbQ3CKwfq4bqVyGaT1SoIovZ8Opab3sUcw2VjeGz-YbHYd8w", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-11-30 06:47:29,486:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-11-30 06:47:29,487:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Tue, 30 Nov 2021 11:47:29 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43633294330 Replay-Nonce: 0001vOOH9i1kkoyvaKRe5vNxYkMhtXZvmmibeY0FNgSZWiQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-07T11:47:29Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54088006970" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43633294330" } 2021-11-30 06:47:29,487:DEBUG:acme.client:Storing nonce: 0001vOOH9i1kkoyvaKRe5vNxYkMhtXZvmmibeY0FNgSZWiQ 2021-11-30 06:47:29,488:DEBUG:acme.client:JWS payload: b'' 2021-11-30 06:47:29,490:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54088006970: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXZPT0g5aTFra295dmFLUmU1dk54WWtNaHRYWnZtbWliZVkwRk5nU1pXaVEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MDg4MDA2OTcwIn0", "signature": "YM9UsCFObOA3qsw28v0NjNj1xsw3XgrZwjFvWaBp6X0Ck7aml9w2MxBNy6q47mWYuZ4M9YMGEHv7ZZC84K0xjyQ8RZy0oupCtZuh3qXcshqfoau9Y8MO4ZaIHziVY1FETJInJ3-CDG-qDd5ACYFJi-ZCqHv4Or_AAbX1nBrCYyLS4clqPgfNiloFqSWGf0tf06Q8U1NxCctEPlMDLyadAt7YMaqFPPyVInzFsKO7MBgmUDjbUS85yBCXQK3iwyBXDFdk8isvYR6sNyki1EpyfzkKQ6Isus9cxijD6ghLNOIhfVIt4L4qWhKnmPEx_Dw8jVSoA8pSBwmwt38rmkKvRg", "payload": "" } 2021-11-30 06:47:29,593:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54088006970 HTTP/1.1" 200 792 2021-11-30 06:47:29,593:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 11:47:29 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00019crbUn7fGLDqwrcsyUjqi0hwwMMC5McrVwfcUISa_x0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-07T11:47:29Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088006970/U_SECg", "token": "rc6rsei8ZeTrmlMl0CaCMDPvv0W8vBNPnYPbYiaFjRs" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088006970/LVvvLQ", "token": "rc6rsei8ZeTrmlMl0CaCMDPvv0W8vBNPnYPbYiaFjRs" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088006970/ggTEjg", "token": "rc6rsei8ZeTrmlMl0CaCMDPvv0W8vBNPnYPbYiaFjRs" } ] } 2021-11-30 06:47:29,594:DEBUG:acme.client:Storing nonce: 00019crbUn7fGLDqwrcsyUjqi0hwwMMC5McrVwfcUISa_x0 2021-11-30 06:47:29,594:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-30 06:47:29,595:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-30 06:47:29,595:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-11-30 06:47:29,596:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-11-30 06:47:29,600:INFO:certbot.auth_handler:Waiting for verification... 2021-11-30 06:47:29,601:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-30 06:47:29,603:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088006970/U_SECg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMTljcmJVbjdmR0xEcXdyY3N5VWpxaTBod3dNTUM1TWNyVndmY1VJU2FfeDAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0MDg4MDA2OTcwL1VfU0VDZyJ9", "signature": "elaiaffu0u29w3-IQAb0BtdewxN34d0O1MHShtTg-wf2rt2P4sedwpPuGC8XvKh2xYBlm1C9k4K8SekGkIMK0DqnYqX2jUdaX-k6ZIh5t9YWsH5nu0PHUSR3HSFBgWRQA_kKVHMW17I1JddKOAPDkL9s6LVZtiE0F9pv9neqlUgot0xFNf2Vkm2dTAtXbcIHcXNyYKbi59aYP0GcOKNPzOUz90Ww2TH_m8AkU1stKXIt5LCxITjQmCZE5ZkO03WgIXAyQXEN4iAh00qscTq3baW6r5b1aFNiSxjdOifvaBcjlocCZs8YdTKC3gjT_NYb42cGl_7ESS6JNiUe9XuH5Q", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-30 06:47:29,671:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54088006970/U_SECg HTTP/1.1" 200 186 2021-11-30 06:47:29,672:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 11:47:29 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088006970/U_SECg Replay-Nonce: 0001EOc311LkhVWKre7MsyT6DJXx7ZytVl5W-VbszLliFaw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088006970/U_SECg", "token": "rc6rsei8ZeTrmlMl0CaCMDPvv0W8vBNPnYPbYiaFjRs" } 2021-11-30 06:47:29,672:DEBUG:acme.client:Storing nonce: 0001EOc311LkhVWKre7MsyT6DJXx7ZytVl5W-VbszLliFaw 2021-11-30 06:47:30,674:DEBUG:acme.client:JWS payload: b'' 2021-11-30 06:47:30,676:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54088006970: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUVPYzMxMUxraFZXS3JlN01zeVQ2REpYeDdaeXRWbDVXLVZic3pMbGlGYXciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MDg4MDA2OTcwIn0", "signature": "BvTuCtodG6BKBs75Q-OHZDlwab7FeSLNfxXyO_wtCJF3CTGdlkwbNpGFLGlN1ISCfBLewqwKyDvLr1eT4fUcybWvW-Cb6uo6SLLceHKNLHcWrIbKIeE1tiyhqVk3c4jcFSwTt5fpgABaCvJozhFIUTtyNSqAtV5PRimY9yO9uAyRsXMQc_-REn8wkvuEkBig75yIlvzmSEFtj7SKMlqkAbEsdwPyExQqFyFLzCl8pAgFGWdEjcg5TIuk3014WxQYdnp-xl8FKxlyyUhUJ-knCbv8ZkVfNCeacIJYpxHbAxcxU5SAZ-JNJBJ6rG7QMZ_9GfwCIQFprfespHUxJlTlig", "payload": "" } 2021-11-30 06:47:30,747:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54088006970 HTTP/1.1" 200 1505 2021-11-30 06:47:30,748:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 11:47:30 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001bfCGALs7uvc1SEcG253KWl_vmO1rLYK5gZBkmzplUgI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-07T11:47:29Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/rc6rsei8ZeTrmlMl0CaCMDPvv0W8vBNPnYPbYiaFjRs [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088006970/U_SECg", "token": "rc6rsei8ZeTrmlMl0CaCMDPvv0W8vBNPnYPbYiaFjRs", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/rc6rsei8ZeTrmlMl0CaCMDPvv0W8vBNPnYPbYiaFjRs", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/rc6rsei8ZeTrmlMl0CaCMDPvv0W8vBNPnYPbYiaFjRs", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-30T11:47:29Z" } ] } 2021-11-30 06:47:30,748:DEBUG:acme.client:Storing nonce: 0001bfCGALs7uvc1SEcG253KWl_vmO1rLYK5gZBkmzplUgI 2021-11-30 06:47:30,749:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-30 06:47:30,749:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-30 06:47:30,749:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/rc6rsei8ZeTrmlMl0CaCMDPvv0W8vBNPnYPbYiaFjRs [75.2.60.5]: "\n\n\n \n Prep: True 2021-11-30 06:47:31,385:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-11-30 06:47:31,386:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-30 06:47:31,386:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-11-30 06:47:31,390:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-30 06:47:31,390:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-30 06:47:31,392:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-30 06:47:31,546:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-30 06:47:31,547:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 11:47:31 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "QeHIs1CEpDo": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-11-30 06:47:31,548:INFO:certbot.hooks:Pre-hook command already run, skipping: /bin/systemctl stop nginx 2021-11-30 06:47:31,548:INFO:certbot.main:Renewing an existing certificate 2021-11-30 06:47:31,816:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0471_key-certbot.pem 2021-11-30 06:47:31,823:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0471_csr-certbot.pem 2021-11-30 06:47:31,824:DEBUG:acme.client:Requesting fresh nonce 2021-11-30 06:47:31,824:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-30 06:47:31,875:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-30 06:47:31,876:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 11:47:31 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001dhVYeLqLg21tdw8maG5HsONMD6-EN95wWHqisxxxhb4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-30 06:47:31,876:DEBUG:acme.client:Storing nonce: 0001dhVYeLqLg21tdw8maG5HsONMD6-EN95wWHqisxxxhb4 2021-11-30 06:47:31,876:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-11-30 06:47:31,879:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWRoVlllTHFMZzIxdGR3OG1hRzVIc09OTUQ2LUVOOTV3V0hxaXN4eHhoYjQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "EYwVASxubc0HvmbGHbWUpdvHzgmEFd2SomaMJZZEvdugtk7RFtxGksc3FzaWDocwxuWxpH0hZptTziscn_ZR7TRbeyjCa9DKISb0fBD9B6jyVy_60iKAqCWdKLbMHKrh8rVhww_OJ2z99XHLSQPojGjk_ItFNGbOx9pOySXi_W13gcLQKg8OIlAQ94DQQvYFpkliHR7Rbb3DqkSJx_FCpY6-ZD1wvKdFIYfufoa4h6Zt7FIkToZBZyklKEB0Bh_Ku69IAqpxKnaOcE1Q7Z-JZuuKm6I24FjAYfZ4tRCa3R2libWhy69LDK8XUKPncutd2E0jf2zsUhX9-k3Rr8QnBA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-11-30 06:47:32,552:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-11-30 06:47:32,554:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Tue, 30 Nov 2021 11:47:32 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43633302210 Replay-Nonce: 0001lTetevYei4rGoftxTIXx9efYZaQHkisxs18CR6XoDt8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-07T11:47:32Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54088017470", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54088017480" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43633302210" } 2021-11-30 06:47:32,554:DEBUG:acme.client:Storing nonce: 0001lTetevYei4rGoftxTIXx9efYZaQHkisxs18CR6XoDt8 2021-11-30 06:47:32,555:DEBUG:acme.client:JWS payload: b'' 2021-11-30 06:47:32,557:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54088017470: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWxUZXRldlllaTRyR29mdHhUSVh4OWVmWVphUUhraXN4czE4Q1I2WG9EdDgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MDg4MDE3NDcwIn0", "signature": "IB7hBUvmEfIEDPOO5ge3tKzJbYlcxjwmyx5R65ojCbxNyCAiPGsXmi3XqfFsvmF00ABXQ1SJS3y_11Bsz6C_mggYsJTb7A5zWuBu_NVw7ZmAlPgjqzP3Ox27CIwQGjnVIP0oOSxu7hFwgN2HNOf2PLmQ08X_yCYxz_sRvde6eUMsdkBQ8GP1mlDno7dunsRoJCPsMjit34xiDpW9CH-Co-6cAKcvtkGqd9K5taUsaCh8azybpyw5PPmccPoNZuKsEK4Ip_hUWlXp4vb1M4yZhLzftKXdntaC_A-Qh1q_RtjzBPHG2krPq4gXopH54B01w0XWhAh_2kl2UsX2t9_saQ", "payload": "" } 2021-11-30 06:47:32,621:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54088017470 HTTP/1.1" 200 792 2021-11-30 06:47:32,622:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 11:47:32 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002sZoaGUaW5N_7eV0eXoalMmV_ROCfN3MxBr_RWzgsO_s X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-07T11:47:32Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088017470/6AL-SA", "token": "GbSzsuWYILtCIB6UjkaRRLq3PRgHHCYcqbS-hrqhSoM" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088017470/hJ-26g", "token": "GbSzsuWYILtCIB6UjkaRRLq3PRgHHCYcqbS-hrqhSoM" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088017470/x9p50A", "token": "GbSzsuWYILtCIB6UjkaRRLq3PRgHHCYcqbS-hrqhSoM" } ] } 2021-11-30 06:47:32,622:DEBUG:acme.client:Storing nonce: 0002sZoaGUaW5N_7eV0eXoalMmV_ROCfN3MxBr_RWzgsO_s 2021-11-30 06:47:32,623:DEBUG:acme.client:JWS payload: b'' 2021-11-30 06:47:32,625:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54088017480: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnNab2FHVWFXNU5fN2VWMGVYb2FsTW1WX1JPQ2ZOM014QnJfUld6Z3NPX3MiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MDg4MDE3NDgwIn0", "signature": "PomK6oZp-cjBWDIm8z2ccw2XDdc0LvhFNtaLJeoYbVFbU68-F32l2NgN9AttMESIHGA_tjraRxm6OfKk7dJR8Qu_zmjvVLY12HzpHyw-7p3_l_xSIfHYCZfgHznWSgeX3HedbMG-T_iArMEI-W9vSFjSL_feYvpUA5gKc3abZTRXqTVQp4UnEwiea4ZFFFlcKrFKe5E_EVY6NdgahPi05bCeiAxM_wNf8i8RUJNPDdGPTQ9dus-z9EkJGmCv13KkWSPGBHQ7DUaotpgr3vrh5shdMbL70wSF6-pI0T1qn2yp7gC5MtI8pWUixpX1oGrWkdpsBBXgn1AfrB-1A2Jcvg", "payload": "" } 2021-11-30 06:47:32,696:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54088017480 HTTP/1.1" 200 796 2021-11-30 06:47:32,697:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 11:47:32 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002aWiqcO1bOQp9tpmTLYTpBZtcsthh0ziW9yIa8SF7yps X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-07T11:47:32Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088017480/hSoMzw", "token": "Ra9rgP87xBhuQRmBPwOD7JX6oM7BNbduYvSJJAJEPak" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088017480/T3jweQ", "token": "Ra9rgP87xBhuQRmBPwOD7JX6oM7BNbduYvSJJAJEPak" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088017480/-tb7mw", "token": "Ra9rgP87xBhuQRmBPwOD7JX6oM7BNbduYvSJJAJEPak" } ] } 2021-11-30 06:47:32,697:DEBUG:acme.client:Storing nonce: 0002aWiqcO1bOQp9tpmTLYTpBZtcsthh0ziW9yIa8SF7yps 2021-11-30 06:47:32,698:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-30 06:47:32,698:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-30 06:47:32,698:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-30 06:47:32,699:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-11-30 06:47:32,699:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-11-30 06:47:32,705:INFO:certbot.auth_handler:Waiting for verification... 2021-11-30 06:47:32,705:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-30 06:47:32,707:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088017470/6AL-SA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmFXaXFjTzFiT1FwOXRwbVRMWVRwQlp0Y3N0aGgwemlXOXlJYThTRjd5cHMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0MDg4MDE3NDcwLzZBTC1TQSJ9", "signature": "XLKaZdXzsgt016CBhfP4nV3WgekOPeApZ-1yC9zqqXGB_cuSDgiOGSfo1DIcPEB5PENsZnHkKArONC9qWxTwrjXdNuEILx0XzlPZdYjlLS4AFeodqi79p6SOZmOpLezsWsUuPQJR0177YEtQpHjCqWXcAgO0AsyWCIGKVITsLAWsnpCMIJca0E_Z2POlbdFrluk5n0rQX0lEfNefgPVemMpv_jqxvDy6eK57s_NLAJ2pBGYlM5A-CL1EcsXVjUop7RXqnc4dYND-BGM9jYxU53KjJiiCqcxOB0G978henZPchSpJL24LKACmtHdCElZ807moC1Bfz8_XxNBS2JJnDA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-30 06:47:32,813:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54088017470/6AL-SA HTTP/1.1" 200 186 2021-11-30 06:47:32,814:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 11:47:32 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088017470/6AL-SA Replay-Nonce: 0002VyKkjB0QCzjhDQX6PfiQ7TWM6ZujnkmbN5yB5k3r898 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088017470/6AL-SA", "token": "GbSzsuWYILtCIB6UjkaRRLq3PRgHHCYcqbS-hrqhSoM" } 2021-11-30 06:47:32,814:DEBUG:acme.client:Storing nonce: 0002VyKkjB0QCzjhDQX6PfiQ7TWM6ZujnkmbN5yB5k3r898 2021-11-30 06:47:32,815:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-30 06:47:32,817:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088017480/hSoMzw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlZ5S2tqQjBRQ3pqaERRWDZQZmlRN1RXTTZadWpua21iTjV5QjVrM3I4OTgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0MDg4MDE3NDgwL2hTb016dyJ9", "signature": "dpTndDGzN69He_Ve0DyMCQHhrT4ihLpTV3f34Nvja-qvkRwiETKJzwAiHxaqSbqcgTMQ-oUkafKlW1XMvN7yVF3vHXJ-si77HpwOnrn6z1Z4NK5rXZVHdPVCY9OWXX-5Qmlfgawla7kSy6dxuqMXzglaS7gBLwFyP1OLMksa0RmdgYLhifZTuktNi6QL16u3cAhCcvsZTQey6clNQrmTWLnUz-QloToRE3gVKYEFQCl19SLvH85nrfWyTepYQYPFdhJQRY2ApTUVVdk0al2BR-FaPVDUEDIMWyZCNa2_NTKEU-nUZoCBNy6wrue1KGC68zZFZ0B5b_1Jk0L1M_K1ow", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-30 06:47:32,897:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54088017480/hSoMzw HTTP/1.1" 200 186 2021-11-30 06:47:32,898:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 11:47:32 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088017480/hSoMzw Replay-Nonce: 0001wwN3Wr9N-K8sbhoQNIubkUb17STpmdeNx54PTZOF4mI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088017480/hSoMzw", "token": "Ra9rgP87xBhuQRmBPwOD7JX6oM7BNbduYvSJJAJEPak" } 2021-11-30 06:47:32,898:DEBUG:acme.client:Storing nonce: 0001wwN3Wr9N-K8sbhoQNIubkUb17STpmdeNx54PTZOF4mI 2021-11-30 06:47:33,900:DEBUG:acme.client:JWS payload: b'' 2021-11-30 06:47:33,902:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54088017470: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXd3TjNXcjlOLUs4c2Job1FOSXVia1ViMTdTVHBtZGVOeDU0UFRaT0Y0bUkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MDg4MDE3NDcwIn0", "signature": "JBAeOi_BzXYkk4DDqaalFvroOKnb1zZlxsnizt4i2cyNfrJ6EI6X1VxLqsgOAEKCsalwmbUXfcJH-ak9U3ssnR_kXcsU__ryPZA2iEpEkWRpsSFEVFGddIYmxftsmFuX61eAiylFsQlzd2jcvdM1GJRQP9iVn0DQ-52cSU_K0-zkZjLwjlNhFuyE3FaBCXs6NRqB5-3EyO9mwu0kr5Q2-a_5z9okpuwYUtS7Hq-tdkCQIXUi96LHnc-m6XtuWSsT2vm7M66apdA2b9XrgtyvmsYpqnbi8qk6PjWSGVi8DBM_D1PVvditktC4txadpZuvtyJCY85QS7L0Vn3y8qu7fA", "payload": "" } 2021-11-30 06:47:33,962:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54088017470 HTTP/1.1" 200 1505 2021-11-30 06:47:33,963:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 11:47:33 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002pvd5RRLZW6jevLASS63JO3ZRoN2WOjlxjl9RVnKvt4c X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-07T11:47:32Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/GbSzsuWYILtCIB6UjkaRRLq3PRgHHCYcqbS-hrqhSoM [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088017470/6AL-SA", "token": "GbSzsuWYILtCIB6UjkaRRLq3PRgHHCYcqbS-hrqhSoM", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/GbSzsuWYILtCIB6UjkaRRLq3PRgHHCYcqbS-hrqhSoM", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/GbSzsuWYILtCIB6UjkaRRLq3PRgHHCYcqbS-hrqhSoM", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-30T11:47:32Z" } ] } 2021-11-30 06:47:33,964:DEBUG:acme.client:Storing nonce: 0002pvd5RRLZW6jevLASS63JO3ZRoN2WOjlxjl9RVnKvt4c 2021-11-30 06:47:33,964:DEBUG:acme.client:JWS payload: b'' 2021-11-30 06:47:33,966:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54088017480: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnB2ZDVSUkxaVzZqZXZMQVNTNjNKTzNaUm9OMldPamx4amw5UlZuS3Z0NGMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MDg4MDE3NDgwIn0", "signature": "mWzLuf9nytpXKH11t1N_wOPJFC0fjLMZ8CSZXEoXlPvI__S7v5rx7JDi6_80YTkt3F4oYACfx34ng9mA-duS0fKTMkSwJev-Po7wMH0aiXJoNpNUqiyzKIKcgDEP_IC-PSmk98_k-VYr3hnXiIiTWOHYwbqzn1t70cuf32U5W9VWGjxGM1P-Lt8MdD4sfzXU4jz9T8RfXiwMp7P_5ZcDOMc8jxeG13a4_WPl9ObvZMtQMHLDcc1Pof9J3yT1GLDaorLB0cT4kVWnq7chyCYW9C30SwVYLev55F3EUFWWlQhEkgX59TCRWrkxY7RlW3E-k5UkkiUOURvrWn0001VyBg", "payload": "" } 2021-11-30 06:47:34,031:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54088017480 HTTP/1.1" 200 796 2021-11-30 06:47:34,032:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 11:47:34 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001bzC0ZeJ1M3_0EslW-UDQ3cmKIZKc0WKR_qH6d2sf9dk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-07T11:47:32Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088017480/hSoMzw", "token": "Ra9rgP87xBhuQRmBPwOD7JX6oM7BNbduYvSJJAJEPak" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088017480/T3jweQ", "token": "Ra9rgP87xBhuQRmBPwOD7JX6oM7BNbduYvSJJAJEPak" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088017480/-tb7mw", "token": "Ra9rgP87xBhuQRmBPwOD7JX6oM7BNbduYvSJJAJEPak" } ] } 2021-11-30 06:47:34,032:DEBUG:acme.client:Storing nonce: 0001bzC0ZeJ1M3_0EslW-UDQ3cmKIZKc0WKR_qH6d2sf9dk 2021-11-30 06:47:34,033:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-30 06:47:37,037:DEBUG:acme.client:JWS payload: b'' 2021-11-30 06:47:37,039:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54088017480: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWJ6QzBaZUoxTTNfMEVzbFctVURRM2NtS0laS2MwV0tSX3FINmQyc2Y5ZGsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MDg4MDE3NDgwIn0", "signature": "WLZR4TDTs9FpTwPoGQarxi_SRjrukmivpkLQSQp3P7Eh5XPJ61zBAwGBPJS0qE4Vbw1eBnN0PgyevldrcYPHdFHd46Y31FVRGFxhC63p0zAGK52cX-FvWjOgQwIKt1PLdXGW-zb1f4Uy0Yp6eoIyyKPOwWpJ0ZcGluQgVrAXv1aIowAhu1BPYva0lkcm_8qHJ7wruigWCav-n0WzQJAasxmv5GLXCkr4D-vEVdF474WY7hGu9txBH0oBw1X0_-9b_MTZ_c6S4vaNaQ3WCMvxlfyrLhcl_BdDlj7ALPXRDULC0H0X6hVRXLKH_kDCRlITY1lmyCsm18jgYgR5jZiZ4Q", "payload": "" } 2021-11-30 06:47:37,103:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54088017480 HTTP/1.1" 200 1826 2021-11-30 06:47:37,104:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 11:47:37 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 000278An7iX5P7wIaLbAhBAh1XT3JWFB2hY7U98qGN577hA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-07T11:47:32Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/Ra9rgP87xBhuQRmBPwOD7JX6oM7BNbduYvSJJAJEPak [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54088017480/hSoMzw", "token": "Ra9rgP87xBhuQRmBPwOD7JX6oM7BNbduYvSJJAJEPak", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/Ra9rgP87xBhuQRmBPwOD7JX6oM7BNbduYvSJJAJEPak", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/Ra9rgP87xBhuQRmBPwOD7JX6oM7BNbduYvSJJAJEPak", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/Ra9rgP87xBhuQRmBPwOD7JX6oM7BNbduYvSJJAJEPak", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-30T11:47:32Z" } ] } 2021-11-30 06:47:37,104:DEBUG:acme.client:Storing nonce: 000278An7iX5P7wIaLbAhBAh1XT3JWFB2hY7U98qGN577hA 2021-11-30 06:47:37,105:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-11-30 06:47:37,105:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-30 06:47:37,105:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-30 06:47:37,105:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/GbSzsuWYILtCIB6UjkaRRLq3PRgHHCYcqbS-hrqhSoM [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-11-30 06:47:37,214:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-11-30 06:47:37,214:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-11-30 06:47:37,214:INFO:certbot.hooks:Running post-hook command: /bin/systemctl start nginx 2021-11-30 06:47:37,297:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-11-30 09:09:39,721:DEBUG:certbot.main:certbot version: 0.40.0 2021-11-30 09:09:39,722:DEBUG:certbot.main:Arguments: ['-q'] 2021-11-30 09:09:39,722:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-11-30 09:09:39,738:DEBUG:certbot.log:Root logging level set at 30 2021-11-30 09:09:39,739:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-11-30 09:09:39,757:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2021-11-30 09:09:39,775:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 09:09:39,776:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 09:09:39,777:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 09:09:39,785:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 09:09:39,786:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 09:09:39,787:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 09:09:39,794:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 09:09:39,796:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 09:09:39,796:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 09:09:39,803:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 09:09:39,804:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 09:09:39,805:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 09:09:39,813:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 09:09:39,814:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 09:09:39,815:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 09:09:39,821:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-11-30 09:09:39,822:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-11-30 09:09:39,822:INFO:certbot.renewal:Non-interactive renewal: random delay of 281.13249905640686 seconds 2021-11-30 09:14:21,016:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-11-30 09:14:21,399:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-30 09:14:21,400:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-30 09:14:21,400:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-30 09:14:21,400:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-11-30 09:14:21,407:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-30 09:14:21,410:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-30 09:14:21,413:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-30 09:14:21,571:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-30 09:14:21,572:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 14:14:21 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "tr34kI0NQbI": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2021-11-30 09:14:21,573:INFO:certbot.main:Renewing an existing certificate 2021-11-30 09:14:21,734:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0472_key-certbot.pem 2021-11-30 09:14:21,748:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0472_csr-certbot.pem 2021-11-30 09:14:21,748:DEBUG:acme.client:Requesting fresh nonce 2021-11-30 09:14:21,749:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-30 09:14:21,800:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-30 09:14:21,801:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 14:14:21 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002oZBxehMgJWEftI6trSGzO04MPoOcyoolu1y4fwft58A X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-30 09:14:21,801:DEBUG:acme.client:Storing nonce: 0002oZBxehMgJWEftI6trSGzO04MPoOcyoolu1y4fwft58A 2021-11-30 09:14:21,801:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-11-30 09:14:21,804:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMm9aQnhlaE1nSldFZnRJNnRyU0d6TzA0TVBvT2N5b29sdTF5NGZ3ZnQ1OEEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "CUhuOFHgVTHWtL_up3JS7ns8VlHx1eBt0h05AWGznABaLwUL4cMickn_2hLp39jNnls2w30zcjfgEDEeYud18HRmyO8qrTyI_26Z3YBnaxY-jkiC-9R4B2QL71WZPS6KEBOv8G9NdxM5LKE3UGmY6RnOV8VNotFTexr-cm0mt_nRnfk5tiMbQ8TmX2CUqElJ2Li0oab0wMCEhtvVL83HB_7Dz_MFqy3oorOF2lKpaAeCOJT8LflHx_Kv33dz91ReDVCkxABzqoAw3cV5b3_2jQjFMDWxDo8V6uHZMns3_8gRcf8kcJU7y6S8KbXMK8mXGKA9WhyAtez8waYxMDzvhA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-11-30 09:14:22,019:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-11-30 09:14:22,019:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Tue, 30 Nov 2021 14:14:21 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43658890280 Replay-Nonce: 0002o_4qVwolB1MC3d7jXSXdaLwsP0347N1fpE41DtLh2m8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-07T14:14:21Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54118782140" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43658890280" } 2021-11-30 09:14:22,020:DEBUG:acme.client:Storing nonce: 0002o_4qVwolB1MC3d7jXSXdaLwsP0347N1fpE41DtLh2m8 2021-11-30 09:14:22,020:DEBUG:acme.client:JWS payload: b'' 2021-11-30 09:14:22,022:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54118782140: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMm9fNHFWd29sQjFNQzNkN2pYU1hkYUx3c1AwMzQ3TjFmcEU0MUR0TGgybTgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MTE4NzgyMTQwIn0", "signature": "fA-o7NkM2DZCm5afhqUO8SWzM5PbejUdvWdKqUbYT_sY8GzplKO-Yq69q94iqncJnORbYeprCs4O2Wuk6AKyHNE9Uz4_iDsQ3gOJ8IT4aJGb3gJkytDnt5kMFI4HZXa_qBHLXZg4wj9QrbKx_cDjaFw2twdjBy-3v7Gd15fSSWXnm9ILsy1rxCSqjp7Ant8P7SXUHHENuL5QrjJT7nB_v3ASFnQv6qoU1zcEHNhv30_Zv5x6jFnSlvs15nlGzGVIGQL4VUahpow9KGxt0CwCQrgWo91HMJcslXGX7lflpFCcceTjOZUrkNvHIcrWkmNoqPVSbgFlXWDF7I8xk9aG1Q", "payload": "" } 2021-11-30 09:14:22,095:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54118782140 HTTP/1.1" 200 792 2021-11-30 09:14:22,096:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 14:14:22 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001P360SPZ2EP1lpWLi25g7dakOoPEUfG0A5LR6lAE46lg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-07T14:14:21Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118782140/kV2Nkg", "token": "E1ljKa7b1bS-v2cRWf5KbAcu5m4KN9cxBSjoswLJSjg" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118782140/3k6xpg", "token": "E1ljKa7b1bS-v2cRWf5KbAcu5m4KN9cxBSjoswLJSjg" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118782140/ZLBR9Q", "token": "E1ljKa7b1bS-v2cRWf5KbAcu5m4KN9cxBSjoswLJSjg" } ] } 2021-11-30 09:14:22,096:DEBUG:acme.client:Storing nonce: 0001P360SPZ2EP1lpWLi25g7dakOoPEUfG0A5LR6lAE46lg 2021-11-30 09:14:22,097:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-30 09:14:22,097:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-30 09:14:22,133:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-11-30 09:14:22,140:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-11-30 09:14:22,141:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-11-30 09:14:22,143:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-11-30 09:14:22,145:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-11-30 09:14:22,145:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-11-30 09:14:22,145:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-11-30 09:14:22,146:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-11-30 09:14:22,146:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-11-30 09:14:22,146:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-11-30 09:14:22,146:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-11-30 09:14:22,147:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-11-30 09:14:22,147:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-11-30 09:14:22,148:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-11-30 09:14:22,150:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/E1ljKa7b1bS-v2cRWf5KbAcu5m4KN9cxBSjoswLJSjg{default_type text/plain;return 200 E1ljKa7b1bS-v2cRWf5KbAcu5m4KN9cxBSjoswLJSjg.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-11-30 09:14:23,181:INFO:certbot.auth_handler:Waiting for verification... 2021-11-30 09:14:23,182:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-30 09:14:23,185:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118782140/kV2Nkg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVAzNjBTUFoyRVAxbHBXTGkyNWc3ZGFrT29QRVVmRzBBNUxSNmxBRTQ2bGciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0MTE4NzgyMTQwL2tWMk5rZyJ9", "signature": "PzOChTTpDcjqGIN-nd3cUShvOSxy4T_cOTBc1hNbpz_iIrqLFfkPykK7NPeDRMdggvrmCMzDJ7SuXnOvHI2GQz5X_1AbCbsB017v2A9InKakw516EPujwxKiN8qRMBlC3oEStU7J5f85v3bfjnKeOwfmG8RLYUDN6LE6seFvOFaRSMYnV7TjUAHU7jsnfLLrz_BQ6YsqC-9Qf7xOhN9BymxIJM8Qxv6nit1GF40vLv8OAyHS2CrFtVwwnJhlSgluVt8lJtmdx8jw0Sui8AjO12sVME4xcWwUD87LMsJVJvJsN5TRpAZvoHySILytTEie3Lx_Y8pBOXN6IDhMSKymAQ", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-30 09:14:23,267:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54118782140/kV2Nkg HTTP/1.1" 200 186 2021-11-30 09:14:23,268:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 14:14:23 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118782140/kV2Nkg Replay-Nonce: 00015z4Ot8zhFyeXBmt9LS1DQ9Ne6C_U6zJZr_J_MzIfzdM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118782140/kV2Nkg", "token": "E1ljKa7b1bS-v2cRWf5KbAcu5m4KN9cxBSjoswLJSjg" } 2021-11-30 09:14:23,268:DEBUG:acme.client:Storing nonce: 00015z4Ot8zhFyeXBmt9LS1DQ9Ne6C_U6zJZr_J_MzIfzdM 2021-11-30 09:14:24,270:DEBUG:acme.client:JWS payload: b'' 2021-11-30 09:14:24,273:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54118782140: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMTV6NE90OHpoRnllWEJtdDlMUzFEUTlOZTZDX1U2ekpacl9KX016SWZ6ZE0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MTE4NzgyMTQwIn0", "signature": "pbv4GEd_pAf95A9Q74BaYzaVYWZYo4rLUT00R56ShMMe2WzJJsqRY1RRgpgBhmCGsUT_oEuvjOo9GcgQuWBwfSVfbk9ufeQmQvql_QWUFjKWyKNoAm7RjpyUQqWAAVPbZEa07Ycz9DHqZScEVF8-W5CBY5GmX8i5_Ff5Z6SkXZz-l8Is4ianq16xqAfdhzTKJ2hboZUPvnj0Svt52tdd5sh-dI2lTZjBk8JfJaFV-vVxUPzE5Ld8EXwDHnj3A4x4_6Qir0zcG9xIRAZktsiylPtk9tCEoPFZ8oxZ1NnR--1Myvo8QGNSCv9a7xSCroXHM0nx7xnSUQhXFC4uH1Po2A", "payload": "" } 2021-11-30 09:14:24,334:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54118782140 HTTP/1.1" 200 792 2021-11-30 09:14:24,334:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 14:14:24 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002nTrGMYWnJhkF0oWL3fVZF5M-neViYrI2d6e3ti2gnFk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-07T14:14:21Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118782140/kV2Nkg", "token": "E1ljKa7b1bS-v2cRWf5KbAcu5m4KN9cxBSjoswLJSjg" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118782140/3k6xpg", "token": "E1ljKa7b1bS-v2cRWf5KbAcu5m4KN9cxBSjoswLJSjg" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118782140/ZLBR9Q", "token": "E1ljKa7b1bS-v2cRWf5KbAcu5m4KN9cxBSjoswLJSjg" } ] } 2021-11-30 09:14:24,335:DEBUG:acme.client:Storing nonce: 0002nTrGMYWnJhkF0oWL3fVZF5M-neViYrI2d6e3ti2gnFk 2021-11-30 09:14:27,338:DEBUG:acme.client:JWS payload: b'' 2021-11-30 09:14:27,341:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54118782140: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMm5UckdNWVduSmhrRjBvV0wzZlZaRjVNLW5lVmlZckkyZDZlM3RpMmduRmsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MTE4NzgyMTQwIn0", "signature": "pm40pKcrHEw9OlJgfZTrVdEmddkaaYJd8JZyVuvDQ7Hb4TlvI4DnT3kl1XZ1Nn6fe2Bt4m0gTcEn77F-L1mdrZwVRa0hXCBQz9RCzBygJ8CgAbo-ZsZrup3VZYb91B4OaZF1puv1FqXdMJmrmGaE7iIZ-MCZNXR96BSO7jM8aSzRgOvMzryE_CxOtolH6aE67sNodlCPDpCQHIPfYpTuWy_UZmk932uKQdAofK1TTBrTW9bImBhWueRBrYS7lIzChUlo378n6sFHb56iHLLKYCOdFAn-PNEs0Zk6fmg6O3CqTTEhuZCzVPLU3Rq7ZDiExSIwC5uRFgWf98GVH7kSEQ", "payload": "" } 2021-11-30 09:14:27,411:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54118782140 HTTP/1.1" 200 1505 2021-11-30 09:14:27,412:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 14:14:27 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002Jzgffwp_hp3tv2CXcLmpk9CvK6jmH3BAZQMYNG83vvI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-07T14:14:21Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/E1ljKa7b1bS-v2cRWf5KbAcu5m4KN9cxBSjoswLJSjg [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118782140/kV2Nkg", "token": "E1ljKa7b1bS-v2cRWf5KbAcu5m4KN9cxBSjoswLJSjg", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/E1ljKa7b1bS-v2cRWf5KbAcu5m4KN9cxBSjoswLJSjg", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/E1ljKa7b1bS-v2cRWf5KbAcu5m4KN9cxBSjoswLJSjg", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-30T14:14:23Z" } ] } 2021-11-30 09:14:27,412:DEBUG:acme.client:Storing nonce: 0002Jzgffwp_hp3tv2CXcLmpk9CvK6jmH3BAZQMYNG83vvI 2021-11-30 09:14:27,413:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-30 09:14:27,414:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-30 09:14:27,414:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/E1ljKa7b1bS-v2cRWf5KbAcu5m4KN9cxBSjoswLJSjg [75.2.60.5]: "\n\n\n \n Prep: True 2021-11-30 09:14:29,000:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-30 09:14:29,000:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-30 09:14:29,000:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-11-30 09:14:29,004:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-30 09:14:29,005:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-30 09:14:29,006:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-30 09:14:29,163:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-30 09:14:29,163:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 14:14:29 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "_6O_s3FP0oI": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-11-30 09:14:29,164:INFO:certbot.main:Renewing an existing certificate 2021-11-30 09:14:29,304:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0473_key-certbot.pem 2021-11-30 09:14:29,311:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0473_csr-certbot.pem 2021-11-30 09:14:29,312:DEBUG:acme.client:Requesting fresh nonce 2021-11-30 09:14:29,312:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-30 09:14:29,362:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-30 09:14:29,363:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 14:14:29 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 000292fi5YkbVKcz8rrxXSjb_WMV73GHYCw8qWwoVNNwbiM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-30 09:14:29,363:DEBUG:acme.client:Storing nonce: 000292fi5YkbVKcz8rrxXSjb_WMV73GHYCw8qWwoVNNwbiM 2021-11-30 09:14:29,364:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-11-30 09:14:29,366:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjkyZmk1WWtiVktjejhycnhYU2piX1dNVjczR0hZQ3c4cVd3b1ZOTndiaU0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "ccM_lrEDDMvZf5pDyTF_bJjKvw0mdtscxgORaxdxtnNx22j8ijwHxAWgLoET8iQYQYfw-I_aQGSWSJ0MzGaot72MSzrwphrlIljai6fC5D5GiHV7t7yYSSCioPLxtfhlYq7cu2-8eCoQxve20kHfoNjRAnogw0TDIIGIQRK_JEvB_CojupfyCwEfsvfWqbhYlHHocqQvrmNimh-pzvFxBHQYXyRrvgdWbFT9-Gu1ul0cUEa4s8iQGL3yhgd5fNzJ1BRzwRlh9bNwfYC2AcxzJyuCu_lSpqjsHA4apyeMVX1MyfZsTq0J-hscfibWHoekF3J690i54pay0ZRf_rc4-Q", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-11-30 09:14:29,990:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-11-30 09:14:29,991:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Tue, 30 Nov 2021 14:14:29 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43658910850 Replay-Nonce: 0002D8llv8lEiFqzXeFKW8ZIiUjYGnjzG6yzwLFeYqSgqIQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-07T14:14:29Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54118809080", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54118809090" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43658910850" } 2021-11-30 09:14:29,991:DEBUG:acme.client:Storing nonce: 0002D8llv8lEiFqzXeFKW8ZIiUjYGnjzG6yzwLFeYqSgqIQ 2021-11-30 09:14:29,992:DEBUG:acme.client:JWS payload: b'' 2021-11-30 09:14:29,995:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54118809080: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkQ4bGx2OGxFaUZxelhlRktXOFpJaVVqWUduanpHNnl6d0xGZVlxU2dxSVEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MTE4ODA5MDgwIn0", "signature": "miwxiidW-wJ6bEHZwfw76X7KripW13t1D-xvr5uJ-VWAOEiBL8tIAB8JXyOuuFdiE0iUIzZcqWlnkne7pxiJQUkp_krP6mZ-LVQjCYTgUkCk0j8EFYKxaZ50-v-FjxVujYJcscqyuBc44p7Ov-87fT0JvH086vWXW_cSjzENy7XsEEK2qRmTgqfomhAH5z9bpj2sHH0lgTnjRK5vciPyot5Mpb38-lAxWkV2lJmNNzn4GJjzIP2AGpDvS08rmcL3GdRRirr5yxMh-Xn5RYalhfbRKaAFfyEfMfUForYvsbKdLXHURzlLmIhl4FY1MahvZiiErILS2ZfkEhsZxwkToA", "payload": "" } 2021-11-30 09:14:30,056:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54118809080 HTTP/1.1" 200 792 2021-11-30 09:14:30,057:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 14:14:30 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002cvZLwQzT1-f8QWY0sarcCIG2ff2O3Um0Ccilpnq2nEQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-07T14:14:29Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118809080/MyKR-g", "token": "FtpqeHhQQOzI3FLt63m0gR2xrn8KIK-73PYOt3akCFU" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118809080/qQhykQ", "token": "FtpqeHhQQOzI3FLt63m0gR2xrn8KIK-73PYOt3akCFU" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118809080/hdO3XA", "token": "FtpqeHhQQOzI3FLt63m0gR2xrn8KIK-73PYOt3akCFU" } ] } 2021-11-30 09:14:30,057:DEBUG:acme.client:Storing nonce: 0002cvZLwQzT1-f8QWY0sarcCIG2ff2O3Um0Ccilpnq2nEQ 2021-11-30 09:14:30,058:DEBUG:acme.client:JWS payload: b'' 2021-11-30 09:14:30,060:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54118809090: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmN2Wkx3UXpUMS1mOFFXWTBzYXJjQ0lHMmZmMk8zVW0wQ2NpbHBucTJuRVEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MTE4ODA5MDkwIn0", "signature": "UpksnmgAxihjBEwtk9qqcCqiWR-QSQxxjVVXP_tG7dNzACcKGuV6tA1TbWRt2zvgrERVoFHKJkFxgaw9Sy_3UmDtQ1SeFoMr81fCFX9fIcRqY95RRVE8UX5maFlX_LLHiyqo72HWMGQRP7HEhh0Nrdp0kXVfoYTvDK4zoZonEm-DD10t-iU3E8sSgLJUzYEHm1kf72qqYoVqYg4G9KY8iczF2ERDg46EWCR7Wb_ySQ67KTD3qn9-13RTUj7aYrw9RLRe7zhPzKESzsCnfgm-qiSi_f0OvhHJvRnQ6uqwn3XvQVrfVKdzVBGr_-3AGTaxQ-lx8n0EE4HDplhLYOKTKw", "payload": "" } 2021-11-30 09:14:30,129:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54118809090 HTTP/1.1" 200 796 2021-11-30 09:14:30,129:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 14:14:30 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 000120114mhT_unpLuks6aiZPsgMIlTimMdEtrUGAsp6AoY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-07T14:14:29Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118809090/zaURPA", "token": "kg6oMiXyDANHwpaL5fME0DD_uw718W_6z8e6JeqYmxA" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118809090/aXxAcw", "token": "kg6oMiXyDANHwpaL5fME0DD_uw718W_6z8e6JeqYmxA" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118809090/SFY8YA", "token": "kg6oMiXyDANHwpaL5fME0DD_uw718W_6z8e6JeqYmxA" } ] } 2021-11-30 09:14:30,130:DEBUG:acme.client:Storing nonce: 000120114mhT_unpLuks6aiZPsgMIlTimMdEtrUGAsp6AoY 2021-11-30 09:14:30,130:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-30 09:14:30,130:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-30 09:14:30,130:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-30 09:14:30,203:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-11-30 09:14:30,204:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-11-30 09:14:30,204:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-11-30 09:14:30,204:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-11-30 09:14:30,204:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-11-30 09:14:30,205:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-11-30 09:14:30,205:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-11-30 09:14:30,205:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-11-30 09:14:30,206:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-11-30 09:14:30,206:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-11-30 09:14:30,206:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-11-30 09:14:30,206:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-11-30 09:14:30,207:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-11-30 09:14:30,208:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-11-30 09:14:30,209:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/FtpqeHhQQOzI3FLt63m0gR2xrn8KIK-73PYOt3akCFU{default_type text/plain;return 200 FtpqeHhQQOzI3FLt63m0gR2xrn8KIK-73PYOt3akCFU.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot location = /.well-known/acme-challenge/kg6oMiXyDANHwpaL5fME0DD_uw718W_6z8e6JeqYmxA{default_type text/plain;return 200 kg6oMiXyDANHwpaL5fME0DD_uw718W_6z8e6JeqYmxA.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-11-30 09:14:31,241:INFO:certbot.auth_handler:Waiting for verification... 2021-11-30 09:14:31,242:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-30 09:14:31,245:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118809080/MyKR-g: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMTIwMTE0bWhUX3VucEx1a3M2YWlaUHNnTUlsVGltTWRFdHJVR0FzcDZBb1kiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0MTE4ODA5MDgwL015S1ItZyJ9", "signature": "QOP9nlTWY43H2rEvne_Mbdx363t7RziA1P5usWR0KzkKw0NmSZfP4BshxDrYcBkC0ReQbnd4CgCnLZdexyl-yHkiQuRdj1G3cEdCKyocZIr8KOVK6hNOtZTeGfhzJFOvCw3K7OX3J8L9kYxsXc9PBdGtfSZedGO6RF_G2lL_KKm4Hf6UBd7uTm7IPslHBWsrCe0VZ4F3i9baj6aI_rKOayhZrxu6ngYmAliepC1CKYmapxBDch9xYkvw6PUSRynpP9btVzLzkMDH5Ili3Miss2PG4pe1kWFYDtbqVXs9A3YTd4KXPFSIacsyfo7HbMI4D2ejrHLxb3ki6ejjMovyyQ", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-30 09:14:31,328:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54118809080/MyKR-g HTTP/1.1" 200 186 2021-11-30 09:14:31,328:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 14:14:31 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118809080/MyKR-g Replay-Nonce: 0002XQorHb0g6yJCt5ws73holt_3rU_9YF0pDD9xLWQzMlU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118809080/MyKR-g", "token": "FtpqeHhQQOzI3FLt63m0gR2xrn8KIK-73PYOt3akCFU" } 2021-11-30 09:14:31,329:DEBUG:acme.client:Storing nonce: 0002XQorHb0g6yJCt5ws73holt_3rU_9YF0pDD9xLWQzMlU 2021-11-30 09:14:31,329:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-30 09:14:31,331:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118809090/zaURPA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlhRb3JIYjBnNnlKQ3Q1d3M3M2hvbHRfM3JVXzlZRjBwREQ5eExXUXpNbFUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0MTE4ODA5MDkwL3phVVJQQSJ9", "signature": "T5nWyQ_2kixL1mdevM57Ab5br7kd0RFqS3wWWQdya2sjqNlxepG7ZygX8hRQTR8lK39FmuTun-bO9r50ftNQWkym870k32ZGiqKZIXk3UvGUpU4mfnO-hHJisx2IsjKv82IDSVyUmQaOe1w_KYtcuWAUtP1DE_Vllqpsk9tE5Ou-ar2Q3f7LozB-BtqggDF9rVgUzE2AIu51ynHa55EIgTGURmcNgHLGFShkKOSRT9WXLBJqTI_OICQsXvFQmp4T8MfGRRG18s7IvZSOtp1WB2tTimgkuCSyLthgwrPizwHxrne06LtYl2m2cy9KwwGcBELhoMqcdhuhI_8BlK4ntA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-30 09:14:31,400:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54118809090/zaURPA HTTP/1.1" 200 186 2021-11-30 09:14:31,401:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 14:14:31 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118809090/zaURPA Replay-Nonce: 0001uBnjahP1hQukp--IkdKTctvpLCZ6M9O72cn3vIIL9wg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118809090/zaURPA", "token": "kg6oMiXyDANHwpaL5fME0DD_uw718W_6z8e6JeqYmxA" } 2021-11-30 09:14:31,402:DEBUG:acme.client:Storing nonce: 0001uBnjahP1hQukp--IkdKTctvpLCZ6M9O72cn3vIIL9wg 2021-11-30 09:14:32,403:DEBUG:acme.client:JWS payload: b'' 2021-11-30 09:14:32,406:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54118809080: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXVCbmphaFAxaFF1a3AtLUlrZEtUY3R2cExDWjZNOU83MmNuM3ZJSUw5d2ciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MTE4ODA5MDgwIn0", "signature": "AIhODwFteIfShtOiT-7Mm4peLu6Slifh58IpZ-6J9RshsLxSgS7QVrC0l030xD-PuGS3JDPb6U0mHu7lfzQzp3n6Q0YVsXMQ0_H3OdPA_okFCVw-GsTVfUFpNklGUMZvYA3-iO0bB51KapK1LUUHjsj6Iz3I5cUGVvNzfM2GdagZJfCFXHpg30Hljz4Y-FftfkiVLXx746qtRTE6gqi7WaZ8keixP6LBxjJmORs5Goc8FSw_CYtAMbu78bnzkA_N0Czu0V65nMhjlpF_HvXb3dZHUtmbdjnTfkguWBtJWutzylS1WFKaYXMP92NJxZY5siK97zJpFTob2XE9pKzL4A", "payload": "" } 2021-11-30 09:14:32,467:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54118809080 HTTP/1.1" 200 1505 2021-11-30 09:14:32,468:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 14:14:32 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001qCmPBlfTENGEbH7RhYtlMXCcUvXTCuapPT7M0NNJPOs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-07T14:14:29Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/FtpqeHhQQOzI3FLt63m0gR2xrn8KIK-73PYOt3akCFU [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118809080/MyKR-g", "token": "FtpqeHhQQOzI3FLt63m0gR2xrn8KIK-73PYOt3akCFU", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/FtpqeHhQQOzI3FLt63m0gR2xrn8KIK-73PYOt3akCFU", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/FtpqeHhQQOzI3FLt63m0gR2xrn8KIK-73PYOt3akCFU", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-30T14:14:31Z" } ] } 2021-11-30 09:14:32,468:DEBUG:acme.client:Storing nonce: 0001qCmPBlfTENGEbH7RhYtlMXCcUvXTCuapPT7M0NNJPOs 2021-11-30 09:14:32,469:DEBUG:acme.client:JWS payload: b'' 2021-11-30 09:14:32,471:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54118809090: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXFDbVBCbGZURU5HRWJIN1JoWXRsTVhDY1V2WFRDdWFwUFQ3TTBOTkpQT3MiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MTE4ODA5MDkwIn0", "signature": "sXRDZw9dFfNRxt7lQuu1TxqsJbgHa5QiF7HZkcSc-4MzGBknoMFOHZa66INeyCqTEv-3wTVbLBPZkL4O3cLtwGnFdeVxt0Q0z66KvQlctr3OTKcsRgLGcBnjLcsu40HKtJ6IN5dZCTePamM1ZXa7zTVSgm-nkaYt8kLkoEzmlbJCXC8Fr7WpKFT_1Ff998xdfpr-JUbblB4qvkU4fzBuPYvUS5vFJnykU860hRHMLcOeXWBOqv7s1_y2gx76FbdgTg_MxgtwWPsZU6VmeHW9CjZpfSyQ6o9Ub2cNWcWIHDNU6PxgpFHu1dOrQgporbEQ1kNWvMUkLcbPOMVbzhAauQ", "payload": "" } 2021-11-30 09:14:32,532:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54118809090 HTTP/1.1" 200 1826 2021-11-30 09:14:32,533:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 30 Nov 2021 14:14:32 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001Wpe5YIKGE5hLPS8O2qm3K6pvXqlLhcxlu_vySRC3v4c X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-07T14:14:29Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/kg6oMiXyDANHwpaL5fME0DD_uw718W_6z8e6JeqYmxA [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54118809090/zaURPA", "token": "kg6oMiXyDANHwpaL5fME0DD_uw718W_6z8e6JeqYmxA", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/kg6oMiXyDANHwpaL5fME0DD_uw718W_6z8e6JeqYmxA", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/kg6oMiXyDANHwpaL5fME0DD_uw718W_6z8e6JeqYmxA", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/kg6oMiXyDANHwpaL5fME0DD_uw718W_6z8e6JeqYmxA", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-11-30T14:14:31Z" } ] } 2021-11-30 09:14:32,533:DEBUG:acme.client:Storing nonce: 0001Wpe5YIKGE5hLPS8O2qm3K6pvXqlLhcxlu_vySRC3v4c 2021-11-30 09:14:32,534:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-30 09:14:32,535:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-11-30 09:14:32,535:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-30 09:14:32,536:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-30 09:14:32,536:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/FtpqeHhQQOzI3FLt63m0gR2xrn8KIK-73PYOt3akCFU [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-11-30 09:14:33,795:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-11-30 09:14:33,795:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-11-30 09:14:33,796:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-11-30 21:22:40,081:DEBUG:certbot.main:certbot version: 0.40.0 2021-11-30 21:22:40,081:DEBUG:certbot.main:Arguments: ['-q'] 2021-11-30 21:22:40,082:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-11-30 21:22:40,097:DEBUG:certbot.log:Root logging level set at 30 2021-11-30 21:22:40,097:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-11-30 21:22:40,115:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2021-11-30 21:22:40,129:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 21:22:40,131:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 21:22:40,131:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 21:22:40,138:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 21:22:40,139:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 21:22:40,139:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 21:22:40,146:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 21:22:40,147:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 21:22:40,147:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 21:22:40,157:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 21:22:40,158:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 21:22:40,159:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 21:22:40,168:INFO:certbot.renewal:Cert not yet due for renewal 2021-11-30 21:22:40,170:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-11-30 21:22:40,171:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-11-30 21:22:40,178:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-11-30 21:22:40,178:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-11-30 21:22:40,178:INFO:certbot.renewal:Non-interactive renewal: random delay of 164.55029501528696 seconds 2021-11-30 21:25:24,819:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-11-30 21:25:25,182:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-30 21:25:25,183:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-30 21:25:25,184:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-30 21:25:25,184:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-11-30 21:25:25,193:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-30 21:25:25,195:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-30 21:25:25,199:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-30 21:25:25,380:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-30 21:25:25,381:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 02:25:25 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "seuWeeQxhhs": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2021-11-30 21:25:25,382:INFO:certbot.main:Renewing an existing certificate 2021-11-30 21:25:25,478:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0474_key-certbot.pem 2021-11-30 21:25:25,494:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0474_csr-certbot.pem 2021-11-30 21:25:25,495:DEBUG:acme.client:Requesting fresh nonce 2021-11-30 21:25:25,495:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-30 21:25:25,549:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-30 21:25:25,550:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 02:25:25 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001WkIkdTFNxPE7W8f55ctfSQLloR22NOp23lgNUcfT23g X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-30 21:25:25,551:DEBUG:acme.client:Storing nonce: 0001WkIkdTFNxPE7W8f55ctfSQLloR22NOp23lgNUcfT23g 2021-11-30 21:25:25,551:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-11-30 21:25:25,554:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVdrSWtkVEZOeFBFN1c4ZjU1Y3RmU1FMbG9SMjJOT3AyM2xnTlVjZlQyM2ciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "W614xlk4lyO6IhJjfx8v-1m09o-106OcxCs29zYCkrRn-FyPC_z95R1AfPteU09TN32hn4cdiGPN7wx1sS4HArWR6kA88zi4tNjg_TtzIadYQIXNbK4zM3JyA0HwB14gS2h2thV8mKnLriC1nh1XqyY-UYhNVHdhrf-O6T951MBCxgZQv8LzaYmPgIiY0GvZtzjs8qwWdRdzv42xYki45-O4Wsu23400VgAHpdWTSTmSgb4T6NFJyelRYwI0b2FlTCdTmGj2yBr4RKWB159FpqZatSzh9znFM_jKUb8bxwSSi1GbDrGWtEI-FQFZ9-CqugkiE5RuHv5wDKwDk_LZdQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-11-30 21:25:26,289:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-11-30 21:25:26,290:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 01 Dec 2021 02:25:26 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43798011220 Replay-Nonce: 0002IL4qBImDVloU72ccsDAAd1-9ksewYvnwVJ2qikfp-rY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-08T02:25:26Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54299178560" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43798011220" } 2021-11-30 21:25:26,290:DEBUG:acme.client:Storing nonce: 0002IL4qBImDVloU72ccsDAAd1-9ksewYvnwVJ2qikfp-rY 2021-11-30 21:25:26,291:DEBUG:acme.client:JWS payload: b'' 2021-11-30 21:25:26,293:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54299178560: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMklMNHFCSW1EVmxvVTcyY2NzREFBZDEtOWtzZXdZdm53VkoycWlrZnAtclkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0Mjk5MTc4NTYwIn0", "signature": "OpzAxUYggaDXzMNznU9ckJdNcPGdQyloc6XnmzPlT7222Uj8dAggYLXFSeDu59I8MUZREDyC9VVyv5Efj4mwZXcQRFvz0Wvkbl-IrlIK8lgC7zL7b377QYWziy3ae5RDyGXrIZXQnX0HS-N7Z11RWdgbPuHkF4MJF74eV_AFVzsQWuwge9FYtbm1qg90wrjp_aSKX_HmuoY_thxJqKik8iE45CNclIo_9XNWgJ1hDgJmTyD3XgRIrkIIE6TCISYh1dcISLr8bMQJfkyPBODSFsonjXCtjWuiyq11_wkjjbx4jyxM6l5LoLqNS71GJSbJ0-LlNtZ8ZCNIkOnow0IqOg", "payload": "" } 2021-11-30 21:25:26,433:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54299178560 HTTP/1.1" 200 792 2021-11-30 21:25:26,434:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 02:25:26 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00018KsDWRIohPdBUftTgSTc9u5fmWm4cy3C74-oOzb6PRE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-08T02:25:26Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299178560/C5h3Yw", "token": "daqlWWUOajvO0z-XvoX8PsZCtmlWKrZBGbpNCf7nqOY" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299178560/7BO9Eg", "token": "daqlWWUOajvO0z-XvoX8PsZCtmlWKrZBGbpNCf7nqOY" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299178560/qeoFLA", "token": "daqlWWUOajvO0z-XvoX8PsZCtmlWKrZBGbpNCf7nqOY" } ] } 2021-11-30 21:25:26,435:DEBUG:acme.client:Storing nonce: 00018KsDWRIohPdBUftTgSTc9u5fmWm4cy3C74-oOzb6PRE 2021-11-30 21:25:26,435:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-30 21:25:26,436:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-30 21:25:26,487:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-11-30 21:25:26,489:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-11-30 21:25:26,490:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-11-30 21:25:26,491:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-11-30 21:25:26,493:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-11-30 21:25:26,493:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-11-30 21:25:26,494:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-11-30 21:25:26,494:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-11-30 21:25:26,495:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-11-30 21:25:26,495:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-11-30 21:25:26,495:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-11-30 21:25:26,496:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-11-30 21:25:26,496:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-11-30 21:25:26,497:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-11-30 21:25:26,499:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/daqlWWUOajvO0z-XvoX8PsZCtmlWKrZBGbpNCf7nqOY{default_type text/plain;return 200 daqlWWUOajvO0z-XvoX8PsZCtmlWKrZBGbpNCf7nqOY.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-11-30 21:25:27,539:INFO:certbot.auth_handler:Waiting for verification... 2021-11-30 21:25:27,542:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-30 21:25:27,545:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299178560/C5h3Yw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMThLc0RXUklvaFBkQlVmdFRnU1RjOXU1Zm1XbTRjeTNDNzQtb096YjZQUkUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0Mjk5MTc4NTYwL0M1aDNZdyJ9", "signature": "JAVGywL4HQUCVA8VoyJilt3Sfnb9Oc2VK_bn0O047K7XNVgb8XhqmbDlQP3GC1nfNYidpEOsN9AKLi-s39l8G3feJvyFPIdry3ICE_xiWwIZulfZOjxnk-VGBTyLHHnW8mtX1jrKxBWqnHQ29EQtaHaYi6pbKUVhix4x6MVN6iCYnbFtjz7IvSjInjTCD4-0euvBFdLe6KA-twSg68ad6JeLGjzl6yc5ygTKII5fJ4zjZrVoTXrc5rsSaBo2xR1-0yvgQPRZv3i80-gD6ejCj3gNfmHPIzjk8GmTTVIcGT8Uac5g3T_pQDeYKSwRI5Ec8jQCpd3R7S6G7O-gI9xAGg", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-30 21:25:27,616:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54299178560/C5h3Yw HTTP/1.1" 200 186 2021-11-30 21:25:27,617:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 02:25:27 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299178560/C5h3Yw Replay-Nonce: 0001mnPg92WNVVF4JIFSJ2anSXj4-RpTQsu2ErOym9TSeNk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299178560/C5h3Yw", "token": "daqlWWUOajvO0z-XvoX8PsZCtmlWKrZBGbpNCf7nqOY" } 2021-11-30 21:25:27,617:DEBUG:acme.client:Storing nonce: 0001mnPg92WNVVF4JIFSJ2anSXj4-RpTQsu2ErOym9TSeNk 2021-11-30 21:25:28,620:DEBUG:acme.client:JWS payload: b'' 2021-11-30 21:25:28,622:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54299178560: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMW1uUGc5MldOVlZGNEpJRlNKMmFuU1hqNC1ScFRRc3UyRXJPeW05VFNlTmsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0Mjk5MTc4NTYwIn0", "signature": "oesSfbXaONzh76X3JhuSVoN7V_asReMSj-8buSXuZO19zbklQFj9Av0RV68fItNUva5LOrSCQ5oGDfQ_6X7_sfTiY0X6iKRuvV42Xj-Vs4tiEf40pTb5PascdIqN4dlnLvdF1Tfi-rJkqcvltVw85DhN1eNZ2V3JVHkG_Brj3unUgaZvOC1C73p9urXP2IZtzIV7iki948CC5i6MLTtiIV8gd143JicuS5mO5xWZ2tu-FVLXGhw2RJ0EXK0mxHA3T0AsZWZN-aZ3v_gc6Vdy6ZPLe1zhzzqJmeN5GggHHeDV7hsMbFv1MFFaCBWo47qURB1r-iiT7FJ2YDJywCp8Zg", "payload": "" } 2021-11-30 21:25:28,692:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54299178560 HTTP/1.1" 200 1505 2021-11-30 21:25:28,692:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 02:25:28 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002_OtXJo2IbnkCZUS8lFB8JN1Elirf_eD4j7LmCEuN9Xk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-08T02:25:26Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/daqlWWUOajvO0z-XvoX8PsZCtmlWKrZBGbpNCf7nqOY [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299178560/C5h3Yw", "token": "daqlWWUOajvO0z-XvoX8PsZCtmlWKrZBGbpNCf7nqOY", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/daqlWWUOajvO0z-XvoX8PsZCtmlWKrZBGbpNCf7nqOY", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/daqlWWUOajvO0z-XvoX8PsZCtmlWKrZBGbpNCf7nqOY", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-01T02:25:27Z" } ] } 2021-11-30 21:25:28,693:DEBUG:acme.client:Storing nonce: 0002_OtXJo2IbnkCZUS8lFB8JN1Elirf_eD4j7LmCEuN9Xk 2021-11-30 21:25:28,693:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-30 21:25:28,693:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-30 21:25:28,694:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/daqlWWUOajvO0z-XvoX8PsZCtmlWKrZBGbpNCf7nqOY [75.2.60.5]: "\n\n\n \n Prep: True 2021-11-30 21:25:30,339:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-11-30 21:25:30,339:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-11-30 21:25:30,339:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-11-30 21:25:30,345:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-11-30 21:25:30,346:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-11-30 21:25:30,348:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-11-30 21:25:30,506:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-11-30 21:25:30,507:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 02:25:30 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "pAWGblOyv3I": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-11-30 21:25:30,507:INFO:certbot.main:Renewing an existing certificate 2021-11-30 21:25:30,548:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0475_key-certbot.pem 2021-11-30 21:25:30,556:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0475_csr-certbot.pem 2021-11-30 21:25:30,557:DEBUG:acme.client:Requesting fresh nonce 2021-11-30 21:25:30,557:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-11-30 21:25:30,613:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-11-30 21:25:30,614:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 02:25:30 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00023dBuM43_BtJTCmjtQamrRQpeVF05mpyAGoyTy1hoH_c X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-11-30 21:25:30,614:DEBUG:acme.client:Storing nonce: 00023dBuM43_BtJTCmjtQamrRQpeVF05mpyAGoyTy1hoH_c 2021-11-30 21:25:30,615:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-11-30 21:25:30,617:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjNkQnVNNDNfQnRKVENtanRRYW1yUlFwZVZGMDVtcHlBR295VHkxaG9IX2MiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "prQXbU9KOLBngquq4IZ4FeuakqEQPP_IYgnTjrAiyJfI1WN6yr9OCXHdhM4s3lJKATE1HZFhvP-yvvDuhovW1UW4m9iu33z8001SQiKogFoTZKJoWleI25fD1AK4ZO55WBvdAaMvJVC93MKBvD9mgzNO6r5XQTYyxHcTGsgwIDbamG1BoHw6lowHSQ1sJc11c7_cvz3ff54rzBD2rZbFQmha6jNIkH8OacxUupLUvqnUAQl_JwYxTsIuhAvvdkKlgKusXF3OgYQpQYkHJTWwE8_MmObNoUE6OKTuD-GgVudLFJPtOB62zJwqGhCl6aMZFtVCm0ud8qFbPXn9PyD_ww", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-11-30 21:25:31,039:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-11-30 21:25:31,040:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 01 Dec 2021 02:25:31 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43798026310 Replay-Nonce: 0002mgrsZCKAbkyPUtAQ_rRtxCkGfzPd443BJ_tT1VKpCCU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-08T02:25:30Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54299197170", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54299197180" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43798026310" } 2021-11-30 21:25:31,041:DEBUG:acme.client:Storing nonce: 0002mgrsZCKAbkyPUtAQ_rRtxCkGfzPd443BJ_tT1VKpCCU 2021-11-30 21:25:31,041:DEBUG:acme.client:JWS payload: b'' 2021-11-30 21:25:31,044:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54299197170: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMm1ncnNaQ0tBYmt5UFV0QVFfclJ0eENrR2Z6UGQ0NDNCSl90VDFWS3BDQ1UiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0Mjk5MTk3MTcwIn0", "signature": "UHl1sPCiEGzxcVb0zxNjoVXN5rjkRtUrVSWxesekjN4Loth6CKonp7-Lkzqn8DkoFrRwzeIN626Oh9xsoauaLfTR9PYlAmnAJyctbtPXEQ2E4gcKmhywT1oZfVrzR-IHM-UXJaT2pFlxMrCtCmLEF1zgjKwsKU88N1w2DmjsYh4Qso6DDRSqi4HKIxVpxGZzoWVWOxvhOY5boM7HlSkhFft-eyrhjI5JoEn58KALokyq2MEI7OWZlZKCnnqbNstLzIhsPletlC2gMQY3LTExuiTZYVlCBuo1qMTw_aoIdNC1pHEEV-2pOV8MoeBQ54vVuHc1LwKJDFKzpxwYlMavBg", "payload": "" } 2021-11-30 21:25:31,106:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54299197170 HTTP/1.1" 200 792 2021-11-30 21:25:31,106:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 02:25:31 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002_MAXqNmmo7eUOCYcFrlaIHaA8495lCqFT_jOKaKnZsQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-08T02:25:30Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299197170/CzkPWQ", "token": "B6NbL5vKE0SNYUNybahCp7Z9_YIJ1--bD7bxnw6tNLU" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299197170/qx2ipw", "token": "B6NbL5vKE0SNYUNybahCp7Z9_YIJ1--bD7bxnw6tNLU" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299197170/Eoy_ZA", "token": "B6NbL5vKE0SNYUNybahCp7Z9_YIJ1--bD7bxnw6tNLU" } ] } 2021-11-30 21:25:31,107:DEBUG:acme.client:Storing nonce: 0002_MAXqNmmo7eUOCYcFrlaIHaA8495lCqFT_jOKaKnZsQ 2021-11-30 21:25:31,107:DEBUG:acme.client:JWS payload: b'' 2021-11-30 21:25:31,109:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54299197180: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMl9NQVhxTm1tbzdlVU9DWWNGcmxhSUhhQTg0OTVsQ3FGVF9qT0thS25ac1EiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0Mjk5MTk3MTgwIn0", "signature": "D7mMNFUg2JLpA711iHOBMpcbQ7cHmwQtlKr2poCeGKrl6aXF49hI63bagS4DlbhSLhrUzecauOUtujNw8ZYxcscYH4kOWjzKBKFhBGzzw0KlmxGplK4qWBhJK_hFpDKaJZrDy84hxnnrr5rR7Bf0Xr9qaqCr0Kr8QSTsfyYAxmWn_mder_V8vSrL3aAshvNb3dFbn82rDyj-jglAEZCLyOJjQuOM1n5uCstjJeOWSDXRqhGUCvK6f1FpOq48vzgsYcjqIj_Uu6-Ab61tqIpAOS413631iUfV6oDb6-VI73ax24gB5SwqTPHvq49MKDoO1h8gL6St3me3JWfVVyWuZQ", "payload": "" } 2021-11-30 21:25:31,172:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54299197180 HTTP/1.1" 200 796 2021-11-30 21:25:31,173:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 02:25:31 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001YLzf-AS0ZM4YYFN-kjWru_45-NDidHNR1Yi5x-JVoMg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-08T02:25:30Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299197180/h_EAvA", "token": "TZpr1vleg2zw8keIWx3Sv3JfCAMTrDMN65HBe6k00vc" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299197180/m0JGwA", "token": "TZpr1vleg2zw8keIWx3Sv3JfCAMTrDMN65HBe6k00vc" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299197180/vA7Mmw", "token": "TZpr1vleg2zw8keIWx3Sv3JfCAMTrDMN65HBe6k00vc" } ] } 2021-11-30 21:25:31,174:DEBUG:acme.client:Storing nonce: 0001YLzf-AS0ZM4YYFN-kjWru_45-NDidHNR1Yi5x-JVoMg 2021-11-30 21:25:31,174:INFO:certbot.auth_handler:Performing the following challenges: 2021-11-30 21:25:31,175:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-30 21:25:31,175:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-30 21:25:31,260:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-11-30 21:25:31,261:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-11-30 21:25:31,262:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-11-30 21:25:31,262:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-11-30 21:25:31,262:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-11-30 21:25:31,262:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-11-30 21:25:31,262:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-11-30 21:25:31,263:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-11-30 21:25:31,263:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-11-30 21:25:31,263:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-11-30 21:25:31,264:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-11-30 21:25:31,264:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-11-30 21:25:31,264:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-11-30 21:25:31,265:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-11-30 21:25:31,267:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/B6NbL5vKE0SNYUNybahCp7Z9_YIJ1--bD7bxnw6tNLU{default_type text/plain;return 200 B6NbL5vKE0SNYUNybahCp7Z9_YIJ1--bD7bxnw6tNLU.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot location = /.well-known/acme-challenge/TZpr1vleg2zw8keIWx3Sv3JfCAMTrDMN65HBe6k00vc{default_type text/plain;return 200 TZpr1vleg2zw8keIWx3Sv3JfCAMTrDMN65HBe6k00vc.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-11-30 21:25:32,307:INFO:certbot.auth_handler:Waiting for verification... 2021-11-30 21:25:32,308:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-30 21:25:32,310:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299197170/CzkPWQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVlMemYtQVMwWk00WVlGTi1raldydV80NS1ORGlkSE5SMVlpNXgtSlZvTWciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0Mjk5MTk3MTcwL0N6a1BXUSJ9", "signature": "SME-LUtzxCpucjuJSaihbROWFQIblwnMKMkZjLbsq1IvE6F79rFhCHXsPIw8FLvx5hBADVyzIB8dcnNVYAna3JLO3DJSIVXJmYayzMsZWgWmgZViBimnAudMCEM96tZ9MsjI0zwl34Cp0R0t6rftykmeuCE6geWzDqGVZL4g2VirveV6JTjXu3WqdQlxry7ICkvpGPR85gloiNyYfuGPhPUbtGo8n_DVjamivLpdhEVdau8l_EHwgy83CPo-JXVZXRmm8G8fihEHX3RSe3ThmT9j36Ad6oFR9ZFGs1LvlUlWHFgpblAUpApuh3FdlSTDCV5bYg06jUVXhWdpjbYn5w", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-30 21:25:32,411:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54299197170/CzkPWQ HTTP/1.1" 200 186 2021-11-30 21:25:32,412:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 02:25:32 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299197170/CzkPWQ Replay-Nonce: 0001RjXACYiKAyL0dw73Axzt_igoxTycwtoUJ18Lq1xUINQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299197170/CzkPWQ", "token": "B6NbL5vKE0SNYUNybahCp7Z9_YIJ1--bD7bxnw6tNLU" } 2021-11-30 21:25:32,412:DEBUG:acme.client:Storing nonce: 0001RjXACYiKAyL0dw73Axzt_igoxTycwtoUJ18Lq1xUINQ 2021-11-30 21:25:32,413:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-11-30 21:25:32,415:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299197180/h_EAvA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVJqWEFDWWlLQXlMMGR3NzNBeHp0X2lnb3hUeWN3dG9VSjE4THExeFVJTlEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0Mjk5MTk3MTgwL2hfRUF2QSJ9", "signature": "dos6yM_NeUNo9w_HUR0ImJHiZs7GTyfl-1YE3nWZ2G36lgMMlTM8sROJzGa0prBYTa9OTUqOD_SjhKxYqZJZJW2p2_s16xQBgI5x3RUUdt7RDzWkHbTM9XDihBxW_M4BUsOdp3cURK5BXfYVvShfX9jyJm5gwBvtlBegKSCnGlYqt0T_9m2uGjVTekJjuoj55RsNomHVQxDPtYGp0Te_cFv513N1XHcjVP8Kq3vJwCB6P8j43sgBB40Ki1UHvS04mlEHW5aeMbY_RotLTUVZAWgC2Nodmy2CyxJYRxVtt7dzp4DglRkKFirfmQr4VKi1uPl8oFaFnNZ2XpmUCx8irg", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-11-30 21:25:32,482:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54299197180/h_EAvA HTTP/1.1" 200 186 2021-11-30 21:25:32,483:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 02:25:32 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299197180/h_EAvA Replay-Nonce: 0001_p-MMT6izS2W9TIkMHCCFehQpypdM4ulNPg5ziAONDw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299197180/h_EAvA", "token": "TZpr1vleg2zw8keIWx3Sv3JfCAMTrDMN65HBe6k00vc" } 2021-11-30 21:25:32,483:DEBUG:acme.client:Storing nonce: 0001_p-MMT6izS2W9TIkMHCCFehQpypdM4ulNPg5ziAONDw 2021-11-30 21:25:33,484:DEBUG:acme.client:JWS payload: b'' 2021-11-30 21:25:33,486:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54299197170: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMV9wLU1NVDZpelMyVzlUSWtNSENDRmVoUXB5cGRNNHVsTlBnNXppQU9ORHciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0Mjk5MTk3MTcwIn0", "signature": "DfMkz20o5xZR4Xph4EvqU60Cn7-pRxDdXMmDv6XXKZJljy38UyNSsb9lNYk0aU-XDmAe6tE2z1FqISFJMTiaEsey-aRUKDjbU0D-Nlw8Hyfe1c02_qIHTvcVO6-A6eue2Rn86qTzJFkHw1gFLVAm3JP3Bt6FE9Ytke3YdEfTBMaUZ8B9r8dKC88-U2Ox51nE6JM_Zr7feLAiMSOSKJy6Op-yP4rxCBULywxVZQY4qF1zJSxkX3-Pg4P3IhztaDfgB0bxKZXEI0JEy8qtSvaTssB7j26iLdpgJjCFNozO_B-zzgJ0ZUrCEAa5Z8mNmfmyWaG6Ik3eL_36S62UYNNkJA", "payload": "" } 2021-11-30 21:25:33,557:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54299197170 HTTP/1.1" 200 1505 2021-11-30 21:25:33,558:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 02:25:33 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002pXGvZnWj_PDPZcR_I7q5QgmvQ1ihOjT_FwEdBgSOxKc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-08T02:25:30Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/B6NbL5vKE0SNYUNybahCp7Z9_YIJ1--bD7bxnw6tNLU [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299197170/CzkPWQ", "token": "B6NbL5vKE0SNYUNybahCp7Z9_YIJ1--bD7bxnw6tNLU", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/B6NbL5vKE0SNYUNybahCp7Z9_YIJ1--bD7bxnw6tNLU", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/B6NbL5vKE0SNYUNybahCp7Z9_YIJ1--bD7bxnw6tNLU", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-01T02:25:32Z" } ] } 2021-11-30 21:25:33,558:DEBUG:acme.client:Storing nonce: 0002pXGvZnWj_PDPZcR_I7q5QgmvQ1ihOjT_FwEdBgSOxKc 2021-11-30 21:25:33,559:DEBUG:acme.client:JWS payload: b'' 2021-11-30 21:25:33,561:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54299197180: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnBYR3ZabldqX1BEUFpjUl9JN3E1UWdtdlExaWhPalRfRndFZEJnU094S2MiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0Mjk5MTk3MTgwIn0", "signature": "ITLCA8BU7DtIhBbUcWETsyf7cOJLNGQrjlHpJllHngZRj1imAo61897zUOc-LGARRu9ik4iySICX5B5tc_fabFFDF9hBrEM9YKnkx0U_i5i8oztkGx9utQEXPud5ml3Ro694QG_nGX6N7A4nj9oezml9NYfmORvLaHHCJnzHUwbfpJXbcnF3eC6-jM4RYrgdDPLMIzPVxM-CFptcjhZcWAlLYr4-CBOxZJiPDigqM8AAVF4-k7_HQb0tpaAdjD7ocbMDtgY8JwZGyUouI3Ldbh45fwZk_6qXjJkJU27QRO62CEtoTefnyvOIv8lUeRJ5xGeCDU7J9IuddfPcoNFfEA", "payload": "" } 2021-11-30 21:25:33,632:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54299197180 HTTP/1.1" 200 796 2021-11-30 21:25:33,633:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 02:25:33 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001fs_uGXHVKxaAXGXdBRPNk_uc9rPdYF3SnQx-xbf4kG8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-08T02:25:30Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299197180/h_EAvA", "token": "TZpr1vleg2zw8keIWx3Sv3JfCAMTrDMN65HBe6k00vc" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299197180/m0JGwA", "token": "TZpr1vleg2zw8keIWx3Sv3JfCAMTrDMN65HBe6k00vc" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299197180/vA7Mmw", "token": "TZpr1vleg2zw8keIWx3Sv3JfCAMTrDMN65HBe6k00vc" } ] } 2021-11-30 21:25:33,634:DEBUG:acme.client:Storing nonce: 0001fs_uGXHVKxaAXGXdBRPNk_uc9rPdYF3SnQx-xbf4kG8 2021-11-30 21:25:33,634:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-11-30 21:25:36,638:DEBUG:acme.client:JWS payload: b'' 2021-11-30 21:25:36,640:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54299197180: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWZzX3VHWEhWS3hhQVhHWGRCUlBOa191YzlyUGRZRjNTblF4LXhiZjRrRzgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0Mjk5MTk3MTgwIn0", "signature": "FCv1OQQg7dneIuf_C1VEjqC20-Vhkj6NaiZxGlQvWyI8z8ne45FRfpNoT0HFjyBcuAAgzqe6VvwN4KQiC9huQz84lTZY0jcMBbnkqRuDoIfQFGzHuwhZyemui5dos8p15QPkaP9esWslREICSJxmPa4rCYkvnnJppOIo6hRccaCKv81vRMw8x-GJF2lGbXEdqDILeY593aV9-9Qzu-_sHmHSWi_SJ5fOnU_Vl-dxzK_11kkTt-UJjuwY66MAT4OlV-BUBXrOsk42Th4mPLik3FZ1p4OptWYwOBmTPlTb_8IbaJwtlBw5bPgatH2z_kFHXqL3_I8yZfyJb6OC3kjsJQ", "payload": "" } 2021-11-30 21:25:36,738:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54299197180 HTTP/1.1" 200 1826 2021-11-30 21:25:36,739:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 02:25:36 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001koi65QcP0kR6B0lJISQ8yVguJzEx9Hjc98ChW4l9CCw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-08T02:25:30Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/TZpr1vleg2zw8keIWx3Sv3JfCAMTrDMN65HBe6k00vc [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54299197180/h_EAvA", "token": "TZpr1vleg2zw8keIWx3Sv3JfCAMTrDMN65HBe6k00vc", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/TZpr1vleg2zw8keIWx3Sv3JfCAMTrDMN65HBe6k00vc", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/TZpr1vleg2zw8keIWx3Sv3JfCAMTrDMN65HBe6k00vc", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/TZpr1vleg2zw8keIWx3Sv3JfCAMTrDMN65HBe6k00vc", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-01T02:25:32Z" } ] } 2021-11-30 21:25:36,739:DEBUG:acme.client:Storing nonce: 0001koi65QcP0kR6B0lJISQ8yVguJzEx9Hjc98ChW4l9CCw 2021-11-30 21:25:36,739:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-11-30 21:25:36,741:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-11-30 21:25:36,741:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-11-30 21:25:36,741:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/B6NbL5vKE0SNYUNybahCp7Z9_YIJ1--bD7bxnw6tNLU [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-11-30 21:25:38,012:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-11-30 21:25:38,012:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-11-30 21:25:38,013:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-01 02:43:15,002:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-01 02:43:15,002:DEBUG:certbot.main:Arguments: ['--standalone', '--pre-hook', '/bin/systemctl stop nginx', '--post-hook', '/bin/systemctl start nginx', '--quiet'] 2021-12-01 02:43:15,003:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-01 02:43:15,015:DEBUG:certbot.log:Root logging level set at 30 2021-12-01 02:43:15,015:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-01 02:43:15,027:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer 2021-12-01 02:43:15,027:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-01 02:43:15,027:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-01 02:43:15,027:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-01 02:43:15,041:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 02:43:15,042:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 02:43:15,043:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 02:43:15,045:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-01 02:43:15,045:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-01 02:43:15,045:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-01 02:43:15,049:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 02:43:15,049:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 02:43:15,050:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 02:43:15,051:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-01 02:43:15,051:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-01 02:43:15,052:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-01 02:43:15,055:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 02:43:15,056:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 02:43:15,057:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 02:43:15,058:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-01 02:43:15,058:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-01 02:43:15,058:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-01 02:43:15,062:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 02:43:15,063:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 02:43:15,064:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 02:43:15,066:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-01 02:43:15,066:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-01 02:43:15,066:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-01 02:43:15,070:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 02:43:15,071:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 02:43:15,072:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 02:43:15,073:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-01 02:43:15,076:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-12-01 02:43:15,076:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-01 02:43:15,076:INFO:certbot.renewal:Non-interactive renewal: random delay of 327.01345392885275 seconds 2021-12-01 02:48:42,183:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 02:48:42,500:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-01 02:48:42,501:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-12-01 02:48:42,501:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-01 02:48:42,501:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-12-01 02:48:42,505:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-01 02:48:42,507:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-01 02:48:42,510:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-01 02:48:42,672:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-01 02:48:42,672:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 07:48:42 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "xzF9TnU6Hi0": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2021-12-01 02:48:42,673:INFO:certbot.hooks:Running pre-hook command: /bin/systemctl stop nginx 2021-12-01 02:48:47,720:INFO:certbot.main:Renewing an existing certificate 2021-12-01 02:48:47,860:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0476_key-certbot.pem 2021-12-01 02:48:47,866:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0476_csr-certbot.pem 2021-12-01 02:48:47,867:DEBUG:acme.client:Requesting fresh nonce 2021-12-01 02:48:47,867:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-01 02:48:47,921:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-01 02:48:47,921:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 07:48:47 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001eyfwEQnU9ZL6R9SOkrv1E7f--ebIEA4D9e12i4cA6DA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-01 02:48:47,922:DEBUG:acme.client:Storing nonce: 0001eyfwEQnU9ZL6R9SOkrv1E7f--ebIEA4D9e12i4cA6DA 2021-12-01 02:48:47,922:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-12-01 02:48:47,925:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWV5ZndFUW5VOVpMNlI5U09rcnYxRTdmLS1lYklFQTREOWUxMmk0Y0E2REEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "B6fzLfDH1HGZeYUAi0jCwU3HjcyBGRoA8Xwhkv_6TUcbLRkwjHMA-dPC1sQLfT6MlK-lFe6aMPD_beNK-BE55OGraSKkZ7_2RfNs52TK94GhjQ49YiK370HbYi7XTQtI6y8fs09fG0n4Y6EUTJJ8H8Vq1uglhJJLZ_ZLPWw-Y41CQr36V-4ErbUFMBqQ46VNqTx_Nxx4t2HoT6KJ2LBF9kpnpqYmK_AuW2ZqMSANjBc3EZVOcu_WJQ7kmo4L86090vi5mEOSixyCC79FB0-cvkkjt4YPZPMlclgLkanheS7-Qs_loyRrsqm5b6RJTMZRBp07fnHmSP_R27WUkFsbxg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-12-01 02:48:48,194:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-12-01 02:48:48,194:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 01 Dec 2021 07:48:48 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43857486400 Replay-Nonce: 0002k9nPxgA1BH28PC-tbboACa6TSLIIdJbJfu6WTFLCrPc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-08T07:48:48Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54372566370" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43857486400" } 2021-12-01 02:48:48,194:DEBUG:acme.client:Storing nonce: 0002k9nPxgA1BH28PC-tbboACa6TSLIIdJbJfu6WTFLCrPc 2021-12-01 02:48:48,195:DEBUG:acme.client:JWS payload: b'' 2021-12-01 02:48:48,197:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54372566370: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMms5blB4Z0ExQkgyOFBDLXRiYm9BQ2E2VFNMSUlkSmJKZnU2V1RGTENyUGMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MzcyNTY2MzcwIn0", "signature": "VBIFeB0V3FCgvxWRcyMGC1W6D6RUSQ3A119RbEiOnI5pVKpB62zzDebqGE6SC3Ey2EyYBp7T7pa5yz-onAXGKNx-GO4XnHcotbiDBnc2hrs79bnp3PTz5YVYE6YuYlRoiKpSNe67lHpZKNPyoaC-O80FpfL5EJkkOslFeuHuRj7tpcfp0ouxQBPBqo6CTGxVUv6XzjgL1lP_hoC9GNYI9NnEExKxg7nEBjR4fbYvUzO55qijvLC4hUfjzLQVuJmmtPRCMtwhda9Rx2zZWz95oe8ZNolLNhH5YR1zRl8RrTtorlUr32Wkr1uCppx_cXLgvuWngdgI7ctSSM8ACV38Wg", "payload": "" } 2021-12-01 02:48:48,291:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54372566370 HTTP/1.1" 200 792 2021-12-01 02:48:48,292:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 07:48:48 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002QXOb78zcneP7QnjmYPz5wdQLho49dJqTg2qR31bcUME X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-08T07:48:48Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372566370/sJ11gg", "token": "Ir0WU6WjG9xwdiqERAg9T38_Fg2LfxiGaxYtX1S6Ui8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372566370/AErdOA", "token": "Ir0WU6WjG9xwdiqERAg9T38_Fg2LfxiGaxYtX1S6Ui8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372566370/nKVCNQ", "token": "Ir0WU6WjG9xwdiqERAg9T38_Fg2LfxiGaxYtX1S6Ui8" } ] } 2021-12-01 02:48:48,292:DEBUG:acme.client:Storing nonce: 0002QXOb78zcneP7QnjmYPz5wdQLho49dJqTg2qR31bcUME 2021-12-01 02:48:48,293:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-01 02:48:48,293:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-01 02:48:48,294:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-12-01 02:48:48,294:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-12-01 02:48:48,298:INFO:certbot.auth_handler:Waiting for verification... 2021-12-01 02:48:48,298:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-01 02:48:48,299:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372566370/sJ11gg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlFYT2I3OHpjbmVQN1Fuam1ZUHo1d2RRTGhvNDlkSnFUZzJxUjMxYmNVTUUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0MzcyNTY2MzcwL3NKMTFnZyJ9", "signature": "DmwPqZdjsbVaek1w75aLtqOWJ1fNGnFlOih91bdFhVFsL-oO2k6vD1dGsRFT-Prv3zj1yvDcMMAymD6ownvRyXxff-LFM_jzSbVT-ilpfM-_C0eik2nzu0HTH6x1jJBuCklMAqdy6tHWu2j8CULFR8iVJkI5eXuaxTbFZTSPGptit9oITpYdWA5npUtsjoZZamUmaBceNQl4I5gIMkYOkrvJQnFVsPlSwhkon9J6GhRASSAvFnM5ia3bBCQU_2N04rntGJgOG2EuDZ1JjAr8Q5U4Vom-TuBipNOxSELOCAcSARTKERoOpmQHqh_c294UtqGBuhUZB66erBEFqJ38xA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-01 02:48:48,392:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54372566370/sJ11gg HTTP/1.1" 200 186 2021-12-01 02:48:48,393:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 07:48:48 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372566370/sJ11gg Replay-Nonce: 0002j8N-27ii7fVRxAtbNEnEwoJfXB8FXI0xVRPIRi6yqYA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372566370/sJ11gg", "token": "Ir0WU6WjG9xwdiqERAg9T38_Fg2LfxiGaxYtX1S6Ui8" } 2021-12-01 02:48:48,393:DEBUG:acme.client:Storing nonce: 0002j8N-27ii7fVRxAtbNEnEwoJfXB8FXI0xVRPIRi6yqYA 2021-12-01 02:48:49,395:DEBUG:acme.client:JWS payload: b'' 2021-12-01 02:48:49,397:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54372566370: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmo4Ti0yN2lpN2ZWUnhBdGJORW5Fd29KZlhCOEZYSTB4VlJQSVJpNnlxWUEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MzcyNTY2MzcwIn0", "signature": "o5k-ciAy7jzXOuWd00fdVrOJxX8SedFcOr885nIqzBFXBmMPchfhec6e7PzC4zj_jVRGaZMsWJDfVbDKj2qtrBuqN8BccwrM26hGns3Ga8_imK_CIkOWAStxW95RmcB8jhjIG61aI3t9tE7RqD2rlXBQuyTHn9S_co7MEje5twByvOD5OfJqGHZ_2i6mmqrxPkCF59ect47U4XypjJgAclM0BV7rR6kqL_JIcrXNqBZR5U8d3k2Tfsza-h7LEE5PsyQeT1jY49EdE22ira65lkIAr0mn-emOh3S_yWXxd3jHfXG4QRkWtpYoRy7omC6PeZwfDFGAZk01osQG9Aj36Q", "payload": "" } 2021-12-01 02:48:49,467:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54372566370 HTTP/1.1" 200 792 2021-12-01 02:48:49,468:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 07:48:49 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002vtIh_wkegtvcs_bHWyI9YXSN_GR8Ehspvw841q4VlaE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-08T07:48:48Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372566370/sJ11gg", "token": "Ir0WU6WjG9xwdiqERAg9T38_Fg2LfxiGaxYtX1S6Ui8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372566370/AErdOA", "token": "Ir0WU6WjG9xwdiqERAg9T38_Fg2LfxiGaxYtX1S6Ui8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372566370/nKVCNQ", "token": "Ir0WU6WjG9xwdiqERAg9T38_Fg2LfxiGaxYtX1S6Ui8" } ] } 2021-12-01 02:48:49,468:DEBUG:acme.client:Storing nonce: 0002vtIh_wkegtvcs_bHWyI9YXSN_GR8Ehspvw841q4VlaE 2021-12-01 02:48:52,472:DEBUG:acme.client:JWS payload: b'' 2021-12-01 02:48:52,474:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54372566370: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnZ0SWhfd2tlZ3R2Y3NfYkhXeUk5WVhTTl9HUjhFaHNwdnc4NDFxNFZsYUUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MzcyNTY2MzcwIn0", "signature": "JtMCUY1I_hkX_DcnUIcsrOTWZtlz6FoeEShsIaIgxWjE8pfteevfLqM2FnOAFBf1hzu9QsavZA7_ssCqA4fnWcsjUrnkvgF_7_Jt_usyAxdLf5cUja3-8-RdX3C9NJyhmja9KmqzoUrtaxcmrCD0yaVdt0sE5llwKXs8KJDR5AtC-3S-dBZY3rCZ6jcJdMuYX1-naFPzhXAYBz3ZfUOWdOoQQVr3d8v12mQBQFEHVOiBcwvBzEhzxEwouF2tUp1VC0DlPt4XQAr7yh4QjwBsS6YhFvI0tQbw8l9X_lYtX67S-H71gGJhJun25OpMhI8OpC744udk_R3Knqr9R7x_Lw", "payload": "" } 2021-12-01 02:48:52,552:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54372566370 HTTP/1.1" 200 1505 2021-12-01 02:48:52,553:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 07:48:52 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001y45vK84O1CJjeBcIVIXfep3cV6l3Qs06R_4WN2-5XcY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-08T07:48:48Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/Ir0WU6WjG9xwdiqERAg9T38_Fg2LfxiGaxYtX1S6Ui8 [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372566370/sJ11gg", "token": "Ir0WU6WjG9xwdiqERAg9T38_Fg2LfxiGaxYtX1S6Ui8", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/Ir0WU6WjG9xwdiqERAg9T38_Fg2LfxiGaxYtX1S6Ui8", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/Ir0WU6WjG9xwdiqERAg9T38_Fg2LfxiGaxYtX1S6Ui8", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-01T07:48:48Z" } ] } 2021-12-01 02:48:52,553:DEBUG:acme.client:Storing nonce: 0001y45vK84O1CJjeBcIVIXfep3cV6l3Qs06R_4WN2-5XcY 2021-12-01 02:48:52,554:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-01 02:48:52,554:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-01 02:48:52,554:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/Ir0WU6WjG9xwdiqERAg9T38_Fg2LfxiGaxYtX1S6Ui8 [75.2.60.5]: "\n\n\n \n Prep: True 2021-12-01 02:48:53,058:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-12-01 02:48:53,058:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-01 02:48:53,059:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-12-01 02:48:53,064:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-01 02:48:53,065:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-01 02:48:53,067:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-01 02:48:53,225:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-01 02:48:53,226:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 07:48:53 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "iczh4RtA1xY": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-01 02:48:53,227:INFO:certbot.hooks:Pre-hook command already run, skipping: /bin/systemctl stop nginx 2021-12-01 02:48:53,227:INFO:certbot.main:Renewing an existing certificate 2021-12-01 02:48:53,418:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0477_key-certbot.pem 2021-12-01 02:48:53,425:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0477_csr-certbot.pem 2021-12-01 02:48:53,426:DEBUG:acme.client:Requesting fresh nonce 2021-12-01 02:48:53,426:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-01 02:48:53,478:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-01 02:48:53,479:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 07:48:53 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002DcHAOns8ZsSWOw2Ae6sNp67j1CKLooSXCMZ-nH4h9Ho X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-01 02:48:53,479:DEBUG:acme.client:Storing nonce: 0002DcHAOns8ZsSWOw2Ae6sNp67j1CKLooSXCMZ-nH4h9Ho 2021-12-01 02:48:53,480:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-01 02:48:53,482:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkRjSEFPbnM4WnNTV093MkFlNnNOcDY3ajFDS0xvb1NYQ01aLW5INGg5SG8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "LCiT8UES93umb7iutde7-TcAs8VkzBn63Cc77BUp_GUkQ99XoC_13Aw1tE34ybQkGe2o6vB8049U4eL2H8SbohmMwJQnf-pfiNarFTp-vU7gLlvBqhO2fT-N7vEJ_PEU7aBJfIRolArD0sR0DRLGiSuw1rbN3UhBa1gneL4Oqrq0vusKmUdKzhxWYgr3uu6ZVY-OA4FpOv4fiHqYqYwIBzmmCty0JaJdw8kLQilL47psgeDlfUMlTajds9nkATpPqHSzWKMWxjc7sajf3i0r6YOGuIj7Db5ZQ0OBQlMuTEcrUxjYyZGFW8lwRKCRRJukUr7ZfHCNbCQIL9hRVKVAog", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-01 02:48:53,614:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-01 02:48:53,615:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 01 Dec 2021 07:48:53 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43857498050 Replay-Nonce: 0001cmNyUADRjkJ7DBR-U4lSWPtyG-_mvna-wpjmRbRAYKs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-08T07:48:53Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54372581450", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54372581460" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43857498050" } 2021-12-01 02:48:53,615:DEBUG:acme.client:Storing nonce: 0001cmNyUADRjkJ7DBR-U4lSWPtyG-_mvna-wpjmRbRAYKs 2021-12-01 02:48:53,616:DEBUG:acme.client:JWS payload: b'' 2021-12-01 02:48:53,618:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54372581450: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWNtTnlVQURSamtKN0RCUi1VNGxTV1B0eUctX212bmEtd3BqbVJiUkFZS3MiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MzcyNTgxNDUwIn0", "signature": "deCqVRJNAN_D9EZ-91bu0AW5Erge2IJjhKgEa1k0w9G0yjXa13DPexQ7WYnS9YtTTk0_4fR1gjuzh-q3LJP1nohqC9bF1-qPID8sSuLHtmzV3dUntlHCcQbbECbHquOg6flTqxFAXL6lxCGhlOL2CSqMqcw4Hd2rCW9jc6vhyB6O7l3klg_frcguLuNW2Q3TSTufmMIVjzqsLNQ9bgLmiXpYiRTA5IoLGH2NS4VPs3qQv-CWVuu4Es6vfSkDeG2AEvhX6VG-uut4NyTuX3dSxzMfbXvcyhqtOAo9iTW6ZMms39hM3ZJOUlD5eEj2U5QnoxMIIicgERTKrtlbDGCxow", "payload": "" } 2021-12-01 02:48:53,684:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54372581450 HTTP/1.1" 200 792 2021-12-01 02:48:53,685:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 07:48:53 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002zTCyj_cWMTCTkz-w6UwraZTob6vGesFR5yVUXP_Q7SM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-08T07:48:53Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372581450/zYD3ng", "token": "1hPx8mbak8deN1m9XTMJy3JjEy5bfoxMMm-dbNgC228" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372581450/gCrTag", "token": "1hPx8mbak8deN1m9XTMJy3JjEy5bfoxMMm-dbNgC228" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372581450/6FL5Yw", "token": "1hPx8mbak8deN1m9XTMJy3JjEy5bfoxMMm-dbNgC228" } ] } 2021-12-01 02:48:53,685:DEBUG:acme.client:Storing nonce: 0002zTCyj_cWMTCTkz-w6UwraZTob6vGesFR5yVUXP_Q7SM 2021-12-01 02:48:53,686:DEBUG:acme.client:JWS payload: b'' 2021-12-01 02:48:53,688:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54372581460: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnpUQ3lqX2NXTVRDVGt6LXc2VXdyYVpUb2I2dkdlc0ZSNXlWVVhQX1E3U00iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MzcyNTgxNDYwIn0", "signature": "PoYhWaTRiWqpZzOIKTUyUjKPIXrEuUKmrvkrjCJfULikjtSodGHMzqk-f64gGU1BxePHMIBjyb8ppxJbcYCIw0UTFlN1V3RwaHAtJhG9s_a1OSG5D7JTGc6RqPFfUD3pE2DQA_NWxa8sz4dZCOjxcI5Gu7-yDojNYk20sO9O-eaVnudJYtpb2VLrwpz9eMEWf5jNYDpDuiuFizSpFOUL1cs1k_BiOzJT_e9otSstsZumSAX8CnBC5uhpOonU8Y2g0WGTnMUm6AscKs7Wephe6pFUIIL3Q9bYSIf0jw73qb0xXE2WIxvVPlbFNHx0PINGvRP0r3MBVNAnbLhph0N81Q", "payload": "" } 2021-12-01 02:48:53,758:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54372581460 HTTP/1.1" 200 796 2021-12-01 02:48:53,759:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 07:48:53 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001vhWcrAbTMJdaP73wEHo04gstQnV4n3MYqZ_rZ6THH6w X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-08T07:48:53Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372581460/gYsHIA", "token": "9zhBjN_movW1ZcYnu19z78dG9HZIb8o9tD_RzG0sG9Y" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372581460/--s6pQ", "token": "9zhBjN_movW1ZcYnu19z78dG9HZIb8o9tD_RzG0sG9Y" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372581460/CQQO2g", "token": "9zhBjN_movW1ZcYnu19z78dG9HZIb8o9tD_RzG0sG9Y" } ] } 2021-12-01 02:48:53,759:DEBUG:acme.client:Storing nonce: 0001vhWcrAbTMJdaP73wEHo04gstQnV4n3MYqZ_rZ6THH6w 2021-12-01 02:48:53,760:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-01 02:48:53,760:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-01 02:48:53,760:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-01 02:48:53,761:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-12-01 02:48:53,761:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-12-01 02:48:53,766:INFO:certbot.auth_handler:Waiting for verification... 2021-12-01 02:48:53,766:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-01 02:48:53,768:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372581450/zYD3ng: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXZoV2NyQWJUTUpkYVA3M3dFSG8wNGdzdFFuVjRuM01ZcVpfclo2VEhINnciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0MzcyNTgxNDUwL3pZRDNuZyJ9", "signature": "dT0a-sv2yKIoOxKYPtcqxZ78og5Z4bDWRj7la9VN5ja7-D7JcIF88E18vQW5pao5xGryvOfOhfbfTKaNa5ioY869JMr8BdPWi60mpmi39x78Z-RXqinagaVgkiPyNYAlDCFJBT1N-rAMtDSOTtIhVLM7yzsDG8hQ3Brutkx3VBw6NNydTq5Cy-7oU2aEKZBdxTaJAZhDpX5M-moZ30hwX42jkXdcuaUf1OkpfGzdtlq2v9sSAOQ02z_ufh3-4nH0YqQ6H0n004PHeyKegKaW07Y2Nrhj4QI8SWSgDnJWZQBxvDLFY7hSBqA6N1J7dh-jae0yEVNC0sGHdZF0oDcoWg", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-01 02:48:53,836:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54372581450/zYD3ng HTTP/1.1" 200 186 2021-12-01 02:48:53,837:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 07:48:53 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372581450/zYD3ng Replay-Nonce: 00024HNR_rIrcPTw79-xehyGp4zFwjQ0AnW65ldeBIbEJ7k X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372581450/zYD3ng", "token": "1hPx8mbak8deN1m9XTMJy3JjEy5bfoxMMm-dbNgC228" } 2021-12-01 02:48:53,837:DEBUG:acme.client:Storing nonce: 00024HNR_rIrcPTw79-xehyGp4zFwjQ0AnW65ldeBIbEJ7k 2021-12-01 02:48:53,838:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-01 02:48:53,839:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372581460/gYsHIA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjRITlJfcklyY1BUdzc5LXhlaHlHcDR6RndqUTBBblc2NWxkZUJJYkVKN2siLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0MzcyNTgxNDYwL2dZc0hJQSJ9", "signature": "IxGR7yfrsQzC3iYh365DR0hpL2M-d1s7RY_jBLC_C5CmvBEMECenN_azDvKNpx2gbxOixtS53EUwZIqNoNomeEGii9hlB6l-Pt0evkvGQo014e8mOxPYwR19Pa65X-4vp4AUQMADL4Z9dZVC-y94qo5FNv6j3SRowF_qbRPPkyQIzBJ_ynTrtADK2Ab3-7L0554uPOlePpWAiCUiYk4A41aLAx0elY0Ujf1R__pUScucXfdCCKN9bsk3oX6yteQDw5W0vepsN8_JFtEOzpkzYulyeg13J8scgnAZtg9hhpA6Fys_2UX7-J9gn70J9Iyi6QHDzHezR_sI9XGyF9CAHA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-01 02:48:53,910:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54372581460/gYsHIA HTTP/1.1" 200 186 2021-12-01 02:48:53,911:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 07:48:53 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372581460/gYsHIA Replay-Nonce: 0001x0LS1YjEmbwfduVjgaG33AaZbz146Q_Nm9lciNUKLSg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372581460/gYsHIA", "token": "9zhBjN_movW1ZcYnu19z78dG9HZIb8o9tD_RzG0sG9Y" } 2021-12-01 02:48:53,911:DEBUG:acme.client:Storing nonce: 0001x0LS1YjEmbwfduVjgaG33AaZbz146Q_Nm9lciNUKLSg 2021-12-01 02:48:54,914:DEBUG:acme.client:JWS payload: b'' 2021-12-01 02:48:54,916:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54372581450: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXgwTFMxWWpFbWJ3ZmR1VmpnYUczM0FhWmJ6MTQ2UV9ObTlsY2lOVUtMU2ciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MzcyNTgxNDUwIn0", "signature": "ftXIba9CcUBmJkdT1aDqOHJEi-TGKJl0K4i-eIX3Z2jSyfZTPhdWFNfzbYcLGOcERiuLE6C5Al1lgJPHDsUv7FKmiMuXsxTujczrnShmY0Ej_4E0hdpAXwqCg0AuR_U0-_R4_BWA32spUPcaW2s-7a6WBck7Q98XuIxr70lTnFo9vnHTyBoo_pzyXq7PSzq3OlymNbg8vXu7-6_4u2_cXa34xQmk9kWAeD4X6MWmV1Ft6id_2QUCiF46UlGgLpz4Yk_1Pnfb6Dg0y3207ZiFnsgp20rVFjOWhO5pgJ1G8pBvASQYlio70WWI9zS2GRCWAsdMVFomxhvrS4U-bEypEQ", "payload": "" } 2021-12-01 02:48:54,980:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54372581450 HTTP/1.1" 200 1505 2021-12-01 02:48:54,981:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 07:48:54 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002BAbj2OzBxZERUz1xFtwQcoE_T3mdfsnE4cji7jzLzog X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-08T07:48:53Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/1hPx8mbak8deN1m9XTMJy3JjEy5bfoxMMm-dbNgC228 [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372581450/zYD3ng", "token": "1hPx8mbak8deN1m9XTMJy3JjEy5bfoxMMm-dbNgC228", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/1hPx8mbak8deN1m9XTMJy3JjEy5bfoxMMm-dbNgC228", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/1hPx8mbak8deN1m9XTMJy3JjEy5bfoxMMm-dbNgC228", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-01T07:48:53Z" } ] } 2021-12-01 02:48:54,981:DEBUG:acme.client:Storing nonce: 0002BAbj2OzBxZERUz1xFtwQcoE_T3mdfsnE4cji7jzLzog 2021-12-01 02:48:54,982:DEBUG:acme.client:JWS payload: b'' 2021-12-01 02:48:54,984:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54372581460: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkJBYmoyT3pCeFpFUlV6MXhGdHdRY29FX1QzbWRmc25FNGNqaTdqekx6b2ciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MzcyNTgxNDYwIn0", "signature": "WXftCyl1rW19dBOnQEw3XZJECa3K28pXvViBSybU1NFLrRIaUIhGN7B_KSc3O3VYzGeKEH9XyFRb2CO1H5qa77kLTqAG2asg2I3fwzkVHUcXTupijdMNb0GFrEsE-SmDwcHh0vDcU0rBKWoo45MetJWdbR7c46UzXoBqikLIC3nlvpXz0cM5XBFJXEOoag7-BPGQs-EDRX4uZ69GqcENQJaWQ0ufNbPwqkPhsO_BrgI9pzeHNofLJ7TfyHcqQJxO0PtKdJrpMjsm14yGLL2w7E0A9J7UvQ37BIQzcdjqupl9qeSLXrIdQuPcf_dJ-JV_FLkYmVGuTcXK5EeTRifotQ", "payload": "" } 2021-12-01 02:48:55,047:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54372581460 HTTP/1.1" 200 1826 2021-12-01 02:48:55,048:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 07:48:55 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002uui8OHDY8L4vRBZXiosaQRjlNDoJaYEfQbruwkP41dA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-08T07:48:53Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/9zhBjN_movW1ZcYnu19z78dG9HZIb8o9tD_RzG0sG9Y [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54372581460/gYsHIA", "token": "9zhBjN_movW1ZcYnu19z78dG9HZIb8o9tD_RzG0sG9Y", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/9zhBjN_movW1ZcYnu19z78dG9HZIb8o9tD_RzG0sG9Y", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/9zhBjN_movW1ZcYnu19z78dG9HZIb8o9tD_RzG0sG9Y", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/9zhBjN_movW1ZcYnu19z78dG9HZIb8o9tD_RzG0sG9Y", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-01T07:48:53Z" } ] } 2021-12-01 02:48:55,048:DEBUG:acme.client:Storing nonce: 0002uui8OHDY8L4vRBZXiosaQRjlNDoJaYEfQbruwkP41dA 2021-12-01 02:48:55,048:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-01 02:48:55,049:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-01 02:48:55,049:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-01 02:48:55,049:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-01 02:48:55,049:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/1hPx8mbak8deN1m9XTMJy3JjEy5bfoxMMm-dbNgC228 [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-12-01 02:48:55,271:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-12-01 02:48:55,271:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-12-01 02:48:55,271:INFO:certbot.hooks:Running post-hook command: /bin/systemctl start nginx 2021-12-01 02:48:55,349:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-01 03:24:39,264:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-01 03:24:39,265:DEBUG:certbot.main:Arguments: ['-q'] 2021-12-01 03:24:39,265:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-01 03:24:39,278:DEBUG:certbot.log:Root logging level set at 30 2021-12-01 03:24:39,278:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-01 03:24:39,291:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2021-12-01 03:24:39,306:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 03:24:39,307:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 03:24:39,307:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 03:24:39,313:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 03:24:39,314:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 03:24:39,314:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 03:24:39,319:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 03:24:39,320:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 03:24:39,320:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 03:24:39,325:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 03:24:39,326:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 03:24:39,327:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 03:24:39,333:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 03:24:39,334:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 03:24:39,335:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 03:24:39,339:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-12-01 03:24:39,339:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-01 03:24:39,339:INFO:certbot.renewal:Non-interactive renewal: random delay of 205.40187412689855 seconds 2021-12-01 03:28:04,834:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-12-01 03:28:05,198:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-01 03:28:05,199:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-01 03:28:05,199:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-01 03:28:05,199:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-01 03:28:05,203:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-01 03:28:05,206:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-01 03:28:05,209:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-01 03:28:05,371:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-01 03:28:05,372:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 08:28:05 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "hIjg4tJ_Miw": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-01 03:28:05,373:INFO:certbot.main:Renewing an existing certificate 2021-12-01 03:28:05,428:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0478_key-certbot.pem 2021-12-01 03:28:05,438:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0478_csr-certbot.pem 2021-12-01 03:28:05,439:DEBUG:acme.client:Requesting fresh nonce 2021-12-01 03:28:05,439:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-01 03:28:05,493:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-01 03:28:05,494:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 08:28:05 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001JEtYYQmPuH-QMpijO7fElfwNtij2FG3dLcUZ7SVWcWw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-01 03:28:05,494:DEBUG:acme.client:Storing nonce: 0001JEtYYQmPuH-QMpijO7fElfwNtij2FG3dLcUZ7SVWcWw 2021-12-01 03:28:05,495:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-12-01 03:28:05,497:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUpFdFlZUW1QdUgtUU1waWpPN2ZFbGZ3TnRpajJGRzNkTGNVWjdTVldjV3ciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "qn4FssmYeu92gPu147nnvX3cZSOh9jH9exLt-rXZQYE0KK8eEyNyLXEmy___TBaLPKuf0xoI1_six6u-4ir1YMXy9UEwzPUlKcedbSmzkKPpj1Jcj9lGaLfxbOCMrvbSR3IVh4AzvdqcSuv_TlkasD5GQ-dtS9uVzFIVA1-S2_4AapAeEQ2Ltm9L59hqMmW11XMoH0hokJHw8wrTpKdsZm1el4wQ3oAeZvt1K3HUKSFT7T88vJJQIh6byjmwh3c4N0ZXJBOx8zdlIXhZOyq2W-bLtL05PnCdXe1uak6YPY-DlnEwRx_eyrrneLRzPoOfINssoDwM7LUw_AWkLQEAZg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-12-01 03:28:06,243:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-12-01 03:28:06,244:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 01 Dec 2021 08:28:06 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43864617240 Replay-Nonce: 0002k00qL0U4D8qXYB-y7ExNWQvXMjL_dEza9vKKA0Bb1Hk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-08T08:28:06Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54381285970" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43864617240" } 2021-12-01 03:28:06,245:DEBUG:acme.client:Storing nonce: 0002k00qL0U4D8qXYB-y7ExNWQvXMjL_dEza9vKKA0Bb1Hk 2021-12-01 03:28:06,245:DEBUG:acme.client:JWS payload: b'' 2021-12-01 03:28:06,247:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54381285970: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmswMHFMMFU0RDhxWFlCLXk3RXhOV1F2WE1qTF9kRXphOXZLS0EwQmIxSGsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MzgxMjg1OTcwIn0", "signature": "W6zvHQ-JriX6BgqgwwP_-rJ8NOAUEX4eqsoKkv9beRfMjP4iam4EgSosIMz_iRT0yNZsAMsQBy3ruBqo5qVlCkStSrBkSHX9GD0MOf5OpRsmjyxRPdXMSmWEPrknJ3I6x6c74b4JzNZesCdct3diINZL54mJ0BZXlNk3R-WMf9Z48d6ks6hzvStup93_bzgqbHlgeVHa_NlXmRFeqiBMAtv7Y2Z-toj1g78vM1onXYldbAIxZ3DGjBp0GAVfdvlGekFcs-XvWgu66Miwox33g6pZetGqAp9RgaXqbY9aInnRAV8wilyXTlJW_OxZzkP9MOvUIUyDDlbn59-h5ihokA", "payload": "" } 2021-12-01 03:28:06,328:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54381285970 HTTP/1.1" 200 792 2021-12-01 03:28:06,329:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 08:28:06 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001vLOWuWlurt_eKY_0KJbW2HUTgDTamKFmNAm4NPynQpc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-08T08:28:06Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381285970/J16l4Q", "token": "oCZbjK3arKMFcTrsy8N6hON9cy4oZ6LgCYIHM-ydn-I" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381285970/3GvP4w", "token": "oCZbjK3arKMFcTrsy8N6hON9cy4oZ6LgCYIHM-ydn-I" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381285970/SuugVw", "token": "oCZbjK3arKMFcTrsy8N6hON9cy4oZ6LgCYIHM-ydn-I" } ] } 2021-12-01 03:28:06,330:DEBUG:acme.client:Storing nonce: 0001vLOWuWlurt_eKY_0KJbW2HUTgDTamKFmNAm4NPynQpc 2021-12-01 03:28:06,330:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-01 03:28:06,331:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-01 03:28:06,379:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-01 03:28:06,380:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-01 03:28:06,380:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-01 03:28:06,381:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-01 03:28:06,381:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-01 03:28:06,381:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-01 03:28:06,382:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-01 03:28:06,382:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-01 03:28:06,383:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-01 03:28:06,383:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-01 03:28:06,383:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-01 03:28:06,384:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-01 03:28:06,384:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-01 03:28:06,386:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-01 03:28:06,388:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/oCZbjK3arKMFcTrsy8N6hON9cy4oZ6LgCYIHM-ydn-I{default_type text/plain;return 200 oCZbjK3arKMFcTrsy8N6hON9cy4oZ6LgCYIHM-ydn-I.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-01 03:28:07,424:INFO:certbot.auth_handler:Waiting for verification... 2021-12-01 03:28:07,426:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-01 03:28:07,429:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381285970/J16l4Q: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXZMT1d1V2x1cnRfZUtZXzBLSmJXMkhVVGdEVGFtS0ZtTkFtNE5QeW5RcGMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0MzgxMjg1OTcwL0oxNmw0USJ9", "signature": "IRi5gcqB8b0fBrKtuGiFaWZcX6Gh5ZN1f_scK8FhJ_T7jKO_hhymzYj8FlTBiZ6IEVgeIVDZ-54XrzueK842egkt68MNclCgAu9pM57jHT8YIlmxoPUBedqL57TldoH11oPb5bJCpuefyYN3LVkfL2nd8Z2glYUrUg3wW5SKBIRH8sH6fkatFMToXpMJXoV2_WK1gOPQI_7eLeZKt0KIojNwXNkybbhrAGHNAFaBUGwoDxHuLsN7yIivQwHsaMulPcuGcQHYK6qX9rNQH_k0iM0ovjUrEi_IpGbM89zcG-98kdaQwzMPS1RFi52XX-qSq3WjjKM4KWK1TSPYS1hHdA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-01 03:28:07,521:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54381285970/J16l4Q HTTP/1.1" 200 186 2021-12-01 03:28:07,522:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 08:28:07 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381285970/J16l4Q Replay-Nonce: 0002QK8XZU3L8qfP3XG9yyrcH77BdwdbZMEVMJSJnxlyFx0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381285970/J16l4Q", "token": "oCZbjK3arKMFcTrsy8N6hON9cy4oZ6LgCYIHM-ydn-I" } 2021-12-01 03:28:07,522:DEBUG:acme.client:Storing nonce: 0002QK8XZU3L8qfP3XG9yyrcH77BdwdbZMEVMJSJnxlyFx0 2021-12-01 03:28:08,524:DEBUG:acme.client:JWS payload: b'' 2021-12-01 03:28:08,527:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54381285970: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlFLOFhaVTNMOHFmUDNYRzl5eXJjSDc3QmR3ZGJaTUVWTUpTSm54bHlGeDAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MzgxMjg1OTcwIn0", "signature": "I4itiP5EJ4z8Q8MQQQNewwXKDPk38E_L123do6sdIKa6QOfUCX4shoQWr54wDCAHLMSObeNSuLIrR2Clk10StcSHLRLM_GP7SjtAgaRFDlBiNMTGRFEhWTwoAGA01LAvlRN222DFqA3ZAQjrhNgHTVr32gaD-yUKAQs8fGpp5D6P35ZOkLpHeFptlzxDD3uVgeb_nzOyFzz3YKC0w8yYuYLHxptIX7x_u9SNjf1XZ6nMqlWmfxxvZ5DiNC1Tzmk4wa640WZZeC5oI9YGFQ_wDdxBgfTQGofQ4KJrw1smnp6eJCeTY3vMAxMGsxp-U7fRAudEU9Bdt6t3zDERF9g4zQ", "payload": "" } 2021-12-01 03:28:08,602:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54381285970 HTTP/1.1" 200 792 2021-12-01 03:28:08,603:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 08:28:08 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001nH-QH9NgUlf-9AE7xfrlx5qiaeVK0-PpNjmwAseWat8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-08T08:28:06Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381285970/J16l4Q", "token": "oCZbjK3arKMFcTrsy8N6hON9cy4oZ6LgCYIHM-ydn-I" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381285970/3GvP4w", "token": "oCZbjK3arKMFcTrsy8N6hON9cy4oZ6LgCYIHM-ydn-I" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381285970/SuugVw", "token": "oCZbjK3arKMFcTrsy8N6hON9cy4oZ6LgCYIHM-ydn-I" } ] } 2021-12-01 03:28:08,603:DEBUG:acme.client:Storing nonce: 0001nH-QH9NgUlf-9AE7xfrlx5qiaeVK0-PpNjmwAseWat8 2021-12-01 03:28:11,605:DEBUG:acme.client:JWS payload: b'' 2021-12-01 03:28:11,608:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54381285970: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMW5ILVFIOU5nVWxmLTlBRTd4ZnJseDVxaWFlVkswLVBwTmptd0FzZVdhdDgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MzgxMjg1OTcwIn0", "signature": "m5p6hrlXWu6Hww9LNuJIbK7yKCByq5AzjeZZc557sh71rRnFYoukm_TMvuixGANF8o2RwDiTIfPbF24us9WsF69Z6nskZV4aIJ2JU_zSP8R_vR5RxpgvXqlSNoxTS1x40-vSr6ZXbMheMlCxLE_YyC7tT1Of9H0Vm9vmyAK3chPZGZQVBN5iQ3ms-6vbHJKz34vcKSkEVTq176cFEHSv6qcdFvR_v3TvDZDopZXe7MKB5nycXMXmzw-lN6BUZndM_nNpPYO4Hv8D2WJNzEnVs4A13gjDsSlNiWxxegJfQLQ4UHt-Ip48z6sKkdA6SZtG-6DSPPRavvTwMfe7b2A5Xg", "payload": "" } 2021-12-01 03:28:11,671:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54381285970 HTTP/1.1" 200 1505 2021-12-01 03:28:11,672:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 08:28:11 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001kAVDhZvPcXNn086f2IIHB2PlaBRDzvPHCNA-uxUO9Ek X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-08T08:28:06Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/oCZbjK3arKMFcTrsy8N6hON9cy4oZ6LgCYIHM-ydn-I [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381285970/J16l4Q", "token": "oCZbjK3arKMFcTrsy8N6hON9cy4oZ6LgCYIHM-ydn-I", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/oCZbjK3arKMFcTrsy8N6hON9cy4oZ6LgCYIHM-ydn-I", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/oCZbjK3arKMFcTrsy8N6hON9cy4oZ6LgCYIHM-ydn-I", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-01T08:28:07Z" } ] } 2021-12-01 03:28:11,672:DEBUG:acme.client:Storing nonce: 0001kAVDhZvPcXNn086f2IIHB2PlaBRDzvPHCNA-uxUO9Ek 2021-12-01 03:28:11,673:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-01 03:28:11,674:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-01 03:28:11,675:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/oCZbjK3arKMFcTrsy8N6hON9cy4oZ6LgCYIHM-ydn-I [75.2.60.5]: "\n\n\n \n Prep: True 2021-12-01 03:28:13,396:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-01 03:28:13,396:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-01 03:28:13,396:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-01 03:28:13,401:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-01 03:28:13,403:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-01 03:28:13,405:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-01 03:28:13,560:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-01 03:28:13,561:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 08:28:13 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "qSLke5Oq9kQ": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-01 03:28:13,562:INFO:certbot.main:Renewing an existing certificate 2021-12-01 03:28:13,856:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0479_key-certbot.pem 2021-12-01 03:28:13,866:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0479_csr-certbot.pem 2021-12-01 03:28:13,867:DEBUG:acme.client:Requesting fresh nonce 2021-12-01 03:28:13,867:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-01 03:28:13,918:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-01 03:28:13,919:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 08:28:13 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001HiFc5KBnMFKFpB4TR9tobbZheCyGwq6_0C8VdGtrNkc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-01 03:28:13,919:DEBUG:acme.client:Storing nonce: 0001HiFc5KBnMFKFpB4TR9tobbZheCyGwq6_0C8VdGtrNkc 2021-12-01 03:28:13,920:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-01 03:28:13,922:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUhpRmM1S0JuTUZLRnBCNFRSOXRvYmJaaGVDeUd3cTZfMEM4VmRHdHJOa2MiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "A-U76iiMnh_U_aSqdhWsAocBvhH-A1FARg5OsUlCwIhL-nKR6xXrcUWB-0YZaxMWWPte2EEPnX3U2hnMNM5AWxKteczHgGaMmju9bstoyHG8qrAF5FVhIZsL_4qvtwqm25raoijlke-ZdE11bDQ0PxUZtH22kFrL62e-UFKFJeke1dCeiK80RsJFKpOjE8OwI487ts5HJE-CShllSFCqQR-1Z3U7ElwelUHqdvtHCwyzLqAo66W1a8g3GOR9VFE62Gc_RbNOnVknQs-PO4pVzZM5o_FDPvHCVfGsbizkg0JvU-Vo0M2nbymqDdaagkukCYytNvhuq-z9Vj4OJdF-PQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-01 03:28:14,128:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-01 03:28:14,129:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 01 Dec 2021 08:28:14 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43864644590 Replay-Nonce: 0001dXM8T5vY4jRAOh_f3_Y-MZg86M9slqpwKQHpTxQNArI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-08T08:28:14Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54381318300", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54381318310" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43864644590" } 2021-12-01 03:28:14,129:DEBUG:acme.client:Storing nonce: 0001dXM8T5vY4jRAOh_f3_Y-MZg86M9slqpwKQHpTxQNArI 2021-12-01 03:28:14,129:DEBUG:acme.client:JWS payload: b'' 2021-12-01 03:28:14,132:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54381318300: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWRYTThUNXZZNGpSQU9oX2YzX1ktTVpnODZNOXNscXB3S1FIcFR4UU5BckkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MzgxMzE4MzAwIn0", "signature": "oPrS7BJhyS2Z6IGpKCKTuUd2TNxBGyScemnWCawWUVnfAMj-oNiHUcyQ2QWE5YC-_LKj35qv7xeElaW7uGitWvlbxljKe60ip-i-sb2YURERtoFtZzvzxzU8me4Cntp321RztLk978yP2EThM9yyCYx-2MQmC0eQewp4-iKX2-c41iYJSKVO1DWVy7v82vEGvYJYjsDSQhOFhl3gN8Fo7goCUbC0p86LWnkgnx4cR47cg0boflMuYmiNCxj5fyIzmWnpluuwVF6kl693GjtqiiMbI3msEjHPYoMoMvZpSYWOrQq4vcgFG-n8mAQr0c_aS59Dq6nZBcoyVD3niwT6Yg", "payload": "" } 2021-12-01 03:28:14,211:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54381318300 HTTP/1.1" 200 792 2021-12-01 03:28:14,212:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 08:28:14 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001zy_SwJ5JjtSRdrA2PuPDK5pbn_6-SzEe6tv9m3vusQM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-08T08:28:14Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318300/NKd_jA", "token": "-DmLw6hXB-nfA0qvhxMq4rZ1EbyRTCERMWD3sywMHgY" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318300/U2DjzA", "token": "-DmLw6hXB-nfA0qvhxMq4rZ1EbyRTCERMWD3sywMHgY" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318300/rdObcg", "token": "-DmLw6hXB-nfA0qvhxMq4rZ1EbyRTCERMWD3sywMHgY" } ] } 2021-12-01 03:28:14,212:DEBUG:acme.client:Storing nonce: 0001zy_SwJ5JjtSRdrA2PuPDK5pbn_6-SzEe6tv9m3vusQM 2021-12-01 03:28:14,213:DEBUG:acme.client:JWS payload: b'' 2021-12-01 03:28:14,215:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54381318310: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXp5X1N3SjVKanRTUmRyQTJQdVBESzVwYm5fNi1TekVlNnR2OW0zdnVzUU0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MzgxMzE4MzEwIn0", "signature": "rLitR2DJrOoELb3oPYGwcqW7LShTu5pfZDbfNbLgRiRQAWsuxzQ3v4nYZrhLbW3IIUnJcwTTQgUomFt6YieWTArW99K3lqFmmPl4ATOEWn4BzESi44XBY5XacbFToPfJabqwQsAzuYimwG7l01X1jFFudq3dnS92tMqySF2c-T-43ZfjfFYVwl8jsIIw2ewLnw3JpreR18y9JNdO2emBv2E3Cwa3aton2szrNzLkK3xNUuhw-UF3VlC_MjmfVcosF2NybYe1tk2Wm-CWGlQ_UGfFz4_2U7MTqGPp06pcZdS_0CjTx4QP2ahqAvThgudETYk5EVU8ft0rAXgUVdRWHA", "payload": "" } 2021-12-01 03:28:14,310:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54381318310 HTTP/1.1" 200 796 2021-12-01 03:28:14,311:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 08:28:14 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002s6n0sWrnnWITss6-s9LgFKKH8fNM0ZGS11qWZfEldLk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-08T08:28:14Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318310/OhrXvg", "token": "0OT-3pLMDUMQY_n9_gCk2fblupYiM-1sLMndhlAZzo0" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318310/QG5Uuw", "token": "0OT-3pLMDUMQY_n9_gCk2fblupYiM-1sLMndhlAZzo0" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318310/e4n-HA", "token": "0OT-3pLMDUMQY_n9_gCk2fblupYiM-1sLMndhlAZzo0" } ] } 2021-12-01 03:28:14,311:DEBUG:acme.client:Storing nonce: 0002s6n0sWrnnWITss6-s9LgFKKH8fNM0ZGS11qWZfEldLk 2021-12-01 03:28:14,312:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-01 03:28:14,312:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-01 03:28:14,313:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-01 03:28:14,410:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-01 03:28:14,411:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-01 03:28:14,411:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-01 03:28:14,412:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-01 03:28:14,412:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-01 03:28:14,412:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-01 03:28:14,413:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-01 03:28:14,413:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-01 03:28:14,413:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-01 03:28:14,413:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-01 03:28:14,414:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-01 03:28:14,414:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-01 03:28:14,414:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-01 03:28:14,416:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-01 03:28:14,418:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/-DmLw6hXB-nfA0qvhxMq4rZ1EbyRTCERMWD3sywMHgY{default_type text/plain;return 200 -DmLw6hXB-nfA0qvhxMq4rZ1EbyRTCERMWD3sywMHgY.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot location = /.well-known/acme-challenge/0OT-3pLMDUMQY_n9_gCk2fblupYiM-1sLMndhlAZzo0{default_type text/plain;return 200 0OT-3pLMDUMQY_n9_gCk2fblupYiM-1sLMndhlAZzo0.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-01 03:28:15,478:INFO:certbot.auth_handler:Waiting for verification... 2021-12-01 03:28:15,479:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-01 03:28:15,482:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318300/NKd_jA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnM2bjBzV3JubldJVHNzNi1zOUxnRktLSDhmTk0wWkdTMTFxV1pmRWxkTGsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0MzgxMzE4MzAwL05LZF9qQSJ9", "signature": "KARZ6nObu2in6e3CAy8seWzGHwUqWUcwsPlUYmhfpQUwzTSv4ucbwvPqbXRJPUgYk-_NsdujXqsPpqsC0vTdTV08Uzh8OslTSZNSi1ydxBn_Tll-BSbc517_62RsW7hW7GQFD107lCDL4z6PQQBZOGjXf5-YId9FCYb6oVg08pPQzfxMCTQJ_6pxJD07mFZbanOJp9rm9NIYVgn3CYE80b_Z9sMxT9pCWCGFpKqIat85XE8gOjJUG7-T_n9DTJnmWrm6q8YLYuqM1rtFAj19M2uKGVAE_5bAC_4g9Asmgz63Rb0LcjWvYp8UdCCKJGenSz5_NRPFyob9idPR76S5zQ", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-01 03:28:15,672:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54381318300/NKd_jA HTTP/1.1" 200 186 2021-12-01 03:28:15,673:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 08:28:15 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318300/NKd_jA Replay-Nonce: 0001b4oHCXO9hrOPpW4Btydw7KdOO0nIlYpL3UZnwAB7Uk4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318300/NKd_jA", "token": "-DmLw6hXB-nfA0qvhxMq4rZ1EbyRTCERMWD3sywMHgY" } 2021-12-01 03:28:15,673:DEBUG:acme.client:Storing nonce: 0001b4oHCXO9hrOPpW4Btydw7KdOO0nIlYpL3UZnwAB7Uk4 2021-12-01 03:28:15,674:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-01 03:28:15,677:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318310/OhrXvg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWI0b0hDWE85aHJPUHBXNEJ0eWR3N0tkT08wbklsWXBMM1VabndBQjdVazQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0MzgxMzE4MzEwL09oclh2ZyJ9", "signature": "IPGYcvR5kOzCWqje-QRSb65ePMzN80UAnHKjhWEbDLXy_tyOoOvZrH1rsplpLv4jtNYFBBrcG9AddEy5YddP2jOIHPyFCt-h3FuqHTf9FUN-d7IVJq82qonb7K6q4S-IsJeJT0hOyWuwxjr_oo3wCvSQMHJyXiFl9q6WQbJjVbN6e6UoPIt1s37IWNBnpNiYchZUyPQXJZ3hETkIbQ--dHdhacsxvG9CrYpWDM7qFSPnMMScVctBrCcVIJVcGHdIGGM2Sy-f9vgj2mncdi1k5jRA7lNg9BpmOCN6dHvMnE-vLP9PkFGTxpXDcXXYwb6ybztHmwHbZlvgQe1g2Gor-A", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-01 03:28:15,753:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54381318310/OhrXvg HTTP/1.1" 200 186 2021-12-01 03:28:15,754:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 08:28:15 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318310/OhrXvg Replay-Nonce: 0002LdxfnDfF05bcstF9JF-7SGTR_tyogqfTWlZRPX0WqpA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318310/OhrXvg", "token": "0OT-3pLMDUMQY_n9_gCk2fblupYiM-1sLMndhlAZzo0" } 2021-12-01 03:28:15,754:DEBUG:acme.client:Storing nonce: 0002LdxfnDfF05bcstF9JF-7SGTR_tyogqfTWlZRPX0WqpA 2021-12-01 03:28:16,756:DEBUG:acme.client:JWS payload: b'' 2021-12-01 03:28:16,759:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54381318300: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkxkeGZuRGZGMDViY3N0RjlKRi03U0dUUl90eW9ncWZUV2xaUlBYMFdxcEEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MzgxMzE4MzAwIn0", "signature": "XHGf_5UW93qt0cVO3WrXl2vdlg92ytrXAaqOZJVstEgtFXlT4EahMGcRz1mllIWrIeZXSOswdpi_KmY4Q0ZYLyenjQ6xTrqLxHbln8FMikZFaR02Lv5vm2MZa74f_pEH8ugP6M3u-x9ZTl5u0sx0xdWXjeGTM9MYqKFAs_9D7G4QMQlJL94GTsVtmTntD0IAqCdMZhs5tG1aZii3r0dhPxLub5k-1B5-1dgCCsEIQn0x1gtsPMkrABB2Py5Yo0qQ-YM2sdRi3k3VGOkg_2A8lfurdcZYDSP15qPXcFzOBis7NA00ec_3hrSbX770M1panOmc0IyfLQ9Kx4PAwzRzIg", "payload": "" } 2021-12-01 03:28:16,824:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54381318300 HTTP/1.1" 200 792 2021-12-01 03:28:16,824:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 08:28:16 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001cP_aAFvqW0DBQOMNvvfXd2I8ytbfmDAWszdNsN5sKt4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-08T08:28:14Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318300/NKd_jA", "token": "-DmLw6hXB-nfA0qvhxMq4rZ1EbyRTCERMWD3sywMHgY" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318300/U2DjzA", "token": "-DmLw6hXB-nfA0qvhxMq4rZ1EbyRTCERMWD3sywMHgY" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318300/rdObcg", "token": "-DmLw6hXB-nfA0qvhxMq4rZ1EbyRTCERMWD3sywMHgY" } ] } 2021-12-01 03:28:16,825:DEBUG:acme.client:Storing nonce: 0001cP_aAFvqW0DBQOMNvvfXd2I8ytbfmDAWszdNsN5sKt4 2021-12-01 03:28:16,826:DEBUG:acme.client:JWS payload: b'' 2021-12-01 03:28:16,828:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54381318310: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWNQX2FBRnZxVzBEQlFPTU52dmZYZDJJOHl0YmZtREFXc3pkTnNONXNLdDQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MzgxMzE4MzEwIn0", "signature": "lam6HWpjU9oMqXrbColyAO8GxWjpm8hId4hLeuIUjBrbtOrZsCsmvgisACoT_Fzu8PPBfbR5q0gBH5SF1K64HI3RjhzkHe1CTghJjkz490WIuhDiP24vyA8wAklP0RGj2p6kOpDMaVNchYWZuPrkN7yo1_q1sSqEA-Ia9pEO_iKe0B3BK0LXKL5KCcdPg6JBDVauq0RkVVqe44igkl-wA0euAh8nwoUW1n4cbACUIAX0wyyle2pheijlj_qgVNVnet6XaV--Z9Vrs62poQ_4pTrGMQO8Cj-1Owmhki4LjMTLUuCF-st0uBuupjDyvU4YDlIOYBMZCHDuh4FtDsKEww", "payload": "" } 2021-12-01 03:28:16,896:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54381318310 HTTP/1.1" 200 796 2021-12-01 03:28:16,897:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 08:28:16 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002wduEMm9FPuLATtmeNcu3bNtVfdarb3biR9knw22JROM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-08T08:28:14Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318310/OhrXvg", "token": "0OT-3pLMDUMQY_n9_gCk2fblupYiM-1sLMndhlAZzo0" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318310/QG5Uuw", "token": "0OT-3pLMDUMQY_n9_gCk2fblupYiM-1sLMndhlAZzo0" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318310/e4n-HA", "token": "0OT-3pLMDUMQY_n9_gCk2fblupYiM-1sLMndhlAZzo0" } ] } 2021-12-01 03:28:16,897:DEBUG:acme.client:Storing nonce: 0002wduEMm9FPuLATtmeNcu3bNtVfdarb3biR9knw22JROM 2021-12-01 03:28:19,901:DEBUG:acme.client:JWS payload: b'' 2021-12-01 03:28:19,904:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54381318300: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMndkdUVNbTlGUHVMQVR0bWVOY3UzYk50VmZkYXJiM2JpUjlrbncyMkpST00iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MzgxMzE4MzAwIn0", "signature": "eG18RWqj5wfNI1rzOJb4PPWvFCvTIeNhi6U3jXKQsuscjyBeool8XHryAnh4qAwclmLFVgN7sdZLI9wMKhVbnx-_d5pBlsCz_ocBtMvDNy3c6eu9H8fJsb_BrXlS5OURbQz1UjgjEP7bpJbHtrI8u3mSFdEYNwtJnmdMeNktmeVUZFHNxsSTAs_d_IfHLwCDhBS9uvwLeaxI2Sq6-p7z_4fvoTwaU4vvw9cstQokQVmGeGagN6Us9i4JMQrHZbKOgOsklz9va6CJ_teJ3EFrRDC1U-eX2wwvZT3bYqgziUEN4sKEALB0zkEwtYa3X13YGhP4B6QC5i63fFMl40OdXQ", "payload": "" } 2021-12-01 03:28:20,004:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54381318300 HTTP/1.1" 200 1505 2021-12-01 03:28:20,005:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 08:28:19 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001Fkk3v442QnnE3O-T1fqk3J9ZAdVtCwTqTWrJp-IL02M X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-08T08:28:14Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/-DmLw6hXB-nfA0qvhxMq4rZ1EbyRTCERMWD3sywMHgY [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318300/NKd_jA", "token": "-DmLw6hXB-nfA0qvhxMq4rZ1EbyRTCERMWD3sywMHgY", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/-DmLw6hXB-nfA0qvhxMq4rZ1EbyRTCERMWD3sywMHgY", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/-DmLw6hXB-nfA0qvhxMq4rZ1EbyRTCERMWD3sywMHgY", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-01T08:28:15Z" } ] } 2021-12-01 03:28:20,006:DEBUG:acme.client:Storing nonce: 0001Fkk3v442QnnE3O-T1fqk3J9ZAdVtCwTqTWrJp-IL02M 2021-12-01 03:28:20,006:DEBUG:acme.client:JWS payload: b'' 2021-12-01 03:28:20,009:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54381318310: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUZrazN2NDQyUW5uRTNPLVQxZnFrM0o5WkFkVnRDd1RxVFdySnAtSUwwMk0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0MzgxMzE4MzEwIn0", "signature": "SR1sSTmLfjGso1lFno589oqT9m5TpOtLc4EVnX3iVvo9IjzTbEISqqzodOgktrE-UJRVWkkYdOKKFWssCS2xIHMfphSAtegtEu-vfFYqNMHy1ZKckqX8biPgnPmo72uV57yt-1uw1Lr7Y_dbQSV2ZsfxK-HanWt2SkBf0BpUbJMVUFDFygokwmRMHx635ReS2mMhY-CluLH6snt8n4um7XUy9Zxl-r-EZh9GfbNwSNw63TR6ufx5MRqWFmKG6A_7kg05ohzFmwaYO6kfl6JBQJIybD6HHy2OUljj17DOrE0Q3U6HqCCROvemRkjsAO8c1VCXxHhG2Ang_xzQb6Fgow", "payload": "" } 2021-12-01 03:28:20,080:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54381318310 HTTP/1.1" 200 1826 2021-12-01 03:28:20,081:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 08:28:20 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002KHhGrfbxlzEmuREoJaCKXLe4Q-TBPr1rzDjWMcRp1BY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-08T08:28:14Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/0OT-3pLMDUMQY_n9_gCk2fblupYiM-1sLMndhlAZzo0 [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54381318310/OhrXvg", "token": "0OT-3pLMDUMQY_n9_gCk2fblupYiM-1sLMndhlAZzo0", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/0OT-3pLMDUMQY_n9_gCk2fblupYiM-1sLMndhlAZzo0", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/0OT-3pLMDUMQY_n9_gCk2fblupYiM-1sLMndhlAZzo0", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/0OT-3pLMDUMQY_n9_gCk2fblupYiM-1sLMndhlAZzo0", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-01T08:28:15Z" } ] } 2021-12-01 03:28:20,081:DEBUG:acme.client:Storing nonce: 0002KHhGrfbxlzEmuREoJaCKXLe4Q-TBPr1rzDjWMcRp1BY 2021-12-01 03:28:20,081:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-01 03:28:20,082:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-01 03:28:20,083:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-01 03:28:20,083:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-01 03:28:20,083:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/-DmLw6hXB-nfA0qvhxMq4rZ1EbyRTCERMWD3sywMHgY [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-12-01 03:28:21,359:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-12-01 03:28:21,360:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-12-01 03:28:21,360:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-01 06:43:14,948:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-01 06:43:14,949:DEBUG:certbot.main:Arguments: ['--standalone', '--pre-hook', '/bin/systemctl stop nginx', '--post-hook', '/bin/systemctl start nginx', '--quiet'] 2021-12-01 06:43:14,949:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-01 06:43:14,962:DEBUG:certbot.log:Root logging level set at 30 2021-12-01 06:43:14,963:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-01 06:43:14,975:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer 2021-12-01 06:43:14,976:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-01 06:43:14,976:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-01 06:43:14,976:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-01 06:43:14,989:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 06:43:14,990:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 06:43:14,990:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 06:43:14,992:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-01 06:43:14,992:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-01 06:43:14,992:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-01 06:43:14,996:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 06:43:14,996:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 06:43:14,997:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 06:43:14,998:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-01 06:43:14,998:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-01 06:43:14,998:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-01 06:43:15,001:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 06:43:15,002:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 06:43:15,003:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 06:43:15,004:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-01 06:43:15,004:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-01 06:43:15,004:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-01 06:43:15,007:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 06:43:15,008:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 06:43:15,008:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 06:43:15,010:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-01 06:43:15,010:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-01 06:43:15,010:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-01 06:43:15,014:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 06:43:15,015:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 06:43:15,015:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 06:43:15,017:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-01 06:43:15,019:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-12-01 06:43:15,019:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-01 06:43:15,019:INFO:certbot.renewal:Non-interactive renewal: random delay of 313.9725538060089 seconds 2021-12-01 06:48:29,089:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 06:48:29,454:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-01 06:48:29,455:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-12-01 06:48:29,455:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-01 06:48:29,455:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-12-01 06:48:29,461:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-01 06:48:29,463:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-01 06:48:29,466:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-01 06:48:29,626:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-01 06:48:29,628:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 11:48:29 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "FPzczQOw1zs": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-01 06:48:29,628:INFO:certbot.hooks:Running pre-hook command: /bin/systemctl stop nginx 2021-12-01 06:48:29,671:INFO:certbot.main:Renewing an existing certificate 2021-12-01 06:48:29,747:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0480_key-certbot.pem 2021-12-01 06:48:29,756:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0480_csr-certbot.pem 2021-12-01 06:48:29,758:DEBUG:acme.client:Requesting fresh nonce 2021-12-01 06:48:29,758:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-01 06:48:29,809:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-01 06:48:29,810:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 11:48:29 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002nF5PrImXi3GuCT1R4ygw1eRMdP12_sVbmFhDJY00ekQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-01 06:48:29,810:DEBUG:acme.client:Storing nonce: 0002nF5PrImXi3GuCT1R4ygw1eRMdP12_sVbmFhDJY00ekQ 2021-12-01 06:48:29,811:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-12-01 06:48:29,813:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMm5GNVBySW1YaTNHdUNUMVI0eWd3MWVSTWRQMTJfc1ZibUZoREpZMDBla1EiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "LCITSMpsD5wO3-LkOgz7y0rmEF9NQ14_4dwqBP5H_PCAOL4l_5TbR67x229Jn5zeQbLFCuPcefmVXcyK0FHE4AAKEQ9fEsOvwpo2BfVUFi6pIFX-OABfZU6WemDFl4k6RGNhBboQPx7whWSdowpwOGypvsizuv-ZfRiL04s5Jghceki4RbrFNCuoMahtcmBjhnvbaNtm135p6dW1rUJWgjzLGiy-wfa0E7AruAhebxDBdQOJ9iK2fytPLHAsAjQjgIiX7ff_Gemfssuy16D3i6kbKli0UUneBJNHhjUr4cqHS5mv_hniLG5hRBA1xXM7d8KZsPvrt0co0AiallNvzw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-12-01 06:48:29,982:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-12-01 06:48:29,983:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 01 Dec 2021 11:48:29 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43899936530 Replay-Nonce: 00023oIjiAZ3JI6cR5j6iRqL25omQSlSWRUoBgQ5WSB7r6w X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-08T11:48:29Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54424127220" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43899936530" } 2021-12-01 06:48:29,983:DEBUG:acme.client:Storing nonce: 00023oIjiAZ3JI6cR5j6iRqL25omQSlSWRUoBgQ5WSB7r6w 2021-12-01 06:48:29,983:DEBUG:acme.client:JWS payload: b'' 2021-12-01 06:48:29,985:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54424127220: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjNvSWppQVozSkk2Y1I1ajZpUnFMMjVvbVFTbFNXUlVvQmdRNVdTQjdyNnciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NDI0MTI3MjIwIn0", "signature": "m1-En_wrD5ix7L78xw-6b5IXGQuNM4u1sGzl-34IVYszKMhnEHq98Ml5i6zxBqlu37Mq0wEK4FpIkMbZjo9WAbqeonow_POkDQ5lTwKJgxdHoIMp0iBRW2HQVylbRfPon0v0fIwNW3V2I6CngWX_ZEXQYuDjppnt_ljFiPRlCffNGGprXUplO6wW_omZqL1XuS4D4ndcN6zfA0VoHxXthh3cq7a06mTBqKSJHg3gWZ3cLkvj_qEEx_ydUjufczg0cs2GIkrx9o5e2pT2i4hds_W-zKa0SXZWfvOHoTce8uQWTGpBShMxqJ0J7RvYIzQxqvsFLIaBDfutkBsxgf2MBA", "payload": "" } 2021-12-01 06:48:30,053:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54424127220 HTTP/1.1" 200 792 2021-12-01 06:48:30,054:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 11:48:30 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001T8TI0tvZ_PpFhaHJqAdT4waNXR5iqsa5j_yiIKj6qNw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-08T11:48:29Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424127220/rX58yg", "token": "Mc9hGbJXUNqWnDCyhYuIC5Om4_bPOV1Qj3iG617Gfp0" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424127220/gqEOng", "token": "Mc9hGbJXUNqWnDCyhYuIC5Om4_bPOV1Qj3iG617Gfp0" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424127220/63Rw-g", "token": "Mc9hGbJXUNqWnDCyhYuIC5Om4_bPOV1Qj3iG617Gfp0" } ] } 2021-12-01 06:48:30,054:DEBUG:acme.client:Storing nonce: 0001T8TI0tvZ_PpFhaHJqAdT4waNXR5iqsa5j_yiIKj6qNw 2021-12-01 06:48:30,055:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-01 06:48:30,055:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-01 06:48:30,056:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-12-01 06:48:30,056:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-12-01 06:48:30,061:INFO:certbot.auth_handler:Waiting for verification... 2021-12-01 06:48:30,061:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-01 06:48:30,063:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424127220/rX58yg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVQ4VEkwdHZaX1BwRmhhSEpxQWRUNHdhTlhSNWlxc2E1al95aUlLajZxTnciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0NDI0MTI3MjIwL3JYNTh5ZyJ9", "signature": "Zext8h_MF_YTdpwFv7WHDk7etDZT2yGX5g7TDVLTe8qJkah86vWwByWNZnYVaYQuQyJJw_ooCm9CSpV0mRYJp-2Gl-8zYFxFlUR32MKO_1t6JYKQlg-jugsityCfgX_GR8gczKWOC75LfIDIyEskYYhIyO_24KAPg5rk3Rldegj5yK92rRngXVhLoNbS0uNmkd0xipoGEfDdQyLZAhV8k2dE3qOmTO6kYQn555WmSSQLFICkZwFej1MLuTNnbmoWsff0rHsCOS2zUadGs6XuTP_LEdhcqe1JFu6F5W47zaJmW8jJankXjvAzAchcYCi89yfEnmcqbZVc5q70S6I-YQ", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-01 06:48:30,138:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54424127220/rX58yg HTTP/1.1" 200 186 2021-12-01 06:48:30,139:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 11:48:30 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424127220/rX58yg Replay-Nonce: 0001AqVWgGcdf-gZJjYiz9Ks5s0olZsZwHMVV5ARb93TWmk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424127220/rX58yg", "token": "Mc9hGbJXUNqWnDCyhYuIC5Om4_bPOV1Qj3iG617Gfp0" } 2021-12-01 06:48:30,139:DEBUG:acme.client:Storing nonce: 0001AqVWgGcdf-gZJjYiz9Ks5s0olZsZwHMVV5ARb93TWmk 2021-12-01 06:48:31,141:DEBUG:acme.client:JWS payload: b'' 2021-12-01 06:48:31,144:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54424127220: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUFxVldnR2NkZi1nWkpqWWl6OUtzNXMwb2xac1p3SE1WVjVBUmI5M1RXbWsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NDI0MTI3MjIwIn0", "signature": "dr2OeYqeCfbhChp8wGW2u-hcX8qlJuSIbFPsax-xHCAg_61YZ1NFHZF5imwF_aZOEru8BSq0nYcWoXCUC1-iFGE3i2u0DbB0BXGlgNkjeYVhSwIiu9hcUcneAluxDBUeftuMhia6IYpXBsbqCR3jnGGCn46BbkeVTHqghpHLvaZNYbFaUdPx7bn_pqY4eeBTdW1cqCHwHZiK0qxFSrkRPutxh1e6VQSQXgr-gg_K7ApC1mWNUjPGWS-9-Avd9LjkBiMcW38h-8uw79JURctFCeU1kTwqRTYrBabruR7Y_Ub-eB-wQ7lKT4ATVFzBlumoklgT-DoSSxv52t_42_pfRg", "payload": "" } 2021-12-01 06:48:31,208:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54424127220 HTTP/1.1" 200 1505 2021-12-01 06:48:31,209:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 11:48:31 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001GeLtRiDneQpNqRzqyJ0VUogfDyQdJBA3b61mYtag3rs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-08T11:48:29Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/Mc9hGbJXUNqWnDCyhYuIC5Om4_bPOV1Qj3iG617Gfp0 [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424127220/rX58yg", "token": "Mc9hGbJXUNqWnDCyhYuIC5Om4_bPOV1Qj3iG617Gfp0", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/Mc9hGbJXUNqWnDCyhYuIC5Om4_bPOV1Qj3iG617Gfp0", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/Mc9hGbJXUNqWnDCyhYuIC5Om4_bPOV1Qj3iG617Gfp0", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-01T11:48:30Z" } ] } 2021-12-01 06:48:31,209:DEBUG:acme.client:Storing nonce: 0001GeLtRiDneQpNqRzqyJ0VUogfDyQdJBA3b61mYtag3rs 2021-12-01 06:48:31,210:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-01 06:48:31,212:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-01 06:48:31,212:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/Mc9hGbJXUNqWnDCyhYuIC5Om4_bPOV1Qj3iG617Gfp0 [75.2.60.5]: "\n\n\n \n Prep: True 2021-12-01 06:48:31,889:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-12-01 06:48:31,889:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-01 06:48:31,889:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-12-01 06:48:31,893:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-01 06:48:31,894:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-01 06:48:31,896:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-01 06:48:32,050:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-01 06:48:32,051:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 11:48:32 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "4pVZgiHRg5I": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-01 06:48:32,052:INFO:certbot.hooks:Pre-hook command already run, skipping: /bin/systemctl stop nginx 2021-12-01 06:48:32,052:INFO:certbot.main:Renewing an existing certificate 2021-12-01 06:48:32,167:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0481_key-certbot.pem 2021-12-01 06:48:32,177:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0481_csr-certbot.pem 2021-12-01 06:48:32,178:DEBUG:acme.client:Requesting fresh nonce 2021-12-01 06:48:32,178:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-01 06:48:32,230:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-01 06:48:32,230:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 11:48:32 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002ybMeSA3AK2TPtQ7CABvpPvWMO1Tyzk3-QxoX4lrivCo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-01 06:48:32,231:DEBUG:acme.client:Storing nonce: 0002ybMeSA3AK2TPtQ7CABvpPvWMO1Tyzk3-QxoX4lrivCo 2021-12-01 06:48:32,231:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-01 06:48:32,233:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnliTWVTQTNBSzJUUHRRN0NBQnZwUHZXTU8xVHl6azMtUXhvWDRscml2Q28iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "lZGzeVLjuo_irs55tAASMVyIft8p-MU6UHBo52yGEyCpSBgLkVLXQx2Fw1m0ZkRVSFq6vnk-LN7SMzSfgEsZMxNMwjgZrsVpUyamQ5nN6dd90MsZDtkbau_KE65rc8YwNpOjZRz-wivkCvfQ95XM1qUlamle965y1JmJc0VH_4cmF23Rk7ian1XxKZH2egi7puvBfOohL-gDvX-SHw3N0AjDiuL5eAyIu4FiAoIU0ND3IgusAwrr0vcDZyG-paY3Veo2NNQnMRaHaoWIJwRgHfmNwjXmIk9HtgvV3_2ZZ6c4qK5kCUzNNhQwmZBRR56lY6YPmjnCe1NGfq3XAQvk9Q", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-01 06:48:32,704:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-01 06:48:32,705:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 01 Dec 2021 11:48:32 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/43899943070 Replay-Nonce: 00024VLnPX-Onv8Rlpqp4coKu-O28nSY6bRVA3zLOkWTTaY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-08T11:48:32Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54424135000", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54424135010" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/43899943070" } 2021-12-01 06:48:32,706:DEBUG:acme.client:Storing nonce: 00024VLnPX-Onv8Rlpqp4coKu-O28nSY6bRVA3zLOkWTTaY 2021-12-01 06:48:32,706:DEBUG:acme.client:JWS payload: b'' 2021-12-01 06:48:32,707:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54424135000: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjRWTG5QWC1PbnY4UmxwcXA0Y29LdS1PMjhuU1k2YlJWQTN6TE9rV1RUYVkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NDI0MTM1MDAwIn0", "signature": "Tg_0YvGhdrI8xZYpFrB1Xr49mNO_3jMJylURsEcqzl3zFpwntnysYImXidEMmTYbvRMjNPMusiBIGC6yMPhhpUL0BywJbHT9tblcZ_PxFqPovV2xP-YM9KctlZ29gCCYWq8zBVW3cpLTRJ5pbtfqMkWpKi2FhXl25xNThTThRLcEryyromivfiBojABfPc9xIKy6VHnQ9KEnmJ03BjLB5Zp5PmK__fu-YIGDa2KmS1GWuZ-UWoUU7nrxr4sSyf-dmw-BRCmNsTmapC-k5W6F3Pst-Cwn0p5PvcHxXT5gPgi6hSaJVOjRA2o6x-5vxmSUf9jVKHhqdCNBaU8nBmKtrw", "payload": "" } 2021-12-01 06:48:32,769:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54424135000 HTTP/1.1" 200 792 2021-12-01 06:48:32,770:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 11:48:32 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00019tsGV1BXXacMt0dSTBqL7WL40-A98py4IJrNoM7th-Q X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-08T11:48:32Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424135000/NwOW6A", "token": "ooUkUXvHwxjLJiSd3OSBSl6_QBdQ3in-7ooWLdpR-xw" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424135000/RnK0BQ", "token": "ooUkUXvHwxjLJiSd3OSBSl6_QBdQ3in-7ooWLdpR-xw" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424135000/xHvMLQ", "token": "ooUkUXvHwxjLJiSd3OSBSl6_QBdQ3in-7ooWLdpR-xw" } ] } 2021-12-01 06:48:32,770:DEBUG:acme.client:Storing nonce: 00019tsGV1BXXacMt0dSTBqL7WL40-A98py4IJrNoM7th-Q 2021-12-01 06:48:32,771:DEBUG:acme.client:JWS payload: b'' 2021-12-01 06:48:32,773:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54424135010: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMTl0c0dWMUJYWGFjTXQwZFNUQnFMN1dMNDAtQTk4cHk0SUpyTm9NN3RoLVEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NDI0MTM1MDEwIn0", "signature": "PfWuT_CM4lCIedZDNYhaHeWlpRu2vPIc0XPki6XE6yLiNeD4jwoFERu97hJRo5-tx_pW756UOPnznwlRvLIz_Woz2USpNwWTNH3AbZXP1qKiOnFhsA-x40UjVxFoBtNvA0Uc5OtCEyRLA3qn2aox60YLpQUluOik76KznYbmEHvBvXayMooKr-3f0zHwhlyKgTir2XB5YhWDUmsdML_JGhtinEhm5f8b39w6KFfsxiBv3AKrSYqeXB3O3F-0dPUE2Kd8aF_HRbpFV7-bnnOZr-MDise2rW_MnAxlX5Y3R6GCwSTtITBIJtaEWIN7lPrlnAp7ZVS2oq_Bb5G7SqcAlA", "payload": "" } 2021-12-01 06:48:32,839:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54424135010 HTTP/1.1" 200 796 2021-12-01 06:48:32,839:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 11:48:32 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002C79YbqxqK7n5SeOqtK3ntUgutiFz-dr6b8Kx-4ZkcKI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-08T11:48:32Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424135010/lSGSIg", "token": "OAEtPJghSEH0YEVLwlaA60eIPD4S0mEznZDFnUkXUDU" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424135010/IBfVPw", "token": "OAEtPJghSEH0YEVLwlaA60eIPD4S0mEznZDFnUkXUDU" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424135010/JTclgw", "token": "OAEtPJghSEH0YEVLwlaA60eIPD4S0mEznZDFnUkXUDU" } ] } 2021-12-01 06:48:32,839:DEBUG:acme.client:Storing nonce: 0002C79YbqxqK7n5SeOqtK3ntUgutiFz-dr6b8Kx-4ZkcKI 2021-12-01 06:48:32,840:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-01 06:48:32,840:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-01 06:48:32,840:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-01 06:48:32,841:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-12-01 06:48:32,841:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-12-01 06:48:32,849:INFO:certbot.auth_handler:Waiting for verification... 2021-12-01 06:48:32,850:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-01 06:48:32,852:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424135000/NwOW6A: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkM3OVlicXhxSzduNVNlT3F0SzNudFVndXRpRnotZHI2YjhLeC00WmtjS0kiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0NDI0MTM1MDAwL053T1c2QSJ9", "signature": "Rq-_0iBGu3UP6p6JrZwwxY8rglopQItk3I7HvD1yB569HJ9TsrCZsCqvvGx42wEqcDTD3BObUKz9AeZEtgfvJJvFk5tNOCFTvULWJYnoVNKxSNfY0iFOE4Xq8C2fkRCf4eeRE78ywK0OeLFqMyR6dQGBucsiEBEVpPf84waS8X2Fg1XgPEw0jJBEfNrc1MLI-WkEECF0MMzAc6CJFRzX151KEukrId4S0xELA0sFRIGJFipn2x8cdD2yVXhEaKxxoXkEULaBTMBoBk6LJWPNU2B1RuC_ii_83MF-XoqHn3_2VCJ9bGq3W3a_o6KqR1viwkcALa4m4MNl1IiHGHlVwQ", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-01 06:48:32,926:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54424135000/NwOW6A HTTP/1.1" 200 186 2021-12-01 06:48:32,927:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 11:48:32 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424135000/NwOW6A Replay-Nonce: 00017YhwCWPRnMPU1doUMB9bxmsWjNVHauHFxHuc3jRNVtM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424135000/NwOW6A", "token": "ooUkUXvHwxjLJiSd3OSBSl6_QBdQ3in-7ooWLdpR-xw" } 2021-12-01 06:48:32,927:DEBUG:acme.client:Storing nonce: 00017YhwCWPRnMPU1doUMB9bxmsWjNVHauHFxHuc3jRNVtM 2021-12-01 06:48:32,928:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-01 06:48:32,929:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424135010/lSGSIg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMTdZaHdDV1BSbk1QVTFkb1VNQjlieG1zV2pOVkhhdUhGeEh1YzNqUk5WdE0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0NDI0MTM1MDEwL2xTR1NJZyJ9", "signature": "Ic7ZFb13vtdDIVzWZg4iTThuUtWhjgUVkLwWD_yhLCiIqRdrS0lVhGUTyg__Q2Bj0uvZ3qO1Z0YqcptGr4eUZPExJc-oAIqthVrDKKh1yHuPqdZwsIdjW_YfqNNDvnx8WX4zIIMiuo07-yjih1JEHAZIh8UlBBgUH30led6VCvKxhqPTVQFy8iwtRS_L9fqkgqnkGNbjsforeZ_TNlnsnb2nVW2dGewpRW7H-GLmYbQXiNF21bSSs2UtP2M_SAZrgWxSENGM59EtNlwyKt83AR432DSkW5X0VRWyGrpZ7aVLgTaCIvdQtFjHrA2vh60vA_zs41XpifsHG-NvEfEQbg", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-01 06:48:33,003:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54424135010/lSGSIg HTTP/1.1" 200 186 2021-12-01 06:48:33,004:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 11:48:32 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424135010/lSGSIg Replay-Nonce: 0001sClxciUzZc3xdMv-WfndIdXQdLsN3XnsGAyAkTNmJHM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424135010/lSGSIg", "token": "OAEtPJghSEH0YEVLwlaA60eIPD4S0mEznZDFnUkXUDU" } 2021-12-01 06:48:33,004:DEBUG:acme.client:Storing nonce: 0001sClxciUzZc3xdMv-WfndIdXQdLsN3XnsGAyAkTNmJHM 2021-12-01 06:48:34,006:DEBUG:acme.client:JWS payload: b'' 2021-12-01 06:48:34,009:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54424135000: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXNDbHhjaVV6WmMzeGRNdi1XZm5kSWRYUWRMc04zWG5zR0F5QWtUTm1KSE0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NDI0MTM1MDAwIn0", "signature": "Zgom7_cccbVAWyz5lIzVsmIg_spmHJN2eUg4zWBN_SIApPa915YnZ8vBFG3us3eJu4xYA4sGMsFWASN0Md0a6icCXzg8srfdURH7UOLlbvw5g6zLjAHjul39M_sPA8hnTmKWEpM9Sx2b_SZp9iU6-RPNLX2H-mstZ-pK9aZR3-HcsDWxes25JaCQsaPQOUvsRLxxePERn27ZelRxOnDjppQg8qHEb9mRw68zgq1morKdq9PaebK6EFykavDqYosY75snCaP3FVBtCBtGM5kez5mzudZJ6iFSTQhbjlFUGopRmwmvoW3LbO_wqz5NwklYUdqS8n4mJDhVYrscLVUW_g", "payload": "" } 2021-12-01 06:48:34,069:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54424135000 HTTP/1.1" 200 1505 2021-12-01 06:48:34,070:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 11:48:34 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001T9MHycPTcRkIl6ZcLiX3plYpfou6CDoye7kQcB1VHdM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-08T11:48:32Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/ooUkUXvHwxjLJiSd3OSBSl6_QBdQ3in-7ooWLdpR-xw [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424135000/NwOW6A", "token": "ooUkUXvHwxjLJiSd3OSBSl6_QBdQ3in-7ooWLdpR-xw", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/ooUkUXvHwxjLJiSd3OSBSl6_QBdQ3in-7ooWLdpR-xw", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/ooUkUXvHwxjLJiSd3OSBSl6_QBdQ3in-7ooWLdpR-xw", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-01T11:48:32Z" } ] } 2021-12-01 06:48:34,070:DEBUG:acme.client:Storing nonce: 0001T9MHycPTcRkIl6ZcLiX3plYpfou6CDoye7kQcB1VHdM 2021-12-01 06:48:34,071:DEBUG:acme.client:JWS payload: b'' 2021-12-01 06:48:34,072:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54424135010: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVQ5TUh5Y1BUY1JrSWw2WmNMaVgzcGxZcGZvdTZDRG95ZTdrUWNCMVZIZE0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NDI0MTM1MDEwIn0", "signature": "eIjepmn81_qZk29LBzsA-3HEFTK2MUho2_TUsku_hqC7BqX6ltlnjhLshCZj9G-fuAE87kwosGhTxo0C-UEJ8ofe0_gnCn6vx-hVlSIwNwRRM7_nlPOpoLMdD09_Y9uDHq6icc2-0Kbtw0royAp8qWpk2JkqonXsqhCup6pQMQ-O0VYObZciPfmB3cLjHdFGg-bo-X78LrsObq-3uThbFpsGkgMThyaze4ORv8KzcyRhyHpqMW3qdCVRg-8PV9skalQS0A0o7D5dDfZ4cJTRkAkPsPSN9nAvXM-QDG6jL91jAvve-xSNLpX7peS3oWn7DEyFuoDdiD1cXQbFKp2jkg", "payload": "" } 2021-12-01 06:48:34,135:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54424135010 HTTP/1.1" 200 1826 2021-12-01 06:48:34,137:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 11:48:34 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001egQ8tF27V7l_8h1ERTtWdSWdyNvr5nRf4Tn3GHMFjvM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-08T11:48:32Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/OAEtPJghSEH0YEVLwlaA60eIPD4S0mEznZDFnUkXUDU [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54424135010/lSGSIg", "token": "OAEtPJghSEH0YEVLwlaA60eIPD4S0mEznZDFnUkXUDU", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/OAEtPJghSEH0YEVLwlaA60eIPD4S0mEznZDFnUkXUDU", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/OAEtPJghSEH0YEVLwlaA60eIPD4S0mEznZDFnUkXUDU", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/OAEtPJghSEH0YEVLwlaA60eIPD4S0mEznZDFnUkXUDU", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-01T11:48:32Z" } ] } 2021-12-01 06:48:34,138:DEBUG:acme.client:Storing nonce: 0001egQ8tF27V7l_8h1ERTtWdSWdyNvr5nRf4Tn3GHMFjvM 2021-12-01 06:48:34,138:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-01 06:48:34,139:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-01 06:48:34,140:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-01 06:48:34,140:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-01 06:48:34,140:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/ooUkUXvHwxjLJiSd3OSBSl6_QBdQ3in-7ooWLdpR-xw [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-12-01 06:48:34,352:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-12-01 06:48:34,353:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-12-01 06:48:34,353:INFO:certbot.hooks:Running post-hook command: /bin/systemctl start nginx 2021-12-01 06:48:34,439:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-01 16:20:39,301:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-01 16:20:39,301:DEBUG:certbot.main:Arguments: ['-q'] 2021-12-01 16:20:39,302:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-01 16:20:39,318:DEBUG:certbot.log:Root logging level set at 30 2021-12-01 16:20:39,318:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-01 16:20:39,331:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2021-12-01 16:20:39,343:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 16:20:39,344:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 16:20:39,345:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 16:20:39,350:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 16:20:39,350:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 16:20:39,351:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 16:20:39,356:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 16:20:39,356:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 16:20:39,357:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 16:20:39,362:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 16:20:39,363:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 16:20:39,364:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 16:20:39,370:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-01 16:20:39,372:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-01 16:20:39,372:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-01 16:20:39,377:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-12-01 16:20:39,377:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-01 16:20:39,377:INFO:certbot.renewal:Non-interactive renewal: random delay of 160.68293851749183 seconds 2021-12-01 16:23:20,160:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-12-01 16:23:20,454:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-01 16:23:20,455:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-01 16:23:20,455:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-01 16:23:20,455:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-01 16:23:20,459:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-01 16:23:20,461:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-01 16:23:20,464:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-01 16:23:20,623:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-01 16:23:20,623:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 21:23:20 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "JEUyD_xiOvc": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-01 16:23:20,624:INFO:certbot.main:Renewing an existing certificate 2021-12-01 16:23:20,716:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0482_key-certbot.pem 2021-12-01 16:23:20,724:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0482_csr-certbot.pem 2021-12-01 16:23:20,725:DEBUG:acme.client:Requesting fresh nonce 2021-12-01 16:23:20,725:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-01 16:23:20,778:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-01 16:23:20,779:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 21:23:20 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002GOqDtFRL-555oP3yyg5lGmO_MjSar91u6Lup3fFhrNw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-01 16:23:20,779:DEBUG:acme.client:Storing nonce: 0002GOqDtFRL-555oP3yyg5lGmO_MjSar91u6Lup3fFhrNw 2021-12-01 16:23:20,779:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-12-01 16:23:20,782:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkdPcUR0RlJMLTU1NW9QM3l5ZzVsR21PX01qU2FyOTF1Nkx1cDNmRmhyTnciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "qC7xI4v173zeA-gQeJdbmEfiIvBbIFBluyTAzvIomwbzlihK36NkKwkAPKJJ_9In8qVV1F2aMySEgsPXwBps1MdRtOlFeaeqLHoQ6aCopRafmsIYoZj1pltVS4wH6Z_U6lmwEyudPOCA9ca1bq-mFpXtkR7TDkWU3UrhSexDQWL4uJ6t-gOOV93NkC5Tkx1LkcfSbemwxs5aW7Y7DM6CSdf4OE4vbE_VEEjY8dbh2szQ9zqa-w5xjg8_4DQdZ32u4g7lo-bvQwiSJHXslg8KgTBYEyfm1JZdc712QjOOUTKdeDHMslZP4r9Ql_LoR9BrqeBl1vc_qvHuSgLd7a8yXg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-12-01 16:23:21,042:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-12-01 16:23:21,043:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 01 Dec 2021 21:23:21 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44001916500 Replay-Nonce: 0001WNBE1HRDZqphWM3RjHdi7C2kJw0nC9nQkt_WT82wNwI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-08T21:23:21Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54548108260" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44001916500" } 2021-12-01 16:23:21,043:DEBUG:acme.client:Storing nonce: 0001WNBE1HRDZqphWM3RjHdi7C2kJw0nC9nQkt_WT82wNwI 2021-12-01 16:23:21,044:DEBUG:acme.client:JWS payload: b'' 2021-12-01 16:23:21,045:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54548108260: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVdOQkUxSFJEWnFwaFdNM1JqSGRpN0Mya0p3MG5DOW5Ra3RfV1Q4MndOd0kiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NTQ4MTA4MjYwIn0", "signature": "jUdJacy8tk3l-rhGALVYJsQnqkbrT3B-gOrGPAqPbg1xc7n6TYPTHbIhxPZpTfgRHqzoUHOOsSEly94k7Ay3vvgVKKRTJZZ9fzi6PsT4ZUhGPuh4_DUYu_93V6hAxUZQ9sCgT2aXe4ArGm8XyAFsb_PLfb49Nu9EDv6796_3mlYUAaSarzXbbZQR8JmMj5m6QmjNYE7NYGCpQrksKMSY4kKiI59utDCYeY-E9fAYaQQcOJCOR4gxqzvirrAUAnN1uaVDoZ9Ms3kDr5RDPsjmpptgQW7YwhhNmCWlS2bdpZDdKSnKvHL9CmF675HhimBNmCrhiWmySGRYtj8tww5KfQ", "payload": "" } 2021-12-01 16:23:21,126:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54548108260 HTTP/1.1" 200 792 2021-12-01 16:23:21,127:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 21:23:21 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001AjDTPJR0efU7M7aB-xaeJCuT0ZNJIAOUZ-S3I87A6gA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-08T21:23:21Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548108260/2z84bA", "token": "6FkoNRIDE42uzY8ZWSL6CH_12dSDX9RTa32QllEEoG4" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548108260/bIuW8g", "token": "6FkoNRIDE42uzY8ZWSL6CH_12dSDX9RTa32QllEEoG4" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548108260/McJ4FQ", "token": "6FkoNRIDE42uzY8ZWSL6CH_12dSDX9RTa32QllEEoG4" } ] } 2021-12-01 16:23:21,127:DEBUG:acme.client:Storing nonce: 0001AjDTPJR0efU7M7aB-xaeJCuT0ZNJIAOUZ-S3I87A6gA 2021-12-01 16:23:21,127:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-01 16:23:21,128:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-01 16:23:21,159:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-01 16:23:21,159:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-01 16:23:21,160:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-01 16:23:21,160:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-01 16:23:21,160:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-01 16:23:21,161:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-01 16:23:21,161:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-01 16:23:21,161:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-01 16:23:21,161:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-01 16:23:21,162:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-01 16:23:21,162:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-01 16:23:21,162:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-01 16:23:21,162:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-01 16:23:21,163:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-01 16:23:21,165:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/6FkoNRIDE42uzY8ZWSL6CH_12dSDX9RTa32QllEEoG4{default_type text/plain;return 200 6FkoNRIDE42uzY8ZWSL6CH_12dSDX9RTa32QllEEoG4.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-01 16:23:22,195:INFO:certbot.auth_handler:Waiting for verification... 2021-12-01 16:23:22,196:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-01 16:23:22,198:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548108260/2z84bA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUFqRFRQSlIwZWZVN003YUIteGFlSkN1VDBaTkpJQU9VWi1TM0k4N0E2Z0EiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0NTQ4MTA4MjYwLzJ6ODRiQSJ9", "signature": "S8NLQr6sJwoYVvwEtwWIkSXq6s1MTmrk-JjA0koUI9y2QVBosc7exNNL2w206OtIRbV-IwecgRvZ34c_9W_E2GzS1n8FeY1Ch5I5iTDmuXxF3rSZjewcypqqq1N2kYZEFWcRUMa4dltB0kuz8PLBMOoIvBPEnnk9bDc42vsBuMmSha8HAPPjPj6E-9PMC3vdev8GOBXL-qJ0mt01qcfB8_BjbnR2RCiKDGCqvV-T5d7_0DTw1s2p4kzsJra6goUii9Xj4SDINUYjrKql4TnG3hKr3gB_eEgRJHHivpdN3zbh0lJv8dlXoSrmsvfgljG8Tycn_9Bw0CLt0X_nPwj08Q", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-01 16:23:22,314:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54548108260/2z84bA HTTP/1.1" 200 186 2021-12-01 16:23:22,315:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 21:23:22 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548108260/2z84bA Replay-Nonce: 0002E81dkArVlKnm26RhBqdt4AWSzVJx_OpgXSgg01-MLQU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548108260/2z84bA", "token": "6FkoNRIDE42uzY8ZWSL6CH_12dSDX9RTa32QllEEoG4" } 2021-12-01 16:23:22,315:DEBUG:acme.client:Storing nonce: 0002E81dkArVlKnm26RhBqdt4AWSzVJx_OpgXSgg01-MLQU 2021-12-01 16:23:23,317:DEBUG:acme.client:JWS payload: b'' 2021-12-01 16:23:23,319:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54548108260: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkU4MWRrQXJWbEtubTI2UmhCcWR0NEFXU3pWSnhfT3BnWFNnZzAxLU1MUVUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NTQ4MTA4MjYwIn0", "signature": "BAILQ88Nt5275PwDbSBSRDTkZ-0yYrukzgfyFl04CvT2txwmJXjj2g1kcDXkA-aVq0mx0_hXmV4XLHN1vny5N-mGVhyTnaKxxSx9TZu9hFE6fbe4DcbVA9NKRg4B4Zjhd37cDgvL1FnDR0OXrLyp8ZIxP22mbnIZT_UBV2ur-SnJ_xL6szBC8FsbFxyHLwqDftiCT6wahTaIRke4kUfIYHzTvlaInePhyaa6PcEmlHqFD-kWdnO6Ow3GVAcVkC6sK5KIiC_UelW6T4C6mGFV3szvXmCllJ4_sSTypqoYJxcqXN9twtzBLqz6wfG8v8-stShnOf2GYu7yHVkpPyO2fQ", "payload": "" } 2021-12-01 16:23:23,388:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54548108260 HTTP/1.1" 200 792 2021-12-01 16:23:23,389:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 21:23:23 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002RjjVkEBCQ44ZaJtE-Wxtp7Y6ww7ZfPi7NrDaJ2F3gts X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-08T21:23:21Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548108260/2z84bA", "token": "6FkoNRIDE42uzY8ZWSL6CH_12dSDX9RTa32QllEEoG4" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548108260/bIuW8g", "token": "6FkoNRIDE42uzY8ZWSL6CH_12dSDX9RTa32QllEEoG4" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548108260/McJ4FQ", "token": "6FkoNRIDE42uzY8ZWSL6CH_12dSDX9RTa32QllEEoG4" } ] } 2021-12-01 16:23:23,389:DEBUG:acme.client:Storing nonce: 0002RjjVkEBCQ44ZaJtE-Wxtp7Y6ww7ZfPi7NrDaJ2F3gts 2021-12-01 16:23:26,392:DEBUG:acme.client:JWS payload: b'' 2021-12-01 16:23:26,395:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54548108260: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlJqalZrRUJDUTQ0WmFKdEUtV3h0cDdZNnd3N1pmUGk3TnJEYUoyRjNndHMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NTQ4MTA4MjYwIn0", "signature": "nFOvYTtzvDbNPjmZbMqFBLQYIugYPdts_VqWaQBlYl6UEAID1L5dbp3zKh6Vf3_ktsd9-fwh3Pz6tEw4jode9hiocOkp4BpW9jLgDp6H3fD1VBjKFYOWZuguhz4e_V37n9VjBtOhC4zAmsumrzNrBgrSTDszrmrPQIrt1AMWW6tf5szcm0ey1T2YD9oNhqORRwPSGblVjFz35q2XVB8xLY4wL0lugVaboQtYEzJfEf3R2BIqGLknZv0ICuKbsr4jvIBcg7EJEVPZCGI9AmzI54zsCQBIjIz1xnCMrHSFFzBjHkp6Zz2OU91jIK8dhcNW0FICFhLW50Mw1SB_gQVhIA", "payload": "" } 2021-12-01 16:23:26,457:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54548108260 HTTP/1.1" 200 1505 2021-12-01 16:23:26,458:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 21:23:26 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002R2BTXRMcAoDRexStz_TwMl-IrG60fTB-f6rTP5xKMEc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-08T21:23:21Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/6FkoNRIDE42uzY8ZWSL6CH_12dSDX9RTa32QllEEoG4 [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548108260/2z84bA", "token": "6FkoNRIDE42uzY8ZWSL6CH_12dSDX9RTa32QllEEoG4", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/6FkoNRIDE42uzY8ZWSL6CH_12dSDX9RTa32QllEEoG4", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/6FkoNRIDE42uzY8ZWSL6CH_12dSDX9RTa32QllEEoG4", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-01T21:23:22Z" } ] } 2021-12-01 16:23:26,458:DEBUG:acme.client:Storing nonce: 0002R2BTXRMcAoDRexStz_TwMl-IrG60fTB-f6rTP5xKMEc 2021-12-01 16:23:26,458:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-01 16:23:26,460:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-01 16:23:26,460:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/6FkoNRIDE42uzY8ZWSL6CH_12dSDX9RTa32QllEEoG4 [75.2.60.5]: "\n\n\n \n Prep: True 2021-12-01 16:23:27,967:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-01 16:23:27,967:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-01 16:23:27,968:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-01 16:23:27,971:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-01 16:23:27,972:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-01 16:23:27,973:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-01 16:23:28,127:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-01 16:23:28,128:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 21:23:28 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "W-Dnpj1QrBk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-01 16:23:28,128:INFO:certbot.main:Renewing an existing certificate 2021-12-01 16:23:28,244:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0483_key-certbot.pem 2021-12-01 16:23:28,252:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0483_csr-certbot.pem 2021-12-01 16:23:28,253:DEBUG:acme.client:Requesting fresh nonce 2021-12-01 16:23:28,253:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-01 16:23:28,303:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-01 16:23:28,304:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 21:23:28 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001bWiKLbpilz2amHJnoZuhTDytRs6KxVc8VP5MRvO7PGQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-01 16:23:28,304:DEBUG:acme.client:Storing nonce: 0001bWiKLbpilz2amHJnoZuhTDytRs6KxVc8VP5MRvO7PGQ 2021-12-01 16:23:28,304:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-01 16:23:28,306:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWJXaUtMYnBpbHoyYW1ISm5vWnVoVER5dFJzNkt4VmM4VlA1TVJ2TzdQR1EiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "oGjLtPiO2Uj31WFL5QYu6n9En798mbB8MQvbD9jYnzn55AthlSgVAZvt722tTdNAS7U3qinqocaZOagj2ow1Uq1ooKfS8ONPWbGBa6X57Q0TLLsQcBLbLFnOgPMxMqjj0ajBVgppN58cHQrJ26d49Q5XPdyQUZ9GD86eSC3Ky_vY2D8Hd7f3kJppPYpl_sicnMlFtCrCafl7rxWpdFJML6-KoxJlpUgTxPhBtVyz21-li0k2vOonEZ_FcFtwhP1V9LNKNI_FBxw9dX-PH4OaZ_9YnhD9XxssSunUMjCMhruGliiEubP9WQ_A8Co5XIgb6EjJD60mewRNl1JQkRyHew", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-01 16:23:28,608:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-01 16:23:28,608:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 01 Dec 2021 21:23:28 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44001937750 Replay-Nonce: 00021xRVYcJaavqEEjNfJrISXRRtSsXQUfHO2jsPAPPm5G0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-08T21:23:28Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54548135540", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54548135550" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44001937750" } 2021-12-01 16:23:28,609:DEBUG:acme.client:Storing nonce: 00021xRVYcJaavqEEjNfJrISXRRtSsXQUfHO2jsPAPPm5G0 2021-12-01 16:23:28,609:DEBUG:acme.client:JWS payload: b'' 2021-12-01 16:23:28,611:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54548135540: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjF4UlZZY0phYXZxRUVqTmZKcklTWFJSdFNzWFFVZkhPMmpzUEFQUG01RzAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NTQ4MTM1NTQwIn0", "signature": "nGCCHyVBjCCn67ePUdyOg0Cbk9kwjeRJElmPjpecqkuKwK6saaPE-YQ4W2FfsGy4wRjiPRyUDOEVcJ_PxzgkRcxeVTZEdGIfkpWtpa7hIGxL9aEycwgtVF5JuN2BOrhkBH6EkDiXIGUGeaO380omdwHsfdAwmU_BG1kmmaQv2jQU_m8x4AfVurAux7wlOLeshbY6OS-0lcgLzHyYD34aLnZnhqe1UATRI5BTvUQyUcY0mjvl2kyIAO2lqsDCumADoa5k1pbLlfQHq-62QO3w35REtfU7wRu7nbDxgAxAPlE6ckdYkeOSt4xhRNavcHJQpcaeMipYtAo61BLU4C8Dpg", "payload": "" } 2021-12-01 16:23:28,671:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54548135540 HTTP/1.1" 200 792 2021-12-01 16:23:28,672:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 21:23:28 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001sCMSvm70uuJB61q_N0qwPZVpV6YDXaNOnaXKhrRz9_M X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-08T21:23:28Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548135540/bMwQhA", "token": "js0ZqQZqyiKBBgb-UlBCWjlZUUwffIolsmCtiOcMAog" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548135540/dJOofQ", "token": "js0ZqQZqyiKBBgb-UlBCWjlZUUwffIolsmCtiOcMAog" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548135540/R8OWrQ", "token": "js0ZqQZqyiKBBgb-UlBCWjlZUUwffIolsmCtiOcMAog" } ] } 2021-12-01 16:23:28,672:DEBUG:acme.client:Storing nonce: 0001sCMSvm70uuJB61q_N0qwPZVpV6YDXaNOnaXKhrRz9_M 2021-12-01 16:23:28,672:DEBUG:acme.client:JWS payload: b'' 2021-12-01 16:23:28,674:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54548135550: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXNDTVN2bTcwdXVKQjYxcV9OMHF3UFpWcFY2WURYYU5PbmFYS2hyUno5X00iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NTQ4MTM1NTUwIn0", "signature": "TaHUYlCZ2ilGPPKqjtqMHOXc_gRBjj70NFFvgF-Eou6j8jtEFCn_FEF5Wzut7C5NYlo82myLFUtASDMfDuK3nLbZlE7Kg3evfQFXhBwyzzxf08CPrZE7bxdUapChPklS5TMjxspoHWKs5nwMsfGL3Wp1ULu0nKdihvNonnffj6hBc1elRcmCtRME6uA3-AgwGrjWundPxEFrVB18H6S4Y31ztFNOQ9GCn7ZrsIYs6f2cszYqbBatbzc0sdaeLmy44oU89M75udfdHUDobevWl4TiB4ZqXu-tiaXSkTJTa1YPYg3uDLAj9qcXb1Yz8WzEYfUxylrce8m1wDFgGfOQMQ", "payload": "" } 2021-12-01 16:23:28,735:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54548135550 HTTP/1.1" 200 796 2021-12-01 16:23:28,736:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 21:23:28 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002AOEqqkIuwdZ2xdorkZykfPDLQPe7pEcJmI2vKNIlORQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-08T21:23:28Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548135550/Ua1RfQ", "token": "_hu9fOUyYkLK0oUckc_2v9gPwZybE269cm5-jk9SrEQ" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548135550/0Gus6g", "token": "_hu9fOUyYkLK0oUckc_2v9gPwZybE269cm5-jk9SrEQ" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548135550/ORuZ8Q", "token": "_hu9fOUyYkLK0oUckc_2v9gPwZybE269cm5-jk9SrEQ" } ] } 2021-12-01 16:23:28,736:DEBUG:acme.client:Storing nonce: 0002AOEqqkIuwdZ2xdorkZykfPDLQPe7pEcJmI2vKNIlORQ 2021-12-01 16:23:28,737:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-01 16:23:28,737:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-01 16:23:28,737:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-01 16:23:28,797:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-01 16:23:28,798:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-01 16:23:28,799:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-01 16:23:28,799:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-01 16:23:28,799:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-01 16:23:28,800:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-01 16:23:28,800:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-01 16:23:28,800:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-01 16:23:28,800:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-01 16:23:28,801:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-01 16:23:28,801:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-01 16:23:28,801:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-01 16:23:28,801:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-01 16:23:28,803:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-01 16:23:28,805:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/js0ZqQZqyiKBBgb-UlBCWjlZUUwffIolsmCtiOcMAog{default_type text/plain;return 200 js0ZqQZqyiKBBgb-UlBCWjlZUUwffIolsmCtiOcMAog.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot location = /.well-known/acme-challenge/_hu9fOUyYkLK0oUckc_2v9gPwZybE269cm5-jk9SrEQ{default_type text/plain;return 200 _hu9fOUyYkLK0oUckc_2v9gPwZybE269cm5-jk9SrEQ.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-01 16:23:29,839:INFO:certbot.auth_handler:Waiting for verification... 2021-12-01 16:23:29,840:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-01 16:23:29,844:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548135540/bMwQhA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkFPRXFxa0l1d2RaMnhkb3JrWnlrZlBETFFQZTdwRWNKbUkydktOSWxPUlEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0NTQ4MTM1NTQwL2JNd1FoQSJ9", "signature": "OKScE8-X0pPQ_t_IT2ZqsrfOua-ta4jLRUWvWbzZ_TjmP8Od9et7dLEW7bXAtldZQdHRUovW64Q4fH_l5HyW6Ousxu0TzH_HMMz8ONRcdywgUH_83CErMvY8P4rfIbye1zGQf6usllWb1LoLgAXYH0fwcPCy5N8MXQaQtpUgNnay09q3mJe7TqdTQCMpUF9VjQ1vKg1A0MOxSp66wR-ncgC7vVV4qiHcWnA90CzqHdxRjiOxHZdxtv1tNRZgCDx5yxoovcIrYebrrq23mSL0dmYAB6UfrjaLdzsYa8I7OoIcYFos0MNPvo6Qw3cr1a1ogz8qtE4CzkScpHGoXybJ_w", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-01 16:23:29,918:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54548135540/bMwQhA HTTP/1.1" 200 186 2021-12-01 16:23:29,919:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 21:23:29 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548135540/bMwQhA Replay-Nonce: 0002nvJepDBkxgEyNi8QYdGtOWzp2_GXoJkQcp_pmTtxmuI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548135540/bMwQhA", "token": "js0ZqQZqyiKBBgb-UlBCWjlZUUwffIolsmCtiOcMAog" } 2021-12-01 16:23:29,919:DEBUG:acme.client:Storing nonce: 0002nvJepDBkxgEyNi8QYdGtOWzp2_GXoJkQcp_pmTtxmuI 2021-12-01 16:23:29,920:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-01 16:23:29,921:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548135550/Ua1RfQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMm52SmVwREJreGdFeU5pOFFZZEd0T1d6cDJfR1hvSmtRY3BfcG1UdHhtdUkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0NTQ4MTM1NTUwL1VhMVJmUSJ9", "signature": "WcSMpcFyuipRzee5pAJvU_rzYS96Q31FwUiUz-SxqMLCT06QDlxuxWU-z1LYHTk5yl4Kh7z5TyMBxY97OTac60QhtocLozi1tEFArq8zDhvoynuMfE30Z_SydD53vVC_oGXHnJOuWs2AP6GKpM03ezrWrTaK_sQnHA475VY8MdKGp4_YXZ1hXMrOqC78UdCgmLadoP9vvMug6Ha7jYtiFHVftwh2KmrIso7uxMD5L8hNoippyzhf66Jyr08tZmUyqAWTyhS_TIfJVWud-j4awfeMMuwfshtCIEj8vFsKaW-zwVeeYhHBskG9bg3AB59Jt5c7Ou4N6MzrL4bLY1yXlA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-01 16:23:29,990:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54548135550/Ua1RfQ HTTP/1.1" 200 186 2021-12-01 16:23:29,991:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 21:23:29 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548135550/Ua1RfQ Replay-Nonce: 0001KXeQL1wpvM7TTHuV3NYT2ahm9gGQEgSPGQ7JqBDBTNU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548135550/Ua1RfQ", "token": "_hu9fOUyYkLK0oUckc_2v9gPwZybE269cm5-jk9SrEQ" } 2021-12-01 16:23:29,991:DEBUG:acme.client:Storing nonce: 0001KXeQL1wpvM7TTHuV3NYT2ahm9gGQEgSPGQ7JqBDBTNU 2021-12-01 16:23:30,993:DEBUG:acme.client:JWS payload: b'' 2021-12-01 16:23:30,996:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54548135540: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUtYZVFMMXdwdk03VFRIdVYzTllUMmFobTlnR1FFZ1NQR1E3SnFCREJUTlUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NTQ4MTM1NTQwIn0", "signature": "jCeVxg-SoHjRX_Iib9tlExkiQnLKCLTuJXKtbwDT1PaL2BvXgDovE2DAcvo5HIHcWZahMyMglWKqFWBfx36NNb2kEgnM2v36F9R2EjBRLNnDtBoCVcxvhd_SpGs_eTOkQJVRc0mmEIRGHyg3vOhMucv0AEzY40-9E2yyJAeX94T-4IzD5uHmW872ET-XArtN68MIgH-5d76M9lqs2sutaTnyyocT7LJ6SImWBK7khMsu7cgu6VFGq81rX8phCglXjYil6GHOCWATRL8yUQvas-yApyCW_ns0ONwUB1QAZ1HR-ufJQeI37lGdBliXnUELmfeo0LC_uT5PgUUqJ_k3OA", "payload": "" } 2021-12-01 16:23:31,059:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54548135540 HTTP/1.1" 200 1505 2021-12-01 16:23:31,060:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 21:23:31 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002O_IWavVMYCA0x_gW2DCMehnAGGLRNJIPGtbA1vwgYWo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-08T21:23:28Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/js0ZqQZqyiKBBgb-UlBCWjlZUUwffIolsmCtiOcMAog [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548135540/bMwQhA", "token": "js0ZqQZqyiKBBgb-UlBCWjlZUUwffIolsmCtiOcMAog", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/js0ZqQZqyiKBBgb-UlBCWjlZUUwffIolsmCtiOcMAog", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/js0ZqQZqyiKBBgb-UlBCWjlZUUwffIolsmCtiOcMAog", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-01T21:23:29Z" } ] } 2021-12-01 16:23:31,061:DEBUG:acme.client:Storing nonce: 0002O_IWavVMYCA0x_gW2DCMehnAGGLRNJIPGtbA1vwgYWo 2021-12-01 16:23:31,061:DEBUG:acme.client:JWS payload: b'' 2021-12-01 16:23:31,063:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54548135550: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMk9fSVdhdlZNWUNBMHhfZ1cyRENNZWhuQUdHTFJOSklQR3RiQTF2d2dZV28iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NTQ4MTM1NTUwIn0", "signature": "FcXupFH4y1oL_hpQu67jmvi_9o819hwDq4sa1X7IHjB1uzDv_vF0zzkGKZvgC-cdjnaN8dCx2zsFG9lmQ9yg6IvHAGaBWGLgqh_dQwC60d3Z1sW1HVw1pMRoETa0i1YOgi5x59XaOtoWXiftiTgGdWw-Ta3EQfplCHbUqJtdpdmYqIsqYS5fOD0opqaKjm34D_7qPRegj3rXF6GEsvEY7OcwM5C8oSoczTF0x87dGlV3ldYCT_fMiVCCUT5DOuiuMbIYziqAjqnOXzMxO6z3FLkOCf0oeXQA9U7hHdXQrMdxFrGIxM423k2lmcQa2lSOYTmY6olSR3ZjW8W933DnvA", "payload": "" } 2021-12-01 16:23:31,127:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54548135550 HTTP/1.1" 200 796 2021-12-01 16:23:31,128:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 21:23:31 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00021B_Yb5Na2zmIoRztcVHsR8FK6zk_J4O5ho6D2U_aByw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-08T21:23:28Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548135550/Ua1RfQ", "token": "_hu9fOUyYkLK0oUckc_2v9gPwZybE269cm5-jk9SrEQ" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548135550/0Gus6g", "token": "_hu9fOUyYkLK0oUckc_2v9gPwZybE269cm5-jk9SrEQ" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548135550/ORuZ8Q", "token": "_hu9fOUyYkLK0oUckc_2v9gPwZybE269cm5-jk9SrEQ" } ] } 2021-12-01 16:23:31,128:DEBUG:acme.client:Storing nonce: 00021B_Yb5Na2zmIoRztcVHsR8FK6zk_J4O5ho6D2U_aByw 2021-12-01 16:23:31,129:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-01 16:23:34,133:DEBUG:acme.client:JWS payload: b'' 2021-12-01 16:23:34,135:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54548135550: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjFCX1liNU5hMnptSW9SenRjVkhzUjhGSzZ6a19KNE81aG82RDJVX2FCeXciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NTQ4MTM1NTUwIn0", "signature": "gHqFE6F2-YYKDIAbmaiuZKh3nDfz29PwfLPmZDFjfZlH05GUpUiRr10cttb1NSuRbtzr3VS9IGaSbVFDspPjfzCjx3iHMX4HjH2K3HyuTABFpt012Jec9uLMC9t6LPZnhAyiGvxf8EO2FQ-qBMc0Uxte7n2BsnXHMUHkbqnHBa56zMOr3ZdpnD1XmlcM7P61LA7D9lKRlCW7QL_v7b5PIVIz2GKi0wQNZuqQVLCN0K6HVtJZsmohM9k-JJEe7isd_6KZrtc5ultY4uoWZf5KatiTpVqHPAJWuy1c410jW8LHiopWWUDIvWFPUYEuKJyeeH580aSUqn3RjAexCkdFdw", "payload": "" } 2021-12-01 16:23:34,197:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54548135550 HTTP/1.1" 200 1826 2021-12-01 16:23:34,198:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 01 Dec 2021 21:23:34 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002UIQC6BuwlRxFdOXH-8haEnHAy0SeZnTrbaSdA5iXlQE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-08T21:23:28Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/_hu9fOUyYkLK0oUckc_2v9gPwZybE269cm5-jk9SrEQ [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54548135550/Ua1RfQ", "token": "_hu9fOUyYkLK0oUckc_2v9gPwZybE269cm5-jk9SrEQ", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/_hu9fOUyYkLK0oUckc_2v9gPwZybE269cm5-jk9SrEQ", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/_hu9fOUyYkLK0oUckc_2v9gPwZybE269cm5-jk9SrEQ", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/_hu9fOUyYkLK0oUckc_2v9gPwZybE269cm5-jk9SrEQ", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-01T21:23:29Z" } ] } 2021-12-01 16:23:34,198:DEBUG:acme.client:Storing nonce: 0002UIQC6BuwlRxFdOXH-8haEnHAy0SeZnTrbaSdA5iXlQE 2021-12-01 16:23:34,199:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-01 16:23:34,200:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-01 16:23:34,200:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-01 16:23:34,200:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/js0ZqQZqyiKBBgb-UlBCWjlZUUwffIolsmCtiOcMAog [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-12-01 16:23:35,437:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-12-01 16:23:35,437:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-12-01 16:23:35,438:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-02 02:43:32,267:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-02 02:43:32,268:DEBUG:certbot.main:Arguments: ['--standalone', '--pre-hook', '/bin/systemctl stop nginx', '--post-hook', '/bin/systemctl start nginx', '--quiet'] 2021-12-02 02:43:32,268:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-02 02:43:32,281:DEBUG:certbot.log:Root logging level set at 30 2021-12-02 02:43:32,281:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-02 02:43:32,294:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer 2021-12-02 02:43:32,294:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-02 02:43:32,295:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-02 02:43:32,295:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-02 02:43:32,309:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 02:43:32,310:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 02:43:32,310:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 02:43:32,312:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-02 02:43:32,312:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-02 02:43:32,312:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-02 02:43:32,315:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 02:43:32,316:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 02:43:32,316:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 02:43:32,318:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-02 02:43:32,319:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-02 02:43:32,319:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-02 02:43:32,323:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 02:43:32,324:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 02:43:32,325:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 02:43:32,328:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-02 02:43:32,328:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-02 02:43:32,328:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-02 02:43:32,332:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 02:43:32,332:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 02:43:32,333:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 02:43:32,336:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-02 02:43:32,337:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-02 02:43:32,337:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-02 02:43:32,342:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 02:43:32,343:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 02:43:32,344:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 02:43:32,346:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-02 02:43:32,349:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-12-02 02:43:32,349:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-02 02:43:32,349:INFO:certbot.renewal:Non-interactive renewal: random delay of 376.26864502744223 seconds 2021-12-02 02:49:48,698:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 02:49:49,015:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-02 02:49:49,016:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-12-02 02:49:49,016:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-02 02:49:49,017:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-12-02 02:49:49,024:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-02 02:49:49,027:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-02 02:49:49,031:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-02 02:49:49,151:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-02 02:49:49,152:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 07:49:49 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "6sXN7jAY32U": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-02 02:49:49,153:INFO:certbot.hooks:Running pre-hook command: /bin/systemctl stop nginx 2021-12-02 02:49:54,191:INFO:certbot.main:Renewing an existing certificate 2021-12-02 02:49:54,342:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0484_key-certbot.pem 2021-12-02 02:49:54,355:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0484_csr-certbot.pem 2021-12-02 02:49:54,356:DEBUG:acme.client:Requesting fresh nonce 2021-12-02 02:49:54,356:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-02 02:49:54,395:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-02 02:49:54,396:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 07:49:54 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101Ng-K7HdCpxuoUBMnKMGcd2INDtnwKRU8-YTXejQ8VLM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-02 02:49:54,396:DEBUG:acme.client:Storing nonce: 0101Ng-K7HdCpxuoUBMnKMGcd2INDtnwKRU8-YTXejQ8VLM 2021-12-02 02:49:54,397:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-12-02 02:49:54,400:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMU5nLUs3SGRDcHh1b1VCTW5LTUdjZDJJTkR0bndLUlU4LVlUWGVqUThWTE0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "AgFtspYWa3XhiYJ3yv89VOZYn8An83DzuHbrigdxzxRSENHCGILWwx6Zcl9MTbOz1pti0kajWBdnY2XOEOFOnhKu1vm5WDrX7BYzSAIuHacWyYXs-_mABBucYMgQh1b0FFYnghg8T_EP5gaVwTM0nQSzrtQjNLeqlMAxyDXZa86vADtB7spKq8f22-FgSYgsnwFLOwgdn7YmFzFjQymevofC3rXiWMYdROHo4TMgwtXbLHAPGIexANCgjtJ5HzSoa2LBbtgIxPtDgl4M1j0ycfPRRVNIuEVWnvu3ORtxFimaUO7cX_tPlVrZSiaU4uDWaGum_WAZI0Xx9ByuqUAvMg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-12-02 02:49:54,871:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-12-02 02:49:54,871:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 02 Dec 2021 07:49:54 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44122979440 Replay-Nonce: 0101l_4IfW8zOJErnXWVOtv0WU6zqywOE_oddtMvFaCU5LU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-09T07:49:54Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54703137130" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44122979440" } 2021-12-02 02:49:54,872:DEBUG:acme.client:Storing nonce: 0101l_4IfW8zOJErnXWVOtv0WU6zqywOE_oddtMvFaCU5LU 2021-12-02 02:49:54,872:DEBUG:acme.client:JWS payload: b'' 2021-12-02 02:49:54,874:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54703137130: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMWxfNElmVzh6T0pFcm5YV1ZPdHYwV1U2enF5d09FX29kZHRNdkZhQ1U1TFUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzAzMTM3MTMwIn0", "signature": "b5715iVyHMdxKEbEj60XWfAgX-V4IY_gkBQVNYOfyhIVSAVQ09p9fyNg8vOdFEgocsfwbwJP81ilQOb1APTq0ooBZykGbtXdU_JZrNJRPEct-eBrTKM_QVg6Y-T7oWUEfvKY3WEBja8XEqMv-2Cn9AqVdbT-hc_8kBHbYl3Eq2-7i3LuwAyCkZLY_zU79yXrZl9hYUSeLi0hMX0jj0x_PFQhGgP3QHxhW5ofKRDYIy8b3JQlX5pMllk15WhyBYaKPoCWtEgTdg2BZkCIFOipjZvH6ZAh-D-CqF00VoL5BVAxMrANk_aN2xa_rOCyTiRtUyLKFlscocPi6oGrDeIF2Q", "payload": "" } 2021-12-02 02:49:54,947:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54703137130 HTTP/1.1" 200 792 2021-12-02 02:49:54,948:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 07:49:54 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102TNSeo_U-hJm7-9W00l6AVN4rTAI_O1ROL2_kKf4en1o X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-09T07:49:54Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703137130/Xbc7JA", "token": "S9CjmIdxOOe2-Fj5Nt5pbMUaSkuhOTktKQbBpgfXv8s" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703137130/iofQ0w", "token": "S9CjmIdxOOe2-Fj5Nt5pbMUaSkuhOTktKQbBpgfXv8s" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703137130/ZFX74Q", "token": "S9CjmIdxOOe2-Fj5Nt5pbMUaSkuhOTktKQbBpgfXv8s" } ] } 2021-12-02 02:49:54,948:DEBUG:acme.client:Storing nonce: 0102TNSeo_U-hJm7-9W00l6AVN4rTAI_O1ROL2_kKf4en1o 2021-12-02 02:49:54,949:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-02 02:49:54,949:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-02 02:49:54,949:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-12-02 02:49:54,950:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-12-02 02:49:54,953:INFO:certbot.auth_handler:Waiting for verification... 2021-12-02 02:49:54,954:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-02 02:49:54,955:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703137130/Xbc7JA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMlROU2VvX1UtaEptNy05VzAwbDZBVk40clRBSV9PMVJPTDJfa0tmNGVuMW8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0NzAzMTM3MTMwL1hiYzdKQSJ9", "signature": "rD1j_1Ko4xtDARfLOK_WreqWB4xVUrcjAhnBTpXINo2hAeVUo0vPoSj0RlAw2kjoIja-KT_00Y9QJv6x5V2GCy9IgiM_MIxdNmubIgAdh-AcNAyKRUuj2k_rrxS-XZhQIyBtkJo8tpM_M20mbB2GrjG6rQs8QF0x4biyWrPxqIpcBa2Q4_HYmgPm7XO8bvpVNm9reTSNfEkSWguoxuXNjePfJWDrNRAxmmcNuOjwCV0OXQuMc6G8Fz7axFMG1EtXmuxoAddXAAfE_LXGO9tDV2KFc5vMC9NyqF0P3gYaFuX3yZozFQauqGpI6X85tQNvZZ589P8Rx1GfSwfUcC8w7A", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-02 02:49:55,050:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54703137130/Xbc7JA HTTP/1.1" 200 186 2021-12-02 02:49:55,050:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 07:49:55 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703137130/Xbc7JA Replay-Nonce: 0102Bb4PWikZrnE-Zc1v4x6LvIeaxvciQFv0Vvw9boNp28o X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703137130/Xbc7JA", "token": "S9CjmIdxOOe2-Fj5Nt5pbMUaSkuhOTktKQbBpgfXv8s" } 2021-12-02 02:49:55,050:DEBUG:acme.client:Storing nonce: 0102Bb4PWikZrnE-Zc1v4x6LvIeaxvciQFv0Vvw9boNp28o 2021-12-02 02:49:56,052:DEBUG:acme.client:JWS payload: b'' 2021-12-02 02:49:56,054:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54703137130: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMkJiNFBXaWtacm5FLVpjMXY0eDZMdkllYXh2Y2lRRnYwVnZ3OWJvTnAyOG8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzAzMTM3MTMwIn0", "signature": "GHgRbnFeXDkEsVY9u4gkdkOgnBNWdXIvppkGF_bdfaZo6ljKdI-SB1xDiDTqwcHZkuN8QIEYIBnF1hN9a-4l8SEhNSTZz9636eZbucgf_jP9DRX9AWV3yYv0C9N7RfFz7Y9cA_qgrSnwL4Dr4yGHpkfre9o_eVI7x4vZ17e3aW875Z4gCNFkeaYCc6bOsxR6bYdtgMzFdCsPubAeHT5IJl9tT2w3bLLBVA5ALHlngBpZrrESAfPH7S2cP_zAH74iee2Ag87XWx8xm-4l7gFaS3xdaPDhC14dpKi6FqGty7YI9T55MTAu2h8R5Fk0t2aKgZRi6HAGZePz1JjoXU6tjg", "payload": "" } 2021-12-02 02:49:56,126:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54703137130 HTTP/1.1" 200 1505 2021-12-02 02:49:56,126:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 07:49:56 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101AqI8aGTgvlktNutUgZPmxAlVveqrxPtOApsnBv8wAvA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-09T07:49:54Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/S9CjmIdxOOe2-Fj5Nt5pbMUaSkuhOTktKQbBpgfXv8s [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703137130/Xbc7JA", "token": "S9CjmIdxOOe2-Fj5Nt5pbMUaSkuhOTktKQbBpgfXv8s", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/S9CjmIdxOOe2-Fj5Nt5pbMUaSkuhOTktKQbBpgfXv8s", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/S9CjmIdxOOe2-Fj5Nt5pbMUaSkuhOTktKQbBpgfXv8s", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-02T07:49:55Z" } ] } 2021-12-02 02:49:56,127:DEBUG:acme.client:Storing nonce: 0101AqI8aGTgvlktNutUgZPmxAlVveqrxPtOApsnBv8wAvA 2021-12-02 02:49:56,127:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-02 02:49:56,128:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-02 02:49:56,128:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/S9CjmIdxOOe2-Fj5Nt5pbMUaSkuhOTktKQbBpgfXv8s [75.2.60.5]: "\n\n\n \n Prep: True 2021-12-02 02:49:56,710:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-12-02 02:49:56,710:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-02 02:49:56,710:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-12-02 02:49:56,715:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-02 02:49:56,716:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-02 02:49:56,718:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-02 02:49:56,830:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-02 02:49:56,831:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 07:49:56 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "tef86zaP1Eg": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2021-12-02 02:49:56,832:INFO:certbot.hooks:Pre-hook command already run, skipping: /bin/systemctl stop nginx 2021-12-02 02:49:56,832:INFO:certbot.main:Renewing an existing certificate 2021-12-02 02:49:56,935:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0485_key-certbot.pem 2021-12-02 02:49:56,941:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0485_csr-certbot.pem 2021-12-02 02:49:56,942:DEBUG:acme.client:Requesting fresh nonce 2021-12-02 02:49:56,942:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-02 02:49:56,978:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-02 02:49:56,978:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 07:49:56 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01011ZuFhSkShoHRSWiEL8YJ9UpuHjgRonNfWuCf2pvbBI8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-02 02:49:56,979:DEBUG:acme.client:Storing nonce: 01011ZuFhSkShoHRSWiEL8YJ9UpuHjgRonNfWuCf2pvbBI8 2021-12-02 02:49:56,979:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-02 02:49:56,981:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMTFadUZoU2tTaG9IUlNXaUVMOFlKOVVwdUhqZ1Jvbk5mV3VDZjJwdmJCSTgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "KS3jenu-zE1VtIiHD_Hvyz-DL7J5jHZLT2sI7TOwTPulOpU0NjSnM__u557Cf54o1INyGU221YVhdwGsNE2_ziUfaoQwB5UfRK-yNgXGjXTBIvnIsH3xuRvKv8FH5GoTPy9a8qt3ebBoBrQCQDTguEjUkfm992wDPugQ-V8iaYycldTQXb_FQU46O479-YjsCZ5pGuf4d850IaCiHnKg5rInbISwv2uJhMndaNYIqETist40f8K-u-hT063L3n6LhMQhoDyxsBaL8T2FLAUEce5t3VrADvhmUtGHx5EYGw6dgksYVCfWOUaa5ZwLOJAcRvU2TBMVYRDrsePJwppnjQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-02 02:49:57,362:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-02 02:49:57,363:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 02 Dec 2021 07:49:57 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44122984200 Replay-Nonce: 0102uCiwvZHky3LVUKcQSJoKdb8GIWMFB4Vs_FJ6uz-1fvQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-09T07:49:57Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54703143450", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54703143460" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44122984200" } 2021-12-02 02:49:57,364:DEBUG:acme.client:Storing nonce: 0102uCiwvZHky3LVUKcQSJoKdb8GIWMFB4Vs_FJ6uz-1fvQ 2021-12-02 02:49:57,364:DEBUG:acme.client:JWS payload: b'' 2021-12-02 02:49:57,366:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54703143450: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMnVDaXd2WkhreTNMVlVLY1FTSm9LZGI4R0lXTUZCNFZzX0ZKNnV6LTFmdlEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzAzMTQzNDUwIn0", "signature": "PCC01ngcMUoVptRrLJmQRN9wK3gGwWCngcC3w7t1kU1XNX1b9SUUNed51KmVAvoUD6S-wRYZwrc46rk7ydpyxf18OglgmYQqBmqGNpkWMwAz2ME8uND3FELSWHswPwGTYRZEpVXi5Hq6V50F44rD7xdERnN8z6u00HRt2E6Yt-3dJT1b88ZAOoQA7yM8INI1fQrcYHPpWM862dT1KgAFUqn0a_0hz8SWwl48H4Bxr9RwEzWXVPpbwRpj-o-M-K26XNhqJ6TQcoNwYRs1yCYaM3IPjwE6a2s9Lyr1J7OHB8I5qlyc-XNsYqWgjsniUYs2gqu8dkIxAky7gQNdhMVJYQ", "payload": "" } 2021-12-02 02:49:57,439:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54703143450 HTTP/1.1" 200 792 2021-12-02 02:49:57,439:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 07:49:57 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101Tutf9Ldr3a4QPXsJKVvo3VttjU73gQKWGFDuUmPojqM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-09T07:49:57Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703143450/cGey1g", "token": "wfiU3QWnKDTlWoBAXYuwAduWBpn3zQrh9Mm1R3Dzwr8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703143450/sWL5BQ", "token": "wfiU3QWnKDTlWoBAXYuwAduWBpn3zQrh9Mm1R3Dzwr8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703143450/PF0fiw", "token": "wfiU3QWnKDTlWoBAXYuwAduWBpn3zQrh9Mm1R3Dzwr8" } ] } 2021-12-02 02:49:57,440:DEBUG:acme.client:Storing nonce: 0101Tutf9Ldr3a4QPXsJKVvo3VttjU73gQKWGFDuUmPojqM 2021-12-02 02:49:57,440:DEBUG:acme.client:JWS payload: b'' 2021-12-02 02:49:57,442:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54703143460: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMVR1dGY5TGRyM2E0UVBYc0pLVnZvM1Z0dGpVNzNnUUtXR0ZEdVVtUG9qcU0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzAzMTQzNDYwIn0", "signature": "dMWijbRZa6VrEoyji6fJiQswUkPG_YK7JO1txVKflOiypDUeUc2APp3Lwykr2_DUG51CHo7czENZZWPTzOiramJSaglWwB1GhDMdoDg-9gt8lhpNulrbbjywcRCk_1A00tOMvp-MtjAJn02CuHX2oxs_Wd1VcYMsLpYxEZ_OAuPG8ECxXcif39d6bKpwUZptAleQbzLk5SGn6R1S2PEgMC3dAEMFJi__MMNgDUnpjbhcwqt4zwweKMmLrBKWb-YYj_HQ0tT5vUM33GpnbZgIfxNIJ37s-9iqNm1zQ0QFUmATqtk2lWp960KAC3NYE1laAHyMJUmqpaMapetQZlIgaQ", "payload": "" } 2021-12-02 02:49:57,514:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54703143460 HTTP/1.1" 200 796 2021-12-02 02:49:57,515:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 07:49:57 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102ldK9xTGfcrVgOOJuYiBm4LAg4XHVieKzkSwB2yEGPQ4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-09T07:49:57Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703143460/I2XwgQ", "token": "ar5D0Zomcpiywx0L_mxI_Xv6zVGrW7nFF6Pw5VDYgBo" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703143460/KvTngg", "token": "ar5D0Zomcpiywx0L_mxI_Xv6zVGrW7nFF6Pw5VDYgBo" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703143460/F2qnYg", "token": "ar5D0Zomcpiywx0L_mxI_Xv6zVGrW7nFF6Pw5VDYgBo" } ] } 2021-12-02 02:49:57,516:DEBUG:acme.client:Storing nonce: 0102ldK9xTGfcrVgOOJuYiBm4LAg4XHVieKzkSwB2yEGPQ4 2021-12-02 02:49:57,516:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-02 02:49:57,516:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-02 02:49:57,516:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-02 02:49:57,517:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-12-02 02:49:57,517:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-12-02 02:49:57,522:INFO:certbot.auth_handler:Waiting for verification... 2021-12-02 02:49:57,522:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-02 02:49:57,524:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703143450/cGey1g: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMmxkSzl4VEdmY3JWZ09PSnVZaUJtNExBZzRYSFZpZUt6a1N3QjJ5RUdQUTQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0NzAzMTQzNDUwL2NHZXkxZyJ9", "signature": "eHW2pCF9pr_YDIAYe4HKmV8N5oP7nmM28F6gLq07u_vgfvAAWTciUHflus5-37Lo3QGeWOrvu2CyYU0ukNMINF-_Oy73PywgrJHF6ybwLfjMyECH-wwE9WiQGLG6H7kFsNrY3dHRH_PhwBgc5IRUf_dOr3GjcPU8qAjaxzhJQCQRLp1HNpwUVC0EvyjBRgO6R4U2CGyh4ehIT_KOh-gKhNtYrJJtQcpxXxExuARNMVhaSEme49YaD2enD9I1s9kJOntzuBKqYg28WBA7hB21I3qDqvohIAeaT_xF6kzIHcO0ueu0qo2mbjMdMNeTNTPQfL1259w_Vg44JnVEuDc8JA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-02 02:49:57,619:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54703143450/cGey1g HTTP/1.1" 200 186 2021-12-02 02:49:57,620:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 07:49:57 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703143450/cGey1g Replay-Nonce: 0102HNuWf3j4Ly08GPrJrNzFT7wRzpHTJacFxKvNN_OZzac X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703143450/cGey1g", "token": "wfiU3QWnKDTlWoBAXYuwAduWBpn3zQrh9Mm1R3Dzwr8" } 2021-12-02 02:49:57,620:DEBUG:acme.client:Storing nonce: 0102HNuWf3j4Ly08GPrJrNzFT7wRzpHTJacFxKvNN_OZzac 2021-12-02 02:49:57,621:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-02 02:49:57,622:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703143460/I2XwgQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMkhOdVdmM2o0THkwOEdQckpyTnpGVDd3UnpwSFRKYWNGeEt2Tk5fT1p6YWMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0NzAzMTQzNDYwL0kyWHdnUSJ9", "signature": "Rvcmd96v0sNAAGuU5VZxR5xPBQmvnKwnCWIFO1HhoWWLNnaPUwDKBzkWBWNy_U3MFvyV4Tq41sVAPOazLb8II5u-3NbjI-G2Q2qFzrxgDq-rjK9AqVld3smi-XUNmMjV6ITKkSb2h6hdEH6ii8WuxnGvFmblqL3GKlkxF1DxlhJH-xF_dOUbPnwGE32jJb2Z_Zh3x6zc9Y6VWvNHL1yXnj3n4tUwggk4IH8BzNIl34V0pwm6g-nG5xAcgDRWwcFVvmxUXwtyxZcT_XqJFaz8yjCx0w8NAqavxMkfz0D42cK5rtOuinmdLqeQs_QV0nLRAgnhe0vpqfbIpBR10__upA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-02 02:49:57,710:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54703143460/I2XwgQ HTTP/1.1" 200 186 2021-12-02 02:49:57,710:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 07:49:57 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703143460/I2XwgQ Replay-Nonce: 0102_vw30KJD0TFD1MKdU487MbxV3ovlVJqzJYI7gG7RTWM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703143460/I2XwgQ", "token": "ar5D0Zomcpiywx0L_mxI_Xv6zVGrW7nFF6Pw5VDYgBo" } 2021-12-02 02:49:57,710:DEBUG:acme.client:Storing nonce: 0102_vw30KJD0TFD1MKdU487MbxV3ovlVJqzJYI7gG7RTWM 2021-12-02 02:49:58,712:DEBUG:acme.client:JWS payload: b'' 2021-12-02 02:49:58,714:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54703143450: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMl92dzMwS0pEMFRGRDFNS2RVNDg3TWJ4VjNvdmxWSnF6SllJN2dHN1JUV00iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzAzMTQzNDUwIn0", "signature": "JIHSeshTklCJ5CQm3bSJjWCV5S-w3WLLuNZgBJDeY6lubaWRN7lrhOEP1jD1Jl1Ikp93mWRT_FQLK9pGJwDgLsjeXB7bBytmwj6_K-4_19GiN5B1gmg4GD9Ulu2eKzUgjTHWWNNXQiDTolLbUJ2qd2K2qEWvjfX0s3yMInYO4LYDddganhPohu7_bpnja_Lfctfkc3JgCjcKdqDdVbIWKqcTp52uZk-6ZmfY2Xa-OV54TOWpi4XVs4aSujPXW6QlfWtQpcrN6giL6Wfqh-Lj5aQLAEv77shGOls_4QPtlLKXLlQIkXKmZDaivJECf93g6oMPYSuPU56fL4U0kFCa-w", "payload": "" } 2021-12-02 02:49:58,785:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54703143450 HTTP/1.1" 200 1505 2021-12-02 02:49:58,785:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 07:49:58 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 010291cwGgeSBKQ0ctONJo2CTWQx6LLejcsRvcDiSCpul7M X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-09T07:49:57Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/wfiU3QWnKDTlWoBAXYuwAduWBpn3zQrh9Mm1R3Dzwr8 [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703143450/cGey1g", "token": "wfiU3QWnKDTlWoBAXYuwAduWBpn3zQrh9Mm1R3Dzwr8", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/wfiU3QWnKDTlWoBAXYuwAduWBpn3zQrh9Mm1R3Dzwr8", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/wfiU3QWnKDTlWoBAXYuwAduWBpn3zQrh9Mm1R3Dzwr8", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-02T07:49:57Z" } ] } 2021-12-02 02:49:58,786:DEBUG:acme.client:Storing nonce: 010291cwGgeSBKQ0ctONJo2CTWQx6LLejcsRvcDiSCpul7M 2021-12-02 02:49:58,786:DEBUG:acme.client:JWS payload: b'' 2021-12-02 02:49:58,788:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54703143460: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMjkxY3dHZ2VTQktRMGN0T05KbzJDVFdReDZMTGVqY3NSdmNEaVNDcHVsN00iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzAzMTQzNDYwIn0", "signature": "jRXQ-LW9RkC4DloPpTLjrl5FUbdthlQmw5DQ8VQGPiqGHPJNTdmcv-VZEmA7ZNprsRitVOFC4EMo1jfYajcs_u5_UDN8f5maNXGIypLIYexe0ZKuZv1bnkCk_fvUoMdKJOySpFx5BZBZnzOaTCTPUWRGBjy0vwqyJpBEeOM_UjdxB6xl3RKzZMibLwdAavBAgujqcALPoIU-jLJZGZjsjDeL1u4J0cS8gd8tR6sIvSqt-M5CLYoG3JMmKSjpi8VlNpcdmh-ly-JK17BC7YroKF4xWISMO0ZGj6aTLnFuDBe0OuZZ-gULi1m93JW2Kx8547aJ-mBo8_hRpUXLCUp6iA", "payload": "" } 2021-12-02 02:49:58,858:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54703143460 HTTP/1.1" 200 1826 2021-12-02 02:49:58,859:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 07:49:58 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101zKCpY2UhSKIz50qUgfUJQL_drDzrXevR47Y253Xq6lk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-09T07:49:57Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/ar5D0Zomcpiywx0L_mxI_Xv6zVGrW7nFF6Pw5VDYgBo [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54703143460/I2XwgQ", "token": "ar5D0Zomcpiywx0L_mxI_Xv6zVGrW7nFF6Pw5VDYgBo", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/ar5D0Zomcpiywx0L_mxI_Xv6zVGrW7nFF6Pw5VDYgBo", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/ar5D0Zomcpiywx0L_mxI_Xv6zVGrW7nFF6Pw5VDYgBo", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/ar5D0Zomcpiywx0L_mxI_Xv6zVGrW7nFF6Pw5VDYgBo", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-02T07:49:57Z" } ] } 2021-12-02 02:49:58,859:DEBUG:acme.client:Storing nonce: 0101zKCpY2UhSKIz50qUgfUJQL_drDzrXevR47Y253Xq6lk 2021-12-02 02:49:58,860:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-02 02:49:58,861:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-02 02:49:58,861:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-02 02:49:58,861:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-02 02:49:58,861:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/wfiU3QWnKDTlWoBAXYuwAduWBpn3zQrh9Mm1R3Dzwr8 [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-12-02 02:49:59,028:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-12-02 02:49:59,029:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-12-02 02:49:59,029:INFO:certbot.hooks:Running post-hook command: /bin/systemctl start nginx 2021-12-02 02:49:59,095:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-02 03:43:32,184:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-02 03:43:32,185:DEBUG:certbot.main:Arguments: ['-q'] 2021-12-02 03:43:32,185:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-02 03:43:32,202:DEBUG:certbot.log:Root logging level set at 30 2021-12-02 03:43:32,203:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-02 03:43:32,222:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2021-12-02 03:43:32,237:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 03:43:32,238:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 03:43:32,239:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 03:43:32,244:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 03:43:32,247:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 03:43:32,247:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 03:43:32,253:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 03:43:32,254:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 03:43:32,255:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 03:43:32,260:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 03:43:32,261:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 03:43:32,262:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 03:43:32,268:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 03:43:32,269:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 03:43:32,270:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 03:43:32,274:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-12-02 03:43:32,274:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-02 03:43:32,274:INFO:certbot.renewal:Non-interactive renewal: random delay of 437.5708324868523 seconds 2021-12-02 03:50:49,946:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-12-02 03:50:50,282:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-02 03:50:50,282:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-02 03:50:50,283:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-02 03:50:50,283:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-02 03:50:50,287:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-02 03:50:50,290:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-02 03:50:50,292:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-02 03:50:50,408:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-02 03:50:50,409:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 08:50:50 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "zQdBRn0p7vw": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2021-12-02 03:50:50,409:INFO:certbot.main:Renewing an existing certificate 2021-12-02 03:50:50,557:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0486_key-certbot.pem 2021-12-02 03:50:50,564:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0486_csr-certbot.pem 2021-12-02 03:50:50,565:DEBUG:acme.client:Requesting fresh nonce 2021-12-02 03:50:50,565:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-02 03:50:50,601:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-02 03:50:50,602:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 08:50:50 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101GM0WjFt39wYx7BJDphdRG_uuz_jNHzCszlWdTkSPU-g X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-02 03:50:50,602:DEBUG:acme.client:Storing nonce: 0101GM0WjFt39wYx7BJDphdRG_uuz_jNHzCszlWdTkSPU-g 2021-12-02 03:50:50,602:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-12-02 03:50:50,605:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMUdNMFdqRnQzOXdZeDdCSkRwaGRSR191dXpfak5IekNzemxXZFRrU1BVLWciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "Wd-tR7SYhsE3D2m3y3iEeMWheX02tyIAWwaFF2VYjrKBRprR8pUzEfYyAl50WGsPdJjCTbTdiKIA9sEPOUSibjo2z9KYMtF65jYRvonM1U9BXHzLPYSjuTvtIPALranQ2W-BVXbcXJGiyt-2DFSe5T2AxFB9MY_gOD1vcJMAvgJcSgp8FFmzI-LX-pW7K0jQgluhl_0FrdymLtFoWX4FZXvTS9tpUJREJxWmBAqt0VNxtYKWlQ_vVlFFustCmNfVTP3VLXemlbmZEgLaD71se9cr-JB2yZmohzJweGl1pRgLOCY1s0geYU6TSB53uSo6E8eODv0G8E_3Tk8UsVHqGQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-12-02 03:50:50,907:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-12-02 03:50:50,907:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 02 Dec 2021 08:50:50 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44134304690 Replay-Nonce: 0101IUoUx0qw5FN6vAtPeSvqdUGGNnP_3G7P_1XFrVrLZHU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-09T08:50:50Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54717072700" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44134304690" } 2021-12-02 03:50:50,908:DEBUG:acme.client:Storing nonce: 0101IUoUx0qw5FN6vAtPeSvqdUGGNnP_3G7P_1XFrVrLZHU 2021-12-02 03:50:50,908:DEBUG:acme.client:JWS payload: b'' 2021-12-02 03:50:50,910:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54717072700: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMUlVb1V4MHF3NUZONnZBdFBlU3ZxZFVHR05uUF8zRzdQXzFYRnJWckxaSFUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzE3MDcyNzAwIn0", "signature": "WL3BwuZmxxUSt9PlUutsJrgA7RinPYbxGK3v7X1KvTK3UV5L--RAlbHMKGdzwaSpxPEXSgs66gjKlchOrmkElf01e4R6SNQCw8hw-n7Vtl4aL6CwULvPP3Rwrn2TNGVcf_F_9g1O9F5zaGjIDyKMqWfWnG-bC8wLmci1m0z89jGxmPE_Q7_Ou70i-pGYPKElZOpHcofTru7SRvC_-3N6n4pTEW02t6eCmj9P42L4fbXidpbMGkwqor7QgVPVd_1LTAqpDoeJUMeHKhwS5APYjHBgD4imd4mItXwgtPld33fdxuLoCfuKKtZX28M1h482TEVM_2GUCMEBFl6GHWYY9A", "payload": "" } 2021-12-02 03:50:50,986:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54717072700 HTTP/1.1" 200 792 2021-12-02 03:50:50,986:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 08:50:50 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01021NlEBrMz7AfxDUd0yUCqbuiG1-SwUAl6YqSoP1ag8Jw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-09T08:50:50Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717072700/zDHa1Q", "token": "o5B2WyIZTeLFYo24Bm2PJTzEkKdteEEx6FwHuW8Q40I" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717072700/36CArw", "token": "o5B2WyIZTeLFYo24Bm2PJTzEkKdteEEx6FwHuW8Q40I" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717072700/3Nbq-Q", "token": "o5B2WyIZTeLFYo24Bm2PJTzEkKdteEEx6FwHuW8Q40I" } ] } 2021-12-02 03:50:50,987:DEBUG:acme.client:Storing nonce: 01021NlEBrMz7AfxDUd0yUCqbuiG1-SwUAl6YqSoP1ag8Jw 2021-12-02 03:50:50,988:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-02 03:50:50,988:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-02 03:50:51,034:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-02 03:50:51,035:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-02 03:50:51,035:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-02 03:50:51,036:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-02 03:50:51,036:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-02 03:50:51,036:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-02 03:50:51,037:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-02 03:50:51,037:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-02 03:50:51,037:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-02 03:50:51,038:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-02 03:50:51,038:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-02 03:50:51,038:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-02 03:50:51,038:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-02 03:50:51,040:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-02 03:50:51,042:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/o5B2WyIZTeLFYo24Bm2PJTzEkKdteEEx6FwHuW8Q40I{default_type text/plain;return 200 o5B2WyIZTeLFYo24Bm2PJTzEkKdteEEx6FwHuW8Q40I.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-02 03:50:52,075:INFO:certbot.auth_handler:Waiting for verification... 2021-12-02 03:50:52,076:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-02 03:50:52,078:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717072700/zDHa1Q: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMjFObEVCck16N0FmeERVZDB5VUNxYnVpRzEtU3dVQWw2WXFTb1AxYWc4SnciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0NzE3MDcyNzAwL3pESGExUSJ9", "signature": "eHDYRz5OhY3fTOuAzZGC6O92VeR3P2u2QmqcL4zDFrHIHHlceXgZfEBzQ3PPEcpTxzggT5NioHCIq4tn3RlU2lDlYRXmoeKbGYGln38TT5S22icmPRY-31rzJ9SHGRfhGZPxFFzmXuKhDeNvp_FPqkItUagPO9r1fBb4nTCJ4Qg3evOfjFaZI2_A4I31iUYFz43wOpEMHu1hXVAkX28Ce09E09Q1G0W8UShXKnAumiPY_QHoXGh8uT8DyI9kyyYsPd2G4ZK3R532bNONnqbawQUgfG-XYWqvKIblfLJKv9XteiGHTNE46yX2JHbjOypF_8Aa-PNggbqbKElNtXIo0Q", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-02 03:50:52,170:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54717072700/zDHa1Q HTTP/1.1" 200 186 2021-12-02 03:50:52,171:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 08:50:52 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717072700/zDHa1Q Replay-Nonce: 0102fH_W5GjHcS53rQzctJ9CgocwvFKc0YNVYzwBszqFo1A X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717072700/zDHa1Q", "token": "o5B2WyIZTeLFYo24Bm2PJTzEkKdteEEx6FwHuW8Q40I" } 2021-12-02 03:50:52,171:DEBUG:acme.client:Storing nonce: 0102fH_W5GjHcS53rQzctJ9CgocwvFKc0YNVYzwBszqFo1A 2021-12-02 03:50:53,173:DEBUG:acme.client:JWS payload: b'' 2021-12-02 03:50:53,175:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54717072700: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMmZIX1c1R2pIY1M1M3JRemN0SjlDZ29jd3ZGS2MwWU5WWXp3QnN6cUZvMUEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzE3MDcyNzAwIn0", "signature": "fCm846E5DeHeNSRUhdWS9mjEaGwySKNxdlCszV3SkEcflxKw_949mv6lCeyXA-L_V5i1n7vu5Z01dcwBW0KtYfAghXonEz9k3Oi0naEd1ft4KdaW8ebK22qkFSfuLH_tCV5bnl3QceaRYt4jlRgvrX-VAVHLzM4yKPvm8K-pOp7jgI7135ccMp_KFre4u21ofeVmJ3etYLVrPMaEqEHzxI-GNUiQarBpR_rC5jqD9G7pVBeVdId3zwoS2_hOIn29q567E5NrujHry6JFwmjAlmh8b20y_0GgxcxLqwxSRraJLOvgOHztXahhrEDWhnlRRafsbO0Av9wFYPJhtaYKhg", "payload": "" } 2021-12-02 03:50:53,247:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54717072700 HTTP/1.1" 200 1505 2021-12-02 03:50:53,247:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 08:50:53 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102g-qNcxA4GRbY5nkw25O-wrgZHnznNWf6jTrFlZsB564 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-09T08:50:50Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/o5B2WyIZTeLFYo24Bm2PJTzEkKdteEEx6FwHuW8Q40I [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717072700/zDHa1Q", "token": "o5B2WyIZTeLFYo24Bm2PJTzEkKdteEEx6FwHuW8Q40I", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/o5B2WyIZTeLFYo24Bm2PJTzEkKdteEEx6FwHuW8Q40I", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/o5B2WyIZTeLFYo24Bm2PJTzEkKdteEEx6FwHuW8Q40I", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-02T08:50:52Z" } ] } 2021-12-02 03:50:53,248:DEBUG:acme.client:Storing nonce: 0102g-qNcxA4GRbY5nkw25O-wrgZHnznNWf6jTrFlZsB564 2021-12-02 03:50:53,248:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-02 03:50:53,249:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-02 03:50:53,249:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/o5B2WyIZTeLFYo24Bm2PJTzEkKdteEEx6FwHuW8Q40I [75.2.60.5]: "\n\n\n \n Prep: True 2021-12-02 03:50:54,815:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-02 03:50:54,815:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-02 03:50:54,815:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-02 03:50:54,819:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-02 03:50:54,820:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-02 03:50:54,822:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-02 03:50:54,937:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-02 03:50:54,938:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 08:50:54 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "arc9HX0G9pE": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-02 03:50:54,938:INFO:certbot.main:Renewing an existing certificate 2021-12-02 03:50:55,150:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0487_key-certbot.pem 2021-12-02 03:50:55,157:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0487_csr-certbot.pem 2021-12-02 03:50:55,158:DEBUG:acme.client:Requesting fresh nonce 2021-12-02 03:50:55,158:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-02 03:50:55,196:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-02 03:50:55,196:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 08:50:55 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01012aA1qHTCHtF571W5t795nRzdeEbKrzwXHBEy4s4qof4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-02 03:50:55,197:DEBUG:acme.client:Storing nonce: 01012aA1qHTCHtF571W5t795nRzdeEbKrzwXHBEy4s4qof4 2021-12-02 03:50:55,197:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-02 03:50:55,199:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMTJhQTFxSFRDSHRGNTcxVzV0Nzk1blJ6ZGVFYktyendYSEJFeTRzNHFvZjQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "C4uwUyfYRlx3-OCBH9k6LSY4uPy8y35xHR5vPcfP-p6MlT8o31MDBpYOvWz_4GZCBo0vAP35A1c_uX_azN4NMBjIc1y3KnzevtY_Y_CyPyr712u7bSRGCi0VMa-ZCSiEyzp3lAZDXZg-dDsxBuccySp6jqRqHesb-Lc6-8782iXQgfjH_FX8hCOuPA0sOPyITT1JziRZEnBUGsHga2idC9GOkJBGfFVpQ_FaxzfI2iCtxga4DgH5YNleYeH9GP_8Mq_Jsw-deHMsCe2ccKYqdW56rf7RkryUUqYWiltBDbM9B0qW_YJSnWZ4hG9w3knRTTenvSL7G-vuAY0SHH0gXg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-02 03:50:55,459:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-02 03:50:55,459:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 02 Dec 2021 08:50:55 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44134314870 Replay-Nonce: 0102nD6gE4QkjWQKYXl5VfoL1oAk2oZVen2NB5QcTKVeQKA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-09T08:50:55Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54717086470", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54717086480" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44134314870" } 2021-12-02 03:50:55,459:DEBUG:acme.client:Storing nonce: 0102nD6gE4QkjWQKYXl5VfoL1oAk2oZVen2NB5QcTKVeQKA 2021-12-02 03:50:55,460:DEBUG:acme.client:JWS payload: b'' 2021-12-02 03:50:55,462:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54717086470: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMm5ENmdFNFFraldRS1lYbDVWZm9MMW9BazJvWlZlbjJOQjVRY1RLVmVRS0EiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzE3MDg2NDcwIn0", "signature": "bJPZhy3PKBp02gwNLf321S_eIOFHWx6KrroUaadrKfQuSNWPyIE2I6L40ZDrBDqo8cPe-QdBRHKOl0E8QhEsC28sO-Toc41-Zb4FAwHj7jDD-kYN2eL7CnsalE0ez1jvzIucmL2ftsT0X69jHIVMoI1AIHdL32rdiuzXrCIX40sLy2HMcWN3ebdjhCcAP0AHLKMfMYCQMHl_hzVDnEEJZ7_IHaDExg0WwSdoZJPFj5t78IlQUdJn89ryPcCHIFl0qIzjG4DvgN2BZ8yyZ_sQoJFOALCEzIGyddKB6pVXR0bCQR0a280NWy8_RctWBnWahSJTEu84Q6149Lkkc_ESRw", "payload": "" } 2021-12-02 03:50:55,534:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54717086470 HTTP/1.1" 200 792 2021-12-02 03:50:55,535:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 08:50:55 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101RqauMMweYWzz0XSylDL0Xx0Z6fkNiyoXvRkA3AC8mlY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-09T08:50:55Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717086470/VNRTFw", "token": "7iU_wmKoncfZwyM47mJoe5xIvfQlglS3BRrCCsMkpkA" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717086470/iz6tZg", "token": "7iU_wmKoncfZwyM47mJoe5xIvfQlglS3BRrCCsMkpkA" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717086470/7pyiJQ", "token": "7iU_wmKoncfZwyM47mJoe5xIvfQlglS3BRrCCsMkpkA" } ] } 2021-12-02 03:50:55,535:DEBUG:acme.client:Storing nonce: 0101RqauMMweYWzz0XSylDL0Xx0Z6fkNiyoXvRkA3AC8mlY 2021-12-02 03:50:55,536:DEBUG:acme.client:JWS payload: b'' 2021-12-02 03:50:55,538:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54717086480: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMVJxYXVNTXdlWVd6ejBYU3lsREwwWHgwWjZma05peW9YdlJrQTNBQzhtbFkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzE3MDg2NDgwIn0", "signature": "jQbDQshxjgfblrreeSuq0XtN4Eekz40AA_UMt7Gd-oCVmquhVD-5SRbq3HAcJQlebtJYIEU2yMf6AcFrKCs3BvOBJ-XzxVg4j8XA-Uw-KEj-N0oi9OwfT_m7lc3u8D4JaLwsSK2rFzZwsCYeHHPKiMCrU7hgiyOVKFcR8O9q3Cc6F0d0ycO6W9GH-cVUijJvpFSIdB_ayj2YaH5P0dED18EZkeNfHg_hRxSHcUAHlSDO-jmKIEOk3GOB0lGEgT5AY6qESY_gzwqCo2VDZU_-jUs5bUgr0G7yR0gqb2KVFUf106l7SCdegHdcnCrpZr4JIHJ3qv7ZoL6WUm-8lFolAA", "payload": "" } 2021-12-02 03:50:55,619:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54717086480 HTTP/1.1" 200 796 2021-12-02 03:50:55,620:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 08:50:55 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101pG5-L9ybaoklk-Dco4WjgEnhS9CQhn78fyAbEGf4tYI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-09T08:50:55Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717086480/TNJfVQ", "token": "Lz5LD0pTbIck1qlB1BMHagkNb1nY-6p0C_Un0OB0PYw" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717086480/Zk374g", "token": "Lz5LD0pTbIck1qlB1BMHagkNb1nY-6p0C_Un0OB0PYw" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717086480/4tjx0A", "token": "Lz5LD0pTbIck1qlB1BMHagkNb1nY-6p0C_Un0OB0PYw" } ] } 2021-12-02 03:50:55,620:DEBUG:acme.client:Storing nonce: 0101pG5-L9ybaoklk-Dco4WjgEnhS9CQhn78fyAbEGf4tYI 2021-12-02 03:50:55,621:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-02 03:50:55,621:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-02 03:50:55,621:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-02 03:50:55,683:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-02 03:50:55,684:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-02 03:50:55,684:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-02 03:50:55,685:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-02 03:50:55,685:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-02 03:50:55,685:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-02 03:50:55,686:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-02 03:50:55,686:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-02 03:50:55,686:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-02 03:50:55,686:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-02 03:50:55,686:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-02 03:50:55,687:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-02 03:50:55,687:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-02 03:50:55,689:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-02 03:50:55,691:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/7iU_wmKoncfZwyM47mJoe5xIvfQlglS3BRrCCsMkpkA{default_type text/plain;return 200 7iU_wmKoncfZwyM47mJoe5xIvfQlglS3BRrCCsMkpkA.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot location = /.well-known/acme-challenge/Lz5LD0pTbIck1qlB1BMHagkNb1nY-6p0C_Un0OB0PYw{default_type text/plain;return 200 Lz5LD0pTbIck1qlB1BMHagkNb1nY-6p0C_Un0OB0PYw.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-02 03:50:56,721:INFO:certbot.auth_handler:Waiting for verification... 2021-12-02 03:50:56,722:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-02 03:50:56,724:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717086470/VNRTFw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMXBHNS1MOXliYW9rbGstRGNvNFdqZ0VuaFM5Q1Fobjc4ZnlBYkVHZjR0WUkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0NzE3MDg2NDcwL1ZOUlRGdyJ9", "signature": "FqMvc0_z971hZ9-QMwqy25ZYbzamM3RKjQiwrKlrplAwNbdIejltSnoE2LyrghmGJawIr2YZzEmQek5PCfEWQHXyiutX3L1REzItHpDC7ml8Eqf118w8HUGnLqt2X5Cos7vyivSDa1mMkrebcD5icNXrVOdKXnsLcBBJJnZbievgZWP9N2rnFbaegvqz-KhfnGnbRLTYnfL-Puxs7mdV6ok6QYl9PNOiRZiFZOF_nQcNK6Mnz_xH1JwBYvvgwAXev2wddMF5alZAEs7P6RZVCR1VSD__Sr7fS51JjHlzu5B206abGBPqRGYgAUcBG4bYHCTh9VHisPk-boyr1qXa6A", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-02 03:50:56,824:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54717086470/VNRTFw HTTP/1.1" 200 186 2021-12-02 03:50:56,825:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 08:50:56 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717086470/VNRTFw Replay-Nonce: 0102lxpMGCpMyHI0zQny-guZ2Ui2btLs00I_HcZx2H-RIco X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717086470/VNRTFw", "token": "7iU_wmKoncfZwyM47mJoe5xIvfQlglS3BRrCCsMkpkA" } 2021-12-02 03:50:56,825:DEBUG:acme.client:Storing nonce: 0102lxpMGCpMyHI0zQny-guZ2Ui2btLs00I_HcZx2H-RIco 2021-12-02 03:50:56,826:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-02 03:50:56,828:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717086480/TNJfVQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMmx4cE1HQ3BNeUhJMHpRbnktZ3VaMlVpMmJ0THMwMElfSGNaeDJILVJJY28iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0NzE3MDg2NDgwL1ROSmZWUSJ9", "signature": "KwazqwMEo7uDYTaNl3QMEgv4AoMUCCpXtr6SIK0q6A66TJYuEW9QoBpR_nbggJTEFseovldo_75vfUK_cGNmRzKyA04a4C_MjDy3esN54fNaHrP_kGSBAjE9ulnzQzMeInZu2hdTja2CE3f-wKO33zuzY00FFxfHsBgqlxTXqXJvVR7-h1zkAhZHtnT12LP0dYAEuxncuD-w2FgYdUfzQ5rlVPocTtJcYAVQyDym_64gE_WGn6-ih0VEvJBijMWvQcovgwYXuAj0aJkU4iyvXRftTd-_DaGG3YJg5wQs1Bu7aeQqZ8LjL1K9Ke6outFiKLU_6zM825CXYETXHs17Rw", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-02 03:50:56,917:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54717086480/TNJfVQ HTTP/1.1" 200 186 2021-12-02 03:50:56,918:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 08:50:56 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717086480/TNJfVQ Replay-Nonce: 0101jPD6hpV2kap2t3S1XvP53Jke26mfSaLPAm4iK8XcJ5I X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717086480/TNJfVQ", "token": "Lz5LD0pTbIck1qlB1BMHagkNb1nY-6p0C_Un0OB0PYw" } 2021-12-02 03:50:56,918:DEBUG:acme.client:Storing nonce: 0101jPD6hpV2kap2t3S1XvP53Jke26mfSaLPAm4iK8XcJ5I 2021-12-02 03:50:57,919:DEBUG:acme.client:JWS payload: b'' 2021-12-02 03:50:57,921:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54717086470: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMWpQRDZocFYya2FwMnQzUzFYdlA1M0prZTI2bWZTYUxQQW00aUs4WGNKNUkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzE3MDg2NDcwIn0", "signature": "LshXo0segQx7quujmPl3ALaVjamdN4wA_Y1yaseJn5RaIILPjn4YIaqz-UwTFl-fAD9z77gRARE71mcSdBmYPqfkkBTBX8leGVEn9uwIu3P9iNsA2dZC5LsfZikw2OdWaix6f_eZZdcizqtoQJWjbaq-3XSyLzetn7nKaQ8eussZK-FCsN0e_61lTUE8fsqoaKTS6SXCYcpf0_Df3r_gRrVe8cGrjcp7eYfZbHj9TC0pf2EstFUi_dXngfohsUEwgfewXEUCJ25GsO77bEOUXjhiQvi8Ailz0wyo492sGAinXCx_OzN104eAiI2GRgFmIIAYcoTVaJN8gd7rfL5Jxw", "payload": "" } 2021-12-02 03:50:57,994:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54717086470 HTTP/1.1" 200 1505 2021-12-02 03:50:57,995:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 08:50:57 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101Rc9iCjRT2AkF2xMR9eb0SjQJHzbv-ISUOc3Yg4lGmtA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-09T08:50:55Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/7iU_wmKoncfZwyM47mJoe5xIvfQlglS3BRrCCsMkpkA [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717086470/VNRTFw", "token": "7iU_wmKoncfZwyM47mJoe5xIvfQlglS3BRrCCsMkpkA", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/7iU_wmKoncfZwyM47mJoe5xIvfQlglS3BRrCCsMkpkA", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/7iU_wmKoncfZwyM47mJoe5xIvfQlglS3BRrCCsMkpkA", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-02T08:50:56Z" } ] } 2021-12-02 03:50:57,995:DEBUG:acme.client:Storing nonce: 0101Rc9iCjRT2AkF2xMR9eb0SjQJHzbv-ISUOc3Yg4lGmtA 2021-12-02 03:50:57,996:DEBUG:acme.client:JWS payload: b'' 2021-12-02 03:50:57,998:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54717086480: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMVJjOWlDalJUMkFrRjJ4TVI5ZWIwU2pRSkh6YnYtSVNVT2MzWWc0bEdtdEEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzE3MDg2NDgwIn0", "signature": "mJisbBJk3bXrBe8Zf6MqS-vZYYnJNH_A-AB1HYfvIu_ajoJ2bZKG_mO0ERsCHnNo_kqdOkQsfEB5TQEgIVQhLIualXcjF9tvycBH04Fdl6mFCPqTOicuUSdpwaShpKTUrDdMJ2qiQqTCEKXUjjuR4UcrluJwe_xTKA09XKjKD8DkSSGFGQHg4d8NQfDcNvSFQOGdKItifYBZwX07qVCqJ3uu_AG7yo8b5Cr9g4AZND5GXFX5Q4vcPbB4cItj7CAz-6665SkYjMxXsHdRosyN9q5mE_lISmVz7vZxA0RlXO6iXyKQl3jGkYxRp22AZyfDQFRm3aMBjAx_zwAsnkQ_9g", "payload": "" } 2021-12-02 03:50:58,077:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54717086480 HTTP/1.1" 200 796 2021-12-02 03:50:58,078:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 08:50:58 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101KR2EPTjP-LtwlDz6f7VlE8O2uwSinSEQvtxkSceGPW8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-09T08:50:55Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717086480/TNJfVQ", "token": "Lz5LD0pTbIck1qlB1BMHagkNb1nY-6p0C_Un0OB0PYw" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717086480/Zk374g", "token": "Lz5LD0pTbIck1qlB1BMHagkNb1nY-6p0C_Un0OB0PYw" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717086480/4tjx0A", "token": "Lz5LD0pTbIck1qlB1BMHagkNb1nY-6p0C_Un0OB0PYw" } ] } 2021-12-02 03:50:58,078:DEBUG:acme.client:Storing nonce: 0101KR2EPTjP-LtwlDz6f7VlE8O2uwSinSEQvtxkSceGPW8 2021-12-02 03:50:58,078:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-02 03:51:01,082:DEBUG:acme.client:JWS payload: b'' 2021-12-02 03:51:01,084:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54717086480: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMUtSMkVQVGpQLUx0d2xEejZmN1ZsRThPMnV3U2luU0VRdnR4a1NjZUdQVzgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzE3MDg2NDgwIn0", "signature": "BG4V6ke-ghH5KqJhY-xfTMg2jXSMLIeUiGXDag3nJf6gBzJPKcFbTWLuYHhIQ1BVpjpiwaJrhysaEmx1hOrSotMj9DN_GDkWD-ORuqx2w7WEoTaExbxpCUTbDlgbCQnVzhT1n3hYx8iRH1R-YGq0aBW-YL8sn2EIoHIkGq280rn2oW6mrVEErNvhB6SE_SdDxSj_5PQ-OIKf0bF2vOtE_XdzG4qUCE4-4IiwIq80eHvtpnr7qJl6chaCFItlRQZaBJe__XOQrAgI0xaEZQCcWIEC9sEjsnDR_3UVIrn8d6NCJ0JQGoKChDWZYW19olkukIDLmDEMbs93rDyM9vDtBw", "payload": "" } 2021-12-02 03:51:01,157:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54717086480 HTTP/1.1" 200 1826 2021-12-02 03:51:01,158:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 08:51:01 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101zlXR75KG5tWaRMyqLGcAbf05_rO7olnpr6rx58c8b_A X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-09T08:50:55Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/Lz5LD0pTbIck1qlB1BMHagkNb1nY-6p0C_Un0OB0PYw [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54717086480/TNJfVQ", "token": "Lz5LD0pTbIck1qlB1BMHagkNb1nY-6p0C_Un0OB0PYw", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/Lz5LD0pTbIck1qlB1BMHagkNb1nY-6p0C_Un0OB0PYw", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/Lz5LD0pTbIck1qlB1BMHagkNb1nY-6p0C_Un0OB0PYw", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/Lz5LD0pTbIck1qlB1BMHagkNb1nY-6p0C_Un0OB0PYw", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-02T08:50:56Z" } ] } 2021-12-02 03:51:01,158:DEBUG:acme.client:Storing nonce: 0101zlXR75KG5tWaRMyqLGcAbf05_rO7olnpr6rx58c8b_A 2021-12-02 03:51:01,158:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-02 03:51:01,159:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-02 03:51:01,159:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-02 03:51:01,159:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/7iU_wmKoncfZwyM47mJoe5xIvfQlglS3BRrCCsMkpkA [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-12-02 03:51:02,425:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-12-02 03:51:02,425:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-12-02 03:51:02,426:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-02 06:43:32,119:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-02 06:43:32,120:DEBUG:certbot.main:Arguments: ['--standalone', '--pre-hook', '/bin/systemctl stop nginx', '--post-hook', '/bin/systemctl start nginx', '--quiet'] 2021-12-02 06:43:32,120:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-02 06:43:32,132:DEBUG:certbot.log:Root logging level set at 30 2021-12-02 06:43:32,133:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-02 06:43:32,143:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer 2021-12-02 06:43:32,144:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-02 06:43:32,144:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-02 06:43:32,144:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-02 06:43:32,157:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 06:43:32,158:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 06:43:32,158:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 06:43:32,160:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-02 06:43:32,160:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-02 06:43:32,160:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-02 06:43:32,164:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 06:43:32,165:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 06:43:32,166:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 06:43:32,168:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-02 06:43:32,168:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-02 06:43:32,168:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-02 06:43:32,172:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 06:43:32,173:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 06:43:32,174:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 06:43:32,175:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-02 06:43:32,175:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-02 06:43:32,175:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-02 06:43:32,179:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 06:43:32,180:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 06:43:32,181:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 06:43:32,182:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-02 06:43:32,182:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-02 06:43:32,182:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-02 06:43:32,187:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 06:43:32,188:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 06:43:32,188:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 06:43:32,190:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-02 06:43:32,193:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-12-02 06:43:32,193:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-02 06:43:32,193:INFO:certbot.renewal:Non-interactive renewal: random delay of 427.6514592231195 seconds 2021-12-02 06:50:39,918:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 06:50:40,225:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-02 06:50:40,226:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-12-02 06:50:40,227:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-02 06:50:40,227:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-12-02 06:50:40,231:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-02 06:50:40,233:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-02 06:50:40,235:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-02 06:50:40,348:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-02 06:50:40,349:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 11:50:40 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "xKwJpUYL1Uk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2021-12-02 06:50:40,350:INFO:certbot.hooks:Running pre-hook command: /bin/systemctl stop nginx 2021-12-02 06:50:40,394:INFO:certbot.main:Renewing an existing certificate 2021-12-02 06:50:40,697:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0488_key-certbot.pem 2021-12-02 06:50:40,708:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0488_csr-certbot.pem 2021-12-02 06:50:40,709:DEBUG:acme.client:Requesting fresh nonce 2021-12-02 06:50:40,709:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-02 06:50:40,746:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-02 06:50:40,747:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 11:50:40 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101bhGj7bckbP_X3G8O_vMhe-LVDYjw9b9DQvk4gtUUKLQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-02 06:50:40,747:DEBUG:acme.client:Storing nonce: 0101bhGj7bckbP_X3G8O_vMhe-LVDYjw9b9DQvk4gtUUKLQ 2021-12-02 06:50:40,748:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-12-02 06:50:40,751:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMWJoR2o3YmNrYlBfWDNHOE9fdk1oZS1MVkRZanc5YjlEUXZrNGd0VVVLTFEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "NGp6yM42HvKC3kKvT4DRXdF3sVn8xJy8d20Ui8RSCKvpeTA0KL5TN_58HzaHfSmx6dOO8idtBLhx1fQ0pihy2uhf9fIoY75Blqf6W7u-WwjYReCB5ZQjbVRISadhZgZ-mqiYsQcWXzcfp9tY6lZ8zWTds_R22DRsTrnIPJWkNZNviJqL749NoQDhXdIiJ5sI-ibicqsZIvQojDZ0uYs2qvv82hgoXUkQfcsERtEgF7NOiFfGrU-cp_41HnTjVTXybTq0b5KGSMnX9FR2mE61N5IRb8cveA-CUz8gJfnnaJujHbvCoYbbkgg-8_F8XoG3emC2mVbYQIHXtTj2xQwuqA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-12-02 06:50:41,078:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-12-02 06:50:41,079:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 02 Dec 2021 11:50:41 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44166506210 Replay-Nonce: 0101sE28DM8q27dZHUXszirEkxL6Ykl2l9SJ0QYPWGqkq7E X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-09T11:50:41Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54756423500" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44166506210" } 2021-12-02 06:50:41,079:DEBUG:acme.client:Storing nonce: 0101sE28DM8q27dZHUXszirEkxL6Ykl2l9SJ0QYPWGqkq7E 2021-12-02 06:50:41,079:DEBUG:acme.client:JWS payload: b'' 2021-12-02 06:50:41,082:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54756423500: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMXNFMjhETThxMjdkWkhVWHN6aXJFa3hMNllrbDJsOVNKMFFZUFdHcWtxN0UiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzU2NDIzNTAwIn0", "signature": "MRPmCKxdrwyWYXkNPRwezvzYkHPrr5Zodt0qv2zdjWarYEinyIMd9-Qvi-bynkU_qg442YfWY7v2JKghCNimWlGB-IU36Gkq5DL1155bQ_2b0xmFHwOmdGeN758L-iqTjMPHtHJVuO_YP0eaTefoXAq03-kZ9nFx7-Tq8a81B1ayqxMp_1mbEgaihknLC9D2Ru0uOu9cRVzwvDZ3TWi-ilVevEYzeb6Y5fns0pQH_7nsM0IPtwEPy9EZBayJ-Chfmc9CHQX8-_X5aOLmjPKXmW-6nxqkuVA2tP7iReXITvWECvtb5rTfYN_kwErVGAbUS3b8XTCmRqG88DQYhpbpxw", "payload": "" } 2021-12-02 06:50:41,153:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54756423500 HTTP/1.1" 200 792 2021-12-02 06:50:41,154:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 11:50:41 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102j64WDvWkvRSa3Se-6z2kjkL3Inwoof5JWZ6lL9Iug-A X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-09T11:50:41Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756423500/VTdyIw", "token": "ngrm_S9n4azZwlh0SFUHOD2yhqjidHzUjtFcyLOZFKk" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756423500/kg3EEA", "token": "ngrm_S9n4azZwlh0SFUHOD2yhqjidHzUjtFcyLOZFKk" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756423500/mHudQg", "token": "ngrm_S9n4azZwlh0SFUHOD2yhqjidHzUjtFcyLOZFKk" } ] } 2021-12-02 06:50:41,154:DEBUG:acme.client:Storing nonce: 0102j64WDvWkvRSa3Se-6z2kjkL3Inwoof5JWZ6lL9Iug-A 2021-12-02 06:50:41,155:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-02 06:50:41,155:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-02 06:50:41,156:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-12-02 06:50:41,157:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-12-02 06:50:41,161:INFO:certbot.auth_handler:Waiting for verification... 2021-12-02 06:50:41,161:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-02 06:50:41,163:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756423500/VTdyIw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMmo2NFdEdldrdlJTYTNTZS02ejJramtMM0lud29vZjVKV1o2bEw5SXVnLUEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0NzU2NDIzNTAwL1ZUZHlJdyJ9", "signature": "JFXoUS6OfFjcBUcc9vulZ_E4BGChZrw8OBTbbsALOGISrHZkeqg4chShtyla9UsI5sNLVGD8UZ-ShaHxvoR_czYwl-EO4dc6RdjBpd5XCIPBKGDuMJM-D-QegmkMAi88mNNZcUNQ7PSYj9ViBxL5RwUGLZEvDSQVPafWjXUv9202EqtaVHd597yMpbV8Up0TcJ7PdbyCkoVWSzG9NPJgKlIotQd3mXgMLq4lI67vEEbBWqpB5f-chwzk04XljBksdeuHvas0SDKXp7p3-a2DMVjLHYL0bf9UwA8xL9K8GMD8zbEVxCL_9zQybT8x2B6Rx9Rsim8S28BRuQgcdxrU4w", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-02 06:50:41,251:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54756423500/VTdyIw HTTP/1.1" 200 186 2021-12-02 06:50:41,251:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 11:50:41 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756423500/VTdyIw Replay-Nonce: 0102p7HFpCTVLTUVtLt_8y5en075RS5gKeXhHBK2LMR7stg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756423500/VTdyIw", "token": "ngrm_S9n4azZwlh0SFUHOD2yhqjidHzUjtFcyLOZFKk" } 2021-12-02 06:50:41,252:DEBUG:acme.client:Storing nonce: 0102p7HFpCTVLTUVtLt_8y5en075RS5gKeXhHBK2LMR7stg 2021-12-02 06:50:42,254:DEBUG:acme.client:JWS payload: b'' 2021-12-02 06:50:42,256:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54756423500: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMnA3SEZwQ1RWTFRVVnRMdF84eTVlbjA3NVJTNWdLZVhoSEJLMkxNUjdzdGciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzU2NDIzNTAwIn0", "signature": "njvRLnFiUCJKNqZttASTQ8c_r4vDA_fuHII9RoUYDcptv_mm-FOSAtZb-l7dMyC3BZJnpD_h767OT0n-J6yN0LUrdjf_b78ZyhQKgIA6GrqH2v8MXsZuaaA2yx3p2nUc5c_tFc2ezMz19-JvLNzZAwrESSOngGG2-osxKgcFT4C64T4SM40d5pDt1FpucahfGp4x0ntMd2V7FxzxCM9GeOV2CXCE1Zrjfvu1eJKGNWeCqSC8UMND375V8weDUP8IdGRiFnOPLKxFoedlVZseL2JjTFTQfPiK7056Wqab_b5Ppwt-oKspZUJ2CkqMaQuuAUlz4WSTYnKiaCwrKtEakg", "payload": "" } 2021-12-02 06:50:42,378:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54756423500 HTTP/1.1" 200 792 2021-12-02 06:50:42,379:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 11:50:42 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102UQfV-aSld3mOgbgHDq9j7LgTqE78jQN6AAbmAyoglWs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-09T11:50:41Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756423500/VTdyIw", "token": "ngrm_S9n4azZwlh0SFUHOD2yhqjidHzUjtFcyLOZFKk" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756423500/kg3EEA", "token": "ngrm_S9n4azZwlh0SFUHOD2yhqjidHzUjtFcyLOZFKk" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756423500/mHudQg", "token": "ngrm_S9n4azZwlh0SFUHOD2yhqjidHzUjtFcyLOZFKk" } ] } 2021-12-02 06:50:42,379:DEBUG:acme.client:Storing nonce: 0102UQfV-aSld3mOgbgHDq9j7LgTqE78jQN6AAbmAyoglWs 2021-12-02 06:50:45,381:DEBUG:acme.client:JWS payload: b'' 2021-12-02 06:50:45,384:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54756423500: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMlVRZlYtYVNsZDNtT2diZ0hEcTlqN0xnVHFFNzhqUU42QUFibUF5b2dsV3MiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzU2NDIzNTAwIn0", "signature": "jcwL_ICfTrbyEMNzV9TQ1Fm8gQmqamLJgRM27ABJp_oQDQOE3Z6j9HjfxrxxSAmGmO_wzcJx-26K2mBOPCLp5kiPcRvmRdHrRIqG80dtvGL0spom0LQSpvxHQYBj0GI3nehusUUYNVbtgNxJt6hjknH2Z0qEdHbImL8dC5Bxqc00hLmhaOjp66Cj6LOCNx0rnDvbm8E9zePI_b_Q-taFaPmAxI6EVrnQscYTVVKYZGx3ct5IyAjPZLbXcYzdCGQkgWvc54C3Guz8R-uKWOJo2FKDctXfFIQCbSpj1AR3qqF5E4TnA69RrIxAkf2-h59r81-hYBnBio_d1XkIWNCXUA", "payload": "" } 2021-12-02 06:50:45,456:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54756423500 HTTP/1.1" 200 1505 2021-12-02 06:50:45,457:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 11:50:45 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102Dm1JjtX5J5wW7JHXoKSPnmbzv_VHSMyPMfbijI5TPic X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-09T11:50:41Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/ngrm_S9n4azZwlh0SFUHOD2yhqjidHzUjtFcyLOZFKk [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756423500/VTdyIw", "token": "ngrm_S9n4azZwlh0SFUHOD2yhqjidHzUjtFcyLOZFKk", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/ngrm_S9n4azZwlh0SFUHOD2yhqjidHzUjtFcyLOZFKk", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/ngrm_S9n4azZwlh0SFUHOD2yhqjidHzUjtFcyLOZFKk", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-02T11:50:41Z" } ] } 2021-12-02 06:50:45,457:DEBUG:acme.client:Storing nonce: 0102Dm1JjtX5J5wW7JHXoKSPnmbzv_VHSMyPMfbijI5TPic 2021-12-02 06:50:45,458:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-02 06:50:45,459:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-02 06:50:45,460:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/ngrm_S9n4azZwlh0SFUHOD2yhqjidHzUjtFcyLOZFKk [75.2.60.5]: "\n\n\n \n Prep: True 2021-12-02 06:50:46,008:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-12-02 06:50:46,009:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-02 06:50:46,009:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-12-02 06:50:46,013:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-02 06:50:46,014:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-02 06:50:46,016:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-02 06:50:46,133:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-02 06:50:46,134:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 11:50:46 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "V3VkoR1jIAk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-02 06:50:46,134:INFO:certbot.hooks:Pre-hook command already run, skipping: /bin/systemctl stop nginx 2021-12-02 06:50:46,134:INFO:certbot.main:Renewing an existing certificate 2021-12-02 06:50:46,506:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0489_key-certbot.pem 2021-12-02 06:50:46,516:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0489_csr-certbot.pem 2021-12-02 06:50:46,517:DEBUG:acme.client:Requesting fresh nonce 2021-12-02 06:50:46,517:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-02 06:50:46,555:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-02 06:50:46,556:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 11:50:46 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102fGToJ7LG9qvtgbBX9NrrqMw0K-T6pcJkudY1SxX4xyE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-02 06:50:46,557:DEBUG:acme.client:Storing nonce: 0102fGToJ7LG9qvtgbBX9NrrqMw0K-T6pcJkudY1SxX4xyE 2021-12-02 06:50:46,557:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-02 06:50:46,560:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMmZHVG9KN0xHOXF2dGdiQlg5TnJycU13MEstVDZwY0prdWRZMVN4WDR4eUUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "nvPcnM_beu_vpZjOqiMWQzs59e_DSbOaHDABLr_lQ77GBTdigtQNvjNOd4rJN-uMNfgyo-LgMpoZtND6gzJAMqXv4hqg_woiozI3LWZEhAnkwPy_Cw0MbRlDsnehjiNyMqP4IbLNslYmPnyTjyG96jD8KMvo4qa9PWDwDVXVOb4sbNsqjFgadMSJ4au2rnR8hGkoLgfLclA6sUQphVn_Orz7hOz6iyru6fI7Tm7JaCpUc-aoINwWDocx1-8T2jqDN8ju6CkTI7nVKjxudElR6ETBoujNpc9C5rEZDgu3N6uP-vhAa-x-WGVWhfHULjsRUvFYtRHpu9eNH-3IGpAXsw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-02 06:50:46,787:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-02 06:50:46,788:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 02 Dec 2021 11:50:46 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44166518590 Replay-Nonce: 0102xWf0D9KMZt-7VLQrudkkH8lrxsrkBwiAh6gydUmZh5I X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-09T11:50:46Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54756439370", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54756439380" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44166518590" } 2021-12-02 06:50:46,788:DEBUG:acme.client:Storing nonce: 0102xWf0D9KMZt-7VLQrudkkH8lrxsrkBwiAh6gydUmZh5I 2021-12-02 06:50:46,789:DEBUG:acme.client:JWS payload: b'' 2021-12-02 06:50:46,791:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54756439370: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMnhXZjBEOUtNWnQtN1ZMUXJ1ZGtrSDhscnhzcmtCd2lBaDZneWRVbVpoNUkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzU2NDM5MzcwIn0", "signature": "V-zxiYF0av2o8G4Cf8WVt2wbATnYdNfwbfOe5g-SKULtOS9crZyeAZ0qw847maUXz-wcCjyvEkLb3TkngBFUGbOiXsi1TBUqyOS4ln-gEx1sB3chONcdXB0-Cj8k9Z2Zxd7OYOne3z7595fA_NwG76JMb1iYC29zsaYbFby2iFc7X6aKDAGDeHVXTn8w1CjYh2tBlz4jfCxAo3AAGL7X15Y5Vh4anoYuYv8w4sCu6f8pMYd7gGchTBcoRxpr6zdDXf4urjoGVnw7A8FxToqxBufTxlK1dk-a3koMNp860D-5fE7w9GsiLnaCd24y1tOPx-fBHOTMP8r_HWRqgMKwaQ", "payload": "" } 2021-12-02 06:50:46,874:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54756439370 HTTP/1.1" 200 792 2021-12-02 06:50:46,875:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 11:50:46 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101UCLi_oCisI9yxAh7pY-kGYRdfGqjB0gwrjwDU17zqsA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-09T11:50:46Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756439370/yxGhNQ", "token": "tJ0Qg4FQpjbxpxnkaWaJfHqmp9hrenrE03U4qXKJrUM" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756439370/5AsDlg", "token": "tJ0Qg4FQpjbxpxnkaWaJfHqmp9hrenrE03U4qXKJrUM" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756439370/pJn45A", "token": "tJ0Qg4FQpjbxpxnkaWaJfHqmp9hrenrE03U4qXKJrUM" } ] } 2021-12-02 06:50:46,875:DEBUG:acme.client:Storing nonce: 0101UCLi_oCisI9yxAh7pY-kGYRdfGqjB0gwrjwDU17zqsA 2021-12-02 06:50:46,876:DEBUG:acme.client:JWS payload: b'' 2021-12-02 06:50:46,878:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54756439380: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMVVDTGlfb0Npc0k5eXhBaDdwWS1rR1lSZGZHcWpCMGd3cmp3RFUxN3pxc0EiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzU2NDM5MzgwIn0", "signature": "aj5jXG2I3l-tHJS117B2VM28x1cZ4h-As7MGYiQSLKJkkIMu8TDnhflOI90xpLSGsASibpfTohCjXYWLObyuPgtDDbvPrfRbGlCVZM_ML8nsRoa7EUCiQ4SZzVusSXzUGMGdxuRW_wlptHuuO3LJb8D3VvLIoHlTpKR9PmYfYgM0swNkjVbbjzzUmbaCvvcxPyUGpb5JqVRlkFrVR1Sv0t8cnMIwvb4frmJByq_46MGUf012Uqk9ENtdTCuUzDSaCB9tknxetUXd6nl714hB96jwoCNCJaWkU81XswDajm-ZUEcTR-_v5lGvoQ_cCUwWpVqFBHzVyNk2I2uCHPJWfQ", "payload": "" } 2021-12-02 06:50:46,953:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54756439380 HTTP/1.1" 200 796 2021-12-02 06:50:46,954:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 11:50:46 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101UCHwI5Fzz6XKxTXHXBDjTH4LmNYLxWC1atVQS0YwitQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-09T11:50:46Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756439380/azYV2w", "token": "SXMVx6G7P6TXs7QJ6JZYSuFsHxts7xy_ovpAWh9pndA" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756439380/57Pt1w", "token": "SXMVx6G7P6TXs7QJ6JZYSuFsHxts7xy_ovpAWh9pndA" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756439380/pg-HGw", "token": "SXMVx6G7P6TXs7QJ6JZYSuFsHxts7xy_ovpAWh9pndA" } ] } 2021-12-02 06:50:46,955:DEBUG:acme.client:Storing nonce: 0101UCHwI5Fzz6XKxTXHXBDjTH4LmNYLxWC1atVQS0YwitQ 2021-12-02 06:50:46,955:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-02 06:50:46,956:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-02 06:50:46,956:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-02 06:50:46,956:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-12-02 06:50:46,957:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-12-02 06:50:46,962:INFO:certbot.auth_handler:Waiting for verification... 2021-12-02 06:50:46,963:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-02 06:50:46,964:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756439370/yxGhNQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMVVDSHdJNUZ6ejZYS3hUWEhYQkRqVEg0TG1OWUx4V0MxYXRWUVMwWXdpdFEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0NzU2NDM5MzcwL3l4R2hOUSJ9", "signature": "rwNMSjzHz0_27pibiuMatMYLnMVidTItTysfClj9cd5bLgBcIMOv5uIR_SX4-v7rtmPvmtZ0gXXLF01lPnjr1hhVkAIHaEubC0eGiYsYxTKj203vA4N8Ciuk63BD8YiAvswdvfkYLUGPCUh_RG4sVIBlpu6Kkdj8facqIV0_b3Wg99dAtdon2VZNRqecIuJnl5U3oTQ2B67dyNNPhjB0jVewrY1K2CRlQGPz8pZXVacj7b-FjgmlX0ql0lqrz66aGYMP6RWi2gbtWT8um0Q3eErX7WwvdDjBubTIKcuPO6Vk5-Ni74baRuw5BqZoEcORKPS7KxeiYz49DgIfJDD8zg", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-02 06:50:47,056:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54756439370/yxGhNQ HTTP/1.1" 200 186 2021-12-02 06:50:47,057:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 11:50:47 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756439370/yxGhNQ Replay-Nonce: 0102DxlAo_s-TutWqmuEunBgiLJ-ZJlhhaUe4RjTQSacfg8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756439370/yxGhNQ", "token": "tJ0Qg4FQpjbxpxnkaWaJfHqmp9hrenrE03U4qXKJrUM" } 2021-12-02 06:50:47,057:DEBUG:acme.client:Storing nonce: 0102DxlAo_s-TutWqmuEunBgiLJ-ZJlhhaUe4RjTQSacfg8 2021-12-02 06:50:47,058:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-02 06:50:47,060:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756439380/azYV2w: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMkR4bEFvX3MtVHV0V3FtdUV1bkJnaUxKLVpKbGhoYVVlNFJqVFFTYWNmZzgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0NzU2NDM5MzgwL2F6WVYydyJ9", "signature": "lNksgvYR3W76IGBqnR485ojRlGqxmnIqug3g_wCw4gq2q_4z-1BjTU1gcjdUse2v8cF5DjJ1SM09RhwVdqnTZlTsuTfb4Vr3Ljx2Q0YUcYFvDs6CMqu1F98Fs0Qxt1RR1K_f2Gz2GHQKtsGeCX7ntEQ9mzPw5bbnkq3mzSwIWtvypdBF4qNMAPRv24dJvZpZ5nkqhVDBEPjdufs5rVATECrrvh0YfTvtOfhbZOOtv99UrreXO3nQ0tGAEzzfs5pM6yz4e-E8hmn11aJ3kNtBKguZOnSfwH63h2VVhm3L2fstEDAty34ICa0QjFXlPgOBJx6nPhqA_6sJ6HIqwvAVnQ", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-02 06:50:47,151:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54756439380/azYV2w HTTP/1.1" 200 186 2021-12-02 06:50:47,152:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 11:50:47 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756439380/azYV2w Replay-Nonce: 01013NGVAkOUB_6zQXCX5-14q33HnCMcVIjQ-4KSNPHHuM8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756439380/azYV2w", "token": "SXMVx6G7P6TXs7QJ6JZYSuFsHxts7xy_ovpAWh9pndA" } 2021-12-02 06:50:47,152:DEBUG:acme.client:Storing nonce: 01013NGVAkOUB_6zQXCX5-14q33HnCMcVIjQ-4KSNPHHuM8 2021-12-02 06:50:48,154:DEBUG:acme.client:JWS payload: b'' 2021-12-02 06:50:48,157:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54756439370: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMTNOR1ZBa09VQl82elFYQ1g1LTE0cTMzSG5DTWNWSWpRLTRLU05QSEh1TTgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzU2NDM5MzcwIn0", "signature": "M1tgCzJ6VBtPdlk8OJHRNfm2fLdgtY8RjCeT-c2qtJ8fXyErpd3_w0_802bSsk6r5Xcs1lCkjXIBPfLZRM9c2b0aEtG9zzYvdpFVpYDwK2az5yJj8KaqbcCEYlI56qK3eAssDRqjB0tqrxG5Eak-ALynanCxPzgAb1jGVCIn4zPa3ooqZw8h9ctBP2uUek3dLdMKnK9eyQ_4Cr0sK_lERYHn_yl9ynik9DHqwKOO1TgruqTwY2-dId8S3ZxOKq1ZCnbKAeDXgqoT-nEmVVJA1C2tu0gicQhl9mGAppXFtoO086NPaKFOJHHf5QAgUwJAagbAPU8xb1P7JGVZCIK8rA", "payload": "" } 2021-12-02 06:50:48,229:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54756439370 HTTP/1.1" 200 1505 2021-12-02 06:50:48,230:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 11:50:48 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101ieIzYS4pkZtIGk3Sqbjdc-0yAh0gDnw2O0pB3f1ue7g X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-09T11:50:46Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/tJ0Qg4FQpjbxpxnkaWaJfHqmp9hrenrE03U4qXKJrUM [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756439370/yxGhNQ", "token": "tJ0Qg4FQpjbxpxnkaWaJfHqmp9hrenrE03U4qXKJrUM", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/tJ0Qg4FQpjbxpxnkaWaJfHqmp9hrenrE03U4qXKJrUM", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/tJ0Qg4FQpjbxpxnkaWaJfHqmp9hrenrE03U4qXKJrUM", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-02T11:50:47Z" } ] } 2021-12-02 06:50:48,231:DEBUG:acme.client:Storing nonce: 0101ieIzYS4pkZtIGk3Sqbjdc-0yAh0gDnw2O0pB3f1ue7g 2021-12-02 06:50:48,232:DEBUG:acme.client:JWS payload: b'' 2021-12-02 06:50:48,234:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54756439380: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMWllSXpZUzRwa1p0SUdrM1NxYmpkYy0weUFoMGdEbncyTzBwQjNmMXVlN2ciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzU2NDM5MzgwIn0", "signature": "cKAJDpTGytI4uVJRN1IGkOhTQcoWiJPoSYWRhzHZVt1QtA7ZtOxuKV6irtknmOuW5qoE6N6gT1R2So6sCas1mGdwwF6tNPfo2CeoJKkWZzmZhmFQjtK5SBNJFGMxz9BiJ0X2fuc5vNJO12GXdLvZP5Ehw5AUTLFwwBTYEjAv6kjVS9tbNKdHH_eecYsaz7ZnCyJLr1PAEV59M3laxVlDPRIlN1FF682KjSxZvl3Zw9B4LwqOzlVjGblPWmRQF-X7Tu_yAo7WVQwixiHt-e8-5SYwsdjWNjcXIL_2aZakiLsopqRsePsbZOFVlP-km40gYDiOMtR4eenG-k0iFX6TJA", "payload": "" } 2021-12-02 06:50:48,319:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54756439380 HTTP/1.1" 200 796 2021-12-02 06:50:48,320:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 11:50:48 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102KoMJ7uIuK2Pos31wmS0U_GdLnrp8CWzwyjI2r5Y7wMA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-09T11:50:46Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756439380/azYV2w", "token": "SXMVx6G7P6TXs7QJ6JZYSuFsHxts7xy_ovpAWh9pndA" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756439380/57Pt1w", "token": "SXMVx6G7P6TXs7QJ6JZYSuFsHxts7xy_ovpAWh9pndA" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756439380/pg-HGw", "token": "SXMVx6G7P6TXs7QJ6JZYSuFsHxts7xy_ovpAWh9pndA" } ] } 2021-12-02 06:50:48,321:DEBUG:acme.client:Storing nonce: 0102KoMJ7uIuK2Pos31wmS0U_GdLnrp8CWzwyjI2r5Y7wMA 2021-12-02 06:50:48,321:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-02 06:50:51,326:DEBUG:acme.client:JWS payload: b'' 2021-12-02 06:50:51,328:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54756439380: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMktvTUo3dUl1SzJQb3MzMXdtUzBVX0dkTG5ycDhDV3p3eWpJMnI1WTd3TUEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0NzU2NDM5MzgwIn0", "signature": "O4a8NOeKjZes7N4ttAkUI6IKpTKemYJDjZYMBGQfjJyjPACymoyl5hxXcebdSYZb6q2ruuzB0qRo6kSzZFwON7jQfnodAfcCX02zuDtAUVcTMh64Dj_0qTHD6a2vMunzqzJkIBfGxbeUCcPWLc72GZjG-DCiLeHO4d9gLjqM6wW7Qs_-gsUQmLYHPYUHnTlbJUiz7_-b-2X64mGqFQ6iX6yIAu46qHaYHntpnxYHjZKPnS6Z01xMScuXad8YbkjA1hjmuLs7eYxdnDUaBNRtROZB-u2STEN8bOglrmknAhnUuPUPmL2z_lCPtUMof2orJKvIfw1rdu07ErmR0OAhkQ", "payload": "" } 2021-12-02 06:50:51,401:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54756439380 HTTP/1.1" 200 1826 2021-12-02 06:50:51,402:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 02 Dec 2021 11:50:51 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102GByXsT8HRmeBtOnsxbrC9BV8Spfqb6Q30Y6iTRaE9BY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-09T11:50:46Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/SXMVx6G7P6TXs7QJ6JZYSuFsHxts7xy_ovpAWh9pndA [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54756439380/azYV2w", "token": "SXMVx6G7P6TXs7QJ6JZYSuFsHxts7xy_ovpAWh9pndA", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/SXMVx6G7P6TXs7QJ6JZYSuFsHxts7xy_ovpAWh9pndA", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/SXMVx6G7P6TXs7QJ6JZYSuFsHxts7xy_ovpAWh9pndA", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/SXMVx6G7P6TXs7QJ6JZYSuFsHxts7xy_ovpAWh9pndA", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-02T11:50:47Z" } ] } 2021-12-02 06:50:51,402:DEBUG:acme.client:Storing nonce: 0102GByXsT8HRmeBtOnsxbrC9BV8Spfqb6Q30Y6iTRaE9BY 2021-12-02 06:50:51,403:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-02 06:50:51,404:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-02 06:50:51,404:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-02 06:50:51,404:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/tJ0Qg4FQpjbxpxnkaWaJfHqmp9hrenrE03U4qXKJrUM [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-12-02 06:50:51,473:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-12-02 06:50:51,473:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-12-02 06:50:51,474:INFO:certbot.hooks:Running post-hook command: /bin/systemctl start nginx 2021-12-02 06:50:51,565:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-02 23:01:32,964:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-02 23:01:32,964:DEBUG:certbot.main:Arguments: ['-q'] 2021-12-02 23:01:32,965:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-02 23:01:32,987:DEBUG:certbot.log:Root logging level set at 30 2021-12-02 23:01:32,988:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-02 23:01:33,020:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2021-12-02 23:01:33,037:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 23:01:33,039:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 23:01:33,039:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 23:01:33,051:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 23:01:33,053:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 23:01:33,054:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 23:01:33,064:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 23:01:33,065:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 23:01:33,066:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 23:01:33,075:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 23:01:33,077:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 23:01:33,079:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 23:01:33,094:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-02 23:01:33,096:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-02 23:01:33,097:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-02 23:01:33,105:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-12-02 23:01:33,105:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-02 23:01:33,106:INFO:certbot.renewal:Non-interactive renewal: random delay of 186.6530974297019 seconds 2021-12-02 23:04:39,860:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-12-02 23:04:40,235:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-02 23:04:40,236:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-02 23:04:40,236:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-02 23:04:40,237:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-02 23:04:40,243:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-02 23:04:40,246:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-02 23:04:40,249:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-02 23:04:40,411:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-02 23:04:40,412:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 04:04:40 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "zULmY775c4w": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2021-12-02 23:04:40,414:INFO:certbot.main:Renewing an existing certificate 2021-12-02 23:04:40,514:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0490_key-certbot.pem 2021-12-02 23:04:40,532:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0490_csr-certbot.pem 2021-12-02 23:04:40,533:DEBUG:acme.client:Requesting fresh nonce 2021-12-02 23:04:40,533:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-02 23:04:40,585:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-02 23:04:40,586:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 04:04:40 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001kWpqbxlNf6imxpiiVNmP6qe7kKn1pkadCNoksmNciaI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-02 23:04:40,586:DEBUG:acme.client:Storing nonce: 0001kWpqbxlNf6imxpiiVNmP6qe7kKn1pkadCNoksmNciaI 2021-12-02 23:04:40,587:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-12-02 23:04:40,589:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWtXcHFieGxOZjZpbXhwaWlWTm1QNnFlN2tLbjFwa2FkQ05va3NtTmNpYUkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "R_iD0AV71sPvU-gNrYcFvWHyz0w6IV-tfQDt_lcugkd7GLAqRSzazBkz1kqHGh007fCiSu0Q7QhRw_t-Ia5Mit7OcQztyjhXcLnz3NtdibfvU6ozCAH5rWl_s6xbb3I2Dn-99K_KvOiaDXGDELVla_zkrZllbLz8SxxvwirEsAyjz6Y7KJZZjk84Wd_cEE-VPnr0MUjwxe0RFxroHX7b6dGNyfXnQE7CesIJJkALaygNBCxUfc9lbw_S5_j-SRlxwSYVt-LJfWLSIYAQkMGZYCp24xzjtGcBd_FrR7uKBa0z9llyXXJ1Yso-p5SLfvBqLUXMiwz-Q84tQQbl8ok5Tg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-12-02 23:04:41,659:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-12-02 23:04:41,660:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Fri, 03 Dec 2021 04:04:41 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44325647170 Replay-Nonce: 0001gRVx3shTC26a9oXOADf3aIwaFIpzXMZwH10RE0t8xa4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-10T04:04:41Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54949642050" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44325647170" } 2021-12-02 23:04:41,660:DEBUG:acme.client:Storing nonce: 0001gRVx3shTC26a9oXOADf3aIwaFIpzXMZwH10RE0t8xa4 2021-12-02 23:04:41,660:DEBUG:acme.client:JWS payload: b'' 2021-12-02 23:04:41,663:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54949642050: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWdSVngzc2hUQzI2YTlvWE9BRGYzYUl3YUZJcHpYTVp3SDEwUkUwdDh4YTQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0OTQ5NjQyMDUwIn0", "signature": "kKWzknCva1xUglv2TzrtL0o0szkU4eh3Fh1vDohDa8hjzX4L6dpLriklH9_4DbSfVFeoZXKqGsAq9ize0EVYbecmJQzbKXIlaYj_MziOG5S6FfoQeSmTXjhtsTEnxDvSyqaOJ7F6wq8Vr_-sTtXp7i5SqLO9m3bzhky-fLr0Y5vVLs3am3PV62Hn3q-ybhPcnRH3bW9ULIsFrDiByn6tDZ-gChFvZ_BqJeaGKNJDx8s5-tROh2kpHF4LiZWGT2qfbPZJv8sWj7HyTB2qeFagPy_dUD-GRjlD5h4pQeH6QklEbxRejLPBpA-DubwNxiOlHo1rfFdWT6hAyyX4TJcE5w", "payload": "" } 2021-12-02 23:04:41,725:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54949642050 HTTP/1.1" 200 792 2021-12-02 23:04:41,726:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 04:04:41 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002ek1OP6ttRZFMXxz8x0cZNji2giv0M7v0oZNTXQhr6-Y X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-10T04:04:41Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949642050/eskJUg", "token": "tYInbGnq7OcoDUR4QczEMPQdajLQUHBFrpW43AUalFI" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949642050/GY56Sw", "token": "tYInbGnq7OcoDUR4QczEMPQdajLQUHBFrpW43AUalFI" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949642050/GSD3Uw", "token": "tYInbGnq7OcoDUR4QczEMPQdajLQUHBFrpW43AUalFI" } ] } 2021-12-02 23:04:41,726:DEBUG:acme.client:Storing nonce: 0002ek1OP6ttRZFMXxz8x0cZNji2giv0M7v0oZNTXQhr6-Y 2021-12-02 23:04:41,727:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-02 23:04:41,727:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-02 23:04:41,772:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-02 23:04:41,773:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-02 23:04:41,774:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-02 23:04:41,774:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-02 23:04:41,775:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-02 23:04:41,775:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-02 23:04:41,775:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-02 23:04:41,776:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-02 23:04:41,776:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-02 23:04:41,777:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-02 23:04:41,777:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-02 23:04:41,777:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-02 23:04:41,778:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-02 23:04:41,779:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-02 23:04:41,781:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/tYInbGnq7OcoDUR4QczEMPQdajLQUHBFrpW43AUalFI{default_type text/plain;return 200 tYInbGnq7OcoDUR4QczEMPQdajLQUHBFrpW43AUalFI.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-02 23:04:42,810:INFO:certbot.auth_handler:Waiting for verification... 2021-12-02 23:04:42,812:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-02 23:04:42,814:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949642050/eskJUg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmVrMU9QNnR0UlpGTVh4ejh4MGNaTmppMmdpdjBNN3Ywb1pOVFhRaHI2LVkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0OTQ5NjQyMDUwL2Vza0pVZyJ9", "signature": "fKAN_Nde5e6IwSfm1DE7qSEp3IDSguLLI1v63Lr4dpu6GaXTSCzU-1gXJ2GUmJz3qpCu9r0-wTnXwDTSbzC4P3PvV5nZSZwJMCBqSwkak6vdLSGiTNl8VRpQX9k_Dux9Tle_9ZErf0DqsyMMA_G0pWK7_QZFNUClAh57-rETeJZr8BhjUovH3o8h6QvTn8hWBYviAXUQh7S6pNi9u-mUa9MxBcYRTIyjqf8b61onw_9fvH7M82nzO1Zf9NOoUkl7Oh8MIFvCC3FqcFu7ObkPiOp0wjO4s8s4qdDHnZUUOixZtMtik7EY_5zd--cp3Ipw-D2d2rC9_b7KkFfSfSlLWg", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-02 23:04:42,882:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54949642050/eskJUg HTTP/1.1" 200 186 2021-12-02 23:04:42,883:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 04:04:42 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949642050/eskJUg Replay-Nonce: 0002RSUfJVT7pqheVUhRKmMAFGGzR9qwdkYhST6is1cdEHE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949642050/eskJUg", "token": "tYInbGnq7OcoDUR4QczEMPQdajLQUHBFrpW43AUalFI" } 2021-12-02 23:04:42,883:DEBUG:acme.client:Storing nonce: 0002RSUfJVT7pqheVUhRKmMAFGGzR9qwdkYhST6is1cdEHE 2021-12-02 23:04:43,885:DEBUG:acme.client:JWS payload: b'' 2021-12-02 23:04:43,887:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54949642050: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlJTVWZKVlQ3cHFoZVZVaFJLbU1BRkdHelI5cXdka1loU1Q2aXMxY2RFSEUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0OTQ5NjQyMDUwIn0", "signature": "cUi_n04moe2ZUuu-h1DiBPaOCGeN-upioctUWoZumAoIPRWUwsWAaKAr3pbMye-EITGiVjXcrnGd7rgfaR_JwaPkv_jN67Kl4X-uzFyJLn40OT9jR10BCFnGT9KbDdxEKUVbJgujq2WVXEpFBhouCGHX8SFV_dm8qdvPzDBAMKD0IOJ5C1qyV-bVI-7X4-JgSvpVMUZRdC4nkG_ramF1HJYjVjQNY4Xh6yyr3tAxPVWc6uXzi8wJuMu8gAp8ggTYCDFgth8E2rBIRV1RkTCGlfqd4rFk_2IWkf9mBIzTDTAlNhAlFkrClzBFGRtb5eeKiRRJWA-VDeyESqMQHGQUFw", "payload": "" } 2021-12-02 23:04:43,954:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54949642050 HTTP/1.1" 200 1505 2021-12-02 23:04:43,955:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 04:04:43 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002oE28pAS1IbITEZygNWlvVwaRffb6rAwy4Rotg0WgeMs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-10T04:04:41Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/tYInbGnq7OcoDUR4QczEMPQdajLQUHBFrpW43AUalFI [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949642050/eskJUg", "token": "tYInbGnq7OcoDUR4QczEMPQdajLQUHBFrpW43AUalFI", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/tYInbGnq7OcoDUR4QczEMPQdajLQUHBFrpW43AUalFI", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/tYInbGnq7OcoDUR4QczEMPQdajLQUHBFrpW43AUalFI", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-03T04:04:42Z" } ] } 2021-12-02 23:04:43,955:DEBUG:acme.client:Storing nonce: 0002oE28pAS1IbITEZygNWlvVwaRffb6rAwy4Rotg0WgeMs 2021-12-02 23:04:43,956:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-02 23:04:43,957:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-02 23:04:43,959:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/tYInbGnq7OcoDUR4QczEMPQdajLQUHBFrpW43AUalFI [75.2.60.5]: "\n\n\n \n Prep: True 2021-12-02 23:04:45,594:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-02 23:04:45,595:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-02 23:04:45,595:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-02 23:04:45,599:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-02 23:04:45,600:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-02 23:04:45,602:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-02 23:04:45,755:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-02 23:04:45,756:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 04:04:45 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "i_FwngO8jMM": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-02 23:04:45,757:INFO:certbot.main:Renewing an existing certificate 2021-12-02 23:04:45,824:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0491_key-certbot.pem 2021-12-02 23:04:45,833:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0491_csr-certbot.pem 2021-12-02 23:04:45,834:DEBUG:acme.client:Requesting fresh nonce 2021-12-02 23:04:45,834:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-02 23:04:45,885:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-02 23:04:45,886:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 04:04:45 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001kxdJaoRJzPKG4yPCUCnv419deHkgR5zGe4vnKdK-1QY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-02 23:04:45,887:DEBUG:acme.client:Storing nonce: 0001kxdJaoRJzPKG4yPCUCnv419deHkgR5zGe4vnKdK-1QY 2021-12-02 23:04:45,887:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-02 23:04:45,890:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWt4ZEphb1JKelBLRzR5UENVQ252NDE5ZGVIa2dSNXpHZTR2bktkSy0xUVkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "DD5IqMthy9rC_wESeWgUeiL1Lx0HCLRoanQqG2mkyxSG2rtVolNq6HPQyL4WehklyiqWbKXeg3yEiaPwNXhQfza_aI7ZDPsngiq8UK6aK3C4n1FCQy5QCrDYly3rTtYPR3tES-eyshcZm0FCOwESgxPZwZmHZZLf2udZIdXVEZ0oczhTaEPRb9vwWD3sWzaGnGf37nzIUboO34VfCrUhRl62APU3I8jUD8qRbXwDjpXvP6X0axfshO7ecUeBMZsdu5eA_g603M6XhxcmB6pwlMu1PeKq4c_5ZcfRF8Iw2j0Nz53tBjYOwzbKHLxLtdAc1jDOz1QB-buylTqjNDbGPw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-02 23:04:47,559:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-02 23:04:47,560:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Fri, 03 Dec 2021 04:04:47 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44325662150 Replay-Nonce: 0001O_Fx9ID0fs9gQFFiPR-sriI54uYVZdRzpcQ4uyH2pkM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-10T04:04:47Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54949661750", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/54949661760" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44325662150" } 2021-12-02 23:04:47,560:DEBUG:acme.client:Storing nonce: 0001O_Fx9ID0fs9gQFFiPR-sriI54uYVZdRzpcQ4uyH2pkM 2021-12-02 23:04:47,560:DEBUG:acme.client:JWS payload: b'' 2021-12-02 23:04:47,562:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54949661750: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMU9fRng5SUQwZnM5Z1FGRmlQUi1zcmlJNTR1WVZaZFJ6cGNRNHV5SDJwa00iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0OTQ5NjYxNzUwIn0", "signature": "kUYZb3LGOZgq5hRYmJC8RfB7hRmZOkbYMMlGxg5sLHSBVptKrRRxDZBXzSa0EwYf6STWGlKkoAzxt90Ogx87sjjXfj31lbjC0tkh_2RdBzjjl3zySV9Bc3pE_aGQUyo0v4DevZIVfaYGulVdmdLp248F_vYreIhfqhiGO6aML0URDtQ3NMi9I4YMp8aYsTknw-DC-TjoucYnZFlmeMn8VCmzFqHZ1dwDmeNBxvVDaZW9Xzh7wIu8R6LOV0oBJ_BSt87o6pBBwmZV45BJNkbCE5hhHzkkNoFH0mwAttnDY78uLzzzZZwWQW0xPSWrv0xtwEWn_A1VQHPLiC15DTUT2g", "payload": "" } 2021-12-02 23:04:47,625:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54949661750 HTTP/1.1" 200 792 2021-12-02 23:04:47,625:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 04:04:47 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001yDT2Q5W4uYQU_jDwUEUNsUBjJK7sDsZhc5kyFp8TN4Y X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-10T04:04:47Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949661750/hg9DSg", "token": "tqYxWmaAW7107hJLwd6Izb0yCebUYEtL4A7-njZPIQA" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949661750/bIRu-g", "token": "tqYxWmaAW7107hJLwd6Izb0yCebUYEtL4A7-njZPIQA" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949661750/HYF_0g", "token": "tqYxWmaAW7107hJLwd6Izb0yCebUYEtL4A7-njZPIQA" } ] } 2021-12-02 23:04:47,626:DEBUG:acme.client:Storing nonce: 0001yDT2Q5W4uYQU_jDwUEUNsUBjJK7sDsZhc5kyFp8TN4Y 2021-12-02 23:04:47,627:DEBUG:acme.client:JWS payload: b'' 2021-12-02 23:04:47,628:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54949661760: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXlEVDJRNVc0dVlRVV9qRHdVRVVOc1VCakpLN3NEc1poYzVreUZwOFRONFkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0OTQ5NjYxNzYwIn0", "signature": "N_qFd60ITQ1ZLW0JEMVq7ySz08BzU4nghK-RifXRO5rTqbD-Ueu2-yYh_fBwMF6KgoNQHexR_oeEGB8wuOO_e1m7bt74YLlCO1z5ZzwPXGcKlimucw6PmdWnDkbZPT7QRefBH-FOcLsBkkL45xqI2SV0SWLX8ZWljQQF2jplMUqHFUmsfz_rFBRZp9PbZEqEDjT2yZD8FmRmePMkbfef9by0JDfjn3U7AR2pWqiqQ4X83z9bbVV5Rms3JG3GarqOFBvWYsnH2d1nTtPN7s6ZHvB20UBNdhDlw2BVnGgWqd9-QLnePLHb_9C0lfRZxj5RATuS8KeXQVaAB8H8T2QVNw", "payload": "" } 2021-12-02 23:04:47,695:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54949661760 HTTP/1.1" 200 796 2021-12-02 23:04:47,696:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 04:04:47 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002P9ozycplyp3EVUPZITNzFnf5DjqpBEADeI9dWckAlX4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-10T04:04:47Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949661760/BuDH1g", "token": "vaRt_wY2qXaKayNTUnPBqZQrgPWdLWfUXscYfUajiZA" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949661760/Rph-3g", "token": "vaRt_wY2qXaKayNTUnPBqZQrgPWdLWfUXscYfUajiZA" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949661760/a7nIOg", "token": "vaRt_wY2qXaKayNTUnPBqZQrgPWdLWfUXscYfUajiZA" } ] } 2021-12-02 23:04:47,696:DEBUG:acme.client:Storing nonce: 0002P9ozycplyp3EVUPZITNzFnf5DjqpBEADeI9dWckAlX4 2021-12-02 23:04:47,697:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-02 23:04:47,697:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-02 23:04:47,697:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-02 23:04:47,756:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-02 23:04:47,757:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-02 23:04:47,757:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-02 23:04:47,758:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-02 23:04:47,758:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-02 23:04:47,758:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-02 23:04:47,759:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-02 23:04:47,759:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-02 23:04:47,760:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-02 23:04:47,760:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-02 23:04:47,760:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-02 23:04:47,760:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-02 23:04:47,761:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-02 23:04:47,762:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-02 23:04:47,763:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/tqYxWmaAW7107hJLwd6Izb0yCebUYEtL4A7-njZPIQA{default_type text/plain;return 200 tqYxWmaAW7107hJLwd6Izb0yCebUYEtL4A7-njZPIQA.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot location = /.well-known/acme-challenge/vaRt_wY2qXaKayNTUnPBqZQrgPWdLWfUXscYfUajiZA{default_type text/plain;return 200 vaRt_wY2qXaKayNTUnPBqZQrgPWdLWfUXscYfUajiZA.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-02 23:04:48,792:INFO:certbot.auth_handler:Waiting for verification... 2021-12-02 23:04:48,793:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-02 23:04:48,796:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949661750/hg9DSg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlA5b3p5Y3BseXAzRVZVUFpJVE56Rm5mNURqcXBCRUFEZUk5ZFdja0FsWDQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0OTQ5NjYxNzUwL2hnOURTZyJ9", "signature": "hRKCXESBlyHZLEy5yeqBgyXFpkudMX0ik6etbnEOyToo_5mWHzc01xNOMM6K0pVRBlbZ7Cs-WWtnq9J4maG6yXhu04YYIXUeswMKKnVLybY29FhAUle6Dcl7Ryal4sNwfG_bVt732ropGHn0oceiw3gAnNVCSxIo75uJ9ugMrXln_QPPScRrXJdgn4cdqN7Sqcg3U9zxx3pH5Hn7suMIsnPvocb9gKta97HwSEKxPIUquTtBRfUSQ2KtOmsaNRNf33iilkjrYiHk3y_8_itFwaZuajDp-l_KH2VOXAAsaFfnl4M-GMrJ_TFEsOBVjMEMyqZ6UdulE5FGpUjHTR8ilA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-02 23:04:48,864:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54949661750/hg9DSg HTTP/1.1" 200 186 2021-12-02 23:04:48,865:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 04:04:48 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949661750/hg9DSg Replay-Nonce: 00019zrDW39A8-gitAjP7TMmrXUSdoJp3-oCiXEaCPXUemM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949661750/hg9DSg", "token": "tqYxWmaAW7107hJLwd6Izb0yCebUYEtL4A7-njZPIQA" } 2021-12-02 23:04:48,866:DEBUG:acme.client:Storing nonce: 00019zrDW39A8-gitAjP7TMmrXUSdoJp3-oCiXEaCPXUemM 2021-12-02 23:04:48,866:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-02 23:04:48,868:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949661760/BuDH1g: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMTl6ckRXMzlBOC1naXRBalA3VE1tclhVU2RvSnAzLW9DaVhFYUNQWFVlbU0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU0OTQ5NjYxNzYwL0J1REgxZyJ9", "signature": "m2_22X8X5or5Mb8iM4zuxTxHsUsRkTwXLm2gqsCsahHdmt2UIgmrOuHEslaO-k8wm9yUdagCqfXkYWYhi2AiPxL1niYGH-GNBapGubhdhEFDivCxjt3HrHliA3dTNd_C8LzSDxRTYzhtbkYANQ2kuXTEuA1c1xbWNeS1jHxSxwFi9GoTHmV9O_RUp_KU66Vre471Y8HpZcI604rwRfJxuIkEBv3IAG6q4TKuKC-WIiBrDHk6RPrrNEQcT1mfIqHRpn87_DZlzLpVdZkJLRK088tWUpipyDom-ayAiODtWQ_Yqbq_2aVUAFAnYcNxDc-qNKseH8r0Ldg8Y6jaBS8QNQ", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-02 23:04:48,934:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/54949661760/BuDH1g HTTP/1.1" 200 186 2021-12-02 23:04:48,934:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 04:04:48 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949661760/BuDH1g Replay-Nonce: 00017he_vHkCHLZTQ1gYxN6dj-5H2RqYe4lJ_rmz926LZFY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949661760/BuDH1g", "token": "vaRt_wY2qXaKayNTUnPBqZQrgPWdLWfUXscYfUajiZA" } 2021-12-02 23:04:48,935:DEBUG:acme.client:Storing nonce: 00017he_vHkCHLZTQ1gYxN6dj-5H2RqYe4lJ_rmz926LZFY 2021-12-02 23:04:49,936:DEBUG:acme.client:JWS payload: b'' 2021-12-02 23:04:49,938:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54949661750: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMTdoZV92SGtDSExaVFExZ1l4TjZkai01SDJScVllNGxKX3JtejkyNkxaRlkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0OTQ5NjYxNzUwIn0", "signature": "UUsB-GOtoErSpamHg6Ftu-T5T7-BFluPiWHz3J-OrTqiZy1TCQKdWt3gDDbcrXte9tXmUZ6dlu-1-rWRlWGeBjRLek-uAT45AYe89VMGhhXAVyuij-EwmYPfFQTaa9AicF8QGU7Cfys2HNKCMArx3eGGzX5yTZFuf-0lHLYYitH5aYf7b_IktK0Hk6Zi8HzZE4Fd3PToqZHpbTDe2RTiuT1tr1nDH0Gv1OBc_VXrCymBCW0ckbQT1qfs08q5aaYRNdK6nozYN2WLVvExBhIVfdkez6Dqkd6b7ZvsjHoEEl5qFYik42r0f8gTFOQLMpxMopVi0T3DLkAhyZj5tx3diQ", "payload": "" } 2021-12-02 23:04:49,998:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54949661750 HTTP/1.1" 200 1505 2021-12-02 23:04:49,999:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 04:04:49 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002XDT36SYxE6mHY6bjwPmbUAnhXB91c4VTR49YZPh_RII X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-10T04:04:47Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/tqYxWmaAW7107hJLwd6Izb0yCebUYEtL4A7-njZPIQA [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949661750/hg9DSg", "token": "tqYxWmaAW7107hJLwd6Izb0yCebUYEtL4A7-njZPIQA", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/tqYxWmaAW7107hJLwd6Izb0yCebUYEtL4A7-njZPIQA", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/tqYxWmaAW7107hJLwd6Izb0yCebUYEtL4A7-njZPIQA", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-03T04:04:48Z" } ] } 2021-12-02 23:04:49,999:DEBUG:acme.client:Storing nonce: 0002XDT36SYxE6mHY6bjwPmbUAnhXB91c4VTR49YZPh_RII 2021-12-02 23:04:50,000:DEBUG:acme.client:JWS payload: b'' 2021-12-02 23:04:50,003:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54949661760: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlhEVDM2U1l4RTZtSFk2Ymp3UG1iVUFuaFhCOTFjNFZUUjQ5WVpQaF9SSUkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0OTQ5NjYxNzYwIn0", "signature": "YIlNlnOq0lh0pU4ymQSoUjABEZQutcAhT9ru2ugpZg57TNZabXhHIp9KldrTBTK_Gjy6CdmM_55-RXulNqjpBll1m2c9A67Xdv9x8965LPS5L87epHK7o5ja40pwkiaceGzAiek21PoM5c56Sf7miA981M1_iQZAB8IYzEOlGUs0X9zkWLSU4LZeyvypDrk_9KaYdNgR60D6rh9Wz6mCYRG1W3xYWEji-Pj0xsLeSggdfgMH39jDMB6QmnT5m1D1lUIeSR8bsPgTq0uJTmaeP9NsgN-BaDcv4DDoLtat7kxoTPo-YbyU7cvc91jK2hOSmPo7Xg175tgvMfId-IlhSw", "payload": "" } 2021-12-02 23:04:50,065:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54949661760 HTTP/1.1" 200 796 2021-12-02 23:04:50,066:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 04:04:50 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00017NeLYTSP9e5hf7KbMMmatk65VceJ0S3XZeJiPj9G0uk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-10T04:04:47Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949661760/BuDH1g", "token": "vaRt_wY2qXaKayNTUnPBqZQrgPWdLWfUXscYfUajiZA" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949661760/Rph-3g", "token": "vaRt_wY2qXaKayNTUnPBqZQrgPWdLWfUXscYfUajiZA" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949661760/a7nIOg", "token": "vaRt_wY2qXaKayNTUnPBqZQrgPWdLWfUXscYfUajiZA" } ] } 2021-12-02 23:04:50,067:DEBUG:acme.client:Storing nonce: 00017NeLYTSP9e5hf7KbMMmatk65VceJ0S3XZeJiPj9G0uk 2021-12-02 23:04:50,067:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-02 23:04:53,069:DEBUG:acme.client:JWS payload: b'' 2021-12-02 23:04:53,071:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/54949661760: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMTdOZUxZVFNQOWU1aGY3S2JNTW1hdGs2NVZjZUowUzNYWmVKaVBqOUcwdWsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU0OTQ5NjYxNzYwIn0", "signature": "XGvz0NO5YIlNmMsCByAUl2Lg5t217eETZtmoioAhQiWtY93stHWYAzWPh4QfDGGP-bjbiSPR0e9tQOatFIDMsbRSm74RnRd2lG1TgUKU8NW4IeDKXshp8TWgn_QzxAXfsvyDwsUQNNXDtK1a_b2bQe6nDQy9pT766PwOd2y0kdN-v-0wkb6V9d-HrikVzwdXjg5_wQ2lUUeyYd5csuuhGmYvc7fdXmHBYOqPPaW1b8xBExL571vXVVtN_w2nHRLW7eHH-uKWGai8EP6FELRWFVMtGYm4iJNJ38ZyR1AOcuP9trNP9-DrapqoB1TB03MTfBfo_fso0n-OVGA6TLu0gA", "payload": "" } 2021-12-02 23:04:53,137:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/54949661760 HTTP/1.1" 200 1826 2021-12-02 23:04:53,138:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 04:04:53 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001WvQNsVAnww05WMPz5cS-4pypm-12CMRckDgCKkrlc60 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-10T04:04:47Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/vaRt_wY2qXaKayNTUnPBqZQrgPWdLWfUXscYfUajiZA [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/54949661760/BuDH1g", "token": "vaRt_wY2qXaKayNTUnPBqZQrgPWdLWfUXscYfUajiZA", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/vaRt_wY2qXaKayNTUnPBqZQrgPWdLWfUXscYfUajiZA", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/vaRt_wY2qXaKayNTUnPBqZQrgPWdLWfUXscYfUajiZA", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/vaRt_wY2qXaKayNTUnPBqZQrgPWdLWfUXscYfUajiZA", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-03T04:04:48Z" } ] } 2021-12-02 23:04:53,138:DEBUG:acme.client:Storing nonce: 0001WvQNsVAnww05WMPz5cS-4pypm-12CMRckDgCKkrlc60 2021-12-02 23:04:53,139:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-02 23:04:53,139:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-02 23:04:53,139:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-02 23:04:53,139:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/tqYxWmaAW7107hJLwd6Izb0yCebUYEtL4A7-njZPIQA [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-12-02 23:04:54,481:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-12-02 23:04:54,482:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-12-02 23:04:54,482:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-03 02:43:32,056:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-03 02:43:32,057:DEBUG:certbot.main:Arguments: ['--standalone', '--pre-hook', '/bin/systemctl stop nginx', '--post-hook', '/bin/systemctl start nginx', '--quiet'] 2021-12-03 02:43:32,057:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-03 02:43:32,067:DEBUG:certbot.log:Root logging level set at 30 2021-12-03 02:43:32,068:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-03 02:43:32,077:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer 2021-12-03 02:43:32,078:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-03 02:43:32,078:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-03 02:43:32,078:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-03 02:43:32,088:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 02:43:32,089:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 02:43:32,089:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 02:43:32,091:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-03 02:43:32,091:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-03 02:43:32,091:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-03 02:43:32,093:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 02:43:32,094:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 02:43:32,095:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 02:43:32,096:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-03 02:43:32,096:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-03 02:43:32,096:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-03 02:43:32,099:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 02:43:32,099:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 02:43:32,100:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 02:43:32,101:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-03 02:43:32,102:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-03 02:43:32,102:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-03 02:43:32,104:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 02:43:32,105:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 02:43:32,105:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 02:43:32,106:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-03 02:43:32,107:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-03 02:43:32,107:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-03 02:43:32,110:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 02:43:32,111:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 02:43:32,112:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 02:43:32,113:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-03 02:43:32,115:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-12-03 02:43:32,115:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-03 02:43:32,116:INFO:certbot.renewal:Non-interactive renewal: random delay of 444.59637907266716 seconds 2021-12-03 02:50:56,733:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 02:50:57,080:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-03 02:50:57,081:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-12-03 02:50:57,081:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-03 02:50:57,082:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-12-03 02:50:57,087:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-03 02:50:57,090:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-03 02:50:57,093:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-03 02:50:57,263:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-03 02:50:57,264:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 07:50:57 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "25GYzFFs4Ns": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-03 02:50:57,264:INFO:certbot.hooks:Running pre-hook command: /bin/systemctl stop nginx 2021-12-03 02:51:02,294:INFO:certbot.main:Renewing an existing certificate 2021-12-03 02:51:02,410:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0492_key-certbot.pem 2021-12-03 02:51:02,419:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0492_csr-certbot.pem 2021-12-03 02:51:02,420:DEBUG:acme.client:Requesting fresh nonce 2021-12-03 02:51:02,420:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-03 02:51:02,473:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-03 02:51:02,474:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 07:51:02 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001h3aAFG_ZBFx6zqQ-d5-0_IR-ozw-Ly2nmbV7QUPtNSw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-03 02:51:02,475:DEBUG:acme.client:Storing nonce: 0001h3aAFG_ZBFx6zqQ-d5-0_IR-ozw-Ly2nmbV7QUPtNSw 2021-12-03 02:51:02,475:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-12-03 02:51:02,479:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWgzYUFGR19aQkZ4NnpxUS1kNS0wX0lSLW96dy1MeTJubWJWN1FVUHROU3ciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "ggZnY0k2OXTkFMKby2gWFbkvDJXwMfiupRR3aj80I74Mfbt8wgr_OyOv5Q4Dn7RYNvoA_QqgzRhAdUpEPMqBZqEJQZsyvL94CJF2B2kWqMCgCeQgWlu7FC2eREysBhm6A4YcEick6YVGwmNdmTtqOWUClSKOnWUuRsEJdfne4bEbFeBfY5EeGcu3d1aE_bURIt3dpGD-GFIPfJmu0WCkgrpzOkZZIkv25JH1peRWsl5pQM2ObY1gpAD2cgHBa38-Id8CSaYIZ7vystscP80cf1yxze6YjfWNUBfaQIh9IhWhgyaTY5lGA0K8hA7_IIsRo50466PAbn3MoQpXPV7HyQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-12-03 02:51:03,009:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-12-03 02:51:03,010:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Fri, 03 Dec 2021 07:51:02 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44367989430 Replay-Nonce: 0001PR63AhPxT29UhKkDhJQm2vVt_3qegdAiyzs3EMlb2Xo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-10T07:51:02Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55000461030" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44367989430" } 2021-12-03 02:51:03,010:DEBUG:acme.client:Storing nonce: 0001PR63AhPxT29UhKkDhJQm2vVt_3qegdAiyzs3EMlb2Xo 2021-12-03 02:51:03,011:DEBUG:acme.client:JWS payload: b'' 2021-12-03 02:51:03,013:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55000461030: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVBSNjNBaFB4VDI5VWhLa0RoSlFtMnZWdF8zcWVnZEFpeXpzM0VNbGIyWG8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDAwNDYxMDMwIn0", "signature": "SCMkO4RBlXAp4JVqrjtm4p8SZ-rqR_waGntRrE4-1QDYp9IFPuVEpRwnJtOK-L5t_s4EyarWr6iYvojfXgngXNmchBKqyiJSn8CGCGDdyOOwdUN0J4-ffuslLGdEz39IM4yd9arycQnS3X6qbFeTZxeWHNt8e24fb_P437Z2p4HWnUrPwMcVarU7cIe28fxzaB0ZdS4f_0A3l7Ezlu44M4uBrueFA3xX_tUnv6zsenUU32OYXniQqAi6qHPH2RQBgBGTAU72OWX4xCzgChwjmQy1TyELHApQy3RigfYY6DrJHL4qtBlvBbZPa8fxInzrZcHeeRpCBGlR1kAlDRHT0A", "payload": "" } 2021-12-03 02:51:03,077:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55000461030 HTTP/1.1" 200 792 2021-12-03 02:51:03,078:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 07:51:03 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001w9CBZBiXnguptTv4mCvUXk67i4FklaJtYtocdTF_C_o X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-10T07:51:02Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000461030/CQPB5Q", "token": "YLs5xGlYOzx_sgHd5wRk1ByBBKmet_JILv4gB1GcJpU" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000461030/fLinnw", "token": "YLs5xGlYOzx_sgHd5wRk1ByBBKmet_JILv4gB1GcJpU" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000461030/dzMP3Q", "token": "YLs5xGlYOzx_sgHd5wRk1ByBBKmet_JILv4gB1GcJpU" } ] } 2021-12-03 02:51:03,079:DEBUG:acme.client:Storing nonce: 0001w9CBZBiXnguptTv4mCvUXk67i4FklaJtYtocdTF_C_o 2021-12-03 02:51:03,080:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-03 02:51:03,080:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 02:51:03,081:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-12-03 02:51:03,081:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-12-03 02:51:03,087:INFO:certbot.auth_handler:Waiting for verification... 2021-12-03 02:51:03,087:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-03 02:51:03,090:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000461030/CQPB5Q: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXc5Q0JaQmlYbmd1cHRUdjRtQ3ZVWGs2N2k0RmtsYUp0WXRvY2RURl9DX28iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MDAwNDYxMDMwL0NRUEI1USJ9", "signature": "ei9Abd6GgFEmdBrO1QWllZVCL1qDXY8RoJIfta9XG0wZj7Izxnwa7t5mqsE50gBbt7bUPmVTsAFmKnb1FXiaKenL2O3QWeoiltmuLm4LZGumbYlpemwZWuGrHEo9QW1jTTJSuVUPyLbYwvVezZ6f9xgg4EJli_C7xWzgrjalxMl0bQVgwNSuXVJrhcJFQkrNohWubR4DlJYKjObni3c3nBzLjkZPCsgzFPqJRPF6w5Nhw77MvYsUtL7zuku07xDnCgBROHR1nh2HaHVB-7lsNVopit03oIAXaZqeggUnuuR8C_iMmovtMxtPEDzBBbepIAP_Jd2sEstb9JftbGCshw", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-03 02:51:03,161:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55000461030/CQPB5Q HTTP/1.1" 200 186 2021-12-03 02:51:03,162:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 07:51:03 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000461030/CQPB5Q Replay-Nonce: 0002UT8eDfydCEU6cjyczcTD8-Mwbpwsp97Z_ILHqIiCdD8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000461030/CQPB5Q", "token": "YLs5xGlYOzx_sgHd5wRk1ByBBKmet_JILv4gB1GcJpU" } 2021-12-03 02:51:03,162:DEBUG:acme.client:Storing nonce: 0002UT8eDfydCEU6cjyczcTD8-Mwbpwsp97Z_ILHqIiCdD8 2021-12-03 02:51:04,164:DEBUG:acme.client:JWS payload: b'' 2021-12-03 02:51:04,166:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55000461030: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlVUOGVEZnlkQ0VVNmNqeWN6Y1REOC1Nd2Jwd3NwOTdaX0lMSHFJaUNkRDgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDAwNDYxMDMwIn0", "signature": "Ht1u4Fc2v72Xy7EqXtrGmbrmzBtCotFif_d9J4OXnXuodRSROZvIdrPj4kkEfnc7xiSgaqC5fKtlPC-2ERCLlBCYXGXTc2ppjeEflllaCcYnR7CkmC4p-gL7AKmrg2OAt_SMrAdgHI8xr5ZNg-fMrjDf5zP9YCfklPjdU0me3Bg65R1ZublXoE2N4XGRsfkrYI6ao2NaCI3i3WdEj3a1xq1V8rh1BmJnKGqaQnCOLosxBpm-eglGkq4h8yx-C3CjhI8OQPso0-wm6Dg9fFG-9RY8EHHZHU09O32OAAH7EPDjzAh5gbEnAEhKZayzRMf-A9_qBH1GxxYcvuZPQ6uFNg", "payload": "" } 2021-12-03 02:51:04,232:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55000461030 HTTP/1.1" 200 792 2021-12-03 02:51:04,233:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 07:51:04 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002pHbz_mT7VeBUjlQSjwjQi85nFXPcp_yekU1C0s6Wuxw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-10T07:51:02Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000461030/CQPB5Q", "token": "YLs5xGlYOzx_sgHd5wRk1ByBBKmet_JILv4gB1GcJpU" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000461030/fLinnw", "token": "YLs5xGlYOzx_sgHd5wRk1ByBBKmet_JILv4gB1GcJpU" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000461030/dzMP3Q", "token": "YLs5xGlYOzx_sgHd5wRk1ByBBKmet_JILv4gB1GcJpU" } ] } 2021-12-03 02:51:04,233:DEBUG:acme.client:Storing nonce: 0002pHbz_mT7VeBUjlQSjwjQi85nFXPcp_yekU1C0s6Wuxw 2021-12-03 02:51:07,237:DEBUG:acme.client:JWS payload: b'' 2021-12-03 02:51:07,240:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55000461030: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnBIYnpfbVQ3VmVCVWpsUVNqd2pRaTg1bkZYUGNwX3lla1UxQzBzNld1eHciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDAwNDYxMDMwIn0", "signature": "SfxEKaNWVx-IOrOiMYzWAxZ8EnMI_Pgnb9MH44sAKlzydER125M_ZRd9D8eR4JLenXA-4Gi5WE8Bm0eYyTusFGduLHPbjaB3LJtDpncAyCyBPCnuh6wG3DQ6s2x93Kq4pUNvc99ggTFJJJjKPlsxN6RN9sWOrHucbSKOvez8tYre56feHT8uzn0QGQEy8NPztcJrDwhmMbo-Pjb_XZV_NRwOmGY0E0bsS-DmHz9bfGpeSKYNntJoaWoqzEHzIx7eHR5zVthOfMHKEJEO71j-YwoqvtFd5EiYwctg9K3N3ujgrfING_MLAfvnIBiYBKAn4B1xPafgAgra4vyuKbqrYA", "payload": "" } 2021-12-03 02:51:07,304:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55000461030 HTTP/1.1" 200 1505 2021-12-03 02:51:07,305:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 07:51:07 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001tBP98lS1TrbRNUVbZYVfG5Z-xS9-pFAS6N74hvRdqk8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-10T07:51:02Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/YLs5xGlYOzx_sgHd5wRk1ByBBKmet_JILv4gB1GcJpU [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000461030/CQPB5Q", "token": "YLs5xGlYOzx_sgHd5wRk1ByBBKmet_JILv4gB1GcJpU", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/YLs5xGlYOzx_sgHd5wRk1ByBBKmet_JILv4gB1GcJpU", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/YLs5xGlYOzx_sgHd5wRk1ByBBKmet_JILv4gB1GcJpU", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-03T07:51:03Z" } ] } 2021-12-03 02:51:07,306:DEBUG:acme.client:Storing nonce: 0001tBP98lS1TrbRNUVbZYVfG5Z-xS9-pFAS6N74hvRdqk8 2021-12-03 02:51:07,306:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-03 02:51:07,307:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 02:51:07,307:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/YLs5xGlYOzx_sgHd5wRk1ByBBKmet_JILv4gB1GcJpU [75.2.60.5]: "\n\n\n \n Prep: True 2021-12-03 02:51:07,897:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-12-03 02:51:07,898:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-03 02:51:07,898:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-12-03 02:51:07,902:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-03 02:51:07,904:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-03 02:51:07,906:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-03 02:51:08,060:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-03 02:51:08,061:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 07:51:08 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "RoU05xD7ndk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-03 02:51:08,062:INFO:certbot.hooks:Pre-hook command already run, skipping: /bin/systemctl stop nginx 2021-12-03 02:51:08,062:INFO:certbot.main:Renewing an existing certificate 2021-12-03 02:51:08,318:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0493_key-certbot.pem 2021-12-03 02:51:08,326:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0493_csr-certbot.pem 2021-12-03 02:51:08,327:DEBUG:acme.client:Requesting fresh nonce 2021-12-03 02:51:08,327:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-03 02:51:08,378:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-03 02:51:08,379:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 07:51:08 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001F-_a7ikPL8edA1ZCKfnpSF6c91YvLcIBE2WCbG8Wl2g X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-03 02:51:08,379:DEBUG:acme.client:Storing nonce: 0001F-_a7ikPL8edA1ZCKfnpSF6c91YvLcIBE2WCbG8Wl2g 2021-12-03 02:51:08,380:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-03 02:51:08,383:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUYtX2E3aWtQTDhlZEExWkNLZm5wU0Y2YzkxWXZMY0lCRTJXQ2JHOFdsMmciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "GmnXerxc2y0SM7CtXrMtYuTTDXfaCU25-h-HC0dfj2EYy5QqmFz_gS3wM4uX7WnL12d5BWgrUiz4wApXgwjD5v6Cq483ERYerFqDBGRZH1omj6uzjCNV36rhaPsRUnlqriWlRTBPvq3yvFwy8eovm5aN-1KmRy2aSkITEUr3efMHgGQNTcQBxixFCs974s-kFaiME2IuXs9sWK1Xv5ksAC_NlKvg5iIvxdREbBKZJlRXswWlH_0TXDPxTWeruAfsbYm_XU7E5zadnusfwfrXFZAEvaPRMOAsER2Nq_b4NkGd2-6HH6NLl79bu4b_gHnJXyEfGMUWfKFfNh6GJcR8FA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-03 02:51:08,911:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-03 02:51:08,912:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Fri, 03 Dec 2021 07:51:08 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44368015260 Replay-Nonce: 00024IwvOkHn-20VSI1nAw6RHcKousipDwbHVTTibAkRb-Y X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-10T07:51:08Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55000490960", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55000490970" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44368015260" } 2021-12-03 02:51:08,912:DEBUG:acme.client:Storing nonce: 00024IwvOkHn-20VSI1nAw6RHcKousipDwbHVTTibAkRb-Y 2021-12-03 02:51:08,913:DEBUG:acme.client:JWS payload: b'' 2021-12-03 02:51:08,915:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55000490960: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjRJd3ZPa0huLTIwVlNJMW5BdzZSSGNLb3VzaXBEd2JIVlRUaWJBa1JiLVkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDAwNDkwOTYwIn0", "signature": "AHmbc7dPZY5FmUbM7FbsNti43CyXT1mBayNwHubKe4Xas1qbq_YhwDiW5oYFBOUSmVKib19jSkm0XtU5oyJcNLhY3l-pScBuuoj1G-batABS6z2a9njG1_0euqe9484ldYoN4J6inSbeD2J6BDiNBWkXgQAWnrmfrM4z-iGTHkyzPWV2KQ0YtCzgOBIWEOc2wZetUrd6_zz5vysgXtR7-R_ohTArE-w9sxM85OJ2CUf5OPawN59pL2-pViqzNoHe8WBzBh_IWEt_PGyyK4eA0FUqTqq2CW4poD9YyzRtrPn0UmRBH5RqXQDsT_kLsz439VPTZFoAWTLiSb9f1YNchg", "payload": "" } 2021-12-03 02:51:08,976:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55000490960 HTTP/1.1" 200 792 2021-12-03 02:51:08,977:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 07:51:08 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00025P238miYk0IGOy2eNkdwgUqCZOEgTrDSt-cPFjCayrI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-10T07:51:08Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000490960/WmkoTg", "token": "53fnkKVpTL6ZLuXfCqSOYLZP6j_Gw--uJuVcY4pXNrw" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000490960/GR6HIg", "token": "53fnkKVpTL6ZLuXfCqSOYLZP6j_Gw--uJuVcY4pXNrw" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000490960/NrdoUw", "token": "53fnkKVpTL6ZLuXfCqSOYLZP6j_Gw--uJuVcY4pXNrw" } ] } 2021-12-03 02:51:08,977:DEBUG:acme.client:Storing nonce: 00025P238miYk0IGOy2eNkdwgUqCZOEgTrDSt-cPFjCayrI 2021-12-03 02:51:08,978:DEBUG:acme.client:JWS payload: b'' 2021-12-03 02:51:08,979:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55000490970: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjVQMjM4bWlZazBJR095MmVOa2R3Z1VxQ1pPRWdUckRTdC1jUEZqQ2F5ckkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDAwNDkwOTcwIn0", "signature": "fihStCcerN94vdevfyGJRod9LxXV65eXSksfmKB4dbEYGSn4fAvbvXNu6GQk37X0u9SkdS5V-SsklPYq4O2uS2K1P-23fPSsKVth4g4I5kYEZGQLQEmY108YZLhlCRpkKWPA8LB8K_bs2U__qgwEo-kLOT7AyyrZlZxRW1v77GuLqCyk2xmIkH_MRdabqVYpGolzmhKycrnNpE8eHekVIpNcpVEiSq71IYjfg6ngDNVPEThwUQgXQg4FnLeh9SFifHX-rbl0Vc9Fa369uTz4Qym-QgRNMfI6P16qqQe9SkVrcfG1x0RdKg6pXb0KrgC5IVOfmfrCjl2fvu8ZwiHJtg", "payload": "" } 2021-12-03 02:51:09,051:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55000490970 HTTP/1.1" 200 796 2021-12-03 02:51:09,053:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 07:51:09 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002qjzZxpGTD8JPbSlorDTgsgkaYQ7DfBOVNh7NtpQhjQw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-10T07:51:08Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000490970/7IKaXw", "token": "2QmOwF4PmCljWXyRLL4JyAU7W_v5_UQwmD15JoU6yXg" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000490970/xtyO9w", "token": "2QmOwF4PmCljWXyRLL4JyAU7W_v5_UQwmD15JoU6yXg" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000490970/mu7JlA", "token": "2QmOwF4PmCljWXyRLL4JyAU7W_v5_UQwmD15JoU6yXg" } ] } 2021-12-03 02:51:09,053:DEBUG:acme.client:Storing nonce: 0002qjzZxpGTD8JPbSlorDTgsgkaYQ7DfBOVNh7NtpQhjQw 2021-12-03 02:51:09,054:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-03 02:51:09,054:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 02:51:09,055:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-03 02:51:09,055:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-12-03 02:51:09,056:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-12-03 02:51:09,064:INFO:certbot.auth_handler:Waiting for verification... 2021-12-03 02:51:09,065:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-03 02:51:09,067:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000490960/WmkoTg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnFqelp4cEdURDhKUGJTbG9yRFRnc2drYVlRN0RmQk9WTmg3TnRwUWhqUXciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MDAwNDkwOTYwL1dta29UZyJ9", "signature": "L2tzRirR9Exy1T8iiXBhaPZuPjNOTKlP8uTDPjs_YZfL_JJBdUQvCxF6tltPBgCOBcjvuZbpXKrudKtzyDTfaMpa899j6WtaWwBnxGovJiL3pQUvubLwJRkM6W-EDd8VW6fkZHObYvr1CKBzwV7QdtCNKQH4JcZ1_1JSb8Su_R_fuYKI7vK3nqJ2z4E98K1mvgvXlqJ-D6Z7NuKX1OzyH0bCmNHJ7J4Itu3V3UtpSqPpEuo8U52w2jImH2jf7hWSvGZYUhGK9bdcFzu-5NbrqmOCZgCdOCYJANbjfCv78jfQneoJwlNaB8YwG-QodvKyOMHy0W84I2vrlEe7D226OQ", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-03 02:51:09,134:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55000490960/WmkoTg HTTP/1.1" 200 186 2021-12-03 02:51:09,135:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 07:51:09 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000490960/WmkoTg Replay-Nonce: 0001qmfbq1Y1ayZ0r3h6qe_5VRSDMq2dUJyiHZ7KSCDEIjU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000490960/WmkoTg", "token": "53fnkKVpTL6ZLuXfCqSOYLZP6j_Gw--uJuVcY4pXNrw" } 2021-12-03 02:51:09,135:DEBUG:acme.client:Storing nonce: 0001qmfbq1Y1ayZ0r3h6qe_5VRSDMq2dUJyiHZ7KSCDEIjU 2021-12-03 02:51:09,136:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-03 02:51:09,138:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000490970/7IKaXw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXFtZmJxMVkxYXlaMHIzaDZxZV81VlJTRE1xMmRVSnlpSFo3S1NDREVJalUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MDAwNDkwOTcwLzdJS2FYdyJ9", "signature": "W2CixX2nFNKlyiF_YAsdOdc9EgeVDgXU0xaByciIPTCU1YMwrBxJrLNZij2t5a4p3Kmaeudb0w067CjDFV2FH0K4TNkv-t2ZZQfv7qZC8lKuknQ52he4vU1T4yWYKuRo1J1EdiKSpKcpVQHsz00Dhu2XoUaf385BiFFQ-oUkujQpK5MdBII3_xKa_BAH95nrMpyyyMm1aGaeY0N6MzYz8Ac-vJXPcucHhjSYnjQg6lIRhMrCdZ7E_-bmYevy4oORUJMOWTiUlnwDCIeITGskYDiK9MoZ_eNOz7jk_W-S3pWPzxYnTbBy9ztbAujU0KG-iHowkmEac3X8EIjAc-oeBQ", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-03 02:51:09,205:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55000490970/7IKaXw HTTP/1.1" 200 186 2021-12-03 02:51:09,206:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 07:51:09 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000490970/7IKaXw Replay-Nonce: 0002yiII9MqM-F0lGw6SWx2WLR15b_bP6RqCulkWD7CcTg8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000490970/7IKaXw", "token": "2QmOwF4PmCljWXyRLL4JyAU7W_v5_UQwmD15JoU6yXg" } 2021-12-03 02:51:09,207:DEBUG:acme.client:Storing nonce: 0002yiII9MqM-F0lGw6SWx2WLR15b_bP6RqCulkWD7CcTg8 2021-12-03 02:51:10,208:DEBUG:acme.client:JWS payload: b'' 2021-12-03 02:51:10,211:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55000490960: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnlpSUk5TXFNLUYwbEd3NlNXeDJXTFIxNWJfYlA2UnFDdWxrV0Q3Q2NUZzgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDAwNDkwOTYwIn0", "signature": "N7IAKhCoisvIYBpCHPhh3VrNOXIe09b9HQeVisZ6s_gncpEhwMSJ4qFHvk5oVm4rtw97OjUmyETmogOpQIxfnnnxr9QCuS9yW4FJunoEKpMO2iNhM-9eZHMYenJh28XzTCX7Rsa16gfl0xBVuSuAzEgZTMvJ5eU-lfhlBGV6crsL3wXiWR2f7_A5NaljeLiARjlGUwnq8_ggNUltDwPQPaqFF2emI4WO12qoFk9wacrAn55G7m6HY_ydFfQ7IRHbpO3czcpH_s7jzJJSPxj-zfZEXGX9tHI0Y7vtPARb5SWhYnkDEaLdraK0M-puJOksIEggAipCqDEUGRzot-zKlw", "payload": "" } 2021-12-03 02:51:10,282:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55000490960 HTTP/1.1" 200 792 2021-12-03 02:51:10,283:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 07:51:10 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002aqpK0857SIDttrpwhrwyvQVdcgmIdHFkw4USn4bkglQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-10T07:51:08Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000490960/WmkoTg", "token": "53fnkKVpTL6ZLuXfCqSOYLZP6j_Gw--uJuVcY4pXNrw" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000490960/GR6HIg", "token": "53fnkKVpTL6ZLuXfCqSOYLZP6j_Gw--uJuVcY4pXNrw" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000490960/NrdoUw", "token": "53fnkKVpTL6ZLuXfCqSOYLZP6j_Gw--uJuVcY4pXNrw" } ] } 2021-12-03 02:51:10,284:DEBUG:acme.client:Storing nonce: 0002aqpK0857SIDttrpwhrwyvQVdcgmIdHFkw4USn4bkglQ 2021-12-03 02:51:10,285:DEBUG:acme.client:JWS payload: b'' 2021-12-03 02:51:10,287:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55000490970: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmFxcEswODU3U0lEdHRycHdocnd5dlFWZGNnbUlkSEZrdzRVU240YmtnbFEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDAwNDkwOTcwIn0", "signature": "Ve_NdoQCvzVW9mpwlf9Qepk_NTtY_wvolkAL2VD5w6DOJYpclg6lUGsue273dZ2GR_aommJ0eERtXxIOXw1WL3cFocl5vIMSbngLK8K7PVNBM6sgM6q84OxM7Zi4vIb8h6aDnP49aMymxX3ht9XYxUw2Xz1eH9W3xXszYSxMCJ_mD49u-mVQnOm0yUXyKr4eNqmpBVfbiaco6mRA_clE8vQlNFALG_ZjMiicLu6APXjXWG_6-9be3N-7Xbw0T2D3mfmmDocJ3W-BBzCOKRULV7FOBkTRwkvAb5fVLqK5ULyS6YWF-WhIgl63cZJ8RksS6xtMcONmMoumj6rxgeA8Eg", "payload": "" } 2021-12-03 02:51:10,349:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55000490970 HTTP/1.1" 200 1826 2021-12-03 02:51:10,349:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 07:51:10 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001vlFvYl6rtqTAVGo8g2Y-UfNl5Qb3klAoRDfEUF0ZZ1A X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-10T07:51:08Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/2QmOwF4PmCljWXyRLL4JyAU7W_v5_UQwmD15JoU6yXg [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000490970/7IKaXw", "token": "2QmOwF4PmCljWXyRLL4JyAU7W_v5_UQwmD15JoU6yXg", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/2QmOwF4PmCljWXyRLL4JyAU7W_v5_UQwmD15JoU6yXg", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/2QmOwF4PmCljWXyRLL4JyAU7W_v5_UQwmD15JoU6yXg", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/2QmOwF4PmCljWXyRLL4JyAU7W_v5_UQwmD15JoU6yXg", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-03T07:51:09Z" } ] } 2021-12-03 02:51:10,350:DEBUG:acme.client:Storing nonce: 0001vlFvYl6rtqTAVGo8g2Y-UfNl5Qb3klAoRDfEUF0ZZ1A 2021-12-03 02:51:10,350:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-03 02:51:13,355:DEBUG:acme.client:JWS payload: b'' 2021-12-03 02:51:13,357:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55000490960: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXZsRnZZbDZydHFUQVZHbzhnMlktVWZObDVRYjNrbEFvUkRmRVVGMFpaMUEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDAwNDkwOTYwIn0", "signature": "N-vVikfcSD-qXZXXD4xd8gCwH37XN0ZIFUXymGIIUvY_IP0XSiWSQeq5Uj00PwXXEuJiOJhZwnmUGS-cE6Eyn5n72FQ_S9H2y2nT7Wlk6omCTT3MAWSep9snno6NOlUZzznMhDLtDc4hSTpkTz5-FkTeC0Up5IGKXx8Sq2t_hPWFrhWUwszskHeOr-_5nrjZ15-wJzid9ukmEo1XPC9DSPPvkY-MrmvR5WwH6coJv4Is9PRb42yMxLESU4fJT5zdRYmvK1CpkRUmlavzUXW17Y8-UFz1oTBXM7kwXQMl2GtxCy-OZQPxrcHTiqD8Za3zY0RcGp7vtoq1B8DQjkeVhg", "payload": "" } 2021-12-03 02:51:13,420:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55000490960 HTTP/1.1" 200 1505 2021-12-03 02:51:13,421:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 07:51:13 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001oRGLrBOK_2ogDt24VKo7wPxjvyLMgu2TV_wTcNEjYVE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-10T07:51:08Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/53fnkKVpTL6ZLuXfCqSOYLZP6j_Gw--uJuVcY4pXNrw [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55000490960/WmkoTg", "token": "53fnkKVpTL6ZLuXfCqSOYLZP6j_Gw--uJuVcY4pXNrw", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/53fnkKVpTL6ZLuXfCqSOYLZP6j_Gw--uJuVcY4pXNrw", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/53fnkKVpTL6ZLuXfCqSOYLZP6j_Gw--uJuVcY4pXNrw", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-03T07:51:09Z" } ] } 2021-12-03 02:51:13,422:DEBUG:acme.client:Storing nonce: 0001oRGLrBOK_2ogDt24VKo7wPxjvyLMgu2TV_wTcNEjYVE 2021-12-03 02:51:13,422:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-03 02:51:13,423:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-03 02:51:13,424:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 02:51:13,424:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: www.whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/2QmOwF4PmCljWXyRLL4JyAU7W_v5_UQwmD15JoU6yXg [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-12-03 02:51:13,574:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-12-03 02:51:13,575:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-12-03 02:51:13,575:INFO:certbot.hooks:Running post-hook command: /bin/systemctl start nginx 2021-12-03 02:51:13,694:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-03 06:43:32,184:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-03 06:43:32,185:DEBUG:certbot.main:Arguments: ['--standalone', '--pre-hook', '/bin/systemctl stop nginx', '--post-hook', '/bin/systemctl start nginx', '--quiet'] 2021-12-03 06:43:32,185:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-03 06:43:32,201:DEBUG:certbot.log:Root logging level set at 30 2021-12-03 06:43:32,201:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-03 06:43:32,215:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer 2021-12-03 06:43:32,216:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-03 06:43:32,216:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-03 06:43:32,216:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-03 06:43:32,231:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 06:43:32,232:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 06:43:32,233:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 06:43:32,235:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-03 06:43:32,236:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-03 06:43:32,236:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-03 06:43:32,239:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 06:43:32,241:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 06:43:32,241:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 06:43:32,243:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-03 06:43:32,243:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-03 06:43:32,243:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-03 06:43:32,247:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 06:43:32,248:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 06:43:32,249:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 06:43:32,251:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-03 06:43:32,251:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-03 06:43:32,251:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-03 06:43:32,255:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 06:43:32,256:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 06:43:32,257:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 06:43:32,258:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-03 06:43:32,259:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-03 06:43:32,259:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-03 06:43:32,264:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 06:43:32,266:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 06:43:32,267:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 06:43:32,268:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-03 06:43:32,272:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-12-03 06:43:32,272:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-03 06:43:32,272:INFO:certbot.renewal:Non-interactive renewal: random delay of 53.8222500876088 seconds 2021-12-03 06:44:26,149:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 06:44:26,513:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-03 06:44:26,514:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-12-03 06:44:26,514:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-03 06:44:26,515:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-12-03 06:44:26,519:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-03 06:44:26,521:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-03 06:44:26,523:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-03 06:44:26,635:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-03 06:44:26,636:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 11:44:26 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "g17oG9Rn_oo": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-03 06:44:26,637:INFO:certbot.hooks:Running pre-hook command: /bin/systemctl stop nginx 2021-12-03 06:44:31,676:INFO:certbot.main:Renewing an existing certificate 2021-12-03 06:44:31,838:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0494_key-certbot.pem 2021-12-03 06:44:31,845:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0494_csr-certbot.pem 2021-12-03 06:44:31,846:DEBUG:acme.client:Requesting fresh nonce 2021-12-03 06:44:31,847:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-03 06:44:31,885:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-03 06:44:31,886:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 11:44:31 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01011Kjmz2xKdZ0ieLUeNxm-pfFrVqUDfA_ygK003ykXxPs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-03 06:44:31,886:DEBUG:acme.client:Storing nonce: 01011Kjmz2xKdZ0ieLUeNxm-pfFrVqUDfA_ygK003ykXxPs 2021-12-03 06:44:31,887:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-12-03 06:44:31,890:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMTFLam16MnhLZFowaWVMVWVOeG0tcGZGclZxVURmQV95Z0swMDN5a1h4UHMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "J5xpBHHXp3fZFMTggIzdvxRmcz0llCN08LKJoEPPGU9gjA7Xk4V1fqNokJeBue4lUXd1oUgzMuQ52D1sRbz3CtiyoRIWGVMiNM4XhpLQg2AQ0LRoKk5G_0saRr8h2Z5Pkwzhv23ECv1bpeEZm-9nD2iBoJjqPE05hdpDaA5MrxtZQ6AG74G2pRsmce4IliefFFp8FIhDpb7IGUxoL5jUj9FAtQD0aGKeSb2ELYiV0L4xdJ-hKuGCn2ILLaYfWVEnJIqMVY6zBWX01MjNYnOpirwFpHAfkonfpIKAV2Nk8XyGieyk18xvDnJqFEa7RmojUcIpE8M_tceeao3jW9nYCA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-12-03 06:44:32,614:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-12-03 06:44:32,615:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Fri, 03 Dec 2021 11:44:32 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44409290840 Replay-Nonce: 01026tV7w92S-LHSWDv5S4tAZjwDZ8CgZqIJARvaPrY5wAE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-10T11:44:32Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55050125620" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44409290840" } 2021-12-03 06:44:32,615:DEBUG:acme.client:Storing nonce: 01026tV7w92S-LHSWDv5S4tAZjwDZ8CgZqIJARvaPrY5wAE 2021-12-03 06:44:32,616:DEBUG:acme.client:JWS payload: b'' 2021-12-03 06:44:32,618:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55050125620: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMjZ0Vjd3OTJTLUxIU1dEdjVTNHRBWmp3RFo4Q2dacUlKQVJ2YVByWTV3QUUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDUwMTI1NjIwIn0", "signature": "hRydj9QLG01brQmZW44Mqh18ZLh1GPkXIVHwP-W7MYUTVfBjCpKnhD8VxOdtDlApD5dG99DvwC-8jQ6ePU8Kt3dZB-AH9Bi9yTiF-SydZxZMjkNJSCxjpQlNsWmo9qhUbGYkDXVVwQ7hTwhCAyJKNJXP3vKN55TWEDA5vrnwnU97BjKQLuNjkl84b5l6gkU3s1RoktLRBZJCwZZf0WkalziM3BdGTwWY8IFEeyn6jYMLbaXH3m3FtISqQ8foGiNOSROxlaHNeWhOBCkGaJ328-TvbmIxUl8r3DmBKQ9FkLol9T_P9facP1j0jhdpFF9AaI2kkg4OknoX5EHT1kYvAQ", "payload": "" } 2021-12-03 06:44:32,689:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55050125620 HTTP/1.1" 200 792 2021-12-03 06:44:32,690:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 11:44:32 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102P4vU18jCfLkOkbpz5NTPaIgRycreHiGYXAxnwl7qNYo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-10T11:44:32Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050125620/RW-b0A", "token": "xp1rnJP_caBffxdTnpeQpBg18g3En_0G4-E-iOpRZy8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050125620/Y80y1w", "token": "xp1rnJP_caBffxdTnpeQpBg18g3En_0G4-E-iOpRZy8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050125620/2nf2vg", "token": "xp1rnJP_caBffxdTnpeQpBg18g3En_0G4-E-iOpRZy8" } ] } 2021-12-03 06:44:32,690:DEBUG:acme.client:Storing nonce: 0102P4vU18jCfLkOkbpz5NTPaIgRycreHiGYXAxnwl7qNYo 2021-12-03 06:44:32,691:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-03 06:44:32,691:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 06:44:32,692:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-12-03 06:44:32,692:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-12-03 06:44:32,696:INFO:certbot.auth_handler:Waiting for verification... 2021-12-03 06:44:32,697:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-03 06:44:32,698:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050125620/RW-b0A: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMlA0dlUxOGpDZkxrT2ticHo1TlRQYUlnUnljcmVIaUdZWEF4bndsN3FOWW8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MDUwMTI1NjIwL1JXLWIwQSJ9", "signature": "Cnybu-9FiMMf9XUh5JbCdNAln3vXcafZqhz9cXjjKnUgV_2utpkANzGMwD-zo6UheFvpX-wLxxRhrtohUfMbtzkYY6jwv_HwJ-z2sB1gAEGNJPA7T936amQyVzlQJVctTRjRNsWDPJQroXDBfa0N_e5CtLIDuazdmJAFm7BfcoA9OJdcYntTUJrxsVKKxEF6uQVzOQI3QaZ6waEE-hnWhDmeruYLX9_5oX2GgfOJeQ7MZb8dE2B35O08HXYY6ylz9Z3bczlMjKj0yzPmTHlaoYippIK5OqxshyCF6e8hG3nBFt8CQjAiD1LeLUnWuOtWxjuIXleK_aOFPr3vCyEMCA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-03 06:44:32,790:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55050125620/RW-b0A HTTP/1.1" 200 186 2021-12-03 06:44:32,791:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 11:44:32 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050125620/RW-b0A Replay-Nonce: 0101Ws3TfWqrqinNLRNAeeoco3eXMCIIKbxhM0J1W3Gwnqo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050125620/RW-b0A", "token": "xp1rnJP_caBffxdTnpeQpBg18g3En_0G4-E-iOpRZy8" } 2021-12-03 06:44:32,791:DEBUG:acme.client:Storing nonce: 0101Ws3TfWqrqinNLRNAeeoco3eXMCIIKbxhM0J1W3Gwnqo 2021-12-03 06:44:33,793:DEBUG:acme.client:JWS payload: b'' 2021-12-03 06:44:33,795:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55050125620: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMVdzM1RmV3FycWluTkxSTkFlZW9jbzNlWE1DSUlLYnhoTTBKMVczR3ducW8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDUwMTI1NjIwIn0", "signature": "eLVwgDqbTtIks2QgjMlDNfZC6VJYkBeTuB4PNxwZCwV84aAnPxlJvQKlzj7Xxh-esuk0mzDWDWIsviWuy9MzPyr2PpQfnPC7v1WjhCHUzugRiBRRtP0zwMLAluj_gInvyuqzxhF1uYWuLof1H875DL8EjccYcwKrMcIYvrDZtitVX5CxB3tEBz-KPz41J5PVixvdq-CA8UDTp-OTXSSZL2d41XqWFqg-sc-J3SK9kmt2fbz4r-SNqhdys8bOZTzvDnXVG3EG3_fQ4cO9-FLocsNupCV-M9tZ9F_z2Ng7oC7F6QVd7uinxVgKT8tG33tOQIZB290ltxb-pCXXgQ3lBg", "payload": "" } 2021-12-03 06:44:33,867:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55050125620 HTTP/1.1" 200 792 2021-12-03 06:44:33,868:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 11:44:33 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102q5V-fcC45pcP2pMoOILwogrC4jLvbmjFiOcc3K32qbM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-10T11:44:32Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050125620/RW-b0A", "token": "xp1rnJP_caBffxdTnpeQpBg18g3En_0G4-E-iOpRZy8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050125620/Y80y1w", "token": "xp1rnJP_caBffxdTnpeQpBg18g3En_0G4-E-iOpRZy8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050125620/2nf2vg", "token": "xp1rnJP_caBffxdTnpeQpBg18g3En_0G4-E-iOpRZy8" } ] } 2021-12-03 06:44:33,868:DEBUG:acme.client:Storing nonce: 0102q5V-fcC45pcP2pMoOILwogrC4jLvbmjFiOcc3K32qbM 2021-12-03 06:44:36,873:DEBUG:acme.client:JWS payload: b'' 2021-12-03 06:44:36,875:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55050125620: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMnE1Vi1mY0M0NXBjUDJwTW9PSUx3b2dyQzRqTHZibWpGaU9jYzNLMzJxYk0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDUwMTI1NjIwIn0", "signature": "T3wRn3XsOMcPeBC5sqPtBD57sN2DbyjEi4aXhfUzGRN43v0zqGIiY-Quulv_OOf3a_HIF8uX21I323vJMLOnfTqMN_FCp8CbsqMS7vW532J2GNg6svnqjCEhi7j85ErnLTRP-vuyf6lNhGSElCdzhSI_sXA6cRu72q0_KGfTYBSMaxlZ0MXpMAdUHjH4gkljW4YC9-B3k2anYpHJjqjoDF10fZ6UPCizoWX4o09OKJnirsbTZwGGshrCzWa5YdB_MZF_O177cUxC3TSNmvN12x4VRmzroQ5Dzgb1L8DeTEk6e7v-A1DQlE_EPqXDMhhoct0hGCe4fuixiLe-guKHdw", "payload": "" } 2021-12-03 06:44:36,953:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55050125620 HTTP/1.1" 200 1505 2021-12-03 06:44:36,954:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 11:44:36 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01025bac6XnW00cKJwx_T2VywpPnPr7Eq_y5g2OgObdWSuI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-10T11:44:32Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/xp1rnJP_caBffxdTnpeQpBg18g3En_0G4-E-iOpRZy8 [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050125620/RW-b0A", "token": "xp1rnJP_caBffxdTnpeQpBg18g3En_0G4-E-iOpRZy8", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/xp1rnJP_caBffxdTnpeQpBg18g3En_0G4-E-iOpRZy8", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/xp1rnJP_caBffxdTnpeQpBg18g3En_0G4-E-iOpRZy8", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-03T11:44:32Z" } ] } 2021-12-03 06:44:36,954:DEBUG:acme.client:Storing nonce: 01025bac6XnW00cKJwx_T2VywpPnPr7Eq_y5g2OgObdWSuI 2021-12-03 06:44:36,955:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-03 06:44:36,955:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 06:44:36,955:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/xp1rnJP_caBffxdTnpeQpBg18g3En_0G4-E-iOpRZy8 [75.2.60.5]: "\n\n\n \n Prep: True 2021-12-03 06:44:37,461:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-12-03 06:44:37,461:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-03 06:44:37,461:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-12-03 06:44:37,467:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-03 06:44:37,468:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-03 06:44:37,470:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-03 06:44:37,594:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-03 06:44:37,595:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 11:44:37 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "0u3TaXjt6_g": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-03 06:44:37,596:INFO:certbot.hooks:Pre-hook command already run, skipping: /bin/systemctl stop nginx 2021-12-03 06:44:37,596:INFO:certbot.main:Renewing an existing certificate 2021-12-03 06:44:37,631:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0495_key-certbot.pem 2021-12-03 06:44:37,639:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0495_csr-certbot.pem 2021-12-03 06:44:37,640:DEBUG:acme.client:Requesting fresh nonce 2021-12-03 06:44:37,640:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-03 06:44:37,682:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-03 06:44:37,683:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 11:44:37 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01017lyL4uBbXKQ67f7CJIXgc2Nz5kPCWvkeXwmdOhauUlE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-03 06:44:37,683:DEBUG:acme.client:Storing nonce: 01017lyL4uBbXKQ67f7CJIXgc2Nz5kPCWvkeXwmdOhauUlE 2021-12-03 06:44:37,684:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-03 06:44:37,686:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMTdseUw0dUJiWEtRNjdmN0NKSVhnYzJOejVrUENXdmtlWHdtZE9oYXVVbEUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "CzKKoZaNEHhP_M81enp5jDx6ye0fjuX3TWwsHCoA_Z4WqCfIKjRVgnYsM9Ot9rSqDsttFlAMGJjx8Wo4X0RydzT7cbblqh8rRVEwaQizJi25rWZM2EeVZG1KrFLPw-RKVfD_P7TEF0XOq_efVHn8SAaJB2TkVk-mraQ9eP2hDM_UUuQyje5vruJOII6BvVCiT3tEAIn_wsl9gai6KA65HWwxTDXCnwHGpH-3coG6QlNEfpI5m8uzaKguhmrPxI5Q5M4GmqEPDFhjcGTJ-r22epp_P_gVDv_UOO5oab9DOxC9J3c3P5LdPhFNe86soNVihEGcnnr0-q2zEaE_QJeUjw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-03 06:44:38,301:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-03 06:44:38,302:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Fri, 03 Dec 2021 11:44:38 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44409303440 Replay-Nonce: 0101GPD1TdW3bzBmtu7vH_rgCIDJ4JqIV5q9_wD_LkGA6d4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-10T11:44:38Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55050141260", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55050141270" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44409303440" } 2021-12-03 06:44:38,302:DEBUG:acme.client:Storing nonce: 0101GPD1TdW3bzBmtu7vH_rgCIDJ4JqIV5q9_wD_LkGA6d4 2021-12-03 06:44:38,303:DEBUG:acme.client:JWS payload: b'' 2021-12-03 06:44:38,305:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55050141260: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMUdQRDFUZFczYnpCbXR1N3ZIX3JnQ0lESjRKcUlWNXE5X3dEX0xrR0E2ZDQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDUwMTQxMjYwIn0", "signature": "KYAJ4GJRUDziCx9bVnIiNHG-2jcYqLmaXPxjqmdNqiMlgmf7m1h9zWmuTqYy7HjD3d57liI9KrkoCw8BCRKjh4UBDxcH0U9U1x9hqeWH77k9iANQON7ESIgYw3dD6JqIAl6UnfzPD4zR4Ta0uhQKYhI9XlxU0w5EfmRMbv7d1gjPJYfyjMB6c9sbG4HHmw9ilkNi6s9BIlAJ7gzBZDZ6ahLJWFOOQgmN_RtUVyDOAnyCRl1NQtJ1-IYQiVRZXixJieNx5uSXoIAD0_JS6SlhrsufiwpPGBvPR5capTqRTXst9LkuKhHOxiCVX1teGvKZACRtQyPaxLLASZD8AVCsnQ", "payload": "" } 2021-12-03 06:44:38,383:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55050141260 HTTP/1.1" 200 792 2021-12-03 06:44:38,384:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 11:44:38 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102cJY_nwTpJu6WZFEk9nSXoMOidM3qqsfljWrBKXhWV24 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-10T11:44:38Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050141260/IQzkNg", "token": "IoDANEkOrSZnKZxS42ptCfsaaoLTRmp7BxUOuQe0j_8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050141260/TejhcQ", "token": "IoDANEkOrSZnKZxS42ptCfsaaoLTRmp7BxUOuQe0j_8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050141260/YEkRIw", "token": "IoDANEkOrSZnKZxS42ptCfsaaoLTRmp7BxUOuQe0j_8" } ] } 2021-12-03 06:44:38,385:DEBUG:acme.client:Storing nonce: 0102cJY_nwTpJu6WZFEk9nSXoMOidM3qqsfljWrBKXhWV24 2021-12-03 06:44:38,385:DEBUG:acme.client:JWS payload: b'' 2021-12-03 06:44:38,387:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55050141270: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMmNKWV9ud1RwSnU2V1pGRWs5blNYb01PaWRNM3Fxc2ZsaldyQktYaFdWMjQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDUwMTQxMjcwIn0", "signature": "qD8WWMWeAzrpb2q_VhjUhB5fbQrFF26F3WqlZtQF0xw-kS0MLwVTCXg3I5il0AoR0ELZDRoVNL0_Yvq0tHFH9IokhZ5n9_5-stcqnMSudW8orabVu0OtxfloFyy4jyw-fNEg1priystkmgqUMmi9Nn6jSLmRAvl6TZ7SyX_usBNUu6ILCskxn3tFhUQJmcjoRhFGAxCv3ATQ520QjiWbKTP2KmyBoHRsgWHY3SogvF0-CuYn25NBqRLYgRZDkexXQnUECuMggC5BdrL6UaadJ8ZU3_sGait4e9h6-c-UjODaVebADLCfEmczNg0W0Y6w8eHchgsdJE5V05ypa1IUxQ", "payload": "" } 2021-12-03 06:44:38,462:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55050141270 HTTP/1.1" 200 796 2021-12-03 06:44:38,463:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 11:44:38 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101A-piixoVYI2U8yvCm8s6n-C7sVXWn0nRNBYvNDxBeQQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-10T11:44:38Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050141270/hlo9rA", "token": "4YeC9bABalQ1Zn29m-4mvK_WpTSpbtEV47iPDS7gAQs" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050141270/rH4NVQ", "token": "4YeC9bABalQ1Zn29m-4mvK_WpTSpbtEV47iPDS7gAQs" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050141270/S4VLgQ", "token": "4YeC9bABalQ1Zn29m-4mvK_WpTSpbtEV47iPDS7gAQs" } ] } 2021-12-03 06:44:38,463:DEBUG:acme.client:Storing nonce: 0101A-piixoVYI2U8yvCm8s6n-C7sVXWn0nRNBYvNDxBeQQ 2021-12-03 06:44:38,464:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-03 06:44:38,464:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 06:44:38,465:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-03 06:44:38,465:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-12-03 06:44:38,465:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-12-03 06:44:38,472:INFO:certbot.auth_handler:Waiting for verification... 2021-12-03 06:44:38,472:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-03 06:44:38,474:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050141260/IQzkNg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMUEtcGlpeG9WWUkyVTh5dkNtOHM2bi1DN3NWWFduMG5STkJZdk5EeEJlUVEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MDUwMTQxMjYwL0lRemtOZyJ9", "signature": "N3ECQIbapg4gnIyusW2d9t45nQABdaCP0H5bUArrMNkvXbGuWiRTV_BE4N0_G5MegogPMSc9BKo7xkJsjb63RAoR0gFxTkIB5-Yt3lB_HHQQBstaQEQXvK6R6EpT7OwLOnX84DTyE97eKLpIZ2vExq0Qk9HpHzlQjlinUwnJDbeAMPhn9oBg7Zoo2-pqohnGkaiXpTRiohsuzfNIwSFaPY79J3417jpsVewKePeUP2ilLPgdWn-zFzE7XMLWt-44PCKtP37KpUKst-pU6WpGlAKH-6_wmTdRgFBGc-eybiOEr9WUlX-xHXqAhz5f6Wr9Ac2dK6xZdNcAFvAQwoKw3g", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-03 06:44:38,586:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55050141260/IQzkNg HTTP/1.1" 200 186 2021-12-03 06:44:38,587:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 11:44:38 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050141260/IQzkNg Replay-Nonce: 0102IbbbJBc2afvS7e7WwsDcDnlkFCsUH4TqJYwV6deh4sg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050141260/IQzkNg", "token": "IoDANEkOrSZnKZxS42ptCfsaaoLTRmp7BxUOuQe0j_8" } 2021-12-03 06:44:38,587:DEBUG:acme.client:Storing nonce: 0102IbbbJBc2afvS7e7WwsDcDnlkFCsUH4TqJYwV6deh4sg 2021-12-03 06:44:38,588:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-03 06:44:38,590:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050141270/hlo9rA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMkliYmJKQmMyYWZ2UzdlN1d3c0RjRG5sa0ZDc1VINFRxSll3VjZkZWg0c2ciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MDUwMTQxMjcwL2hsbzlyQSJ9", "signature": "gtmZyfOycyn269bGqRztMslUcoBq7zt7PqLUb7wnYKo9s8n84DLnZPMEH_QGS1pWwDUZwAfo3GDpx25APW9bgUrMKeHZsLVF-HYjGNPXKNc7nZ_faYYaP_4X7YmiqMEMDjXP_RsaSrHKX3OoN8ng1lcG6FL0g5Mr0CxLHX8WeBdq_pUDXFtkovpBYvR3uetHngb6xOOm7nrxyOw4sbvPkZACDWb7BFGjGGEgD8uXQwfodY9pzohfrsYJgtZnF--R5G5eCt7Hfk-b9J880fgsQk_UwVMsSO3X19HeJLB2HmrV67w6egVkehDGGS04FBkq0w56DapxzeNg0pf2HP5MyQ", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-03 06:44:38,686:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55050141270/hlo9rA HTTP/1.1" 200 186 2021-12-03 06:44:38,687:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 11:44:38 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050141270/hlo9rA Replay-Nonce: 0101I1dyMr8ecNrEjiAgKF5G7ZwH7IDcpakyhCP_UPq5M5M X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050141270/hlo9rA", "token": "4YeC9bABalQ1Zn29m-4mvK_WpTSpbtEV47iPDS7gAQs" } 2021-12-03 06:44:38,687:DEBUG:acme.client:Storing nonce: 0101I1dyMr8ecNrEjiAgKF5G7ZwH7IDcpakyhCP_UPq5M5M 2021-12-03 06:44:39,689:DEBUG:acme.client:JWS payload: b'' 2021-12-03 06:44:39,691:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55050141260: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMUkxZHlNcjhlY05yRWppQWdLRjVHN1p3SDdJRGNwYWt5aENQX1VQcTVNNU0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDUwMTQxMjYwIn0", "signature": "HL5ttOock9V2qaxZGrMRqKPFduWhBOY7fg2Q_6Zx2-mlMtkHTq6gF31BvnwMSs19TjTINtawBemf0qNSgbO0Wv3zjeabAOpZEZeO8Ljpor3dtpLG0ubOgiBzHX77qmKEq1mRGGnM5GLLc0sMp1gBfRgNlFfemRtInv-9ho0Cx7g2Ek3qH-ULZ9XXc_EuNXcpmxgVC_hIRfRL7HRDKWzyn22AWBmMdFVwAAzUWcNE1YmGJ6UpKjfFg6Vb-Ke2X20YzSPZRdZ4D992ccg9JnEbiCB3Va4ZCS_oBbud_OK03kTdNS9rFElvVp06kdgbF1HpGWQd2Z5ocGDBwmmQmXvJYA", "payload": "" } 2021-12-03 06:44:39,767:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55050141260 HTTP/1.1" 200 1505 2021-12-03 06:44:39,768:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 11:44:39 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101QVN_h4N_ZuKM08ee9CrB3Q5IjrnAvYmbwQKMUnZldak X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-10T11:44:38Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/IoDANEkOrSZnKZxS42ptCfsaaoLTRmp7BxUOuQe0j_8 [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050141260/IQzkNg", "token": "IoDANEkOrSZnKZxS42ptCfsaaoLTRmp7BxUOuQe0j_8", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/IoDANEkOrSZnKZxS42ptCfsaaoLTRmp7BxUOuQe0j_8", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/IoDANEkOrSZnKZxS42ptCfsaaoLTRmp7BxUOuQe0j_8", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-03T11:44:38Z" } ] } 2021-12-03 06:44:39,768:DEBUG:acme.client:Storing nonce: 0101QVN_h4N_ZuKM08ee9CrB3Q5IjrnAvYmbwQKMUnZldak 2021-12-03 06:44:39,769:DEBUG:acme.client:JWS payload: b'' 2021-12-03 06:44:39,771:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55050141270: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMVFWTl9oNE5fWnVLTTA4ZWU5Q3JCM1E1SWpybkF2WW1id1FLTVVuWmxkYWsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDUwMTQxMjcwIn0", "signature": "i1pCASShExan50TPYzS4xSTGqnWjeMiy3RxLL3wn2H3i28FE1pYRWcge3rwT0iJ4rm_hCAmjnW_08K1RAVK8LeQlBuH8jq8GbHrpayGLa-R0x5W6ydXKeVR3wC4EXYtzQyfHoIb5ai4iPRsIEOpuce4VoKeCUDc4hhBgmFX3cxBWFR_w7J93UX7m14b3wSLjBuGRDCcSQrhM9T-4P7T9xpKEIK-G7xwJH0I_7NLriVKcKghnlg917odBNszLcA1LUj12D7WlLCxZnn8dEMRArsSVJqRCpoTvoTTU1M7qcuSoBFO0ajkDrdNyBXmNE7IuENllm7d7208-DL53CvjMDw", "payload": "" } 2021-12-03 06:44:39,846:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55050141270 HTTP/1.1" 200 1826 2021-12-03 06:44:39,846:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 11:44:39 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01025OedoGbIzaH49ldnJBVbImKWeOhVW1iJwEb_VcofVAw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-10T11:44:38Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/4YeC9bABalQ1Zn29m-4mvK_WpTSpbtEV47iPDS7gAQs [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55050141270/hlo9rA", "token": "4YeC9bABalQ1Zn29m-4mvK_WpTSpbtEV47iPDS7gAQs", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/4YeC9bABalQ1Zn29m-4mvK_WpTSpbtEV47iPDS7gAQs", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/4YeC9bABalQ1Zn29m-4mvK_WpTSpbtEV47iPDS7gAQs", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/4YeC9bABalQ1Zn29m-4mvK_WpTSpbtEV47iPDS7gAQs", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-03T11:44:38Z" } ] } 2021-12-03 06:44:39,847:DEBUG:acme.client:Storing nonce: 01025OedoGbIzaH49ldnJBVbImKWeOhVW1iJwEb_VcofVAw 2021-12-03 06:44:39,847:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-03 06:44:39,848:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-03 06:44:39,848:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 06:44:39,848:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-03 06:44:39,849:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/IoDANEkOrSZnKZxS42ptCfsaaoLTRmp7BxUOuQe0j_8 [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-12-03 06:44:39,976:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-12-03 06:44:39,976:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-12-03 06:44:39,977:INFO:certbot.hooks:Running post-hook command: /bin/systemctl start nginx 2021-12-03 06:44:40,060:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-03 08:15:43,517:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-03 08:15:43,517:DEBUG:certbot.main:Arguments: ['-q'] 2021-12-03 08:15:43,517:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-03 08:15:43,528:DEBUG:certbot.log:Root logging level set at 30 2021-12-03 08:15:43,528:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-03 08:15:43,540:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2021-12-03 08:15:43,551:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 08:15:43,553:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 08:15:43,553:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 08:15:43,558:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 08:15:43,559:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 08:15:43,559:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 08:15:43,564:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 08:15:43,566:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 08:15:43,567:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 08:15:43,571:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 08:15:43,572:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 08:15:43,573:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 08:15:43,578:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 08:15:43,579:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 08:15:43,580:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 08:15:43,583:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-12-03 08:15:43,584:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-03 08:15:43,584:INFO:certbot.renewal:Non-interactive renewal: random delay of 141.4827275643512 seconds 2021-12-03 08:18:05,163:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-12-03 08:18:05,430:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-03 08:18:05,431:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-03 08:18:05,431:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-03 08:18:05,431:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-03 08:18:05,435:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-03 08:18:05,437:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-03 08:18:05,439:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-03 08:18:05,595:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-03 08:18:05,596:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 13:18:05 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "lt8YNu3VWus": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-03 08:18:05,597:INFO:certbot.main:Renewing an existing certificate 2021-12-03 08:18:05,680:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0496_key-certbot.pem 2021-12-03 08:18:05,687:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0496_csr-certbot.pem 2021-12-03 08:18:05,688:DEBUG:acme.client:Requesting fresh nonce 2021-12-03 08:18:05,689:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-03 08:18:05,739:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-03 08:18:05,739:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 13:18:05 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002Xx5dIzr0Z1U-0aKfraM4OyeSdMg4C8-2yV6kSOZgb_M X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-03 08:18:05,740:DEBUG:acme.client:Storing nonce: 0002Xx5dIzr0Z1U-0aKfraM4OyeSdMg4C8-2yV6kSOZgb_M 2021-12-03 08:18:05,740:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-12-03 08:18:05,743:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlh4NWRJenIwWjFVLTBhS2ZyYU00T3llU2RNZzRDOC0yeVY2a1NPWmdiX00iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "OWQe90zuaeN7Auw0Guk41DWw_IxQ0HHCl1YQJCbkJ9vwc8Fx9Qm41Hbc17cGl_ggQ_JRXCfvucT9z489rZP5fMwDYY16gKbLu2xCKtTgfvuUBuIaMv9r5ftiDeYeZAKx8S5Rjfbm7AD0brsX_4lJhZQ4EKixIVPH2I5nUMKJAlCEJOizwRwUjUE0OdN8J6bOUqaHqgH5N4zWii4SRSfS5SPoVZafeSqEwzGNjVpG0sZZf97XpMqowYtgVlLaF73kMsvMyFUvQnc1x-u5UlFOI7hZSA8V4XPnC6nz-HgFC8JyhSfEQJvC8yFhJSuCWf2kSWZu1ueo0zpBuL0nm7lDCA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-12-03 08:18:06,632:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-12-03 08:18:06,633:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Fri, 03 Dec 2021 13:18:06 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44425247330 Replay-Nonce: 00010TXVi6yL9-2FvbwRko2pxm6iHEpj6Lk2IQeQQSy0t2c X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-10T13:18:06Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55069153520" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44425247330" } 2021-12-03 08:18:06,634:DEBUG:acme.client:Storing nonce: 00010TXVi6yL9-2FvbwRko2pxm6iHEpj6Lk2IQeQQSy0t2c 2021-12-03 08:18:06,634:DEBUG:acme.client:JWS payload: b'' 2021-12-03 08:18:06,636:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55069153520: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMTBUWFZpNnlMOS0yRnZid1JrbzJweG02aUhFcGo2TGsySVFlUVFTeTB0MmMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDY5MTUzNTIwIn0", "signature": "XYXHDpCB1DqIJMb3theqWqM6-dN75Q4ualHH9rIQ9ICOVzZSZXiGarkHrvvrvywYndg3ZCv6-JrSVWH6_itiS4zM1H3_2GzEadcpgGIjz_pkpwGJ4TQ0huxOg5w_xCqv-t0u2IgKabvKuPUtEBdaa9sQd4MjgSpA36hLpl73XlBuixZ-SuAWfIsHzjbsEsWHqaHTsAu3-ExYTS5nPrcnXve5wkvYBD3uPMr_26OZ3FpPL939a2VxosAP-wi48QbMIf4zB2GVhNUzgoJyzlu3ZiYArHngVGswYsQnqrg6qriePWwkDG5ouBUC2_UfonG050msBnlgekh3PVlkjjzamA", "payload": "" } 2021-12-03 08:18:06,703:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55069153520 HTTP/1.1" 200 792 2021-12-03 08:18:06,704:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 13:18:06 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002uYUbu43uc2boLAjYHd44SqUKpQuSbCyZZjDCP9Bh2Ss X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-10T13:18:06Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069153520/M4FdeQ", "token": "Brs4sxKeJTxtnX5KG8ToNdE23Qve0JT95QpQy7U5Urs" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069153520/48I-Kg", "token": "Brs4sxKeJTxtnX5KG8ToNdE23Qve0JT95QpQy7U5Urs" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069153520/_j2zmw", "token": "Brs4sxKeJTxtnX5KG8ToNdE23Qve0JT95QpQy7U5Urs" } ] } 2021-12-03 08:18:06,704:DEBUG:acme.client:Storing nonce: 0002uYUbu43uc2boLAjYHd44SqUKpQuSbCyZZjDCP9Bh2Ss 2021-12-03 08:18:06,705:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-03 08:18:06,705:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 08:18:06,742:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-03 08:18:06,745:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-03 08:18:06,745:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-03 08:18:06,745:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-03 08:18:06,746:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-03 08:18:06,746:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-03 08:18:06,746:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-03 08:18:06,747:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-03 08:18:06,747:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-03 08:18:06,747:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-03 08:18:06,748:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-03 08:18:06,748:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-03 08:18:06,748:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-03 08:18:06,750:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-03 08:18:06,751:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/Brs4sxKeJTxtnX5KG8ToNdE23Qve0JT95QpQy7U5Urs{default_type text/plain;return 200 Brs4sxKeJTxtnX5KG8ToNdE23Qve0JT95QpQy7U5Urs.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-03 08:18:07,783:INFO:certbot.auth_handler:Waiting for verification... 2021-12-03 08:18:07,784:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-03 08:18:07,787:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069153520/M4FdeQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnVZVWJ1NDN1YzJib0xBallIZDQ0U3FVS3BRdVNiQ3laWmpEQ1A5QmgyU3MiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MDY5MTUzNTIwL000RmRlUSJ9", "signature": "DVCCRKzLA0SyIqYH-O5WxCKQaiabqjAP_SbvfooC2-IxC9uSUElyUiXe4GpPstJaCm_DENzunbkCYxK7QcVCU1vNE5mna6VY67H_WcO5ycBUHgzwTFPdbgY5Jvs9qSmBgfQaAXdwJzNkZfNccHFC7a_7BcGjKJetT1VFxkGhkzza2rp5XrVMwCWy0t-AhAa4RweY7VW3BGz5e0HGgVSrHIfVIwKZnRQhgsCDrAsG08O9nYmd9xRyucUQkwEJdN882Fhez4uRllD9U4Sytx2jrmeJ1j9bN1vmSTTf7vFQzmP5zB5_YVcqQcFMDUBvhEg4DF51llaWgeLD54FZyWeP0g", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-03 08:18:07,856:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55069153520/M4FdeQ HTTP/1.1" 200 186 2021-12-03 08:18:07,868:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 13:18:07 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069153520/M4FdeQ Replay-Nonce: 0002rgWr1LWhCS9_fT7IcKlBvB-YyLE0FuuWPRWRONc1bmY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069153520/M4FdeQ", "token": "Brs4sxKeJTxtnX5KG8ToNdE23Qve0JT95QpQy7U5Urs" } 2021-12-03 08:18:07,869:DEBUG:acme.client:Storing nonce: 0002rgWr1LWhCS9_fT7IcKlBvB-YyLE0FuuWPRWRONc1bmY 2021-12-03 08:18:08,871:DEBUG:acme.client:JWS payload: b'' 2021-12-03 08:18:08,873:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55069153520: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnJnV3IxTFdoQ1M5X2ZUN0ljS2xCdkItWXlMRTBGdXVXUFJXUk9OYzFibVkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDY5MTUzNTIwIn0", "signature": "XBqqVuI7NlwaCG88OZJ1E8pZ97zfxJ6RMzJAE3W7p-0DDw02K49AlT2OTqrkB3xpiX2SNPaeYuKVSvihZAuLWC7yNGJ2S84lp_SjI4VuOVh843ai4kD_WZdDUBXcJnwUSmNBE4eDuLp63IF_inIJVZ5iWdrrfiRixYA92v6Jnw7uVd6ZTQ7Hfdx6nhCgvGYkzUge4DYzWn7sPOlacdf75v0pMnwK-IVlw4tquOu0LUYXwmwWA78cpqMB6O08ffJk_494Dkg0WstA4qqs6U69k9HQDwx-N0Tz8o64il56EBp17Af2Ug-FChuMBPbICuJqud9adW6PBPMKWVGwuyClLg", "payload": "" } 2021-12-03 08:18:08,941:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55069153520 HTTP/1.1" 200 792 2021-12-03 08:18:08,942:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 13:18:08 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00025aW1SaSnuAK5BDYxUg23Yklut0ccpKaAMvAbNoY3V4I X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-10T13:18:06Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069153520/M4FdeQ", "token": "Brs4sxKeJTxtnX5KG8ToNdE23Qve0JT95QpQy7U5Urs" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069153520/48I-Kg", "token": "Brs4sxKeJTxtnX5KG8ToNdE23Qve0JT95QpQy7U5Urs" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069153520/_j2zmw", "token": "Brs4sxKeJTxtnX5KG8ToNdE23Qve0JT95QpQy7U5Urs" } ] } 2021-12-03 08:18:08,942:DEBUG:acme.client:Storing nonce: 00025aW1SaSnuAK5BDYxUg23Yklut0ccpKaAMvAbNoY3V4I 2021-12-03 08:18:11,946:DEBUG:acme.client:JWS payload: b'' 2021-12-03 08:18:11,948:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55069153520: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjVhVzFTYVNudUFLNUJEWXhVZzIzWWtsdXQwY2NwS2FBTXZBYk5vWTNWNEkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDY5MTUzNTIwIn0", "signature": "O5Va3FZx2FB6M3MeQJu2BrPaJmL3C57I3nlJyGWVGBZ2G1l0zd6D_4bJsCdtj7LfWLv2MKKP05LtylsyBMlpKd75xaj_bQ9DnLwhi2EWS2LJJXc4QI9rM1qKJHwPVPwVKRArJ3UYSlVC5hVTCaS1uQK9jNmxgiqMBKl463TgUAFNj6yrNqZlSLohShT-C3eiA0EZ01eynnqVR6Bp0mgRO9jRB7clqnzCuCI-3F_0AkQ4SOIy_WqEM59ZEG9lPbfRq7OXTJCE-2P_fuUoq6NPIrxAddmRQANqmCnt7RDExb-ZR0gs3HbsmfBZ9W-EQpn46AOjNSGhrifUXNMnW9MvAA", "payload": "" } 2021-12-03 08:18:12,012:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55069153520 HTTP/1.1" 200 1505 2021-12-03 08:18:12,013:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 13:18:11 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002gDXtUFww5fAakXJg8qtvFxFFz0eG-px48IoibCxy-TM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-10T13:18:06Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/Brs4sxKeJTxtnX5KG8ToNdE23Qve0JT95QpQy7U5Urs [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069153520/M4FdeQ", "token": "Brs4sxKeJTxtnX5KG8ToNdE23Qve0JT95QpQy7U5Urs", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/Brs4sxKeJTxtnX5KG8ToNdE23Qve0JT95QpQy7U5Urs", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/Brs4sxKeJTxtnX5KG8ToNdE23Qve0JT95QpQy7U5Urs", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-03T13:18:07Z" } ] } 2021-12-03 08:18:12,013:DEBUG:acme.client:Storing nonce: 0002gDXtUFww5fAakXJg8qtvFxFFz0eG-px48IoibCxy-TM 2021-12-03 08:18:12,014:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-03 08:18:12,015:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 08:18:12,015:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/Brs4sxKeJTxtnX5KG8ToNdE23Qve0JT95QpQy7U5Urs [75.2.60.5]: "\n\n\n \n Prep: True 2021-12-03 08:18:13,563:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-03 08:18:13,564:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-03 08:18:13,564:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-03 08:18:13,568:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-03 08:18:13,569:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-03 08:18:13,571:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-03 08:18:13,723:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-03 08:18:13,724:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 13:18:13 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "vOTzqpTmO0o": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2021-12-03 08:18:13,724:INFO:certbot.main:Renewing an existing certificate 2021-12-03 08:18:13,785:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0497_key-certbot.pem 2021-12-03 08:18:13,792:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0497_csr-certbot.pem 2021-12-03 08:18:13,793:DEBUG:acme.client:Requesting fresh nonce 2021-12-03 08:18:13,794:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-03 08:18:13,844:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-03 08:18:13,845:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 13:18:13 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001T8cuitHTzQqW22ede0AHUnapqo8pA07WGPz2akUnScg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-03 08:18:13,845:DEBUG:acme.client:Storing nonce: 0001T8cuitHTzQqW22ede0AHUnapqo8pA07WGPz2akUnScg 2021-12-03 08:18:13,845:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-03 08:18:13,848:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVQ4Y3VpdEhUelFxVzIyZWRlMEFIVW5hcHFvOHBBMDdXR1B6MmFrVW5TY2ciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "X0OSK3ZzSBVzqDYCGctrEAWyjE3HSyIy7Rn04fpj--dAhQ2oQYVu4JGK1AHzwldmkh8RZlOEFOi_mc4snufCKC8lh7y-wZ53gc6PqS9ssMt_RGYGHfL6Njepbg10arUu1K9C_Ds88g0Vofo2bg-fr3CF4MWFPM_V7NU6BfCnQtbB5Xx8oBPCubGeet5IptWHsNPBUMVPjcu61ZjQ_o4BlcClk6fot92eSRYt7eeq6BeR2rcEYbIalOWwjLTmFwtbit34539xXsHxGgtuhltToR3ccrmrNd_-2SwxrnS5mHbzZwduxOjhYx2CcnC8FbVA83MQxzgRTAuCDWYfbQHSFA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-03 08:18:14,700:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-03 08:18:14,701:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Fri, 03 Dec 2021 13:18:14 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44425275030 Replay-Nonce: 0002CsbAe011a4bL4RBrK_WWi-9QDFpBaLNmqr4I8xD0AYc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-10T13:18:14Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55069187220", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55069187230" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44425275030" } 2021-12-03 08:18:14,702:DEBUG:acme.client:Storing nonce: 0002CsbAe011a4bL4RBrK_WWi-9QDFpBaLNmqr4I8xD0AYc 2021-12-03 08:18:14,702:DEBUG:acme.client:JWS payload: b'' 2021-12-03 08:18:14,705:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55069187220: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkNzYkFlMDExYTRiTDRSQnJLX1dXaS05UURGcEJhTE5tcXI0STh4RDBBWWMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDY5MTg3MjIwIn0", "signature": "SFCe1Sj6huxQ9ixGHW1m6mmgF8AxaW2rOI3x3VV48sdokUDNlYOU9epv-BS3ekBMSwXX5iT3Geeg_kq0dGkxpCLDlQhcyc7GfpjJ8xmprNmCaeE7mh7dtHDn-MCLNWi9mQ0UU9cmqhhD409jtz7hRtFW4lZxO4axsqzKwvxjsZsuhDAfntIxxRI5gBhHmSHK0Sx0xl0Ty2HkjoHCTlV7PnH4UJhmHKlwe4LB-LzAyrqM3B4YTk-IpFRjpQ-p9ycQjyHBH_xsatjfWulKlMP9ki3aVdDiupvho2dHWEPyanccRDbZAJh3U_QKFSNC6bK2Czn3v2bK9UIeWv8kxhxsgA", "payload": "" } 2021-12-03 08:18:14,764:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55069187220 HTTP/1.1" 200 792 2021-12-03 08:18:14,766:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 13:18:14 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001R7IUyqa3dxgmFfYcnJmzDTn8NerPCA9wVjI0gaVCIW4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-10T13:18:14Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069187220/PTSWJg", "token": "kgM38n5BqCsHmXe-lRU7zhfZRhc7SXxgZNG7iFrJLU8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069187220/Oi3KxQ", "token": "kgM38n5BqCsHmXe-lRU7zhfZRhc7SXxgZNG7iFrJLU8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069187220/wqzt3A", "token": "kgM38n5BqCsHmXe-lRU7zhfZRhc7SXxgZNG7iFrJLU8" } ] } 2021-12-03 08:18:14,766:DEBUG:acme.client:Storing nonce: 0001R7IUyqa3dxgmFfYcnJmzDTn8NerPCA9wVjI0gaVCIW4 2021-12-03 08:18:14,767:DEBUG:acme.client:JWS payload: b'' 2021-12-03 08:18:14,769:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55069187230: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVI3SVV5cWEzZHhnbUZmWWNuSm16RFRuOE5lclBDQTl3VmpJMGdhVkNJVzQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDY5MTg3MjMwIn0", "signature": "op97BuT3L3ohtZgu52STBq_1XD_ozcMbGLOhWxzDmlwhbmGNXuIri9mKt01cWDUfrQtwxUn2Owf7DGqcQrhpg8tl6lM0gt9SwM2cGhL-2filtcjFJ6iTKuZxeZYGYSKM-l-qciyke4TywKinnretFD9RE-OZcJ-CnTXpNZ5xGDK1YBuPd5hcI9aukEIRK3nOWQ9nBURNbxdM8qHZZH5qCQD3ZpIpDuYUFTWafq-2kNzaWsSY72fzBnl0Fplza4LaiJZxmI1vCXSIV8dtyRmJ14zY0ByA-PPUQvvdd50Zk340tw9mxknParZlQQQ43wGTPG-ZesZaJ1ne6x1l9Ln4rg", "payload": "" } 2021-12-03 08:18:14,857:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55069187230 HTTP/1.1" 200 796 2021-12-03 08:18:14,858:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 13:18:14 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001G2pTEj4j4NZESSlGVBp0_NUnKE65u4_hZ7BeoemNNnA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-10T13:18:14Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069187230/3aqsbA", "token": "SDs4VfOIIc9-JUFckWOdQEUBcxWt2Ex-eIY2n0Bar2s" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069187230/kWj5lw", "token": "SDs4VfOIIc9-JUFckWOdQEUBcxWt2Ex-eIY2n0Bar2s" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069187230/e1FtUw", "token": "SDs4VfOIIc9-JUFckWOdQEUBcxWt2Ex-eIY2n0Bar2s" } ] } 2021-12-03 08:18:14,858:DEBUG:acme.client:Storing nonce: 0001G2pTEj4j4NZESSlGVBp0_NUnKE65u4_hZ7BeoemNNnA 2021-12-03 08:18:14,859:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-03 08:18:14,859:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 08:18:14,859:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-03 08:18:14,914:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-03 08:18:14,914:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-03 08:18:14,915:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-03 08:18:14,915:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-03 08:18:14,915:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-03 08:18:14,916:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-03 08:18:14,916:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-03 08:18:14,916:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-03 08:18:14,916:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-03 08:18:14,917:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-03 08:18:14,917:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-03 08:18:14,917:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-03 08:18:14,918:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-03 08:18:14,919:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-03 08:18:14,920:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/kgM38n5BqCsHmXe-lRU7zhfZRhc7SXxgZNG7iFrJLU8{default_type text/plain;return 200 kgM38n5BqCsHmXe-lRU7zhfZRhc7SXxgZNG7iFrJLU8.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot location = /.well-known/acme-challenge/SDs4VfOIIc9-JUFckWOdQEUBcxWt2Ex-eIY2n0Bar2s{default_type text/plain;return 200 SDs4VfOIIc9-JUFckWOdQEUBcxWt2Ex-eIY2n0Bar2s.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-03 08:18:15,950:INFO:certbot.auth_handler:Waiting for verification... 2021-12-03 08:18:15,951:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-03 08:18:15,954:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069187220/PTSWJg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUcycFRFajRqNE5aRVNTbEdWQnAwX05VbktFNjV1NF9oWjdCZW9lbU5ObkEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MDY5MTg3MjIwL1BUU1dKZyJ9", "signature": "V39zrSrnyPExP2LJHD10wjctE91vAuXBAkVJLcIVogpc-INGB8zMLDnznpv0xqIxvGAgBG7fCIytO8LtJyiaVe0kfR-dhucpu9t3idHLQhcG2yWp5uSzRNX5OEpO-P3Hl8keC4ZXFYNpjpr4iQ9retMqT6z9CaPkRsObaIw63R4390KKp29L_vKWc5NE2-Ok5876xpHiNdksfnc8xFYbtuwKpXQPkR69J4leIHutP4WXwJTnS1gR5PVKgCDZ6dxxbfH4d3sBBLqRrdI1bP0DaK4Cn4SOBrDfYt2_BzKtoYMjBmXTqoytN7364xnyf9BuqJH-6Cqt3wGXj4utCtbDDA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-03 08:18:16,162:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55069187220/PTSWJg HTTP/1.1" 200 186 2021-12-03 08:18:16,163:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 13:18:16 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069187220/PTSWJg Replay-Nonce: 0002levaogKxk1lp1cnK59vAJWCK1cF59B2Ukb3TY-dXQUo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069187220/PTSWJg", "token": "kgM38n5BqCsHmXe-lRU7zhfZRhc7SXxgZNG7iFrJLU8" } 2021-12-03 08:18:16,164:DEBUG:acme.client:Storing nonce: 0002levaogKxk1lp1cnK59vAJWCK1cF59B2Ukb3TY-dXQUo 2021-12-03 08:18:16,164:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-03 08:18:16,167:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069187230/3aqsbA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmxldmFvZ0t4azFscDFjbks1OXZBSldDSzFjRjU5QjJVa2IzVFktZFhRVW8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MDY5MTg3MjMwLzNhcXNiQSJ9", "signature": "naZ_dIEU750-YQM6JjHE6ShlR9W5t6YyAhFQEXPXJUtxb1I-3apom2ERZrNQBI-aXRNv2atX7FpSXX_njjKaEhsr7-4IaOlIsLmC1nMAjDl6VPOTVNFZQ6Rc_UQ2mv5aUSJPPdesBx5_-uxMgxY0vBvg5nlMDjICS734SaHqwHybxtXTdZtOz8lqwoVTADldPdncsrbY442yCMnUEVCM5q5FXMUcogEbHvD6gfrjMyAm7ZPiYwM9_fUyYqsHFbU3JWTDvbtF6R4aydMMMCUkCxSJ2kAaLnikGV2Gn6fKS2doeirUxkMGRW-invfJnajb7IVdojqIUwNFM4ZE7TsR4w", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-03 08:18:16,239:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55069187230/3aqsbA HTTP/1.1" 200 186 2021-12-03 08:18:16,240:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 13:18:16 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069187230/3aqsbA Replay-Nonce: 00028sHCxCH-0BHPYYu-yh47LBtPIgIjEVlc6NuuLMkKmq0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069187230/3aqsbA", "token": "SDs4VfOIIc9-JUFckWOdQEUBcxWt2Ex-eIY2n0Bar2s" } 2021-12-03 08:18:16,240:DEBUG:acme.client:Storing nonce: 00028sHCxCH-0BHPYYu-yh47LBtPIgIjEVlc6NuuLMkKmq0 2021-12-03 08:18:17,242:DEBUG:acme.client:JWS payload: b'' 2021-12-03 08:18:17,244:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55069187220: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjhzSEN4Q0gtMEJIUFlZdS15aDQ3TEJ0UElnSWpFVmxjNk51dUxNa0ttcTAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDY5MTg3MjIwIn0", "signature": "of0uVRaKYzP3z00MjsF0SZKrDHzwsBqXs5p66VetRzsDbY7W7qwGyhkW8In3oGVytviGI73idtnusZAO6Sd0PKcjLg4sL1y6u8M2p2IZSQBbo-atj9vwovL2duwY6yIpGPIJlU05DRzeZNKdXV7-bHTkjSzV9EhltYvUrrhl4bpQk2rNz_nk2pQgEiw86tXAj5U8Ru2GlYhMynAfvGo5mMqjKBovOAmTEOtcmWHrlnHpv6h_42_GuQLZewTe07Lwg9sUz0P9jzg19wMTjONeh1ZQMcr2iMbzVV-C2cGHL2zxGQ-7Wn0m_wwegBpQ56d77jFUyscbDfdX2pvIT7VlbQ", "payload": "" } 2021-12-03 08:18:17,311:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55069187220 HTTP/1.1" 200 1505 2021-12-03 08:18:17,313:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 13:18:17 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002bESmM75TMh8OCoeBjjeW341PhRe3r7oNqj9Zcq6GS-A X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-10T13:18:14Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/kgM38n5BqCsHmXe-lRU7zhfZRhc7SXxgZNG7iFrJLU8 [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069187220/PTSWJg", "token": "kgM38n5BqCsHmXe-lRU7zhfZRhc7SXxgZNG7iFrJLU8", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/kgM38n5BqCsHmXe-lRU7zhfZRhc7SXxgZNG7iFrJLU8", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/kgM38n5BqCsHmXe-lRU7zhfZRhc7SXxgZNG7iFrJLU8", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-03T13:18:15Z" } ] } 2021-12-03 08:18:17,313:DEBUG:acme.client:Storing nonce: 0002bESmM75TMh8OCoeBjjeW341PhRe3r7oNqj9Zcq6GS-A 2021-12-03 08:18:17,314:DEBUG:acme.client:JWS payload: b'' 2021-12-03 08:18:17,316:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55069187230: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmJFU21NNzVUTWg4T0NvZUJqamVXMzQxUGhSZTNyN29OcWo5WmNxNkdTLUEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDY5MTg3MjMwIn0", "signature": "MSK18yXusfR5r1_XxVUCaMXcLsI6a3SJfu8NO15LqmCbyKyX9LXTL5dH-XX1kJZMf4S38lqtANdjmPEl3ptI-fLGD6tcbJ-Sy-R61LVWJtuB3B2uDjy1-yOGhcjn7VbJEgUPSpJQhvBXfqX0NCi5UssnTKf9L88m22lyzxl63d9NUZXbEZ4PXQKWiXgYeARs8XwGrNKE09DFBIIV_pdOhYZ7Y5flzDvccZrwGMZ3vtz3RbNupeIkUb3Kt0nf2rx30k9mUC2TAQTX39jPL5riJkXKTWxTe9TXQy_YrOBlkuVFcohsj4OOOR4D9geTxjeixEIiUX01or5i06uoJu6KIw", "payload": "" } 2021-12-03 08:18:17,376:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55069187230 HTTP/1.1" 200 796 2021-12-03 08:18:17,377:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 13:18:17 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001Hchyh8x88miADuG1m3KP36L8psj8VFVqzsQtYhT12J4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-10T13:18:14Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069187230/3aqsbA", "token": "SDs4VfOIIc9-JUFckWOdQEUBcxWt2Ex-eIY2n0Bar2s" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069187230/kWj5lw", "token": "SDs4VfOIIc9-JUFckWOdQEUBcxWt2Ex-eIY2n0Bar2s" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069187230/e1FtUw", "token": "SDs4VfOIIc9-JUFckWOdQEUBcxWt2Ex-eIY2n0Bar2s" } ] } 2021-12-03 08:18:17,377:DEBUG:acme.client:Storing nonce: 0001Hchyh8x88miADuG1m3KP36L8psj8VFVqzsQtYhT12J4 2021-12-03 08:18:17,378:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-03 08:18:20,382:DEBUG:acme.client:JWS payload: b'' 2021-12-03 08:18:20,384:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55069187230: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUhjaHloOHg4OG1pQUR1RzFtM0tQMzZMOHBzajhWRlZxenNRdFloVDEySjQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MDY5MTg3MjMwIn0", "signature": "PH0LE37WdsQFYEdRvjTfB22fMp2KVpiAAStvAcwJSueK3QyyW5lNnMCEcIO1XR7XK80F81TmBG4ESnY7-N0ZB4XJNg2vhyy80bxxJkQaF-vAxHdPAMySP9LCZ4dM-CBxwDBhQx-bpxjbsST6gzyn2TNnpvGNN20510sVC_6PJkg0IfQtc-877FYJXR0QxMrMSYZxGSSLzdjU0jSAYliJGaFrbJy8MrODNqu1zRBZ-CVLY2aOZ9KiBfHUeW_yUOuSSi2ww3_CY1zD5PiZ2_WeNMmLYa2oRQH6uc41UO2_oefnj5mV2cNFVM9KGgEizWkL879a6m08iRS38qjLXWx4Tw", "payload": "" } 2021-12-03 08:18:20,448:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55069187230 HTTP/1.1" 200 1826 2021-12-03 08:18:20,449:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 03 Dec 2021 13:18:20 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001dnAg5EBD92BCZRI6LgWJgKxscYHAwXyUXaPpR8UKkTQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-10T13:18:14Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/SDs4VfOIIc9-JUFckWOdQEUBcxWt2Ex-eIY2n0Bar2s [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55069187230/3aqsbA", "token": "SDs4VfOIIc9-JUFckWOdQEUBcxWt2Ex-eIY2n0Bar2s", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/SDs4VfOIIc9-JUFckWOdQEUBcxWt2Ex-eIY2n0Bar2s", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/SDs4VfOIIc9-JUFckWOdQEUBcxWt2Ex-eIY2n0Bar2s", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/SDs4VfOIIc9-JUFckWOdQEUBcxWt2Ex-eIY2n0Bar2s", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-03T13:18:16Z" } ] } 2021-12-03 08:18:20,449:DEBUG:acme.client:Storing nonce: 0001dnAg5EBD92BCZRI6LgWJgKxscYHAwXyUXaPpR8UKkTQ 2021-12-03 08:18:20,450:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-03 08:18:20,451:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 08:18:20,451:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-03 08:18:20,451:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/kgM38n5BqCsHmXe-lRU7zhfZRhc7SXxgZNG7iFrJLU8 [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-12-03 08:18:21,737:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-12-03 08:18:21,737:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-12-03 08:18:21,738:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-03 21:32:55,531:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-03 21:32:55,532:DEBUG:certbot.main:Arguments: [] 2021-12-03 21:32:55,532:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-03 21:32:55,544:DEBUG:certbot.log:Root logging level set at 20 2021-12-03 21:32:55,545:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-03 21:32:55,559:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2021-12-03 21:32:55,573:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 21:32:55,574:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 21:32:55,575:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 21:32:55,580:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 21:32:55,581:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 21:32:55,581:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 21:32:55,587:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 21:32:55,588:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 21:32:55,589:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 21:32:55,595:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 21:32:55,596:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 21:32:55,596:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 21:32:55,603:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 21:32:55,604:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 21:32:55,605:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 21:32:55,610:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-12-03 21:32:55,610:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-03 21:32:55,610:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-12-03 21:32:55,919:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-03 21:32:55,920:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-03 21:32:55,920:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-03 21:32:55,921:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-03 21:32:55,927:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-03 21:32:55,929:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-03 21:32:55,932:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-03 21:32:56,097:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-03 21:32:56,098:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:32:56 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "rx68JQ_ELkU": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2021-12-03 21:32:56,099:INFO:certbot.main:Renewing an existing certificate 2021-12-03 21:32:56,137:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0498_key-certbot.pem 2021-12-03 21:32:56,148:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0498_csr-certbot.pem 2021-12-03 21:32:56,149:DEBUG:acme.client:Requesting fresh nonce 2021-12-03 21:32:56,149:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-03 21:32:56,202:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-03 21:32:56,203:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:32:56 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 000213BNPr4zKsZKWd2bodVdWo1bWgXb0umyGCQFAECwwTU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-03 21:32:56,203:DEBUG:acme.client:Storing nonce: 000213BNPr4zKsZKWd2bodVdWo1bWgXb0umyGCQFAECwwTU 2021-12-03 21:32:56,203:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-12-03 21:32:56,206:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjEzQk5QcjR6S3NaS1dkMmJvZFZkV28xYldnWGIwdW15R0NRRkFFQ3d3VFUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "gwofqeAELmNCsw5gtR7NrHFZn49-WMdUwF4tNzLPOdKetMlr7sZZluyHx6ogT2bBx5fg7-DC1C_x09Np1G8KtHq7CzTqR5eItv2WltJTnd5hSyexM9kRFcvmAo1-0RL-qmjAW9Xk8GW5tzTUieVPlK7S7OTQx5t0VHDfcp6Qt_oL7JPe8F_WuYoK6A09pPc9iMR8bh8rJPtaCvMmdrDhTj8T60B2mkCDWdCszuvxPqqxG1jSfuw4pULCjGmXWMKFwKHwNVoAXwnZqJAWtALhHS2w6rIWKRFwtQfYCxkoJrZ4noOSuap6WmKsssKkEZhJOVsYVYaHMaKeKkWsf23JeQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-12-03 21:32:57,444:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-12-03 21:32:57,445:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 04 Dec 2021 02:32:57 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44566165130 Replay-Nonce: 0002eR6qVI1joFtyCsycevefL2PoVKWjJqmm60ZGYjrajF8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-11T02:32:57Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55239468980" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44566165130" } 2021-12-03 21:32:57,445:DEBUG:acme.client:Storing nonce: 0002eR6qVI1joFtyCsycevefL2PoVKWjJqmm60ZGYjrajF8 2021-12-03 21:32:57,446:DEBUG:acme.client:JWS payload: b'' 2021-12-03 21:32:57,447:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55239468980: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmVSNnFWSTFqb0Z0eUNzeWNldmVmTDJQb1ZLV2pKcW1tNjBaR1lqcmFqRjgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjM5NDY4OTgwIn0", "signature": "gf3SaQX9GDm49Ub7ogoTMzsWCqvYO-Qgb5VMHgjaDuw2Z4FsYiig2e6oa_MT_ESJcxzU9cbv3BKf3YoXqBtAAqzMePAYAxBGYQBti6ol6t8r_mDQ7i0uN5RcBlSX25kCUWGzjYPRksfFVUhwlzGXslXZmn2J-KugCGICfHVXt2ZsvXlPe-wVu3Vx9PkLTpla1WJ5xqK5QhH406dRwTMyGFSXuVT6uyAyVBfpfGlCsXMijQ2KivPg9wlKdBMKFDwx1nk2HZWg2lLourJkff6entFH9dxJH_M1ge13i6I4cZeaJwU7scTDhY2shvUdFr_bKrIkX5IeLaNMfAFJwCND9Q", "payload": "" } 2021-12-03 21:32:57,529:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55239468980 HTTP/1.1" 200 792 2021-12-03 21:32:57,530:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:32:57 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002exbIYrPk9EZ3cPZORhgMGzkIREstw9c20-M0zg6m2UE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T02:32:57Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239468980/G7YZwA", "token": "Hz05RCwUABo0pb8gcD1Gas-wBsen1pSD6R6aXZmZuS8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239468980/0yiOHw", "token": "Hz05RCwUABo0pb8gcD1Gas-wBsen1pSD6R6aXZmZuS8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239468980/ZojaGw", "token": "Hz05RCwUABo0pb8gcD1Gas-wBsen1pSD6R6aXZmZuS8" } ] } 2021-12-03 21:32:57,530:DEBUG:acme.client:Storing nonce: 0002exbIYrPk9EZ3cPZORhgMGzkIREstw9c20-M0zg6m2UE 2021-12-03 21:32:57,531:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-03 21:32:57,531:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 21:32:57,562:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-03 21:32:57,562:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-03 21:32:57,563:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-03 21:32:57,563:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-03 21:32:57,563:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-03 21:32:57,564:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-03 21:32:57,564:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-03 21:32:57,564:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-03 21:32:57,564:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-03 21:32:57,565:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-03 21:32:57,565:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-03 21:32:57,565:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-03 21:32:57,566:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-03 21:32:57,567:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-03 21:32:57,568:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/Hz05RCwUABo0pb8gcD1Gas-wBsen1pSD6R6aXZmZuS8{default_type text/plain;return 200 Hz05RCwUABo0pb8gcD1Gas-wBsen1pSD6R6aXZmZuS8.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-03 21:32:58,594:INFO:certbot.auth_handler:Waiting for verification... 2021-12-03 21:32:58,596:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-03 21:32:58,598:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239468980/G7YZwA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmV4YklZclBrOUVaM2NQWk9SaGdNR3prSVJFc3R3OWMyMC1NMHpnNm0yVUUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MjM5NDY4OTgwL0c3WVp3QSJ9", "signature": "BgTdjoPighF1yBEKteVGXWYRkAPk3UbOprcQt8VQGIz-Cp2gfQlvT4JBDgGEoX2zhVGBCX28zceKH1FQcaufZqQt86CQCqKdMNs0cqo6RFzQSkRTmp9ZX5C5BJKE8TQRzhxb7Le_RBd4njESMaLrjH3Byl6FQpA4DoPfTbosLRXotgfCYP6o337ULaj-f-GPMBEgdp7ULrMsh9ddg5wBIIwFc09Z_f8pnWP4skVR343XXf59W9wpVlIuv9hN4n1XWxPNbC-sReWz73pl9Z9mBtAaFR0PzR5xsM_xG6GOaYXPHfkvd5ZO_MXRqAHmh-ccd2hjU0lUQ9LcJ4DEEZ9Aag", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-03 21:32:58,716:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55239468980/G7YZwA HTTP/1.1" 200 186 2021-12-03 21:32:58,717:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:32:58 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239468980/G7YZwA Replay-Nonce: 00025wHqEJb0Gwt2NGPgg_s-ECDcaFFmxLVGnebLYEb_kJA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239468980/G7YZwA", "token": "Hz05RCwUABo0pb8gcD1Gas-wBsen1pSD6R6aXZmZuS8" } 2021-12-03 21:32:58,718:DEBUG:acme.client:Storing nonce: 00025wHqEJb0Gwt2NGPgg_s-ECDcaFFmxLVGnebLYEb_kJA 2021-12-03 21:32:59,719:DEBUG:acme.client:JWS payload: b'' 2021-12-03 21:32:59,722:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55239468980: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjV3SHFFSmIwR3d0Mk5HUGdnX3MtRUNEY2FGRm14TFZHbmViTFlFYl9rSkEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjM5NDY4OTgwIn0", "signature": "YhBzImx1PJvtW8NgmJdx1_UPM6rw30p-IZOMxzR6cA01Q1GWDnm3bS4jO9AhWZjT0Q4aDkEWAxU5ByKqcZB4T_NInMdJA_fNHUXmZKdsKYzB8Ka16-MvB8vmO7We9SOZQlBvKlJ0rcqYUWjA5TBLWpsBJfsklinxN7sBHNHHmnH4eBfm_3XHYKnkUjtSpBnpBUpIl7N0NmvUxqMDCClFNhKIrR4OvPhUw1rdLnhR6KQSV7q4AhVjyLpvzyKWSnkcReNyZq1FMolyygo9SXbf6KUpRezOuU5jx_B_sCQp0c-Hw2k7XnDvgtng5UUG3Afbizc1JHRW-q0BNGIG7LiB8Q", "payload": "" } 2021-12-03 21:32:59,784:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55239468980 HTTP/1.1" 200 792 2021-12-03 21:32:59,785:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:32:59 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001LBO8IBMdDTQaskQ9asLzthtEp3lcd-xEWvFCHFjjNlw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T02:32:57Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239468980/G7YZwA", "token": "Hz05RCwUABo0pb8gcD1Gas-wBsen1pSD6R6aXZmZuS8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239468980/0yiOHw", "token": "Hz05RCwUABo0pb8gcD1Gas-wBsen1pSD6R6aXZmZuS8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239468980/ZojaGw", "token": "Hz05RCwUABo0pb8gcD1Gas-wBsen1pSD6R6aXZmZuS8" } ] } 2021-12-03 21:32:59,785:DEBUG:acme.client:Storing nonce: 0001LBO8IBMdDTQaskQ9asLzthtEp3lcd-xEWvFCHFjjNlw 2021-12-03 21:33:02,789:DEBUG:acme.client:JWS payload: b'' 2021-12-03 21:33:02,791:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55239468980: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUxCTzhJQk1kRFRRYXNrUTlhc0x6dGh0RXAzbGNkLXhFV3ZGQ0hGampObHciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjM5NDY4OTgwIn0", "signature": "aHOUpAXADgF29SMhcSWmSSn67O0V4O8Udxte7m2sZcBuZU_ZnKd4K6VSI5JhpGaZLoHIQs-COiDZOMeQkHmksoD5c04BT1eIJVbPdSWVr_oKV1r43NBqQLo9kYfLwCPMXfoLc2T16DpaIjfxDzL4C8r_TsneJvpRzZoMGY-i_ZmhhghBCGw96jndlrtolY57Vo_AysrmeXnlJtbGdp-WKskNn630F8g8u_cC02mkmVkX-gEtPRgb9pJ-6cPWJ9EEcZxprLOHPMKHMrggnOmjNwY7ydX9vrqdqvlShM89qUZNrMzhbzs9ZKfbUCYwA3LkZpDJkZFDgrult5gcUuzNfQ", "payload": "" } 2021-12-03 21:33:02,869:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55239468980 HTTP/1.1" 200 1505 2021-12-03 21:33:02,870:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:33:02 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001AMqSctZgn8W6zU4KR0zHDL9-abMa5o2yCO5FTMFY3VQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T02:32:57Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/Hz05RCwUABo0pb8gcD1Gas-wBsen1pSD6R6aXZmZuS8 [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239468980/G7YZwA", "token": "Hz05RCwUABo0pb8gcD1Gas-wBsen1pSD6R6aXZmZuS8", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/Hz05RCwUABo0pb8gcD1Gas-wBsen1pSD6R6aXZmZuS8", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/Hz05RCwUABo0pb8gcD1Gas-wBsen1pSD6R6aXZmZuS8", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T02:32:58Z" } ] } 2021-12-03 21:33:02,870:DEBUG:acme.client:Storing nonce: 0001AMqSctZgn8W6zU4KR0zHDL9-abMa5o2yCO5FTMFY3VQ 2021-12-03 21:33:02,871:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-03 21:33:02,871:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 21:33:02,871:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/Hz05RCwUABo0pb8gcD1Gas-wBsen1pSD6R6aXZmZuS8 [75.2.60.5]: "\n\n\n \n Prep: True 2021-12-03 21:33:04,302:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-03 21:33:04,302:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-03 21:33:04,302:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-03 21:33:04,305:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-03 21:33:04,306:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-03 21:33:04,308:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-03 21:33:04,458:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-03 21:33:04,460:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:33:04 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "mHdYtCS6PME": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-03 21:33:04,460:INFO:certbot.main:Renewing an existing certificate 2021-12-03 21:33:04,547:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0499_key-certbot.pem 2021-12-03 21:33:04,558:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0499_csr-certbot.pem 2021-12-03 21:33:04,559:DEBUG:acme.client:Requesting fresh nonce 2021-12-03 21:33:04,559:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-03 21:33:04,609:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-03 21:33:04,610:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:33:04 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001A4N74SmODQ6faOK5p8CChP5C8PFskw1m2LbLDheC9f4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-03 21:33:04,611:DEBUG:acme.client:Storing nonce: 0001A4N74SmODQ6faOK5p8CChP5C8PFskw1m2LbLDheC9f4 2021-12-03 21:33:04,611:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-03 21:33:04,614:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUE0Tjc0U21PRFE2ZmFPSzVwOENDaFA1QzhQRnNrdzFtMkxiTERoZUM5ZjQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "Tpf4b1byqDCfKs_EBnpmQk0PWgx_p5nS3ibQMVeYAiVMphyvmku4cWFN6aVWeVYzA3A4gccMPYvWC9vdh3jl3Ly8ACSeYoBef3MTdiqfFbv9lScVyrR7GIIW5a4En_9XTWMmobDzFdEAgQRVOaltIP0ygNksPD-l30d_qAz7B1tofgP68WGEMsrNoRkXvwaXU3Yl9k1M9aQbVmZsYKeZygPOyc1Hb7qD0HPyXizzYIJGxfExbl-U6PqzErQeFiMisi1Zzl9Cc3FCt_IIr7vkMANfmv4DBSr19xPPDeb90R8p2mYkM6MmOb4LrpIHaf115FWg0-k3nAJ_bfY2GG8Giw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-03 21:33:05,279:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-03 21:33:05,280:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 04 Dec 2021 02:33:05 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44566192220 Replay-Nonce: 00027WuyyNgApUeJBYY-bZo5QRW2MDEu8gJCdkOOrGz18MM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-11T02:33:05Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55239501020", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55239501030" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44566192220" } 2021-12-03 21:33:05,280:DEBUG:acme.client:Storing nonce: 00027WuyyNgApUeJBYY-bZo5QRW2MDEu8gJCdkOOrGz18MM 2021-12-03 21:33:05,281:DEBUG:acme.client:JWS payload: b'' 2021-12-03 21:33:05,283:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55239501020: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjdXdXl5TmdBcFVlSkJZWS1iWm81UVJXMk1ERXU4Z0pDZGtPT3JHejE4TU0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjM5NTAxMDIwIn0", "signature": "MPDa_Ym5OwbxkrD08UX4KrkhX3IziRgvK1HyH6K8FLCa4P-LUHxRwfRnSujiT14G5YQCkKIlOy9XxPiPcxmG_97qqFHdtFRs2Enk_EqYuQid46JWctXt_oS5sDTK_W6Bom6Hw3JCQJPKTOFsZ_fQfsYgc_HjquivugulFv-wUhGBcmtc-yqPY04SXlSAssZjrJAVy7GL_T2mxshox5HKcqtADRsNBxiQqhVtOXPAhOd8_SNt-scZ5pp5NUTSZIfxGxspNw0brWwdtOEECzqgTohaRBWatViGUqZRLelRyr9IGnqQVIwwkMSC8vBXBylGxASKYkkCCwp1XiQ7VfqeDg", "payload": "" } 2021-12-03 21:33:05,355:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55239501020 HTTP/1.1" 200 792 2021-12-03 21:33:05,356:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:33:05 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001CPq1K4f-Vvp-FOQ17dTsqlyJGKpk8vXy-9Ygd6OHzLw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T02:33:05Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239501020/94CKRg", "token": "rcHYfnQdGWhXQt0gQD5cZA0xuB7erJa7Y9wGC3ler7o" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239501020/AG6TDw", "token": "rcHYfnQdGWhXQt0gQD5cZA0xuB7erJa7Y9wGC3ler7o" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239501020/IO0BRA", "token": "rcHYfnQdGWhXQt0gQD5cZA0xuB7erJa7Y9wGC3ler7o" } ] } 2021-12-03 21:33:05,356:DEBUG:acme.client:Storing nonce: 0001CPq1K4f-Vvp-FOQ17dTsqlyJGKpk8vXy-9Ygd6OHzLw 2021-12-03 21:33:05,357:DEBUG:acme.client:JWS payload: b'' 2021-12-03 21:33:05,358:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55239501030: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUNQcTFLNGYtVnZwLUZPUTE3ZFRzcWx5SkdLcGs4dlh5LTlZZ2Q2T0h6THciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjM5NTAxMDMwIn0", "signature": "aNWCJ3Ahu4voh67zTDvE2x4KexQNrhQSqmQx1_q3oAlU1lVTvLtTXmTVLXbtkGG2lbLP5bxp025SC3Dpq7-ttYJoGLn8BDX3pjdDxFanyrWTq_ZBqa_RYqDtHc7DUsEqnVKI83y9wKvFv-sZodKFAT3cDz7yrEka_gXZ2SMVUzgaJDJVapULMOb16jMXvxuUhcIiiZ-1ntfebIclwD10MNKpIt-OWe7uZAp0v8mVj1wOF8IJnEpehpMKX5Rw93tupvjaEtb6_qDFg9c9vPEaZBLkZ2AsId5id1C8BDeCXosg88wvpsIeDGgDFxqFnPzB8a3nkAwY59TYoUmRFCSz8g", "payload": "" } 2021-12-03 21:33:05,447:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55239501030 HTTP/1.1" 200 796 2021-12-03 21:33:05,448:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:33:05 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00023UK_-fJ6BOCeml2gqcnlLKpv1XzQ_ye9yW6nzvx_KAU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-11T02:33:05Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239501030/GQjCfA", "token": "dUNLaD_KT5bwhI3qOdxfN0z2kBo9DY5Vcul5mMZrwio" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239501030/yHCS1Q", "token": "dUNLaD_KT5bwhI3qOdxfN0z2kBo9DY5Vcul5mMZrwio" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239501030/5itzoQ", "token": "dUNLaD_KT5bwhI3qOdxfN0z2kBo9DY5Vcul5mMZrwio" } ] } 2021-12-03 21:33:05,449:DEBUG:acme.client:Storing nonce: 00023UK_-fJ6BOCeml2gqcnlLKpv1XzQ_ye9yW6nzvx_KAU 2021-12-03 21:33:05,450:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-03 21:33:05,450:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 21:33:05,450:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-03 21:33:05,513:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-03 21:33:05,514:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-03 21:33:05,514:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-03 21:33:05,515:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-03 21:33:05,515:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-03 21:33:05,515:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-03 21:33:05,516:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-03 21:33:05,516:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-03 21:33:05,516:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-03 21:33:05,516:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-03 21:33:05,517:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-03 21:33:05,517:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-03 21:33:05,517:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-03 21:33:05,518:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-03 21:33:05,520:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/rcHYfnQdGWhXQt0gQD5cZA0xuB7erJa7Y9wGC3ler7o{default_type text/plain;return 200 rcHYfnQdGWhXQt0gQD5cZA0xuB7erJa7Y9wGC3ler7o.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot location = /.well-known/acme-challenge/dUNLaD_KT5bwhI3qOdxfN0z2kBo9DY5Vcul5mMZrwio{default_type text/plain;return 200 dUNLaD_KT5bwhI3qOdxfN0z2kBo9DY5Vcul5mMZrwio.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-03 21:33:06,551:INFO:certbot.auth_handler:Waiting for verification... 2021-12-03 21:33:06,553:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-03 21:33:06,556:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239501020/94CKRg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjNVS18tZko2Qk9DZW1sMmdxY25sTEtwdjFYelFfeWU5eVc2bnp2eF9LQVUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MjM5NTAxMDIwLzk0Q0tSZyJ9", "signature": "AsBxaaHcErK1qhrfe45a6zjGVcbsmLLG1QX8tEqHaBIi2fsEbz5N1FyCo-BBY-62d37s0pdeIUe4k07mQNGCmuOJFhh1qY4MNyS1MGzb11g8fQkAhF-rTQ7PBIPODuBFybPBFRIuzYzgVmHKbK4Zob33e1fh9ptV4G7LKKaLh4u55qGMkmY1HfSRjGeF-o-_II4SOlXbtR5u7VSeSVkN2x42jpB5mG_sBMofWr9jQ-2UJDKIyGAdXHlK6fD6gL02S9Xj08ww3RMU3-X6AeheOcK7uaZK9tbXckuYAVBR3UjLwfAFmWzz6qylWvTcKF2I070DdHTzX0xWHHEL89Gipg", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-03 21:33:06,641:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55239501020/94CKRg HTTP/1.1" 200 186 2021-12-03 21:33:06,642:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:33:06 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239501020/94CKRg Replay-Nonce: 0002n5haBTwXCb2WkhxUyL9Hr7YcjejHpxD6lrkmGAF17qk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239501020/94CKRg", "token": "rcHYfnQdGWhXQt0gQD5cZA0xuB7erJa7Y9wGC3ler7o" } 2021-12-03 21:33:06,642:DEBUG:acme.client:Storing nonce: 0002n5haBTwXCb2WkhxUyL9Hr7YcjejHpxD6lrkmGAF17qk 2021-12-03 21:33:06,643:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-03 21:33:06,645:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239501030/GQjCfA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMm41aGFCVHdYQ2IyV2toeFV5TDlIcjdZY2plakhweEQ2bHJrbUdBRjE3cWsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MjM5NTAxMDMwL0dRakNmQSJ9", "signature": "De8hyBkthu5vXam8ANozJlRCS_5z_TJcqLx_petRQ2aIulx8p4z864cXnWRZBKb4MiTi1WaExqC7TCLEJuoH1gaDwd-wy9Padzgc-QJbEcuEr5DUpvrOuRb7nNOhPpnTkpXaAe0ZZ4ShyozyOKC766v9Ve3_wDdU5rELYKHnpZyYtTZQI08YU0FGA7gs6IdzzEG_vsqljcqHkq6cWjr5ySi58gnYu2meV2OcELc8UdNrx-i68ID5UeFopEUxP5E01qf8Olh49XDIkC7PXkcF05QMKZFN8hV527khxCvwhUvmDi9v19gBP-iBYzoffTeKqwgsWLMGTXmi6r5b7z5Y9A", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-03 21:33:06,889:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55239501030/GQjCfA HTTP/1.1" 200 186 2021-12-03 21:33:06,890:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:33:06 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239501030/GQjCfA Replay-Nonce: 0002pGMeigSWJ_3F9eY35EWVyxl_FUsIJoBob-KajSnvH90 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239501030/GQjCfA", "token": "dUNLaD_KT5bwhI3qOdxfN0z2kBo9DY5Vcul5mMZrwio" } 2021-12-03 21:33:06,891:DEBUG:acme.client:Storing nonce: 0002pGMeigSWJ_3F9eY35EWVyxl_FUsIJoBob-KajSnvH90 2021-12-03 21:33:07,892:DEBUG:acme.client:JWS payload: b'' 2021-12-03 21:33:07,895:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55239501020: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnBHTWVpZ1NXSl8zRjllWTM1RVdWeXhsX0ZVc0lKb0JvYi1LYWpTbnZIOTAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjM5NTAxMDIwIn0", "signature": "NwESMtqRNUaBF5Z--MSqhH71wXPHNNrNQTRP24LB1J8l1Zt2WPkQX1ZbcIpE3HF6v3-MB06RS5ihFkez5_KSi_xqsPT_73I22PR9YSojlM953SjqzjjipckOSM1soTVORLCHWTKgtV99QtXMnCfMHngNHYJ3CQlnNrDqkrH8o2IacYLCS-hTcGyPV9vB27bLsVxuL8Sbji4nUzzNegd1MyRHNWOlnAEf4jP1lNAiXInOdCkPMEfIdKxADqnBCgSwqxy-klR8MqrM0D-ng2FXAMWgA0OnWw92l32OnQQr8gMMY2kzxGHxLqCDgbpgnOQQOn6pj9DrZDEj6IGvsVlG1A", "payload": "" } 2021-12-03 21:33:08,022:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55239501020 HTTP/1.1" 200 1505 2021-12-03 21:33:08,023:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:33:07 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002vWkFb8KJMy8RmxAop4bUW2wnBqvsz5JLnFl9Hlo7DyU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T02:33:05Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/rcHYfnQdGWhXQt0gQD5cZA0xuB7erJa7Y9wGC3ler7o [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239501020/94CKRg", "token": "rcHYfnQdGWhXQt0gQD5cZA0xuB7erJa7Y9wGC3ler7o", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/rcHYfnQdGWhXQt0gQD5cZA0xuB7erJa7Y9wGC3ler7o", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/rcHYfnQdGWhXQt0gQD5cZA0xuB7erJa7Y9wGC3ler7o", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T02:33:06Z" } ] } 2021-12-03 21:33:08,023:DEBUG:acme.client:Storing nonce: 0002vWkFb8KJMy8RmxAop4bUW2wnBqvsz5JLnFl9Hlo7DyU 2021-12-03 21:33:08,024:DEBUG:acme.client:JWS payload: b'' 2021-12-03 21:33:08,025:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55239501030: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnZXa0ZiOEtKTXk4Um14QW9wNGJVVzJ3bkJxdnN6NUpMbkZsOUhsbzdEeVUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjM5NTAxMDMwIn0", "signature": "Tca-C3LKRdF5wkKwWI-xWauquvk6Knv6v8X9csZHQ0Deu5ksBipC7QXn8iAZ_WtUBNLCsjbU6FPIfy1FvbpRc3KX-oD-i16iWvWkgKQ90HMtOL6AOaESV56-wHHo-n04inyVJH1tBDwePS-cUw83qpINKlH0PciX1iBPcuP4J2jtW43_PrP6YY86AO1O5MJWmxB2i2pDHlWs-sfzs70PimOGFN-OuTZ7hA2jcwPMpixnt1Xxd32e2PJKN-j1VtEwNSwUiruC-9x3VZWLw0FWdVl51HCMEDpHl3awqI3EH7eM9AodVQVzVHZoKY_x56pSrUTgBKj4jxwJcVgi_IgBAw", "payload": "" } 2021-12-03 21:33:08,106:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55239501030 HTTP/1.1" 200 1826 2021-12-03 21:33:08,107:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:33:08 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 000212l6mqZ1VsQPOWPQKGV6kxXSIJlXEtgHD_p-jQrtY3o X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T02:33:05Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/dUNLaD_KT5bwhI3qOdxfN0z2kBo9DY5Vcul5mMZrwio [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55239501030/GQjCfA", "token": "dUNLaD_KT5bwhI3qOdxfN0z2kBo9DY5Vcul5mMZrwio", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/dUNLaD_KT5bwhI3qOdxfN0z2kBo9DY5Vcul5mMZrwio", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/dUNLaD_KT5bwhI3qOdxfN0z2kBo9DY5Vcul5mMZrwio", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/dUNLaD_KT5bwhI3qOdxfN0z2kBo9DY5Vcul5mMZrwio", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T02:33:06Z" } ] } 2021-12-03 21:33:08,108:DEBUG:acme.client:Storing nonce: 000212l6mqZ1VsQPOWPQKGV6kxXSIJlXEtgHD_p-jQrtY3o 2021-12-03 21:33:08,108:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-03 21:33:08,109:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-03 21:33:08,109:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 21:33:08,109:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-03 21:33:08,110:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/rcHYfnQdGWhXQt0gQD5cZA0xuB7erJa7Y9wGC3ler7o [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-12-03 21:33:09,406:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-12-03 21:33:09,406:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-12-03 21:33:09,406:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-03 21:41:30,073:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-03 21:41:30,073:DEBUG:certbot.main:Arguments: [] 2021-12-03 21:41:30,073:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-03 21:41:30,084:DEBUG:certbot.log:Root logging level set at 20 2021-12-03 21:41:30,085:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-03 21:41:30,113:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-03 21:41:30,200:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-03 21:41:30,202:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/ex.whatbank.ca/cert.pem is signed by the certificate's issuer. 2021-12-03 21:41:30,205:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/ex.whatbank.ca/cert.pem is: OCSPCertStatus.GOOD 2021-12-03 21:41:30,211:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-03 21:41:30,283:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-03 21:41:30,285:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/iframe.whatbank.ca/cert.pem is signed by the certificate's issuer. 2021-12-03 21:41:30,286:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/iframe.whatbank.ca/cert.pem is: OCSPCertStatus.GOOD 2021-12-03 21:41:30,291:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-03 21:41:30,367:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-03 21:41:30,368:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/img.whatbank.ca/cert.pem is signed by the certificate's issuer. 2021-12-03 21:41:30,369:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/img.whatbank.ca/cert.pem is: OCSPCertStatus.GOOD 2021-12-03 21:41:30,373:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-03 21:41:30,457:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-03 21:41:30,458:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/lawrencepilch.com-0001/cert.pem is signed by the certificate's issuer. 2021-12-03 21:41:30,459:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/lawrencepilch.com-0001/cert.pem is: OCSPCertStatus.GOOD 2021-12-03 21:41:30,464:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-03 21:41:30,550:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-03 21:41:30,551:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/lawrencepilch.com/cert.pem is signed by the certificate's issuer. 2021-12-03 21:41:30,552:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/lawrencepilch.com/cert.pem is: OCSPCertStatus.GOOD 2021-12-03 21:41:30,556:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-03 21:41:30,621:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-03 21:41:30,623:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/whatbank.ca-0001/cert.pem is signed by the certificate's issuer. 2021-12-03 21:41:30,624:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/whatbank.ca-0001/cert.pem is: OCSPCertStatus.GOOD 2021-12-03 21:41:30,628:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-03 21:41:30,697:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-03 21:41:30,698:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/whatbank.ca/cert.pem is signed by the certificate's issuer. 2021-12-03 21:41:30,699:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/whatbank.ca/cert.pem is: OCSPCertStatus.GOOD 2021-12-03 21:41:30,703:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-03 21:41:30,788:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-03 21:41:30,791:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/www.lawrencepilch.com/cert.pem is signed by the certificate's issuer. 2021-12-03 21:41:30,792:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/www.lawrencepilch.com/cert.pem is: OCSPCertStatus.GOOD 2021-12-03 21:45:34,683:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-03 21:45:34,684:DEBUG:certbot.main:Arguments: [] 2021-12-03 21:45:34,684:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-03 21:45:34,699:DEBUG:certbot.log:Root logging level set at 20 2021-12-03 21:45:34,699:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-03 21:45:34,711:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2021-12-03 21:45:34,722:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 21:45:34,723:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 21:45:34,724:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 21:45:34,728:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 21:45:34,729:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 21:45:34,730:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 21:45:34,734:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 21:45:34,735:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 21:45:34,736:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 21:45:34,740:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 21:45:34,741:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 21:45:34,742:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 21:45:34,748:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 21:45:34,749:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 21:45:34,750:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 21:45:34,753:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-12-03 21:45:34,753:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-03 21:45:34,754:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-12-03 21:45:35,036:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-03 21:45:35,037:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-03 21:45:35,037:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-03 21:45:35,037:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-03 21:45:35,041:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-03 21:45:35,043:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-03 21:45:35,045:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-03 21:45:35,163:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-03 21:45:35,164:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:45:35 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "oFcGnQm9jPE": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-03 21:45:35,165:INFO:certbot.main:Renewing an existing certificate 2021-12-03 21:45:35,218:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0500_key-certbot.pem 2021-12-03 21:45:35,226:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0500_csr-certbot.pem 2021-12-03 21:45:35,227:DEBUG:acme.client:Requesting fresh nonce 2021-12-03 21:45:35,227:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-03 21:45:35,265:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-03 21:45:35,266:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:45:35 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102w04fAz2VQ-8DQj9dhracZgUqvTvGt4vuk8lQ2Tm5IHA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-03 21:45:35,266:DEBUG:acme.client:Storing nonce: 0102w04fAz2VQ-8DQj9dhracZgUqvTvGt4vuk8lQ2Tm5IHA 2021-12-03 21:45:35,266:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-12-03 21:45:35,269:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMncwNGZBejJWUS04RFFqOWRocmFjWmdVcXZUdkd0NHZ1azhsUTJUbTVJSEEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "MWbLZYHGCL6kKfIbs0eKUtEcJq3t_ORlFp-_2O3SqJJNgQZgbSeBYHv4g7f0VdtOFW2E39vQZOboaxVmjvuHxK_Kf_nfiAAHkKKo4UFfPJSlCkDogHh1RH2ayFWyWfIvbk0y4eY9JFHuUftExqFz0oq3NF0VWMfjkLJanu9PvqgpKoDzsT6siPkLSPjTgeQ1EHnfsBT7t0fjjFuOB2ZquFYTqUKnIQjfLFQiW-NYjzIUKil5sME_WHc3oMRT7BdmwBiyrc8kQ4FfOe_J4LdMzGucCyYDm76zfAmAfZ-NhWy2i5VvCdCuufVYdhKcqG6LZpkBhBj7GPisePheojd7Pg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-12-03 21:45:35,682:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-12-03 21:45:35,683:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 04 Dec 2021 02:45:35 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44568432720 Replay-Nonce: 0102GdrYbYwDAViN-7lVVDtgnidtfoDaq0t8MlE4MFFILPw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-11T02:45:35Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55242172080" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44568432720" } 2021-12-03 21:45:35,683:DEBUG:acme.client:Storing nonce: 0102GdrYbYwDAViN-7lVVDtgnidtfoDaq0t8MlE4MFFILPw 2021-12-03 21:45:35,683:DEBUG:acme.client:JWS payload: b'' 2021-12-03 21:45:35,685:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55242172080: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMkdkclliWXdEQVZpTi03bFZWRHRnbmlkdGZvRGFxMHQ4TWxFNE1GRklMUHciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjQyMTcyMDgwIn0", "signature": "Vg-1hb_j7vefA-Auf1y40Z5ebA0OtQbS1nJY649Or7_i_NUnMi7n3TSbguOR77XIN5Mfjir3gqqEeUhxauyZ2ISOUOu1uoQqeWnFOpSR84ouij3WOmk7hYZzSni7TiXWr68B1r21nbb1-jxPYziO0HJ-tnFWZBX4ECpRPjof8Ti4_-2mnsufDc7UL_8mP2h1BmUJ1i-9Mx_2jut3N-JUG9QbWWlpNfdoUgZw6YspaEURaCq0nhzde5dzOKiygjkKeHJRDgon--N1Xdx1zcwQsw8zTv6xatGXY2gZcbOMKpt708t_8Zl4cINAzOlgILNF3UH0C7nkvkqCiycS09g55g", "payload": "" } 2021-12-03 21:45:35,800:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55242172080 HTTP/1.1" 200 792 2021-12-03 21:45:35,801:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:45:35 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101U2uqT2YeL9-gLsbmMOBnM8E1Aj6LcKs9CCCZFGWZdEc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T02:45:35Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242172080/ttDG4w", "token": "YoJU6_ExxTVshLQzNDXMTfJSjf7SkoCE_AOc9rBwFyc" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242172080/fXR_sA", "token": "YoJU6_ExxTVshLQzNDXMTfJSjf7SkoCE_AOc9rBwFyc" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242172080/G2HGIw", "token": "YoJU6_ExxTVshLQzNDXMTfJSjf7SkoCE_AOc9rBwFyc" } ] } 2021-12-03 21:45:35,802:DEBUG:acme.client:Storing nonce: 0101U2uqT2YeL9-gLsbmMOBnM8E1Aj6LcKs9CCCZFGWZdEc 2021-12-03 21:45:35,802:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-03 21:45:35,803:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 21:45:35,836:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-03 21:45:35,836:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-03 21:45:35,837:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-03 21:45:35,837:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-03 21:45:35,837:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-03 21:45:35,838:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-03 21:45:35,838:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-03 21:45:35,838:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-03 21:45:35,839:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-03 21:45:35,839:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-03 21:45:35,839:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-03 21:45:35,840:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-03 21:45:35,840:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-03 21:45:35,841:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-03 21:45:35,842:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/YoJU6_ExxTVshLQzNDXMTfJSjf7SkoCE_AOc9rBwFyc{default_type text/plain;return 200 YoJU6_ExxTVshLQzNDXMTfJSjf7SkoCE_AOc9rBwFyc.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-03 21:45:36,868:INFO:certbot.auth_handler:Waiting for verification... 2021-12-03 21:45:36,869:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-03 21:45:36,871:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242172080/ttDG4w: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMVUydXFUMlllTDktZ0xzYm1NT0JuTThFMUFqNkxjS3M5Q0NDWkZHV1pkRWMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MjQyMTcyMDgwL3R0REc0dyJ9", "signature": "XkDIb-5nV_QJKh210JY4I8jtbpUm2d5TWA3SKY9QPEwXAB8_3hAnnBlobVcDHPJgbZgeu5fxEagwuqzgjraeMhq0isaB55hIS6k7mHS-m827kpvNK5ZQH3r6PE7H1HFM0V09wpPXOYdCfXteFSrxTCy2fuHcO_NWaubMvtj3YIzyAESgfSjHYkH1-_CpfCoMDUgL9EVNlmXebY75zLXbXO1UvUQg9k-IOSwsbcIvluPCTGylA5koWv_mvNA3wjzYFiQf2tCG7x4R4E4nZWd2cjIwNVv3L-YdxJrW7r3sQqP0nXBBhLIydudpZtbV3D0g-qDUalR7zeQjKFnPYpSVxA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-03 21:45:37,179:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55242172080/ttDG4w HTTP/1.1" 200 186 2021-12-03 21:45:37,179:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:45:37 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242172080/ttDG4w Replay-Nonce: 0101THDOB3T2oKqPXlezhjZfkLeNQx67eIIMIwcDsR7sviw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242172080/ttDG4w", "token": "YoJU6_ExxTVshLQzNDXMTfJSjf7SkoCE_AOc9rBwFyc" } 2021-12-03 21:45:37,180:DEBUG:acme.client:Storing nonce: 0101THDOB3T2oKqPXlezhjZfkLeNQx67eIIMIwcDsR7sviw 2021-12-03 21:45:38,182:DEBUG:acme.client:JWS payload: b'' 2021-12-03 21:45:38,184:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55242172080: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMVRIRE9CM1Qyb0txUFhsZXpoalpma0xlTlF4NjdlSUlNSXdjRHNSN3N2aXciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjQyMTcyMDgwIn0", "signature": "KIjI1d7rMmY1Ece0NkkWKjjAjAfnpsCmiOr1ny1O2UYY6jrKxKMzliGJGvoJpssP83bhuq2ELje6kTpV-Z6Bn3v-Yv9ZW0VCTLUI4GUR6CrrE3D5Ud45TBOH_bDIeOTpvv42zifvMDZknRVommxZVkbOcfIq8ZOO1S25j3lHgj93GCp9F-bdNUdH79EXUmrLLe7-fry1PbaHjmw_UnxW2oml-tPcDjFYc1BRyKL1ucIRBSYcVdB5tE77j8CBZ-wSmxnutMBfrki7DY-9FG6hOZahb-DXLl2vKBLzGOf2kgDCuAV8HPadcP2b0uGOq1WFmL3LeOnTShkpI5Si3XpD4w", "payload": "" } 2021-12-03 21:45:38,265:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55242172080 HTTP/1.1" 200 792 2021-12-03 21:45:38,265:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:45:38 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102WEpN7mXvFqDJO4UucUBQ9l8bQcpjbPzgnWGD2oTKzG4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T02:45:35Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242172080/ttDG4w", "token": "YoJU6_ExxTVshLQzNDXMTfJSjf7SkoCE_AOc9rBwFyc" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242172080/fXR_sA", "token": "YoJU6_ExxTVshLQzNDXMTfJSjf7SkoCE_AOc9rBwFyc" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242172080/G2HGIw", "token": "YoJU6_ExxTVshLQzNDXMTfJSjf7SkoCE_AOc9rBwFyc" } ] } 2021-12-03 21:45:38,266:DEBUG:acme.client:Storing nonce: 0102WEpN7mXvFqDJO4UucUBQ9l8bQcpjbPzgnWGD2oTKzG4 2021-12-03 21:45:41,270:DEBUG:acme.client:JWS payload: b'' 2021-12-03 21:45:41,272:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55242172080: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMldFcE43bVh2RnFESk80VXVjVUJROWw4YlFjcGpiUHpnbldHRDJvVEt6RzQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjQyMTcyMDgwIn0", "signature": "Ky1yYvuYg9k5qrHtkBfA61REmwKQuedQy0ceBfazErZj35l0W0UzsVzUswYE-VuwskDFOsuCGEKBO3x0_2cKp39gTpY0WCtjWxHWWuFviPnycdpoLj4pUvDS1pv-tGteCsa7mi52RBojkecjk-bp-57RPT76nO19XUDBHzJ_uK7m10h1t-jCuVN8zjAsKrJCBfIXBdTgi1kpEkigH2jNlkHTuJwNBdTtFmKjW8UlB5p2VFSeNhwLWEF31EY1AkvCsmk86jtx0vGld3Q8ntYrNJbAVhKkaWGSvR2BWUiQWQFzbo8EAoApB9XbfiIQNGygWJxY6OEQVpg7Q-SrfsJK3Q", "payload": "" } 2021-12-03 21:45:41,345:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55242172080 HTTP/1.1" 200 1505 2021-12-03 21:45:41,346:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:45:41 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01027RGi58lts1r__j_wULro-B8BmLGcUXp-pFbtDPJiIo8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T02:45:35Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/YoJU6_ExxTVshLQzNDXMTfJSjf7SkoCE_AOc9rBwFyc [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242172080/ttDG4w", "token": "YoJU6_ExxTVshLQzNDXMTfJSjf7SkoCE_AOc9rBwFyc", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/YoJU6_ExxTVshLQzNDXMTfJSjf7SkoCE_AOc9rBwFyc", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/YoJU6_ExxTVshLQzNDXMTfJSjf7SkoCE_AOc9rBwFyc", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T02:45:37Z" } ] } 2021-12-03 21:45:41,346:DEBUG:acme.client:Storing nonce: 01027RGi58lts1r__j_wULro-B8BmLGcUXp-pFbtDPJiIo8 2021-12-03 21:45:41,347:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-03 21:45:41,347:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 21:45:41,347:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/YoJU6_ExxTVshLQzNDXMTfJSjf7SkoCE_AOc9rBwFyc [75.2.60.5]: "\n\n\n \n Prep: True 2021-12-03 21:45:42,834:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-03 21:45:42,835:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-03 21:45:42,835:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-03 21:45:42,839:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-03 21:45:42,840:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-03 21:45:42,842:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-03 21:45:42,954:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-03 21:45:42,955:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:45:42 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "fHYVCjFPCWw": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-03 21:45:42,955:INFO:certbot.main:Renewing an existing certificate 2021-12-03 21:45:43,089:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0501_key-certbot.pem 2021-12-03 21:45:43,096:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0501_csr-certbot.pem 2021-12-03 21:45:43,097:DEBUG:acme.client:Requesting fresh nonce 2021-12-03 21:45:43,097:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-03 21:45:43,134:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-03 21:45:43,135:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:45:43 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102taq1MO8Ax9eNYZOrGReqsxfUjfbm7ZsNL9dsX8QLV8Y X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-03 21:45:43,135:DEBUG:acme.client:Storing nonce: 0102taq1MO8Ax9eNYZOrGReqsxfUjfbm7ZsNL9dsX8QLV8Y 2021-12-03 21:45:43,135:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-03 21:45:43,138:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMnRhcTFNTzhBeDllTllaT3JHUmVxc3hmVWpmYm03WnNOTDlkc1g4UUxWOFkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "nl7RK4Em1zt5U-bacsSo5TCOiP1PXzsMFW1_Zk-VeMjpODJfiTb-8Dk3kX52TDcdaal7dVKJ1chTtycPFZExVNqoyaOp9yI6Fwmtkxm6gPFa7X1O3Og3-CgOK1bSSlRhFYqS72YBGJXMAZx9oHpLAK6MPP3DOudwGssBhnj1t_JDsnWwIPSIbA-aFKk55ambIXQAABRdT5OwN_iBQ0Kf35clkHiHJmeN1YiZHdfO-CbltJuZZItSajkHvM19el0sXtRcgIxnmVzihWGGigMWHD6F39eAyEzMA2UlrKqNQXT3f_fBvV6WT3KeycchoZrt7inrgAfL71jz-40ryDsVoA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-03 21:45:43,727:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-03 21:45:43,728:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 04 Dec 2021 02:45:43 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44568453170 Replay-Nonce: 0101NX67DrB9JBj9yQfclbnBGt32wAllqVbbkDFXuotOSoE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-11T02:45:43Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55242196680", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55242196690" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44568453170" } 2021-12-03 21:45:43,729:DEBUG:acme.client:Storing nonce: 0101NX67DrB9JBj9yQfclbnBGt32wAllqVbbkDFXuotOSoE 2021-12-03 21:45:43,729:DEBUG:acme.client:JWS payload: b'' 2021-12-03 21:45:43,731:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55242196680: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMU5YNjdEckI5SkJqOXlRZmNsYm5CR3QzMndBbGxxVmJia0RGWHVvdE9Tb0UiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjQyMTk2NjgwIn0", "signature": "bpPKDSzgS1Sn3I41i60etAvspggj5sc_hMOUJiwBUXvSPwnEb1B-uX16r6od9pE9AuPu5PVVNZROcwl2tFNmQxe8Zfm2ONSiySrqt3-j3uAMxyYmFO1N-f0B7aWVmyLHQ86QE-4ejlrnbBtzI0lekruUQ_aeybCShHCyaegYJaVMpW1LJ-2EBy534P3oRw10uVkn4j4DAwInnnaBPQGp7x_0PHzjY2OcFW44tDFZXWVfgBcyDPEtuvxs2qd0KoTVaEtsi9VIBoAkHu9oCEPH0UOSP9QMq1dkdVBt7Z_QwnX4x1h6fY4Q6T17mXrZZqRhN2wP51rwiEvzM89Dmk8w_A", "payload": "" } 2021-12-03 21:45:43,949:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55242196680 HTTP/1.1" 200 792 2021-12-03 21:45:43,950:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:45:43 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101yD3-jEy_MZfHvS0h3V-IkDPEdIOnghwjdFo5tzGunlA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T02:45:43Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242196680/SbvEUg", "token": "hzW5SZO4GAoM_yEEP7qXYwxO_2xwhrlZ_S3eb-31cVg" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242196680/RJ6G4g", "token": "hzW5SZO4GAoM_yEEP7qXYwxO_2xwhrlZ_S3eb-31cVg" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242196680/KAQWtw", "token": "hzW5SZO4GAoM_yEEP7qXYwxO_2xwhrlZ_S3eb-31cVg" } ] } 2021-12-03 21:45:43,950:DEBUG:acme.client:Storing nonce: 0101yD3-jEy_MZfHvS0h3V-IkDPEdIOnghwjdFo5tzGunlA 2021-12-03 21:45:43,951:DEBUG:acme.client:JWS payload: b'' 2021-12-03 21:45:43,954:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55242196690: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMXlEMy1qRXlfTVpmSHZTMGgzVi1Ja0RQRWRJT25naHdqZEZvNXR6R3VubEEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjQyMTk2NjkwIn0", "signature": "GtifztYaQth_59BDNkVN3kU2jWs31wA4lA80Low1bdOtbXPOiK5EbvOPjIo92lAOUO2pTeKFPbsQGadTRKrTDFq0ZNMkofrgW6Ijfl4nc4pzvqgwAnN9jVzb3tz-vZIKHq4W3T4gVN49hXh9L6hDSPTrXhwcuvZCSVVXcuLgPv01K81-9NQ2DBJT7-s6blBiYzpDt7FoJsXTWmgpzvZ-Ofx3B_qzLHuM3d8Hts94BhdNvBmRODhhcmfWiizHIQwZW4AessbzMBom4aLiGBvjcNqnmVfB20nOVBMtok-vvz2zao7M_6i22W6GjyXY6RjgSeMhr819b45f6aHZk5BGMw", "payload": "" } 2021-12-03 21:45:44,036:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55242196690 HTTP/1.1" 200 796 2021-12-03 21:45:44,037:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:45:44 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101yj3TYLAswUKS3D2mXH-Ba0HFL2CawMd7p8LFSbTyj40 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-11T02:45:43Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242196690/Vo-mUw", "token": "PFGOW2aHETJjHGC88tODjg2yDCHlocHZmFVgdf0SN2o" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242196690/ChtQ5A", "token": "PFGOW2aHETJjHGC88tODjg2yDCHlocHZmFVgdf0SN2o" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242196690/CXIwzA", "token": "PFGOW2aHETJjHGC88tODjg2yDCHlocHZmFVgdf0SN2o" } ] } 2021-12-03 21:45:44,037:DEBUG:acme.client:Storing nonce: 0101yj3TYLAswUKS3D2mXH-Ba0HFL2CawMd7p8LFSbTyj40 2021-12-03 21:45:44,038:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-03 21:45:44,038:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 21:45:44,038:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-03 21:45:44,091:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-03 21:45:44,092:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-03 21:45:44,092:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-03 21:45:44,092:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-03 21:45:44,093:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-03 21:45:44,093:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-03 21:45:44,093:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-03 21:45:44,094:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-03 21:45:44,094:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-03 21:45:44,094:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-03 21:45:44,094:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-03 21:45:44,095:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-03 21:45:44,095:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-03 21:45:44,096:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-03 21:45:44,097:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/hzW5SZO4GAoM_yEEP7qXYwxO_2xwhrlZ_S3eb-31cVg{default_type text/plain;return 200 hzW5SZO4GAoM_yEEP7qXYwxO_2xwhrlZ_S3eb-31cVg.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot location = /.well-known/acme-challenge/PFGOW2aHETJjHGC88tODjg2yDCHlocHZmFVgdf0SN2o{default_type text/plain;return 200 PFGOW2aHETJjHGC88tODjg2yDCHlocHZmFVgdf0SN2o.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-03 21:45:45,126:INFO:certbot.auth_handler:Waiting for verification... 2021-12-03 21:45:45,127:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-03 21:45:45,130:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242196680/SbvEUg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMXlqM1RZTEFzd1VLUzNEMm1YSC1CYTBIRkwyQ2F3TWQ3cDhMRlNiVHlqNDAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MjQyMTk2NjgwL1NidkVVZyJ9", "signature": "jv5BUmwuv1uKggKJDW_UayqI9_A6a5jPGmQQyJ_-T1R06b7iynVmrtYaxvOvJMnPYkH3VRyQOAApThpWzgvi_u7QQA3Wq2FrzLmw-TbjfeutSHueLuLItk6MAazktplPuQRvVjlDQIjd-dIFB3y6tmQddXrTiX-L87oy17U57ylTZ-LcL4TntqqlzR-B5fo9Y0lTfn5JUcFBcAntapXcKLgEeJdQD_0lZYLOtWqu_8lM6MidnZdc1GYKXQRovYpuZF1KRjc6MRkIDfMgJxv_HjT2JCfdbTOTMio-jODcB954SS-Bm2UBKOU0TX6X3j8-K8oK_KqvNSzGI4VY97MSeg", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-03 21:45:45,233:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55242196680/SbvEUg HTTP/1.1" 200 186 2021-12-03 21:45:45,234:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:45:45 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242196680/SbvEUg Replay-Nonce: 0102nE01Piv6p_AcYzeEOR3-NyAnpsKcXkQJ6T-yUy1nSnk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242196680/SbvEUg", "token": "hzW5SZO4GAoM_yEEP7qXYwxO_2xwhrlZ_S3eb-31cVg" } 2021-12-03 21:45:45,234:DEBUG:acme.client:Storing nonce: 0102nE01Piv6p_AcYzeEOR3-NyAnpsKcXkQJ6T-yUy1nSnk 2021-12-03 21:45:45,235:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-03 21:45:45,236:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242196690/Vo-mUw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMm5FMDFQaXY2cF9BY1l6ZUVPUjMtTnlBbnBzS2NYa1FKNlQteVV5MW5TbmsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MjQyMTk2NjkwL1ZvLW1VdyJ9", "signature": "Mz6arFq-8HYy4RicLoCFQiieDmjUlP7z6Rx44HmvhoALxB-HOhfejaWHVlcs6PDedhQYrJAeQzH_zzGpWsgC13CeH88rm1Pmfgnch9_Fuk0818fMXEQgukiVuqUrBN285x53d0gLnImphY5VP96hS3hBbLYMh1FhxSRcuq_d6PGgxRpggPeqlUIXMlnDvDrl4w9OBKsKFYn0ukbnm1xFc0acYMOfqZUH3UhWwv0F3F1rz-_LJ3RyYwVlaQYBttadVK-uMPQtX5VFEhBcmzoPsxlYH-Y5PIzjth8aYwi11L4uW96HM9WqFGea8b8Wxoc-N90nnc8Ghr7yKifRkXmJ5Q", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-03 21:45:45,345:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55242196690/Vo-mUw HTTP/1.1" 200 186 2021-12-03 21:45:45,346:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:45:45 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242196690/Vo-mUw Replay-Nonce: 0101y4vg5b5AbEQWsW2s0i3pg1aVvhjLguUZCScvX021JBo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242196690/Vo-mUw", "token": "PFGOW2aHETJjHGC88tODjg2yDCHlocHZmFVgdf0SN2o" } 2021-12-03 21:45:45,346:DEBUG:acme.client:Storing nonce: 0101y4vg5b5AbEQWsW2s0i3pg1aVvhjLguUZCScvX021JBo 2021-12-03 21:45:46,348:DEBUG:acme.client:JWS payload: b'' 2021-12-03 21:45:46,350:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55242196680: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMXk0dmc1YjVBYkVRV3NXMnMwaTNwZzFhVnZoakxndVVaQ1NjdlgwMjFKQm8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjQyMTk2NjgwIn0", "signature": "QKI1GNplNEfmYsWAXbgT-g4sJPRjBRCcTF3kmuvydooKkT6pSjBLeBLa7HGA_Z4dzXoNV2ZQAnNZ3CEVvMybc0UPCvaSKOOAFg066Oce79d5QLwF4HJzLMwEsRkK1L2mIQbjQ9zScazVTqs7xrfKnU_nrigRVj6Wr-Q2hTUCs1dJO_ymHHzi7ZDvswLAIKoUBNtwxOeas7_JiGmOQmYElXyDGGk_v3wt8szCwAt7PEt3_izIlYkrm_w788gXGeN6Iro9X4yGq9D5bPRagv4JUovg9i2fI5jNvQaSNCzQrOBYM5oNz89SYS6zVzz6cYNqABAM06420-WV_0fOymNT1A", "payload": "" } 2021-12-03 21:45:46,425:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55242196680 HTTP/1.1" 200 1505 2021-12-03 21:45:46,426:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:45:46 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102vApONOa6KC05u9yw0YsvKZDmM_rlsDW0UrAW0iWPcDU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T02:45:43Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/hzW5SZO4GAoM_yEEP7qXYwxO_2xwhrlZ_S3eb-31cVg [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242196680/SbvEUg", "token": "hzW5SZO4GAoM_yEEP7qXYwxO_2xwhrlZ_S3eb-31cVg", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/hzW5SZO4GAoM_yEEP7qXYwxO_2xwhrlZ_S3eb-31cVg", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/hzW5SZO4GAoM_yEEP7qXYwxO_2xwhrlZ_S3eb-31cVg", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T02:45:45Z" } ] } 2021-12-03 21:45:46,426:DEBUG:acme.client:Storing nonce: 0102vApONOa6KC05u9yw0YsvKZDmM_rlsDW0UrAW0iWPcDU 2021-12-03 21:45:46,427:DEBUG:acme.client:JWS payload: b'' 2021-12-03 21:45:46,429:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55242196690: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMnZBcE9OT2E2S0MwNXU5eXcwWXN2S1pEbU1fcmxzRFcwVXJBVzBpV1BjRFUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjQyMTk2NjkwIn0", "signature": "pitE_laGr9kw80bihzNFurJzvW5axXyjXdZflAANyOtVvlb861esbD-lO2bKGfH9g0AXO0O1uZUn-OFclxri-T12WZjfJHWT0jeUa-ouj0ZNVaU2gBW7GyeHnC0xwF7KSD-RL1Q-yD4OiMOqMpn6kkksCWZq7S0HnRFXznJo2btjSQd2LJ97iHbnHgb4_aJC7JcDDuCG3YaVzecTX0ghQnbV8IMwOc__YAAwxgirBIkucGt5klF4vQNxipG9IGV7AaczkKmnPwP2aOkI3_Wn1S-Rc55txrNmSBlR1ijUWgKbTKi7QjVRGPO79FDHBiumAtpTQWX-3_tScILs5MvKUg", "payload": "" } 2021-12-03 21:45:46,504:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55242196690 HTTP/1.1" 200 796 2021-12-03 21:45:46,505:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:45:46 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102OkIjb-Qj0VrqCuqobRi3ZWihFXtZgpbZquHFV982BNo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-11T02:45:43Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242196690/Vo-mUw", "token": "PFGOW2aHETJjHGC88tODjg2yDCHlocHZmFVgdf0SN2o" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242196690/ChtQ5A", "token": "PFGOW2aHETJjHGC88tODjg2yDCHlocHZmFVgdf0SN2o" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242196690/CXIwzA", "token": "PFGOW2aHETJjHGC88tODjg2yDCHlocHZmFVgdf0SN2o" } ] } 2021-12-03 21:45:46,505:DEBUG:acme.client:Storing nonce: 0102OkIjb-Qj0VrqCuqobRi3ZWihFXtZgpbZquHFV982BNo 2021-12-03 21:45:46,506:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-03 21:45:49,507:DEBUG:acme.client:JWS payload: b'' 2021-12-03 21:45:49,509:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55242196690: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMk9rSWpiLVFqMFZycUN1cW9iUmkzWldpaEZYdFpncGJacXVIRlY5ODJCTm8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjQyMTk2NjkwIn0", "signature": "mm59rGVivmOMUFpiqxKzbnwP2xTmm-UOzBa3KLLkjSpaJq76zqdfg8U9yehvzVJc1ACr1rZCvwQtiNaMnhHJbJ3PxCtfKKa3VnZKicHEgbFEJB-sB9WWUDPeX2_-QOEFWZDtMoYPKUn3UGMnJRrFjtLvlJY-Gr5VwtIKq_P42TrWVm7DJBVv0l6ysvMRso3B2Chu8eAF4XReaMRsY2_h-qjt5mPoNIT9qs8nVoLY3bCNFcYCkz_GUxFYuJSrjqOx0Cg2gqnIJZXBmyXourqgEmc_NftwZ5YeKOTXp1t4DNJUHylcm2brt4F7D28sReieXpC3y2fRz4QMoDs4N6ztVw", "payload": "" } 2021-12-03 21:45:49,583:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55242196690 HTTP/1.1" 200 1826 2021-12-03 21:45:49,584:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 02:45:49 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101zkgkDgV2FDFxK8vifM1e7DeXnWTabPGPt9VnPP5qr1A X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T02:45:43Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/PFGOW2aHETJjHGC88tODjg2yDCHlocHZmFVgdf0SN2o [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55242196690/Vo-mUw", "token": "PFGOW2aHETJjHGC88tODjg2yDCHlocHZmFVgdf0SN2o", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/PFGOW2aHETJjHGC88tODjg2yDCHlocHZmFVgdf0SN2o", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/PFGOW2aHETJjHGC88tODjg2yDCHlocHZmFVgdf0SN2o", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/PFGOW2aHETJjHGC88tODjg2yDCHlocHZmFVgdf0SN2o", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T02:45:45Z" } ] } 2021-12-03 21:45:49,584:DEBUG:acme.client:Storing nonce: 0101zkgkDgV2FDFxK8vifM1e7DeXnWTabPGPt9VnPP5qr1A 2021-12-03 21:45:49,585:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-03 21:45:49,585:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 21:45:49,586:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-03 21:45:49,586:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/hzW5SZO4GAoM_yEEP7qXYwxO_2xwhrlZ_S3eb-31cVg [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-12-03 21:45:50,852:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-12-03 21:45:50,852:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-12-03 21:45:50,852:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-03 22:49:31,966:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-03 22:49:31,967:DEBUG:certbot.main:Arguments: ['-q'] 2021-12-03 22:49:31,967:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-03 22:49:31,978:DEBUG:certbot.log:Root logging level set at 30 2021-12-03 22:49:31,978:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-03 22:49:31,986:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2021-12-03 22:49:31,996:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 22:49:31,997:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 22:49:31,998:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 22:49:32,002:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 22:49:32,002:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 22:49:32,003:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 22:49:32,006:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 22:49:32,007:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 22:49:32,007:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 22:49:32,012:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 22:49:32,012:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 22:49:32,013:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 22:49:32,019:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-03 22:49:32,020:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-03 22:49:32,020:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-03 22:49:32,024:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-12-03 22:49:32,024:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-03 22:49:32,025:INFO:certbot.renewal:Non-interactive renewal: random delay of 356.48430760436435 seconds 2021-12-03 22:55:28,579:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-12-03 22:55:28,880:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-03 22:55:28,881:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-03 22:55:28,881:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-03 22:55:28,881:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-03 22:55:28,885:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-03 22:55:28,887:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-03 22:55:28,889:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-03 22:55:29,055:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-03 22:55:29,056:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 03:55:29 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "5Yn-m3wM-h8": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-03 22:55:29,057:INFO:certbot.main:Renewing an existing certificate 2021-12-03 22:55:29,164:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0502_key-certbot.pem 2021-12-03 22:55:29,171:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0502_csr-certbot.pem 2021-12-03 22:55:29,172:DEBUG:acme.client:Requesting fresh nonce 2021-12-03 22:55:29,172:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-03 22:55:29,225:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-03 22:55:29,226:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 03:55:29 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00014mXCnvxJJRt4Y29mrlceWKHCTkelvpdpV2LvLiNHcM0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-03 22:55:29,227:DEBUG:acme.client:Storing nonce: 00014mXCnvxJJRt4Y29mrlceWKHCTkelvpdpV2LvLiNHcM0 2021-12-03 22:55:29,227:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-12-03 22:55:29,230:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMTRtWENudnhKSlJ0NFkyOW1ybGNlV0tIQ1RrZWx2cGRwVjJMdkxpTkhjTTAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "AqQTnXU7uK01xWP2tfslAnY3-MKn6NieuXMS8mlnV4SJCdxNLcqRaSN3Px0gCkoLGpcc5Os_e8uGAhgGeWKwNHdxJBGYwOFPsaXhzzSwBNbWGQjHmTpovv56autKqwMwbcX5dk5voIZt5etQltGwVWNjrL3nvFkd996d5IbMALixrJJfT1fD5XjZjDoOGU-pMqC4IRl1yAqk1cgi9mYAXmjUSBJ3gOUpo1E9nGyehZgfTYqHQlm1eqWAYo-iiwAo3uRXbxXGTBgEPPbifvE_boAbIf3GFu1s9nTxlXsYhfFTlvl_dQM2Ok4vQjZONdWy0i05XdBuj1ZZ2ud779Up1w", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-12-03 22:55:29,405:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-12-03 22:55:29,406:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 04 Dec 2021 03:55:29 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44581090010 Replay-Nonce: 0002E8CpTvLy1iBOfjTPn4wCI3uYB2j9NWTEY88H_vtDpzo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-11T03:55:29Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55257365680" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44581090010" } 2021-12-03 22:55:29,406:DEBUG:acme.client:Storing nonce: 0002E8CpTvLy1iBOfjTPn4wCI3uYB2j9NWTEY88H_vtDpzo 2021-12-03 22:55:29,407:DEBUG:acme.client:JWS payload: b'' 2021-12-03 22:55:29,409:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55257365680: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkU4Q3BUdkx5MWlCT2ZqVFBuNHdDSTN1WUIyajlOV1RFWTg4SF92dERwem8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjU3MzY1NjgwIn0", "signature": "sZsZmFYj8d9Drn4Jrysjvjwdw-aag_l5cLaINGJPawJe-W22r08aX0X3RaIvTDGifFkqIaRfLhIEb2kESYdF66k8LNaCVaPOYa2_eSgXMjit_7UiWIWbXnN93xttftg1WzcSPiq4U078m4xDCATX0v63-KRyxEPPA6xhE-jHUkJ-ERQ9Pi_NI_32lbH0HkGuDFTUN2sJ55bz-SeBmTGNi-44-o17Zxp4fmtiyIsBbsZkRcW3XaC5nZe1hrJoJ5jeFNZjp3I8DbGUn_31T3lX6pAJVx2O4WQdTgWFqSGLr9L_uSHl6LPby5gMmu40UF8Pnsecjpcs8NU4A-DeLIFBFQ", "payload": "" } 2021-12-03 22:55:29,473:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55257365680 HTTP/1.1" 200 792 2021-12-03 22:55:29,474:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 03:55:29 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002kR1Zxf-LE_1_O7qvUOjOJ-Sk1oDeFEkrZIJTz1FFTcE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T03:55:29Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257365680/M1Ax0g", "token": "3Wu1ZxM_YNy200itkMzS3jxxMGiimKqVZ-8PnsoyVZY" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257365680/Xizdcw", "token": "3Wu1ZxM_YNy200itkMzS3jxxMGiimKqVZ-8PnsoyVZY" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257365680/PcjGDw", "token": "3Wu1ZxM_YNy200itkMzS3jxxMGiimKqVZ-8PnsoyVZY" } ] } 2021-12-03 22:55:29,475:DEBUG:acme.client:Storing nonce: 0002kR1Zxf-LE_1_O7qvUOjOJ-Sk1oDeFEkrZIJTz1FFTcE 2021-12-03 22:55:29,475:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-03 22:55:29,475:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 22:55:29,512:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-03 22:55:29,513:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-03 22:55:29,513:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-03 22:55:29,514:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-03 22:55:29,514:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-03 22:55:29,514:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-03 22:55:29,515:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-03 22:55:29,515:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-03 22:55:29,515:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-03 22:55:29,515:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-03 22:55:29,516:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-03 22:55:29,516:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-03 22:55:29,516:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-03 22:55:29,518:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-03 22:55:29,519:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/3Wu1ZxM_YNy200itkMzS3jxxMGiimKqVZ-8PnsoyVZY{default_type text/plain;return 200 3Wu1ZxM_YNy200itkMzS3jxxMGiimKqVZ-8PnsoyVZY.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-03 22:55:30,548:INFO:certbot.auth_handler:Waiting for verification... 2021-12-03 22:55:30,550:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-03 22:55:30,553:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257365680/M1Ax0g: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmtSMVp4Zi1MRV8xX083cXZVT2pPSi1TazFvRGVGRWtyWklKVHoxRkZUY0UiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MjU3MzY1NjgwL00xQXgwZyJ9", "signature": "HcMbNGp3kVvRVOkQ-GIKTbp_2JsP_xjxjrd5dFNlGGUEAeFxptPMHMkP8qo5c36y-LhK_M_t6wlrkeT1v1U4ICHyN8D88H2_FYnhuYbDOA_EkDNPaAaBFQpHrqFKEp0ajd-_dzqfQPm9urM_yuKOF1TCVG7dCpKut2HCMQpMDpO0n_FpH4kFw46VMGKvD0v7ihl37WmXhZe6mBkI4b_7qpvAoiKDgMC8PxvhlkMNJN9luA9ddeAGcJlTLU1AgeWWzGO6cSkk7hZmqedi83u0CnQbCbeUMaEIFCSThoDNCTBxf9WhVYpnwkVLpol4oOJV8EKTeqcNwYh8oZUaV-kTDA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-03 22:55:30,628:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55257365680/M1Ax0g HTTP/1.1" 200 186 2021-12-03 22:55:30,629:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 03:55:30 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257365680/M1Ax0g Replay-Nonce: 00012uXtemOIiqDgPKjn94Mh3oznDZNF5zhmYymsxvoFrjQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257365680/M1Ax0g", "token": "3Wu1ZxM_YNy200itkMzS3jxxMGiimKqVZ-8PnsoyVZY" } 2021-12-03 22:55:30,630:DEBUG:acme.client:Storing nonce: 00012uXtemOIiqDgPKjn94Mh3oznDZNF5zhmYymsxvoFrjQ 2021-12-03 22:55:31,632:DEBUG:acme.client:JWS payload: b'' 2021-12-03 22:55:31,634:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55257365680: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMTJ1WHRlbU9JaXFEZ1BLam45NE1oM296bkRaTkY1emhtWXltc3h2b0ZyalEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjU3MzY1NjgwIn0", "signature": "nNZjLSYcxyXwNaTy1bBeLWkE9FhIOKJzoy5CIOUHJoLYJVMe-r6VPhJe7zLsqoP-NoVZG0lIDcWnVeEHJvXHfAc9KESaxm4SRgbIyZ3PFECYbsYRNfhA7iqMfiFRHGwzLIZPyvIXwm6G-R3qatYSzlejGEqZ2VYnTL41IoEei5vgu9O1OYVFgqfOavo8cmopoPv8v3IGbqhiYbxF5-B5tlmsWVd-C9yMvV5Lomx1FKBwhd4etSLI2bQCYEDwRLw8bzABKNIGp3MI-Q4RSFaPtMeqBUIduoma4vlguE-BoJjR4_4-4jj7Xq1ZrMhrImSBcy_1ETgvUGZ3trlmWjDqTw", "payload": "" } 2021-12-03 22:55:31,715:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55257365680 HTTP/1.1" 200 792 2021-12-03 22:55:31,717:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 03:55:31 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002sXVnS6g66BMuW2XB83ivJ1yF78fFzayaiBa107W48hI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T03:55:29Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257365680/M1Ax0g", "token": "3Wu1ZxM_YNy200itkMzS3jxxMGiimKqVZ-8PnsoyVZY" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257365680/Xizdcw", "token": "3Wu1ZxM_YNy200itkMzS3jxxMGiimKqVZ-8PnsoyVZY" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257365680/PcjGDw", "token": "3Wu1ZxM_YNy200itkMzS3jxxMGiimKqVZ-8PnsoyVZY" } ] } 2021-12-03 22:55:31,717:DEBUG:acme.client:Storing nonce: 0002sXVnS6g66BMuW2XB83ivJ1yF78fFzayaiBa107W48hI 2021-12-03 22:55:34,719:DEBUG:acme.client:JWS payload: b'' 2021-12-03 22:55:34,721:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55257365680: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnNYVm5TNmc2NkJNdVcyWEI4M2l2SjF5Rjc4ZkZ6YXlhaUJhMTA3VzQ4aEkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjU3MzY1NjgwIn0", "signature": "aCux3bL-WkzrDu7xcu0nF1Z9N5OpPYsr3syJdMFoPTSz-E7APwj0YqD5iRPf93ETbSGp10nR_mhJdbwBeSArUD3uk8dvDX8mp0KfLsGWguiFBZRxlmA_7-Wo3QZkDqLmEMGVbwqfbOWqjN64V-4UAZSzI3rZykr_0c3v48t9hRpmIWMQN5mPyyXFvBrg3d6_DUnXlJ4qdBCjS562lYFsfkiCivuOlen5bi4Z4L3AJS0P97WNOOxiwoD7f564MopgLFIr7fSwr1Lb75CROhWnTzmmuu4dajzeIlt2oBL7aeKWdHnWDhYDnp8I_H4AGNs8gYUBYdgja3oXLz0iXy6ZSw", "payload": "" } 2021-12-03 22:55:34,784:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55257365680 HTTP/1.1" 200 1505 2021-12-03 22:55:34,784:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 03:55:34 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001s4jBVjGgvICqs0pRueo8HTUS2h-R_of0RfApwHX13_M X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T03:55:29Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/3Wu1ZxM_YNy200itkMzS3jxxMGiimKqVZ-8PnsoyVZY [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257365680/M1Ax0g", "token": "3Wu1ZxM_YNy200itkMzS3jxxMGiimKqVZ-8PnsoyVZY", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/3Wu1ZxM_YNy200itkMzS3jxxMGiimKqVZ-8PnsoyVZY", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/3Wu1ZxM_YNy200itkMzS3jxxMGiimKqVZ-8PnsoyVZY", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T03:55:30Z" } ] } 2021-12-03 22:55:34,785:DEBUG:acme.client:Storing nonce: 0001s4jBVjGgvICqs0pRueo8HTUS2h-R_of0RfApwHX13_M 2021-12-03 22:55:34,785:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-03 22:55:34,786:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 22:55:34,786:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/3Wu1ZxM_YNy200itkMzS3jxxMGiimKqVZ-8PnsoyVZY [75.2.60.5]: "\n\n\n \n Prep: True 2021-12-03 22:55:36,293:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-03 22:55:36,294:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-03 22:55:36,294:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-03 22:55:36,297:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-03 22:55:36,298:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-03 22:55:36,299:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-03 22:55:36,413:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-03 22:55:36,415:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 03:55:36 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "cYWMB7GBdo8": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-03 22:55:36,415:INFO:certbot.main:Renewing an existing certificate 2021-12-03 22:55:36,523:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0503_key-certbot.pem 2021-12-03 22:55:36,530:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0503_csr-certbot.pem 2021-12-03 22:55:36,532:DEBUG:acme.client:Requesting fresh nonce 2021-12-03 22:55:36,532:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-03 22:55:36,568:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-03 22:55:36,569:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 03:55:36 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101xRlVigS8QPtLYs9kP-Q25Mq1KaiXbexVHNQo6i-Hvho X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-03 22:55:36,570:DEBUG:acme.client:Storing nonce: 0101xRlVigS8QPtLYs9kP-Q25Mq1KaiXbexVHNQo6i-Hvho 2021-12-03 22:55:36,570:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-03 22:55:36,573:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMXhSbFZpZ1M4UVB0TFlzOWtQLVEyNU1xMUthaVhiZXhWSE5RbzZpLUh2aG8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "EPgiGImSoSGMS1ZpobgrDz871QadZF2rv4nvuzCJ7bLL3-S0gATQe8JaXleGtOybRj8DPhTyMmmRSek5EB6Uq1K2FF8uxmlVklpQHbqDMxoEbhzLL-BfRYhabaLsnCS6wtvjV12yaGgiZUptGrCEtPXjZu7dn7_z221YuuCyMTebrb35zE8gNfLVnM3YKFk4SoEvbNyf1K3J_yfBUuD84lDq-UGayVYeN1n8EuMe8ta-_WzLLxAjnph6QZsKU4qb9M8G-GioGkNaiwFt8m16eVcBLtQAE23ykKaTlM4eNXuiiF6jXu2yp5N236g7cvIydjXFMyZ21qcqU5-Na6q4gg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-03 22:55:37,107:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-03 22:55:37,108:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 04 Dec 2021 03:55:37 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44581112310 Replay-Nonce: 0101kTHlzjz-bDLx_etTw-2-6Yjvb38FhcAIjPy7-iR11IU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-11T03:55:37Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55257391910", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55257391920" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44581112310" } 2021-12-03 22:55:37,109:DEBUG:acme.client:Storing nonce: 0101kTHlzjz-bDLx_etTw-2-6Yjvb38FhcAIjPy7-iR11IU 2021-12-03 22:55:37,109:DEBUG:acme.client:JWS payload: b'' 2021-12-03 22:55:37,111:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55257391910: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMWtUSGx6anotYkRMeF9ldFR3LTItNllqdmIzOEZoY0FJalB5Ny1pUjExSVUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjU3MzkxOTEwIn0", "signature": "WWJvSpPl7ubeh2YrbREilLglY0KjSlZNeC4cji55gwAV996D5UCtxDevtG2NDKQzWqQinkawiPlKAUVeSYaf8-9T_speWowUW-93Zb-eKBWAafhU9nUzNVHl56AB1aV4fsJOO-GL1GmZobYy01YMeEt5Q3iSTQl0T3hId77wLPscIx-Obnmt_ZDdwM9Tnodrcj2SzJmygsxGcj4xQUab4xWZ4aju9mDCAoe3Esi_Uja5J_FG_JnWCsxP7oDVpwsawU3mqGAwUKsuZeM5sx-oJHDlJKSOoWCZjieE4270QS0T3L-xCznXuwVUVqhpN4TZeB1Lr3O4pTU2Zn5PUA-vPA", "payload": "" } 2021-12-03 22:55:37,183:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55257391910 HTTP/1.1" 200 792 2021-12-03 22:55:37,184:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 03:55:37 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102XUemEK1fWcuiyZ-h27_hgGtsUi0VCSH_A-TgPZLwjN8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T03:55:37Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257391910/5cCVNg", "token": "PlF7_cEjkX3ddp2CVby7TK6UzXUKcs8r9-PUaGV4t9o" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257391910/BWAPtw", "token": "PlF7_cEjkX3ddp2CVby7TK6UzXUKcs8r9-PUaGV4t9o" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257391910/n4BfNQ", "token": "PlF7_cEjkX3ddp2CVby7TK6UzXUKcs8r9-PUaGV4t9o" } ] } 2021-12-03 22:55:37,184:DEBUG:acme.client:Storing nonce: 0102XUemEK1fWcuiyZ-h27_hgGtsUi0VCSH_A-TgPZLwjN8 2021-12-03 22:55:37,185:DEBUG:acme.client:JWS payload: b'' 2021-12-03 22:55:37,186:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55257391920: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMlhVZW1FSzFmV2N1aXlaLWgyN19oZ0d0c1VpMFZDU0hfQS1UZ1BaTHdqTjgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjU3MzkxOTIwIn0", "signature": "R_33obypzpvmy2dLHrGXrA4qkXKoqv4CKooRjXVlVowJJJODLSH7VE76S5wA9-juR75b-XesuoMFy-7VPKRqPkCU0fKnDoKFuTlpeNLJMGgqNxolHk88kV9khzpRU6PVoFSgDcdTGwtzU8e0ukrnq33Dx80G9t5iWbgLvu9gYcznVONMTsVJ77rMp_XKhjHLJCMK0nFTF5Gon1QWS7jdnOokKnm4TA1uhS1w54x9zvut6wEP60gVIPDCFkZL7dnDpypQUC57Q0YK86lil0NjqJ6L0yyEb7sAttIq1eYkPu5vBVhpJ_Zl0qtfLIyzNy-sgnKS5xm6Lh2UdFh2sN0E4Q", "payload": "" } 2021-12-03 22:55:37,266:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55257391920 HTTP/1.1" 200 796 2021-12-03 22:55:37,266:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 03:55:37 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102CZFma_3rD4GFb7SddNaY-LdzQ2tWB6hLxIWzK-zuE50 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-11T03:55:37Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257391920/2lqTIg", "token": "xPXZW0Wthbt7G-4XBpvD0Co66hGo5-l78DC9HtZGhcM" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257391920/X6LpJw", "token": "xPXZW0Wthbt7G-4XBpvD0Co66hGo5-l78DC9HtZGhcM" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257391920/VpShQg", "token": "xPXZW0Wthbt7G-4XBpvD0Co66hGo5-l78DC9HtZGhcM" } ] } 2021-12-03 22:55:37,267:DEBUG:acme.client:Storing nonce: 0102CZFma_3rD4GFb7SddNaY-LdzQ2tWB6hLxIWzK-zuE50 2021-12-03 22:55:37,268:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-03 22:55:37,268:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 22:55:37,268:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-03 22:55:37,349:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-03 22:55:37,350:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-03 22:55:37,351:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-03 22:55:37,351:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-03 22:55:37,352:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-03 22:55:37,352:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-03 22:55:37,353:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-03 22:55:37,353:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-03 22:55:37,354:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-03 22:55:37,354:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-03 22:55:37,354:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-03 22:55:37,355:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-03 22:55:37,355:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-03 22:55:37,358:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-03 22:55:37,360:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/PlF7_cEjkX3ddp2CVby7TK6UzXUKcs8r9-PUaGV4t9o{default_type text/plain;return 200 PlF7_cEjkX3ddp2CVby7TK6UzXUKcs8r9-PUaGV4t9o.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot location = /.well-known/acme-challenge/xPXZW0Wthbt7G-4XBpvD0Co66hGo5-l78DC9HtZGhcM{default_type text/plain;return 200 xPXZW0Wthbt7G-4XBpvD0Co66hGo5-l78DC9HtZGhcM.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-03 22:55:38,389:INFO:certbot.auth_handler:Waiting for verification... 2021-12-03 22:55:38,390:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-03 22:55:38,393:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257391910/5cCVNg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMkNaRm1hXzNyRDRHRmI3U2RkTmFZLUxkelEydFdCNmhMeElXekstenVFNTAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MjU3MzkxOTEwLzVjQ1ZOZyJ9", "signature": "eo67AzYvmsuM_VV7xKo0OQHKzXwVpOBbBkA3ViqOteQ_Kaodj064y5HdNyWeet1RjfrXKB_Fd_U3_si9-LMEXE8ZDguQgs3gcdWBroaUP_vYDsxxOZB-MqZ2zuUO-RatazDJ4Kw6M0iZGpAiza3LH_p9mXtS24ODgAiFtRqupOVF2x6fMrQZicydI5AzBQtifzOogIIqJhSr4PtIeJRuxf8AVSwtijo120JB0uZYTxW9hdOUtlJk6Z3LABBWZgxl1ch5g_5sLLLLu4fjFS4NoHQ1MxVaQIOi-gTd8KOUrOYcEf3INHkL-_qR8I287Lat59l3GSXl3I6hx6I82NbcgA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-03 22:55:38,639:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55257391910/5cCVNg HTTP/1.1" 200 186 2021-12-03 22:55:38,640:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 03:55:38 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257391910/5cCVNg Replay-Nonce: 01029vCTrAk0iK6-E4faTsDaKlxevToAU6lF4X4mQFBguiw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257391910/5cCVNg", "token": "PlF7_cEjkX3ddp2CVby7TK6UzXUKcs8r9-PUaGV4t9o" } 2021-12-03 22:55:38,640:DEBUG:acme.client:Storing nonce: 01029vCTrAk0iK6-E4faTsDaKlxevToAU6lF4X4mQFBguiw 2021-12-03 22:55:38,641:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-03 22:55:38,643:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257391920/2lqTIg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMjl2Q1RyQWswaUs2LUU0ZmFUc0RhS2x4ZXZUb0FVNmxGNFg0bVFGQmd1aXciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MjU3MzkxOTIwLzJscVRJZyJ9", "signature": "GacmrseFHJoM7VUQrg4_6gxOTPN6YscoMgZC3jhyn7YWTsKUEhEC78-5kwzssda_DGg5SfelVow-KQKlszKEx2EX7_pAKjpkjNKzMCaDnmtuDIHKiMehTGoCoHO1ffUjiak9xwrd3P1iBL9CMc5m7bExAxvOIHyn-Xhx4XfMyKiQtpWl1zOAx68TEP2Y9vBOlxzl3O6-Aqxh1cTFqyg5r3BKnIcWiavXAbyGL17NCFwg6KCx8JP6WGFgKj-Hz_s9JZ1N0DVsEt8mmnqHw4ebV4DavnKz61_kq4JK0_nmh3cHEVxJ7Zq1y13weSATzeJseNIibl9thxFWeuMMykc50w", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-03 22:55:38,734:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55257391920/2lqTIg HTTP/1.1" 200 186 2021-12-03 22:55:38,735:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 03:55:38 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257391920/2lqTIg Replay-Nonce: 0102FKSaaghgH279q4FsJi4m7pkGDIkM-gACbBUyqHnZI7U X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257391920/2lqTIg", "token": "xPXZW0Wthbt7G-4XBpvD0Co66hGo5-l78DC9HtZGhcM" } 2021-12-03 22:55:38,736:DEBUG:acme.client:Storing nonce: 0102FKSaaghgH279q4FsJi4m7pkGDIkM-gACbBUyqHnZI7U 2021-12-03 22:55:39,737:DEBUG:acme.client:JWS payload: b'' 2021-12-03 22:55:39,739:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55257391910: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMkZLU2FhZ2hnSDI3OXE0RnNKaTRtN3BrR0RJa00tZ0FDYkJVeXFIblpJN1UiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjU3MzkxOTEwIn0", "signature": "EPuiTu2sf12fVN-WC1_Wrg0hVlLPqO0uSgxwvAiGPn5oEFj0AIarXquYiA4X3By6yFww2GXd1CGeJlWL2gM1Z8jsNe6k_bzSKe1JhB7GmDXKLe8FVKmpYFXpYrlKk2eSQ-UwkgxKoCSSQAPv-gPOyx4pKIt0NcGb4Lg4fKJM3b_xe5wRKf01CimafmjADjnhAiE_LVxJEasRUFVOMEn3OFFzKTuAA4mYM1Je0b-zrHu18l--APrwvhFCvTwY-FbOTRBZg_b2gx5fEmKKxdP6OAPv9yI2QLU6JlK0lipA5RF4B0y0VE_wUc1a50GIj3jn1V4rXfZetWz_Hp-RG3xkBw", "payload": "" } 2021-12-03 22:55:39,815:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55257391910 HTTP/1.1" 200 792 2021-12-03 22:55:39,816:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 03:55:39 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102a6XRVSUDt7a821WIFBjBTBgQLLyQr_p0kcIGNZjJO-U X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T03:55:37Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257391910/5cCVNg", "token": "PlF7_cEjkX3ddp2CVby7TK6UzXUKcs8r9-PUaGV4t9o" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257391910/BWAPtw", "token": "PlF7_cEjkX3ddp2CVby7TK6UzXUKcs8r9-PUaGV4t9o" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257391910/n4BfNQ", "token": "PlF7_cEjkX3ddp2CVby7TK6UzXUKcs8r9-PUaGV4t9o" } ] } 2021-12-03 22:55:39,816:DEBUG:acme.client:Storing nonce: 0102a6XRVSUDt7a821WIFBjBTBgQLLyQr_p0kcIGNZjJO-U 2021-12-03 22:55:39,817:DEBUG:acme.client:JWS payload: b'' 2021-12-03 22:55:39,819:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55257391920: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMmE2WFJWU1VEdDdhODIxV0lGQmpCVEJnUUxMeVFyX3Awa2NJR05aakpPLVUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjU3MzkxOTIwIn0", "signature": "Mir2x-njjV118mbIgegevMhMOdHNXdP7BCHx-tnI8vI3Oqa96NlxtSNlws5lrzbgjHBuGSQ4veB3b58V1awTwe2wmr912RnvNxpYmlZm1SiklrnB1tdX7yitAO9AbEYQb5cpuCxmQg_jrpWAYDGPAunUA1BiggGODJGwU3CkDPKefTVyNzLuo9XfiY3Pv1w5ZQiJk6AIsF5Craj20SHvWQOgFRXARaKVlnjdqhABcz8yjvJ3ZIlqa0YMypgGgictmYZv3XEO_ZgbM7BIsrTYHHVxuYfwr4wuyXFuQU-hK-c8MH0_fW_pPngmkkQMcwBmJTPE-naGbLlsTyggdNQi5w", "payload": "" } 2021-12-03 22:55:39,894:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55257391920 HTTP/1.1" 200 1826 2021-12-03 22:55:39,895:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 03:55:39 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101aqvqDiXz2CZZLR4p_w7BsF5dP8ve3dx3quhhIk3ndGE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T03:55:37Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/xPXZW0Wthbt7G-4XBpvD0Co66hGo5-l78DC9HtZGhcM [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257391920/2lqTIg", "token": "xPXZW0Wthbt7G-4XBpvD0Co66hGo5-l78DC9HtZGhcM", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/xPXZW0Wthbt7G-4XBpvD0Co66hGo5-l78DC9HtZGhcM", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/xPXZW0Wthbt7G-4XBpvD0Co66hGo5-l78DC9HtZGhcM", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/xPXZW0Wthbt7G-4XBpvD0Co66hGo5-l78DC9HtZGhcM", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T03:55:38Z" } ] } 2021-12-03 22:55:39,895:DEBUG:acme.client:Storing nonce: 0101aqvqDiXz2CZZLR4p_w7BsF5dP8ve3dx3quhhIk3ndGE 2021-12-03 22:55:39,897:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-03 22:55:42,901:DEBUG:acme.client:JWS payload: b'' 2021-12-03 22:55:42,903:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55257391910: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMWFxdnFEaVh6MkNaWkxSNHBfdzdCc0Y1ZFA4dmUzZHgzcXVoaElrM25kR0UiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MjU3MzkxOTEwIn0", "signature": "C33mErMkRZouEfGiWyAOKyUL0_l-aZruWLgPAsYRbsz3yXOtSpWt3nN5dzBZVQfHUTxuI_kLeqRxN2UcQGV25Glq92k9X00yGTb1PgSQ80Mr4aW54Yy2wjGVebFrTaZpFOo2j8w3aeidSEMUGDPcpuMLIEwq87G70v8RlgkTabIkQARjXopOuZtKbroekjIWIYIUfMWsRiVpkeV5qHJsvAKt7cF-hO4hw3vcZ6EcK1yDBcbR3LuGZ4otB69T_Mt0tjC0MfuJX9Cap-Z6_OXUYhB6ck-rzF2ai6Jp7A3q8YEaz45fs_g65nTg_wHzFjqokypfThzqmFuIObMWVMwy-g", "payload": "" } 2021-12-03 22:55:42,976:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55257391910 HTTP/1.1" 200 1505 2021-12-03 22:55:42,977:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 03:55:42 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101KG7ndhXe4CGTng-15dJ5byx_jfIgKk7cpo9Ii0aU_IU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T03:55:37Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/PlF7_cEjkX3ddp2CVby7TK6UzXUKcs8r9-PUaGV4t9o [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55257391910/5cCVNg", "token": "PlF7_cEjkX3ddp2CVby7TK6UzXUKcs8r9-PUaGV4t9o", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/PlF7_cEjkX3ddp2CVby7TK6UzXUKcs8r9-PUaGV4t9o", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/PlF7_cEjkX3ddp2CVby7TK6UzXUKcs8r9-PUaGV4t9o", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T03:55:38Z" } ] } 2021-12-03 22:55:42,977:DEBUG:acme.client:Storing nonce: 0101KG7ndhXe4CGTng-15dJ5byx_jfIgKk7cpo9Ii0aU_IU 2021-12-03 22:55:42,978:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-03 22:55:42,978:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-03 22:55:42,978:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-03 22:55:42,979:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: www.whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/xPXZW0Wthbt7G-4XBpvD0Co66hGo5-l78DC9HtZGhcM [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-12-03 22:55:44,246:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-12-03 22:55:44,246:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-12-03 22:55:44,246:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-04 02:43:32,103:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-04 02:43:32,103:DEBUG:certbot.main:Arguments: ['--standalone', '--pre-hook', '/bin/systemctl stop nginx', '--post-hook', '/bin/systemctl start nginx', '--quiet'] 2021-12-04 02:43:32,103:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-04 02:43:32,116:DEBUG:certbot.log:Root logging level set at 30 2021-12-04 02:43:32,117:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-04 02:43:32,128:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer 2021-12-04 02:43:32,128:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-04 02:43:32,128:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-04 02:43:32,128:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-04 02:43:32,139:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 02:43:32,140:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 02:43:32,141:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 02:43:32,143:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-04 02:43:32,143:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-04 02:43:32,143:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-04 02:43:32,146:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 02:43:32,146:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 02:43:32,147:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 02:43:32,148:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-04 02:43:32,149:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-04 02:43:32,149:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-04 02:43:32,151:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 02:43:32,152:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 02:43:32,153:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 02:43:32,154:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-04 02:43:32,154:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-04 02:43:32,154:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-04 02:43:32,157:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 02:43:32,158:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 02:43:32,159:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 02:43:32,160:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-04 02:43:32,160:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-04 02:43:32,160:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-04 02:43:32,164:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 02:43:32,165:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 02:43:32,166:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 02:43:32,167:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-04 02:43:32,169:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-12-04 02:43:32,170:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-04 02:43:32,170:INFO:certbot.renewal:Non-interactive renewal: random delay of 341.15251157410063 seconds 2021-12-04 02:49:13,419:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 02:49:13,704:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-04 02:49:13,705:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-12-04 02:49:13,705:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-04 02:49:13,706:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-12-04 02:49:13,709:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-04 02:49:13,711:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-04 02:49:13,713:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-04 02:49:13,869:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-04 02:49:13,870:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 07:49:13 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "O0LGl7yFo44": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-04 02:49:13,871:INFO:certbot.hooks:Running pre-hook command: /bin/systemctl stop nginx 2021-12-04 02:49:13,912:INFO:certbot.main:Renewing an existing certificate 2021-12-04 02:49:13,937:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0504_key-certbot.pem 2021-12-04 02:49:13,948:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0504_csr-certbot.pem 2021-12-04 02:49:13,954:DEBUG:acme.client:Requesting fresh nonce 2021-12-04 02:49:13,954:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-04 02:49:14,007:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-04 02:49:14,008:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 07:49:13 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002Jl9hgnk-lhWGDmsOATfEeywzDHCZ2CejYwyqTlG-ZeM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-04 02:49:14,009:DEBUG:acme.client:Storing nonce: 0002Jl9hgnk-lhWGDmsOATfEeywzDHCZ2CejYwyqTlG-ZeM 2021-12-04 02:49:14,009:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-12-04 02:49:14,014:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkpsOWhnbmstbGhXR0Rtc09BVGZFZXl3ekRIQ1oyQ2VqWXd5cVRsRy1aZU0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "A-bpiIRiEFCouKuEFY3rJZBS6q5Ita3HmhBZvdMW8fN8DDa11igkcs17KmDZG6-VD4CjtpTGfA4ByqZoRvLvJStqFFX3tb5rhuC19A1QrE8-eLgP-fITeiEfaDJlJpniHIOBUK5p8AEeUess4UBabSMFb7EbhYXiZKOQ8yI1OJ-0iuAmOZo_y-qhXF9_4W3I8409NILolRjnCrVBYMFucVMun9LHd4vfcZnZjOHNXHj23RdLuAXRUsGz1aDfk0fh2Sxp2Fly8Iov7LMnyu0jJx_0SU5S_j7_VF6JHm1Acx4sCvqtixQ5d_TPR1Qko0sF9jAjj4hQXgkehNkZqHN6-Q", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-12-04 02:49:14,267:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-12-04 02:49:14,267:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 04 Dec 2021 07:49:14 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44622760420 Replay-Nonce: 0001j7ZuyHRQa60qbgNLGk3DW0EfqRRgjyHpiC4SnsA20g0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-11T07:49:14Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55307200680" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44622760420" } 2021-12-04 02:49:14,268:DEBUG:acme.client:Storing nonce: 0001j7ZuyHRQa60qbgNLGk3DW0EfqRRgjyHpiC4SnsA20g0 2021-12-04 02:49:14,269:DEBUG:acme.client:JWS payload: b'' 2021-12-04 02:49:14,270:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55307200680: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWo3WnV5SFJRYTYwcWJnTkxHazNEVzBFZnFSUmdqeUhwaUM0U25zQTIwZzAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MzA3MjAwNjgwIn0", "signature": "H8OH3bBFqmrgKcd6KDyOWg-oY-UULkQOMrwwk-CMu0VDkFrO9e6_k_Js-_QwG3h6bKSdqmql-3BL28k0ELBBcCMEsy76O0nXd4RBlpRdMRAEe2VX1QzEHh-A7nB-l9tY6P-mFBL7Do0HsdYl6Xi0J69FLo_vIqeG3edAua_0WP7Hzp-3-rIlGPKVkt8dj47VeGdtAvILua92u6oB6vD9BfMkYdCWlWQSwyAv_-peqv3fWNlWN_mYUASi8OkjnxYfkIoTyLAxacU_gMVacbKmy7LMdS762tmU5BG0WpIPW3UYpojtJdN5z2s1DvepuTg36sPEpNwagJFgPpiNtGqN4w", "payload": "" } 2021-12-04 02:49:14,331:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55307200680 HTTP/1.1" 200 792 2021-12-04 02:49:14,332:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 07:49:14 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001K3PNkc4oQtWBeLCWBpTjVq024RNtClXERlS79Y4ZnDA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T07:49:14Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307200680/iU-WRA", "token": "NbTAPx_GEvzmyeHAuwpvq3wPBpKn8lIvL8q9qX0Vij8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307200680/sLOgsQ", "token": "NbTAPx_GEvzmyeHAuwpvq3wPBpKn8lIvL8q9qX0Vij8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307200680/Cn7gZQ", "token": "NbTAPx_GEvzmyeHAuwpvq3wPBpKn8lIvL8q9qX0Vij8" } ] } 2021-12-04 02:49:14,332:DEBUG:acme.client:Storing nonce: 0001K3PNkc4oQtWBeLCWBpTjVq024RNtClXERlS79Y4ZnDA 2021-12-04 02:49:14,333:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-04 02:49:14,334:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 02:49:14,334:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-12-04 02:49:14,334:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-12-04 02:49:14,338:INFO:certbot.auth_handler:Waiting for verification... 2021-12-04 02:49:14,339:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 02:49:14,341:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307200680/iU-WRA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUszUE5rYzRvUXRXQmVMQ1dCcFRqVnEwMjRSTnRDbFhFUmxTNzlZNFpuREEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MzA3MjAwNjgwL2lVLVdSQSJ9", "signature": "QHDzJusyJei_7k2wbFL22GkgMuEZnrmJEVYQhSe4JA0tmnv5rpKRGzcx2Imx7yl-X-jHr2Fxv_3mti-ao2eA1kwklc03awJqSV6SlGs1bbksoWFctPyl3v_YAxazJA2VmrH7Cigey44DmztaWjALDM8s227Z16FXvi-aXOiwf3qzEkP0h-S5gFDWozQuk0IX5MqfZFciOVj4rNiwoMIblLKG9VCziYcyR_RuWKc30SIw8mhggN4zVzv3PunHD7A_UC8CvDo-FSqn-L8ylAH7njSsov2nZsRjMKSsWKY_byBG5NSP_rJoBWxSKx2231y7redJkDvFAfoZGVmX1a2t_w", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 02:49:14,419:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55307200680/iU-WRA HTTP/1.1" 200 186 2021-12-04 02:49:14,420:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 07:49:14 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307200680/iU-WRA Replay-Nonce: 0001syPkcjO6uiHCEGorNB8VQwBU2tB_j_19E6E3xwGIhZc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307200680/iU-WRA", "token": "NbTAPx_GEvzmyeHAuwpvq3wPBpKn8lIvL8q9qX0Vij8" } 2021-12-04 02:49:14,420:DEBUG:acme.client:Storing nonce: 0001syPkcjO6uiHCEGorNB8VQwBU2tB_j_19E6E3xwGIhZc 2021-12-04 02:49:15,422:DEBUG:acme.client:JWS payload: b'' 2021-12-04 02:49:15,424:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55307200680: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXN5UGtjak82dWlIQ0VHb3JOQjhWUXdCVTJ0Ql9qXzE5RTZFM3h3R0loWmMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MzA3MjAwNjgwIn0", "signature": "XMjhIWvArjsJsh5lBXvbPnXXPdmA8Wi6EbsdXRcaxIte0JGNXB_99WtWuz60Aa9JGFRt78xBwrzOLu9_dLjA3n1Ko8CqcGk7ceYdNhgU8t2QBvnhX7JD0an92TRQQNTE1ZLitJ9lat-3aQc9Xo68erQJgWnelcQ7FuqXsk8GlnK0U9O9nBwfJkFCJxAVuFllnqtQIyGDpPaoQcqLEc_QkhyG-fNyVdIxx7UUwbG-fQK19XsIkYb6LWGD33_88HgCjdsuIdM91Bs8ryddy5K3bgfRJnWlCXRi8iIkNuvXB2Fqm4SkZr6w4fViUe7ye8_UVC0ZV_agGQPKNIhFw90Gxw", "payload": "" } 2021-12-04 02:49:15,485:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55307200680 HTTP/1.1" 200 792 2021-12-04 02:49:15,486:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 07:49:15 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002i6Yjo1uirXq6PmeBsm8YlfzJ3BtCfOnNm5OmbXEcjws X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T07:49:14Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307200680/iU-WRA", "token": "NbTAPx_GEvzmyeHAuwpvq3wPBpKn8lIvL8q9qX0Vij8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307200680/sLOgsQ", "token": "NbTAPx_GEvzmyeHAuwpvq3wPBpKn8lIvL8q9qX0Vij8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307200680/Cn7gZQ", "token": "NbTAPx_GEvzmyeHAuwpvq3wPBpKn8lIvL8q9qX0Vij8" } ] } 2021-12-04 02:49:15,486:DEBUG:acme.client:Storing nonce: 0002i6Yjo1uirXq6PmeBsm8YlfzJ3BtCfOnNm5OmbXEcjws 2021-12-04 02:49:18,490:DEBUG:acme.client:JWS payload: b'' 2021-12-04 02:49:18,492:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55307200680: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmk2WWpvMXVpclhxNlBtZUJzbThZbGZ6SjNCdENmT25ObTVPbWJYRWNqd3MiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MzA3MjAwNjgwIn0", "signature": "r5u1A1IjWwNkWJtD8ju0I8_wRHGoGXwCTMkyiS7HJai8YhZJuT6x60Kzpx3_YuBy6EnPjNLLsURoG4tfFoCWhLGIL3pj1iVQgvPxYBtOrL0CQX7j7JX_E_GGFpYQIPkpze3QzHvOoqF9S6L814Z_H5J5N8VW15dZzLVVR40yCS3_4U4sodlp5UV2nn-SetYUOFPjYYvS16LVvV0wxVySyt3RDOvTVygbTsBgVud_vWQMaWal-p_4l4fBfe3icpwqZdGkCupr_2nHDu7WTepvOm3FQV7hHqWmc2VmMqnrkc4cQqMoKlpAWAiAXvCDsx_S_8tjuttLZLkehjGCmKQoOQ", "payload": "" } 2021-12-04 02:49:18,560:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55307200680 HTTP/1.1" 200 1505 2021-12-04 02:49:18,561:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 07:49:18 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002EEeAdmm-APA0CZsoSq2ctCr4195FPedQyX60kr_YkpI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T07:49:14Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/NbTAPx_GEvzmyeHAuwpvq3wPBpKn8lIvL8q9qX0Vij8 [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307200680/iU-WRA", "token": "NbTAPx_GEvzmyeHAuwpvq3wPBpKn8lIvL8q9qX0Vij8", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/NbTAPx_GEvzmyeHAuwpvq3wPBpKn8lIvL8q9qX0Vij8", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/NbTAPx_GEvzmyeHAuwpvq3wPBpKn8lIvL8q9qX0Vij8", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T07:49:14Z" } ] } 2021-12-04 02:49:18,561:DEBUG:acme.client:Storing nonce: 0002EEeAdmm-APA0CZsoSq2ctCr4195FPedQyX60kr_YkpI 2021-12-04 02:49:18,562:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-04 02:49:18,562:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 02:49:18,562:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/NbTAPx_GEvzmyeHAuwpvq3wPBpKn8lIvL8q9qX0Vij8 [75.2.60.5]: "\n\n\n \n Prep: True 2021-12-04 02:49:19,054:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-12-04 02:49:19,054:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-04 02:49:19,054:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-12-04 02:49:19,058:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-04 02:49:19,059:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-04 02:49:19,061:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-04 02:49:19,169:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-04 02:49:19,170:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 07:49:19 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "E-i_V36CHAU": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-04 02:49:19,170:INFO:certbot.hooks:Pre-hook command already run, skipping: /bin/systemctl stop nginx 2021-12-04 02:49:19,170:INFO:certbot.main:Renewing an existing certificate 2021-12-04 02:49:19,229:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0505_key-certbot.pem 2021-12-04 02:49:19,235:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0505_csr-certbot.pem 2021-12-04 02:49:19,235:DEBUG:acme.client:Requesting fresh nonce 2021-12-04 02:49:19,235:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-04 02:49:19,272:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-04 02:49:19,273:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 07:49:19 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101s-bvjGfJyGC0vOamZB2Xulj-OipKQGfHUGZSi45DDVA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-04 02:49:19,273:DEBUG:acme.client:Storing nonce: 0101s-bvjGfJyGC0vOamZB2Xulj-OipKQGfHUGZSi45DDVA 2021-12-04 02:49:19,274:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-04 02:49:19,275:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMXMtYnZqR2ZKeUdDMHZPYW1aQjJYdWxqLU9pcEtRR2ZIVUdaU2k0NUREVkEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "XoZ9SLIZ8PQSa7GZUd5ek1yheZhG4Ul5xlM1JPY3RoohBdYdqmFm7rZBe3Z1FWZjbJnd4tD7uhTptKmPwuKaArendlLorSB-ntPb0-Qv2xlmDpXHsVl5f0hvEkPvRqAiJZ-q5AgjgEDnVD8__98zdDjYumDGQqJ-S4DoTkWXFiRAJ6DIlHHmv3jTW61hgXq0zaYSWtj6TGipsrDyzX8-DJgRd8skNzKcaMk1NWlLe94Zq7tzPo-T83hYbUuI3I89qdoDJTB4DLngo5bXoF6ifDY1MKv2s_wiIBZ3uEx0hkUe_KgjOD5Ipf2xauNA7TXac07V9FFZ576tCdPuAdFQ8g", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-04 02:49:20,135:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-04 02:49:20,136:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 04 Dec 2021 07:49:20 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44622776980 Replay-Nonce: 0101rLmnQkYG6v85sK1-INaihSrIo8FHdlBjZ0mrDya4d30 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-11T07:49:20Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55307220090", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55307220100" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44622776980" } 2021-12-04 02:49:20,136:DEBUG:acme.client:Storing nonce: 0101rLmnQkYG6v85sK1-INaihSrIo8FHdlBjZ0mrDya4d30 2021-12-04 02:49:20,137:DEBUG:acme.client:JWS payload: b'' 2021-12-04 02:49:20,138:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55307220090: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMXJMbW5Ra1lHNnY4NXNLMS1JTmFpaFNySW84RkhkbEJqWjBtckR5YTRkMzAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MzA3MjIwMDkwIn0", "signature": "M9oF7dYxpht8GTX7Ny0UiSFgcCzyz3h1T8Q5-N7oSTEC4Ogu45KdONv9DVFOWuOn9hIXlS38D7BnPTiGEDUXfHnNVSwFASjvgiOZ76xs3BsDPV7HTqwAA-iQapkwaIuCpISAGWarkOOQBbNSrX6G8PmGw5xEGePkik5bL7Yf4tGfW2B2obPgmiRdCmuC0Eirs4b1uOT1XZvwj8mIzwjd2DTf0G0zjHNZkp6tJr88i_GiIzg1gOfDi6Qb9yVfFQPkyjeIsKWn3bo0hivB4PIDW-Z6LfyZKkCS6Ua8F4MQUTO6JljZVIu8ckEnd-ikViVJFo0BTPZQAW2G8Oh5WVJ-Pg", "payload": "" } 2021-12-04 02:49:20,213:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55307220090 HTTP/1.1" 200 792 2021-12-04 02:49:20,213:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 07:49:20 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01020i143Q-WjDlfdZENbTFTsqT76ZnATIFh1290lj13EuA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T07:49:20Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307220090/uFc89w", "token": "pWVJoEVxKZeXIldyGekYM5S11MgosSzE4NWSPKo4jWc" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307220090/jZNIEA", "token": "pWVJoEVxKZeXIldyGekYM5S11MgosSzE4NWSPKo4jWc" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307220090/KYuZwg", "token": "pWVJoEVxKZeXIldyGekYM5S11MgosSzE4NWSPKo4jWc" } ] } 2021-12-04 02:49:20,214:DEBUG:acme.client:Storing nonce: 01020i143Q-WjDlfdZENbTFTsqT76ZnATIFh1290lj13EuA 2021-12-04 02:49:20,214:DEBUG:acme.client:JWS payload: b'' 2021-12-04 02:49:20,216:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55307220100: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMjBpMTQzUS1XakRsZmRaRU5iVEZUc3FUNzZabkFUSUZoMTI5MGxqMTNFdUEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MzA3MjIwMTAwIn0", "signature": "D9NTF8karKrXy17AGggcvdsJPhal-fZ5cSRXHMdqXF1g6TQ9ZgzidDjg8nVYpk2s-tWX4Dyn5kivjYpLh6T4pzW_ttuv0ruTk3AVQx0cWoBlJrQgo6BwKV3eSufB9MtJrblfxZ_KNRCp77itHpCs4cqWDqH5nJb3rSNNwxZ4Tzh-WbUAK8OM-K2lC_ZdrikpzLoj9lI0dNsCC2j7klS1_2tJtbnodBTj78FnzEObxKh5e9VqQ1okxp0mYzboEoAe9gwIIo4u2DVNvMiTL3aPyZbGCDvPtck_NAek6SpVU4KbjJvTHie9rSsNoqIvFgyzQgbp7BWSrhjV9H2M1UXzLA", "payload": "" } 2021-12-04 02:49:20,290:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55307220100 HTTP/1.1" 200 796 2021-12-04 02:49:20,290:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 07:49:20 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102-I4yTZ97PeKrrfyjzmbJ5CreIDCtiPVy3JZ8Om_TvEE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-11T07:49:20Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307220100/DzzaUQ", "token": "1DaZPabtN-YokbOxPKA8lrh-lmjuTX9jtEx_pOuIi7A" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307220100/RyggKg", "token": "1DaZPabtN-YokbOxPKA8lrh-lmjuTX9jtEx_pOuIi7A" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307220100/1YlyIw", "token": "1DaZPabtN-YokbOxPKA8lrh-lmjuTX9jtEx_pOuIi7A" } ] } 2021-12-04 02:49:20,291:DEBUG:acme.client:Storing nonce: 0102-I4yTZ97PeKrrfyjzmbJ5CreIDCtiPVy3JZ8Om_TvEE 2021-12-04 02:49:20,291:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-04 02:49:20,291:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 02:49:20,292:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-04 02:49:20,292:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-12-04 02:49:20,292:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-12-04 02:49:20,297:INFO:certbot.auth_handler:Waiting for verification... 2021-12-04 02:49:20,298:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 02:49:20,299:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307220090/uFc89w: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMi1JNHlUWjk3UGVLcnJmeWp6bWJKNUNyZUlEQ3RpUFZ5M0paOE9tX1R2RUUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MzA3MjIwMDkwL3VGYzg5dyJ9", "signature": "hJNuQmdS2Um7j22B7XvXFgYFT29Hyuy9Ch_Si4gjPbvpf6F3Oha24TM3Kfjy5q1UaYFCh_T-xWTFKCxLRthQ-w46cY7EAlQjqixzRuIcLdhZL5RXKZdbSE8sltCfyjCSO1HeQI4zYMcsOEIIUlmUNJzPgbSbZ-8VIdldEZt6jDQU5kBkPSm9uADHeKTagLh6zE30taHRMAbL99Cic9oyaFyfsiuYWyIvp1M2sZUbnu5tRDdHFzgnSJT5wyY1WD_1YtWYtLwriSROl4FSA3ITPr8Zp9WrMRzIgDPxHjPGIkxFZ65aA67rIFaFbuHNF7GVQyqhzQ_Ig8CqYqm5sKmpUg", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 02:49:20,395:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55307220090/uFc89w HTTP/1.1" 200 186 2021-12-04 02:49:20,395:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 07:49:20 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307220090/uFc89w Replay-Nonce: 0102wKB3OmRaVd80jFFw4-eJfS9QW1vi71FewSmNzvAEZes X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307220090/uFc89w", "token": "pWVJoEVxKZeXIldyGekYM5S11MgosSzE4NWSPKo4jWc" } 2021-12-04 02:49:20,396:DEBUG:acme.client:Storing nonce: 0102wKB3OmRaVd80jFFw4-eJfS9QW1vi71FewSmNzvAEZes 2021-12-04 02:49:20,396:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 02:49:20,398:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307220100/DzzaUQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMndLQjNPbVJhVmQ4MGpGRnc0LWVKZlM5UVcxdmk3MUZld1NtTnp2QUVaZXMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MzA3MjIwMTAwL0R6emFVUSJ9", "signature": "CUVWRPuzb225CFeXuzkOSlKS5Cb2iR-flPdQaJiBUd94jFG0Bx9nlTXgkYX9uaxkqswl4moSqAOx7RZ7PmXn4fxyr-4t7nF9ypNWQqvxzH8xusOmZdD0mAhf3uVFMNP1y8pXGwEqQEVbpfzge9zuZ85vL5asixoLpAnB9sK3E2aezKHxuLn1HnwIxQGDkxvfLBbBtkFoaRzFH4Iq3VnSS_tAKmbNd9VQzxGAjEW8FIxwtv7aUmxHuBBi9cfauMeO760FVmnuzjdBxYoIUK5YmLOxvx3IPaTTyO4YCXwuvfGis2sVAO9kRwzQm26rbJziqBiewrNk6-akUGPAPU_m-w", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 02:49:20,500:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55307220100/DzzaUQ HTTP/1.1" 200 186 2021-12-04 02:49:20,501:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 07:49:20 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307220100/DzzaUQ Replay-Nonce: 010213Al5mkQcJawx_MMYILW6SHqF5i9Hl5Mkyia7ng49Lo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307220100/DzzaUQ", "token": "1DaZPabtN-YokbOxPKA8lrh-lmjuTX9jtEx_pOuIi7A" } 2021-12-04 02:49:20,501:DEBUG:acme.client:Storing nonce: 010213Al5mkQcJawx_MMYILW6SHqF5i9Hl5Mkyia7ng49Lo 2021-12-04 02:49:21,503:DEBUG:acme.client:JWS payload: b'' 2021-12-04 02:49:21,505:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55307220090: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMjEzQWw1bWtRY0phd3hfTU1ZSUxXNlNIcUY1aTlIbDVNa3lpYTduZzQ5TG8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MzA3MjIwMDkwIn0", "signature": "KWfEZwdsSlIjtrI6RN9XfNigSHiIevK6TQ2m6oSYSwfnVXu3-7NH9NK158a7r-QNrZvigc_-7dP029abnL8J5tu1zcMTvf6-lnHiA6qgwmlEJJezJ2KvkM8TbVY5imb_AwSaN_H7-NWgkDKS4F4qTlC1L-LaycVMX9i0RN7HyUs9ZYH3cE_vBZqv-MHkqqbmAAR6noYNZMgsxnJW_g-PgKnBPHfJWOA3YYw_7TNa9UWjW9fz0c6qebzE5LT8G71yEmnR62WD9X9RotPeivJT6Rm0LMV4fZE_lnKCJr9F2BSdpjuBTCX04Zzd704tI69xaKxor6Mbs7KaUb_eE5BQqw", "payload": "" } 2021-12-04 02:49:21,580:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55307220090 HTTP/1.1" 200 1505 2021-12-04 02:49:21,581:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 07:49:21 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 010268wcEsjzZb1gLHH86X4qpF6BHOr8qcWTnHwCjJ9t8SA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T07:49:20Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/pWVJoEVxKZeXIldyGekYM5S11MgosSzE4NWSPKo4jWc [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307220090/uFc89w", "token": "pWVJoEVxKZeXIldyGekYM5S11MgosSzE4NWSPKo4jWc", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/pWVJoEVxKZeXIldyGekYM5S11MgosSzE4NWSPKo4jWc", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/pWVJoEVxKZeXIldyGekYM5S11MgosSzE4NWSPKo4jWc", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T07:49:20Z" } ] } 2021-12-04 02:49:21,581:DEBUG:acme.client:Storing nonce: 010268wcEsjzZb1gLHH86X4qpF6BHOr8qcWTnHwCjJ9t8SA 2021-12-04 02:49:21,582:DEBUG:acme.client:JWS payload: b'' 2021-12-04 02:49:21,583:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55307220100: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMjY4d2NFc2p6WmIxZ0xISDg2WDRxcEY2QkhPcjhxY1dUbkh3Q2pKOXQ4U0EiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MzA3MjIwMTAwIn0", "signature": "Z8tCFZP5vkVKiOcdyW3_GvSPaj6kGMwu6Qaix9CgYBW9sK-wijLYz_YEN5fh2cl1JkQpEApRvQQIrEnK6sK37zEv2Y2b7zZW3TVhfpY1tFcBrHeqHeZ4nulMGXQnIeMOnndOmZGZ-wPQWAy7HMklTZRRZoNR27dsvfiHUVPiddzXmxipmKrywCZn9wexeBeAb1VHpiqI2Efpgsgti3gt3IoZ7JvJm7ZJQvG7oalFLJWXOrKwzKKyUfFr6qlP8uUgo1i6I8RpRlDknvsU-ECa5YDLyTUMe9f_l2s3DSx3J5S45STdp9UrfMw1cFkdM0uylYMm56EgymOlG3KAgrq-qg", "payload": "" } 2021-12-04 02:49:21,654:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55307220100 HTTP/1.1" 200 1826 2021-12-04 02:49:21,655:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 07:49:21 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102Au4bd0ixNDIKhtCfj--LloUQqysBjWzm8oiC4dxrSoE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T07:49:20Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/1DaZPabtN-YokbOxPKA8lrh-lmjuTX9jtEx_pOuIi7A [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55307220100/DzzaUQ", "token": "1DaZPabtN-YokbOxPKA8lrh-lmjuTX9jtEx_pOuIi7A", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/1DaZPabtN-YokbOxPKA8lrh-lmjuTX9jtEx_pOuIi7A", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/1DaZPabtN-YokbOxPKA8lrh-lmjuTX9jtEx_pOuIi7A", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/1DaZPabtN-YokbOxPKA8lrh-lmjuTX9jtEx_pOuIi7A", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T07:49:20Z" } ] } 2021-12-04 02:49:21,655:DEBUG:acme.client:Storing nonce: 0102Au4bd0ixNDIKhtCfj--LloUQqysBjWzm8oiC4dxrSoE 2021-12-04 02:49:21,656:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-04 02:49:21,656:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-04 02:49:21,656:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 02:49:21,656:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-04 02:49:21,657:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/pWVJoEVxKZeXIldyGekYM5S11MgosSzE4NWSPKo4jWc [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-12-04 02:49:21,803:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-12-04 02:49:21,803:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-12-04 02:49:21,803:INFO:certbot.hooks:Running post-hook command: /bin/systemctl start nginx 2021-12-04 02:49:21,875:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-04 06:43:12,089:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-04 06:43:12,089:DEBUG:certbot.main:Arguments: ['--standalone', '--pre-hook', '/bin/systemctl stop nginx', '--post-hook', '/bin/systemctl start nginx', '--quiet'] 2021-12-04 06:43:12,090:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-04 06:43:12,106:DEBUG:certbot.log:Root logging level set at 30 2021-12-04 06:43:12,107:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-04 06:43:12,120:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer 2021-12-04 06:43:12,121:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-04 06:43:12,121:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-04 06:43:12,121:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-04 06:43:12,136:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 06:43:12,138:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 06:43:12,138:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 06:43:12,140:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-04 06:43:12,140:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-04 06:43:12,140:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-04 06:43:12,143:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 06:43:12,144:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 06:43:12,145:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 06:43:12,146:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-04 06:43:12,146:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-04 06:43:12,146:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-04 06:43:12,151:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 06:43:12,152:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 06:43:12,152:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 06:43:12,154:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-04 06:43:12,154:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-04 06:43:12,154:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-04 06:43:12,158:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 06:43:12,159:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 06:43:12,160:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 06:43:12,162:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-04 06:43:12,162:DEBUG:certbot.cli:Var pre_hook=/bin/systemctl stop nginx (set by user). 2021-12-04 06:43:12,162:DEBUG:certbot.cli:Var post_hook=/bin/systemctl start nginx (set by user). 2021-12-04 06:43:12,166:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 06:43:12,167:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 06:43:12,167:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 06:43:12,169:DEBUG:certbot.cli:Var authenticator=standalone (set by user). 2021-12-04 06:43:12,171:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-12-04 06:43:12,171:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-04 06:43:12,171:INFO:certbot.renewal:Non-interactive renewal: random delay of 8.031588677482254 seconds 2021-12-04 06:43:20,207:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 06:43:20,495:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-04 06:43:20,496:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-12-04 06:43:20,497:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-04 06:43:20,497:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-12-04 06:43:20,500:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-04 06:43:20,502:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-04 06:43:20,504:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-04 06:43:20,626:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-04 06:43:20,627:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 11:43:20 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "yw_45ap7Z2Y": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2021-12-04 06:43:20,628:INFO:certbot.hooks:Running pre-hook command: /bin/systemctl stop nginx 2021-12-04 06:43:20,670:INFO:certbot.main:Renewing an existing certificate 2021-12-04 06:43:20,860:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0506_key-certbot.pem 2021-12-04 06:43:20,869:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0506_csr-certbot.pem 2021-12-04 06:43:20,870:DEBUG:acme.client:Requesting fresh nonce 2021-12-04 06:43:20,870:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-04 06:43:20,910:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-04 06:43:20,911:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 11:43:20 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101hFDiMWAeNzUp7QMRiTfdFqgYpXT9Q3AYYs3v7yt9j48 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-04 06:43:20,911:DEBUG:acme.client:Storing nonce: 0101hFDiMWAeNzUp7QMRiTfdFqgYpXT9Q3AYYs3v7yt9j48 2021-12-04 06:43:20,912:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-12-04 06:43:20,915:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMWhGRGlNV0FlTnpVcDdRTVJpVGZkRnFnWXBYVDlRM0FZWXMzdjd5dDlqNDgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "epjFJJ0ghVO7trsNL4Te6b5NUiKpRxVVydVJRNivc3daJSbXlQ0Wx25YGwBF1npnxuM_wvPCJIgqreGhRwMaiHdDPcNDqeVkmBBCANgLuS8RCkoe2QvfuRLeNm3-LQ5nQ6gHUUU0azygoGowV1OSBUw-1u5SQsVY11ig8NeEAfFw6h6yvDf5-zpnqSdYIenlZbZD9JAkDqRayYXsC3h5XKePI1VTnu5j05x-rK6AALEFHzi3J7_NglDk9TCc5y96UPwKzPd8rn-ZTviIb3r9EfqiYUsz22sNBysqxVVHr2CyET3tL5HSlfsN7T_0rpz6q83IJcinAbvMoWmtWpS_jg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-12-04 06:43:21,618:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-12-04 06:43:21,619:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 04 Dec 2021 11:43:21 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44663667160 Replay-Nonce: 0101d7ZcSpwuSGWs5eH99fEvv8uawBixK3NvWatgjMMrmvI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-11T11:43:21Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55356027520" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44663667160" } 2021-12-04 06:43:21,619:DEBUG:acme.client:Storing nonce: 0101d7ZcSpwuSGWs5eH99fEvv8uawBixK3NvWatgjMMrmvI 2021-12-04 06:43:21,620:DEBUG:acme.client:JWS payload: b'' 2021-12-04 06:43:21,622:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55356027520: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMWQ3WmNTcHd1U0dXczVlSDk5ZkV2djh1YXdCaXhLM052V2F0Z2pNTXJtdkkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MzU2MDI3NTIwIn0", "signature": "Z36ZfW-Ru32MkDxq_yUmZMVajAMDFTq2wdW1PsonwTzpqgFf1g-Pby668nPf1JcU1NBzdCtkGLF_yoUbrGAJvktmXrJmuPvKPL1QVZGMquoxyOfC7HRQhPcsfWxQqe8FtfiwBXF1dVkUcWhH5yPr02BHxcaP2PJFTmcbNCi9HkyU4OLlmqnD5cUUunlYP10WGFBeiEkVD7z__1hLusB8jeUD3zrVbx6TFU9cOqw5DjxYnslxYf3fZCLnSLDw9d4AIRbwJecY3xYA6LrSfAwIm3Yzmcut3Iu64YADXrXlFPcfWr1iVIS50Xuho5hWx4UJtln-fIj8Wn-FDLPnTCDnug", "payload": "" } 2021-12-04 06:43:21,697:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55356027520 HTTP/1.1" 200 792 2021-12-04 06:43:21,698:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 11:43:21 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01019GwBhIZVw6Bt0ifGvtEe0Ysx91jcm-E0YPMui5IDbMc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T11:43:21Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356027520/tzUneg", "token": "byfj241iTzm9hHMQf36rJTn_tknDCCuWmniD473lpvc" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356027520/11Gw3Q", "token": "byfj241iTzm9hHMQf36rJTn_tknDCCuWmniD473lpvc" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356027520/JrBO8A", "token": "byfj241iTzm9hHMQf36rJTn_tknDCCuWmniD473lpvc" } ] } 2021-12-04 06:43:21,699:DEBUG:acme.client:Storing nonce: 01019GwBhIZVw6Bt0ifGvtEe0Ysx91jcm-E0YPMui5IDbMc 2021-12-04 06:43:21,700:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-04 06:43:21,700:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 06:43:21,701:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-12-04 06:43:21,701:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-12-04 06:43:21,706:INFO:certbot.auth_handler:Waiting for verification... 2021-12-04 06:43:21,707:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 06:43:21,709:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356027520/tzUneg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMTlHd0JoSVpWdzZCdDBpZkd2dEVlMFlzeDkxamNtLUUwWVBNdWk1SURiTWMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MzU2MDI3NTIwL3R6VW5lZyJ9", "signature": "esEFoBXmhcFWKSw86sAGiX4KwVSvbkynja9g_iDOTWwFvJR2e0OmqVVgqDKL3JUQgchVm83LwYwSVJKY-05YZ-sosICUkzMvXZ39X9H23QNcCVeBi12V6IGxyOagNezXNRrPBi7lzQ1aVyCwtT35pGWAy0CZDnWZGucFseT6UXj2SWGvcTVi7DnU0A8Ps576h-dI3p720ZPrklXmvu_97eL9Wj-cidPGjOLMvlaJfJVARjPW8WJ3aw-FmgBuvpiGXUeOSutti20BliyIBnlPeoA_DFFtUBykzJGbbZte5eVp5ilAhEFlmHHyPGO06xiczutoG1AENQkeDpX90ccNaw", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 06:43:21,804:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55356027520/tzUneg HTTP/1.1" 200 186 2021-12-04 06:43:21,805:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 11:43:21 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356027520/tzUneg Replay-Nonce: 0101GLy1EG2vgUTBgqxxMNQB1wnYNIcCm_rc5cDQ23mm06I X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356027520/tzUneg", "token": "byfj241iTzm9hHMQf36rJTn_tknDCCuWmniD473lpvc" } 2021-12-04 06:43:21,806:DEBUG:acme.client:Storing nonce: 0101GLy1EG2vgUTBgqxxMNQB1wnYNIcCm_rc5cDQ23mm06I 2021-12-04 06:43:22,808:DEBUG:acme.client:JWS payload: b'' 2021-12-04 06:43:22,810:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55356027520: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMUdMeTFFRzJ2Z1VUQmdxeHhNTlFCMXduWU5JY0NtX3JjNWNEUTIzbW0wNkkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MzU2MDI3NTIwIn0", "signature": "MvwpHdxNhMqHqt_7HQsFogYXr4CC_ZWIb6YzC8PG-zA3O9ZSz-G12_A63KqtPi191iOMb53QN4SPbLomawuZNHtUBjDiXViafPztZ9H8JLeJZo9br-iZTq1EWncPAJpuslhFDNC7z4D6LcWLWPn6QeU2PYVTug0BMCGh7MpyZwI_F2yHmjz3azkdk8YvGmAwB6GBeu6s8VfGUvV6scttQeVa_ZEcsslBq0VdPmonwGStHL4aFx7bAWD2Lccu9jDgDDR6QtBc8Q-ctmqSxtXY63uSzi3RyAbulKMED46RwA71DJUozFwmHvRT5wj-qrTDCJe78O7XyhDutan-hPhIGg", "payload": "" } 2021-12-04 06:43:22,962:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55356027520 HTTP/1.1" 200 792 2021-12-04 06:43:22,963:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 11:43:22 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01014gRvOlSqP3Jy-WpP8pybKrp2w7h7ZhfyoZbQomcixCU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T11:43:21Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356027520/tzUneg", "token": "byfj241iTzm9hHMQf36rJTn_tknDCCuWmniD473lpvc" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356027520/11Gw3Q", "token": "byfj241iTzm9hHMQf36rJTn_tknDCCuWmniD473lpvc" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356027520/JrBO8A", "token": "byfj241iTzm9hHMQf36rJTn_tknDCCuWmniD473lpvc" } ] } 2021-12-04 06:43:22,964:DEBUG:acme.client:Storing nonce: 01014gRvOlSqP3Jy-WpP8pybKrp2w7h7ZhfyoZbQomcixCU 2021-12-04 06:43:25,966:DEBUG:acme.client:JWS payload: b'' 2021-12-04 06:43:25,968:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55356027520: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMTRnUnZPbFNxUDNKeS1XcFA4cHliS3JwMnc3aDdaaGZ5b1piUW9tY2l4Q1UiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MzU2MDI3NTIwIn0", "signature": "OwKBunPXGUNg-FQ7E8iKGXRXP1g8_fjzy1Ie_-kAn6fNeBsJjvr2rwQtm20bHuJRLCHqZmXOZ5VTOlU4uB6-e3AL9GO7d4Gjy8-JgCI2O8482U2GBBGXHw0iahImmhTysDmheewysjs0RDoICH_jULXFcJk5swG0VLTe6WiQsAP7peOYp_o2tUMXZDbeosZFCZtWm-bWgL-sE4rVxx2WPoaOFGBOf7u8Dx7opfGEQRIP9kzCS5GHkloeyU7Rk9D2oyW_BEtHWzpJhBvI9Q-hhGrp_q-CRTJDcaEGig6ifIRoZxELkbKsyrsdvgkDGt0yqEIq_7TISaMnfhjZedvsxQ", "payload": "" } 2021-12-04 06:43:26,045:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55356027520 HTTP/1.1" 200 1505 2021-12-04 06:43:26,046:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 11:43:26 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01026A-1U4Wp3HaYa2GxpctVUkH-hmxnwwW2hMaFZbLjE1Q X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T11:43:21Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/byfj241iTzm9hHMQf36rJTn_tknDCCuWmniD473lpvc [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356027520/tzUneg", "token": "byfj241iTzm9hHMQf36rJTn_tknDCCuWmniD473lpvc", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/byfj241iTzm9hHMQf36rJTn_tknDCCuWmniD473lpvc", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/byfj241iTzm9hHMQf36rJTn_tknDCCuWmniD473lpvc", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T11:43:21Z" } ] } 2021-12-04 06:43:26,046:DEBUG:acme.client:Storing nonce: 01026A-1U4Wp3HaYa2GxpctVUkH-hmxnwwW2hMaFZbLjE1Q 2021-12-04 06:43:26,047:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-04 06:43:26,048:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 06:43:26,049:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/byfj241iTzm9hHMQf36rJTn_tknDCCuWmniD473lpvc [75.2.60.5]: "\n\n\n \n Prep: True 2021-12-04 06:43:26,485:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: IAuthenticator, IPlugin Entry point: standalone = certbot.plugins.standalone:Authenticator Initialized: Prep: True 2021-12-04 06:43:26,485:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-04 06:43:26,485:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer nginx 2021-12-04 06:43:26,489:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-04 06:43:26,490:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-04 06:43:26,492:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-04 06:43:26,652:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-04 06:43:26,653:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 11:43:26 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "LltZEPscHWc": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-04 06:43:26,653:INFO:certbot.hooks:Pre-hook command already run, skipping: /bin/systemctl stop nginx 2021-12-04 06:43:26,654:INFO:certbot.main:Renewing an existing certificate 2021-12-04 06:43:26,716:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0507_key-certbot.pem 2021-12-04 06:43:26,729:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0507_csr-certbot.pem 2021-12-04 06:43:26,730:DEBUG:acme.client:Requesting fresh nonce 2021-12-04 06:43:26,730:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-04 06:43:26,784:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-04 06:43:26,785:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 11:43:26 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002gnB5HnYwHgAiSBu3tgwxksne0y7rfIKZ8WgqNETSJTs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-04 06:43:26,786:DEBUG:acme.client:Storing nonce: 0002gnB5HnYwHgAiSBu3tgwxksne0y7rfIKZ8WgqNETSJTs 2021-12-04 06:43:26,786:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-04 06:43:26,789:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmduQjVIbll3SGdBaVNCdTN0Z3d4a3NuZTB5N3JmSUtaOFdncU5FVFNKVHMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "kgOPI-8nWB-0zZ1NU8rMkxKUtIhE0O6MGN3RzHxF09wP7F7yUHyiaKAG49R3QhOcEAydbCZTOValyPCG6uxJkulMbx1J4M-0AfginnoDqPzWs-AGKUlaWrd2eXgESBFI_wWKvZqLSnXscakt5NncbAL-Shw8L4iBPhZK4lnfb37iN_bxCqiRy61EN816n2lyFCpxa6lxcFy-jLQdG5I28jKyXru5iBdAYBV-3_tEmoSS_Xn2DB4mXSfRLNuLP99xui_xh71SFC2N74jjyjePgnibcW-RIb7L9XLy-gXcsbR6qu-3TuW-zGKUeyUdbslpZZGcNsdAsCrSNSrmkaD7hw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-04 06:43:27,435:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-04 06:43:27,436:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 04 Dec 2021 11:43:27 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44663682050 Replay-Nonce: 00026gV7BUCNYZlhhVRSrztDIOFaIlnKJ7oOVmG1X24_7A4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-11T11:43:27Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55356046760", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55356046770" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44663682050" } 2021-12-04 06:43:27,436:DEBUG:acme.client:Storing nonce: 00026gV7BUCNYZlhhVRSrztDIOFaIlnKJ7oOVmG1X24_7A4 2021-12-04 06:43:27,437:DEBUG:acme.client:JWS payload: b'' 2021-12-04 06:43:27,439:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55356046760: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjZnVjdCVUNOWVpsaGhWUlNyenRESU9GYUlsbktKN29PVm1HMVgyNF83QTQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MzU2MDQ2NzYwIn0", "signature": "ECRNAyZPknR46mzGJyxD1QIxCVukgaZnEwLJgAUsfeTkoZhyAUTjPcOrqOsvB0xf7lTAoQiC5jmg7B9nKP9RWdTpZhDAs870cLHBcTl52xo9mIrm-inI-UKT2-0bRrUwxDCWHqB9UTcTtBngjdM1DEbLyyI7MJx6YLdF2t1euYJNEud-fWQvI8_43BMhff2LPwhXzRAyZ7RWmigDZkor7ZBEOh_1t06XZSZNzZ5qUIJWWOPUlYJ866Mi3v16Mz3hyC9qDp7FNAdUMRRTuuO5cSDj54r3rieA4x7yj0oKH2UXeYi8otpppBv3dR-DKyrMF8Xgo8bDKVUVuASp5ZJmyA", "payload": "" } 2021-12-04 06:43:27,501:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55356046760 HTTP/1.1" 200 792 2021-12-04 06:43:27,502:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 11:43:27 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001axrnz9i5Op6Q67td9K9KVtSr0AGxNYk459ByL4D7H5U X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T11:43:27Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356046760/Mtet9Q", "token": "-kAwRqWWjscxTvnMgLVCgbzdLzZ_AOrKi3G8yzoOGpw" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356046760/8Q5-IQ", "token": "-kAwRqWWjscxTvnMgLVCgbzdLzZ_AOrKi3G8yzoOGpw" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356046760/Kgmi5Q", "token": "-kAwRqWWjscxTvnMgLVCgbzdLzZ_AOrKi3G8yzoOGpw" } ] } 2021-12-04 06:43:27,503:DEBUG:acme.client:Storing nonce: 0001axrnz9i5Op6Q67td9K9KVtSr0AGxNYk459ByL4D7H5U 2021-12-04 06:43:27,503:DEBUG:acme.client:JWS payload: b'' 2021-12-04 06:43:27,505:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55356046770: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWF4cm56OWk1T3A2UTY3dGQ5SzlLVnRTcjBBR3hOWWs0NTlCeUw0RDdINVUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MzU2MDQ2NzcwIn0", "signature": "bWcUCQt6EFdKW3K3Riyye6KWDj9r6SByfrajdunK7iKJ6S3GNRIkpTF8la3rpsrx_TD2iJwtjKtUibICrSmXyTRgEkj6uKCEtq-GikvNT_nSFpUSOvDtKBCxlXmHyZDLgj1-Y4nmNeRRkmoMjzwiHU1s2lF-4kig-pNfgJZn_4H8ApYNCfqJRUZC4lyMKVnV0buAWfzFzk6ZDoSTYbQ2oSviXc8hIZ9WIMw64sEVecRZoQPwEWIgR1SUZHGoK2mXyr1Ogndd7YVGLx6ZwrMonQInNTIngNgPqSAQaz7FeGYV3oIfLXyrZDNn6mdqPsGNkTAsmoLDNqsRwFk6vXlh8Q", "payload": "" } 2021-12-04 06:43:27,646:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55356046770 HTTP/1.1" 200 796 2021-12-04 06:43:27,647:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 11:43:27 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002oMaxsHYtZR7mSdajrko8xs1-7a4qak2C4Z0B7Ug628M X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-11T11:43:27Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356046770/FRyftw", "token": "FCr6QnD831y5Y8Cu9b4RceRqirAo_jKFZe2N0LacXAk" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356046770/GTTNpQ", "token": "FCr6QnD831y5Y8Cu9b4RceRqirAo_jKFZe2N0LacXAk" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356046770/elkqkA", "token": "FCr6QnD831y5Y8Cu9b4RceRqirAo_jKFZe2N0LacXAk" } ] } 2021-12-04 06:43:27,648:DEBUG:acme.client:Storing nonce: 0002oMaxsHYtZR7mSdajrko8xs1-7a4qak2C4Z0B7Ug628M 2021-12-04 06:43:27,648:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-04 06:43:27,649:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 06:43:27,649:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-04 06:43:27,650:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-12-04 06:43:27,650:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-12-04 06:43:27,655:INFO:certbot.auth_handler:Waiting for verification... 2021-12-04 06:43:27,656:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 06:43:27,657:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356046760/Mtet9Q: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMm9NYXhzSFl0WlI3bVNkYWpya284eHMxLTdhNHFhazJDNFowQjdVZzYyOE0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MzU2MDQ2NzYwL010ZXQ5USJ9", "signature": "VfXvoMemsWB3jhz_vKtCEszeaOBOSUQob0obeNhrMKtmUzKl8II3jajvkeRR0_0zCG_EOMv4296tchImTcB6RnuQ1es-6De71Srq8IsSEU63R72y8G1JIDKzdxucPacBK1dmhnbr5X_y1HPMMGqgjQlcvcW9_sTse4CucZW-ALFm-LH_cf715LvccBX34qK40blwJHAkLUeu1ZLxKhH6hvtTERExLqspd1eVYraAnwnQ7aWqCLJw8ievfFfA0U_2KtJ9h4JzmH2CBYHC_tv6gWCNILqpQfIr1x5ZWY1tEwTNuz5U-OrFzSNheChZWiw8wiU1cAZ6vtTfYhLNeC76Pg", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 06:43:27,733:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55356046760/Mtet9Q HTTP/1.1" 200 186 2021-12-04 06:43:27,734:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 11:43:27 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356046760/Mtet9Q Replay-Nonce: 0001gXEvjfX2tvivcLm7cpR96fwiVJ3lcSvZ_otRM78ye3M X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356046760/Mtet9Q", "token": "-kAwRqWWjscxTvnMgLVCgbzdLzZ_AOrKi3G8yzoOGpw" } 2021-12-04 06:43:27,735:DEBUG:acme.client:Storing nonce: 0001gXEvjfX2tvivcLm7cpR96fwiVJ3lcSvZ_otRM78ye3M 2021-12-04 06:43:27,735:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 06:43:27,737:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356046770/FRyftw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWdYRXZqZlgydHZpdmNMbTdjcFI5NmZ3aVZKM2xjU3ZaX290Uk03OHllM00iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1MzU2MDQ2NzcwL0ZSeWZ0dyJ9", "signature": "SnDDxKz0jBYW9i6WQ-xZHCvgPINOvBD1EYX60ks14aM8Q9v_atkZrCjtvC9DmQ1gRvYvRz0_jrh1jWzaGJJlkz7uA5Jreqfnorwsww3Bf0Uc8tGdrwGwLED7_4xqapKNYFXIkY6IDofv14stwsE55yqbD1XfvIyhbnFb_DC794d92Kn_gsD3-Txv_aEZaVtnuDMdfXKYNMp3FW0V6SQQta6WfiLAs7O_mE__SEa7TMm3MBeUqkn4alE27PH9j_6q7O9Sq_F6JCNYVVucFJAecyANhiKZVT9Mwk69UX6LzTyb6Bw-PndbEuo4Rk_o2jaIeVTZvTgM9Pk9G_4hIeD4YA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 06:43:27,806:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55356046770/FRyftw HTTP/1.1" 200 186 2021-12-04 06:43:27,807:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 11:43:27 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356046770/FRyftw Replay-Nonce: 0002Ktt9Iq-5qaXxhjCr9En1iFTfzRMzj-htHFi45XqAHHw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356046770/FRyftw", "token": "FCr6QnD831y5Y8Cu9b4RceRqirAo_jKFZe2N0LacXAk" } 2021-12-04 06:43:27,807:DEBUG:acme.client:Storing nonce: 0002Ktt9Iq-5qaXxhjCr9En1iFTfzRMzj-htHFi45XqAHHw 2021-12-04 06:43:28,808:DEBUG:acme.client:JWS payload: b'' 2021-12-04 06:43:28,811:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55356046760: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMkt0dDlJcS01cWFYeGhqQ3I5RW4xaUZUZnpSTXpqLWh0SEZpNDVYcUFISHciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MzU2MDQ2NzYwIn0", "signature": "MSJviPqcyTREv8Dj44O8XmUIhOCe4xSVLDePxAGnK6wzE-eJ0T4tqLSVrQ02WUlqdr_FgLc4kgDL8aoYN2jPl_94EhRvo6nydRmlvh_PE1nZrYdEpGX2jO48GoFr5XAZux19avZaK2mWOVf0RRKQQXoidzt8fhSgDv_yFcnP9cfAIxC1YkxNUfriEa66Q1xWTF4N5PjRz54e5ElwmKec0yMZGGK6aj9TaMfCN71W_afaVz-3-FXDg22mXHI4HnIe4rT9rmrhZudslHZMzbFJwwS-IsBwzNL4OdBnPaKIv01TvigG1E4UORkkNQEEPDGdDc37d7H0t7TO8tKtPXz3OQ", "payload": "" } 2021-12-04 06:43:29,016:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55356046760 HTTP/1.1" 200 1505 2021-12-04 06:43:29,017:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 11:43:28 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001iB7OtarcAtI_tZiMxUfHUog0XeZdYpn1LAWcB9cE4ZY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T11:43:27Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/-kAwRqWWjscxTvnMgLVCgbzdLzZ_AOrKi3G8yzoOGpw [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356046760/Mtet9Q", "token": "-kAwRqWWjscxTvnMgLVCgbzdLzZ_AOrKi3G8yzoOGpw", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/-kAwRqWWjscxTvnMgLVCgbzdLzZ_AOrKi3G8yzoOGpw", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/-kAwRqWWjscxTvnMgLVCgbzdLzZ_AOrKi3G8yzoOGpw", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T11:43:27Z" } ] } 2021-12-04 06:43:29,017:DEBUG:acme.client:Storing nonce: 0001iB7OtarcAtI_tZiMxUfHUog0XeZdYpn1LAWcB9cE4ZY 2021-12-04 06:43:29,018:DEBUG:acme.client:JWS payload: b'' 2021-12-04 06:43:29,020:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55356046770: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMWlCN090YXJjQXRJX3RaaU14VWZIVW9nMFhlWmRZcG4xTEFXY0I5Y0U0WlkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MzU2MDQ2NzcwIn0", "signature": "hQOplv9FM6CP5sjHQWTyQMzelfAtZguCd6tutN82EoWFUfpeUNaszbuVVR39tI2BeZXWyDNNyDxvTB_Ewe3qA1hXOrENGfhu8gA04tzhnGtttze-DIAfBrnd9s_elet_QhcfwNZ0M3o260Ry6oO0Jkvz3SLFFMl-LFk1RLwng6hFNTQsALIvqgx4bOR2Jyy-EMPVp92LCIjAC2EUIAaPadEwufh6GySfQITlZ7O1CD3qjd-tDhZlwSwQFvTRSCWvROF2uLyIU-5ZykDUyM-z78qSD4p9YQw4Egi5DpymVTyYk2Ncd2G-3orPP45l7jCLi1fLKuJw8aTJyeU9KVRxOA", "payload": "" } 2021-12-04 06:43:29,095:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55356046770 HTTP/1.1" 200 796 2021-12-04 06:43:29,096:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 11:43:29 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002dSHK0dSNwmnLU8zmaKpifK_QU_TrESHxy4JGtI7yIlY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-11T11:43:27Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356046770/FRyftw", "token": "FCr6QnD831y5Y8Cu9b4RceRqirAo_jKFZe2N0LacXAk" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356046770/GTTNpQ", "token": "FCr6QnD831y5Y8Cu9b4RceRqirAo_jKFZe2N0LacXAk" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356046770/elkqkA", "token": "FCr6QnD831y5Y8Cu9b4RceRqirAo_jKFZe2N0LacXAk" } ] } 2021-12-04 06:43:29,097:DEBUG:acme.client:Storing nonce: 0002dSHK0dSNwmnLU8zmaKpifK_QU_TrESHxy4JGtI7yIlY 2021-12-04 06:43:29,097:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-04 06:43:32,100:DEBUG:acme.client:JWS payload: b'' 2021-12-04 06:43:32,102:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55356046770: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmRTSEswZFNOd21uTFU4em1hS3BpZktfUVVfVHJFU0h4eTRKR3RJN3lJbFkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1MzU2MDQ2NzcwIn0", "signature": "IMPbCBlphA4HH-t4gu0hcqK9vC-Esu1VOdm70dgiTUdTH9xgTDlRZWPd00ZExwKuJ9TvJ7iFRm8uzYZ0_Ka7lFCCs-gSAawVOdSgYGfuNBnfDYS3PJ31_4s36HNnzf0A5hbSjCUU5Eqrlm_ArWBjBhGp8799G9sqruoc7AtVPTCR20j6vhS1dhZTknV5nQnAtbukclLazp8kpbX5Pa_nt_rgfS1WfQkYOVl4V8YhNaOupaQl-zOhg4WuLjfZ884GK8XCJfuKrfF3Fut5J-rw3Jbugr4rnn2-zzLloXId7enAdwGohjQLEB4dctDnfi-wnl2-3Ev7FLzqNte7rRWxXw", "payload": "" } 2021-12-04 06:43:32,167:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55356046770 HTTP/1.1" 200 1826 2021-12-04 06:43:32,168:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 11:43:32 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001FOnObNUbHHn3TSONGYRugcGHM8oKUBWUKOpVO2NDjxA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T11:43:27Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/FCr6QnD831y5Y8Cu9b4RceRqirAo_jKFZe2N0LacXAk [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55356046770/FRyftw", "token": "FCr6QnD831y5Y8Cu9b4RceRqirAo_jKFZe2N0LacXAk", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/FCr6QnD831y5Y8Cu9b4RceRqirAo_jKFZe2N0LacXAk", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/FCr6QnD831y5Y8Cu9b4RceRqirAo_jKFZe2N0LacXAk", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/FCr6QnD831y5Y8Cu9b4RceRqirAo_jKFZe2N0LacXAk", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T11:43:27Z" } ] } 2021-12-04 06:43:32,169:DEBUG:acme.client:Storing nonce: 0001FOnObNUbHHn3TSONGYRugcGHM8oKUBWUKOpVO2NDjxA 2021-12-04 06:43:32,169:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-04 06:43:32,170:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 06:43:32,170:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-04 06:43:32,170:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/-kAwRqWWjscxTvnMgLVCgbzdLzZ_AOrKi3G8yzoOGpw [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-12-04 06:43:32,664:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-12-04 06:43:32,665:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-12-04 06:43:32,665:INFO:certbot.hooks:Running post-hook command: /bin/systemctl start nginx 2021-12-04 06:43:32,743:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-04 08:15:31,998:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-04 08:15:31,998:DEBUG:certbot.main:Arguments: ['-q'] 2021-12-04 08:15:31,999:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-04 08:15:32,013:DEBUG:certbot.log:Root logging level set at 30 2021-12-04 08:15:32,014:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-04 08:15:32,023:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2021-12-04 08:15:32,032:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 08:15:32,033:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 08:15:32,034:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 08:15:32,038:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 08:15:32,039:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 08:15:32,039:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 08:15:32,043:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 08:15:32,044:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 08:15:32,044:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 08:15:32,048:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 08:15:32,049:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 08:15:32,050:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 08:15:32,054:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 08:15:32,055:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 08:15:32,056:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 08:15:32,060:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-12-04 08:15:32,060:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-04 08:15:32,060:INFO:certbot.renewal:Non-interactive renewal: random delay of 419.3676589222856 seconds 2021-12-04 08:22:31,528:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-12-04 08:22:31,789:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-04 08:22:31,790:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-04 08:22:31,790:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-04 08:22:31,791:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-04 08:22:31,794:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-04 08:22:31,796:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-04 08:22:31,798:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-04 08:22:31,918:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-04 08:22:31,919:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 13:22:31 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "Xfzef1ccMmo": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-04 08:22:31,919:INFO:certbot.main:Renewing an existing certificate 2021-12-04 08:22:32,059:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0508_key-certbot.pem 2021-12-04 08:22:32,069:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0508_csr-certbot.pem 2021-12-04 08:22:32,070:DEBUG:acme.client:Requesting fresh nonce 2021-12-04 08:22:32,070:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-04 08:22:32,109:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-04 08:22:32,110:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 13:22:32 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101q0YJWaK3M4cyQuU0OCYevgExzQX6lrm35eVw-N0C9SQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-04 08:22:32,110:DEBUG:acme.client:Storing nonce: 0101q0YJWaK3M4cyQuU0OCYevgExzQX6lrm35eVw-N0C9SQ 2021-12-04 08:22:32,111:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-12-04 08:22:32,113:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMXEwWUpXYUszTTRjeVF1VTBPQ1lldmdFeHpRWDZscm0zNWVWdy1OMEM5U1EiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "YGbLPmhcErR6nf2fVExn1oU2-GQVcpLKYvyShlGqiHDI3WOoo5Bzm4RB6RGXZXLJTig2JzaRrZPL0-ucdps5B3XHrZxtV0nxms9-iIdrPIoC_ZESTH6EcSX8PSOucfzkM35eyJnVPOS9vzz77MS-C0mOb0UK1M4xOYV-QGlgkeZqeL0GP0lXCcCfw640niq52NvC52CqG0UCyE3Grlc8_-KCszPiSGiRe2DHI4JoHMicK4PKX9mVvM2khewrOdiVYplccmGT4GWsZj23fBm529fW03Zg0S-kZrqaaUq9eqXVdmYDzTWv2ok1Z8-aYlUBYsNWj8Hw-9A87uErZXSiHA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-12-04 08:22:32,689:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-12-04 08:22:32,690:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 04 Dec 2021 13:22:32 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44680593020 Replay-Nonce: 0102ubsjmctQbLBeezdb07gSqPEld_Fq7XJqVHVxCXqhcuo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-11T13:22:32Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55376190330" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44680593020" } 2021-12-04 08:22:32,690:DEBUG:acme.client:Storing nonce: 0102ubsjmctQbLBeezdb07gSqPEld_Fq7XJqVHVxCXqhcuo 2021-12-04 08:22:32,691:DEBUG:acme.client:JWS payload: b'' 2021-12-04 08:22:32,693:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55376190330: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMnVic2ptY3RRYkxCZWV6ZGIwN2dTcVBFbGRfRnE3WEpxVkhWeENYcWhjdW8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1Mzc2MTkwMzMwIn0", "signature": "GKTNJWWfIScFwvjJEJHyiJ1uxfKeebxHuJKDLNtaTxufJ0SLBQMliZUzB5MsFBXmIiJIHeBp0mPJb8uR3w0uNTaIIUt4WMQ9TTwvFX430CV36i4qK30HBPiUubaZao9UE3eNNYq-YJT6OHam_6epfNUN6x3LQ1yKz6Mpa0sYKM9sF7bbwsvJrWik5tYRAfQ0zvYXQs0e1keKWD_KzEtHuZw1mRem35RN7EEt3Pp9D7gDzVoUehW8f6KQoffAB_xdc7WObUiWpVWvt9zmnS8ltcyR4eSE-rPImYLc5tGnlxFxQjbTUO1daX5mv3IxP3DGjeGM7NXWT-d2GDLeUfcw3w", "payload": "" } 2021-12-04 08:22:32,769:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55376190330 HTTP/1.1" 200 792 2021-12-04 08:22:32,770:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 13:22:32 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102sEWcHPzZ2B_EtuaJGhs1jOJCb7LS8vr8k32y6NXELtk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T13:22:32Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376190330/bHNIew", "token": "gZs5yed5qmBxvmRInERDSQJV5V6xMU_7YhTB7yR8EWc" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376190330/YjQ4sQ", "token": "gZs5yed5qmBxvmRInERDSQJV5V6xMU_7YhTB7yR8EWc" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376190330/i7mZ6A", "token": "gZs5yed5qmBxvmRInERDSQJV5V6xMU_7YhTB7yR8EWc" } ] } 2021-12-04 08:22:32,770:DEBUG:acme.client:Storing nonce: 0102sEWcHPzZ2B_EtuaJGhs1jOJCb7LS8vr8k32y6NXELtk 2021-12-04 08:22:32,771:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-04 08:22:32,771:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 08:22:32,804:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-04 08:22:32,804:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-04 08:22:32,805:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-04 08:22:32,805:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-04 08:22:32,805:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-04 08:22:32,806:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-04 08:22:32,806:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-04 08:22:32,806:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-04 08:22:32,807:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-04 08:22:32,807:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-04 08:22:32,807:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-04 08:22:32,808:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-04 08:22:32,808:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-04 08:22:32,809:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-04 08:22:32,810:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/gZs5yed5qmBxvmRInERDSQJV5V6xMU_7YhTB7yR8EWc{default_type text/plain;return 200 gZs5yed5qmBxvmRInERDSQJV5V6xMU_7YhTB7yR8EWc.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-04 08:22:33,838:INFO:certbot.auth_handler:Waiting for verification... 2021-12-04 08:22:33,839:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 08:22:33,842:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376190330/bHNIew: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMnNFV2NIUHpaMkJfRXR1YUpHaHMxak9KQ2I3TFM4dnI4azMyeTZOWEVMdGsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1Mzc2MTkwMzMwL2JITklldyJ9", "signature": "ewHcivnOR1SgOhxxT1llLbJ5b_RnUUtQFTE2fPcaNrGXWPB9I1T1qNPvPrtrO45lwqYb_CKz_lAhWHHLbCcgaDx-NJIQr5fSNXiaO-gR26VlGyqvbwGZ2ZamuNq6uJdURjupZfg45xMlcqRPAzh3Kya0ap6xgdgcgpY9UbFiX0ESMUlSpFbwI_zsRPsgSfY_pX5Wo6owIVp_48m4OXdeB_tYJggUMOkVXlrJE4hzJUUeV7J_Ux_nQyVBJzkQ7NCDJzDIX0b9g-5F6Y-XimrOaUo4ppvkV6sYRrzgZk71xwh-E5CC5uI65l8RM2peZGaua5gSvud59IM6Yh5Wm-zZLA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 08:22:33,940:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55376190330/bHNIew HTTP/1.1" 200 186 2021-12-04 08:22:33,942:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 13:22:33 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376190330/bHNIew Replay-Nonce: 0101TfCznPyWLjLS6UBTPMACIEO4yRtNCAd12car3Z_RR9c X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376190330/bHNIew", "token": "gZs5yed5qmBxvmRInERDSQJV5V6xMU_7YhTB7yR8EWc" } 2021-12-04 08:22:33,942:DEBUG:acme.client:Storing nonce: 0101TfCznPyWLjLS6UBTPMACIEO4yRtNCAd12car3Z_RR9c 2021-12-04 08:22:34,944:DEBUG:acme.client:JWS payload: b'' 2021-12-04 08:22:34,947:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55376190330: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMVRmQ3puUHlXTGpMUzZVQlRQTUFDSUVPNHlSdE5DQWQxMmNhcjNaX1JSOWMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1Mzc2MTkwMzMwIn0", "signature": "Q5ocRPmVXAAZOJ8okqfia44W-_o3NcU-LpcDr1aooZxMDd5BQyAA4EIq6E_AmzWcmKswkwsdnLDj8ltY6OXwa3fHODm7iK7eZTbVgxAq6hpXmTp-9W4-1UXOCxAxSRXxxLSTOVZY3sU9DYreGXFuzkwHTiRz0_jTHv1dfQqQb9S_LLyn3KBOgpft84Iwig-hODQfTQuHFN5IkS9pIdxdXrMQFevs90lW6vdGKyd2cOXxsqwn-ICZxs4wWg6jc8ZtfFtPwz3cCGH5l-hQG39WOyTOpeFYp7dvb-ViAmuXfgTMajDx_uk751I3UHZiIpJYGz-E-cm7GlU-YA7P9yw-Ng", "payload": "" } 2021-12-04 08:22:35,023:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55376190330 HTTP/1.1" 200 792 2021-12-04 08:22:35,024:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 13:22:35 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102gS6OyKhIfGuuwNu5reIo9d881dSlQf5-e1yqy-RvNdY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T13:22:32Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376190330/bHNIew", "token": "gZs5yed5qmBxvmRInERDSQJV5V6xMU_7YhTB7yR8EWc" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376190330/YjQ4sQ", "token": "gZs5yed5qmBxvmRInERDSQJV5V6xMU_7YhTB7yR8EWc" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376190330/i7mZ6A", "token": "gZs5yed5qmBxvmRInERDSQJV5V6xMU_7YhTB7yR8EWc" } ] } 2021-12-04 08:22:35,024:DEBUG:acme.client:Storing nonce: 0102gS6OyKhIfGuuwNu5reIo9d881dSlQf5-e1yqy-RvNdY 2021-12-04 08:22:38,025:DEBUG:acme.client:JWS payload: b'' 2021-12-04 08:22:38,027:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55376190330: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMmdTNk95S2hJZkd1dXdOdTVyZUlvOWQ4ODFkU2xRZjUtZTF5cXktUnZOZFkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1Mzc2MTkwMzMwIn0", "signature": "LB68TssWshFiYn_wJ9N-ne2LyvsQZrWd3fWwpdt7o1aHgLoz8fjSsgqxtIgWqVSIbCN1Bffi0u0gFnmLAko2n4Hj7OS69RTtHn5KEZkmYYhnoZksNajyu8sIDN1mVe1ChNtqBhKvjsmZxcg6h2yMV9Zc2a7lRsLr7c4uyb-2-zgcN0jNnn0Q3wSiwFIEvslbTqBg9Hg-_4eeECvYiY789KKIH4ZOOnfumsri9ICPtYNIx_SBiUNq_0_LenkBgDHc4WNJ5-_1-iCDyGQlrZq2Z9-WZaSDQ_1HIF1VkVlBHq2F9V-g_uIC6-YNd7vAtJe6uxomxGP25o_-eeEWdYD5ew", "payload": "" } 2021-12-04 08:22:38,102:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55376190330 HTTP/1.1" 200 1505 2021-12-04 08:22:38,103:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 13:22:38 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102My6weWVxLxOy69nEFx_VaPIVcGOXRRVSp3zDzkKyHbw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T13:22:32Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/gZs5yed5qmBxvmRInERDSQJV5V6xMU_7YhTB7yR8EWc [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376190330/bHNIew", "token": "gZs5yed5qmBxvmRInERDSQJV5V6xMU_7YhTB7yR8EWc", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/gZs5yed5qmBxvmRInERDSQJV5V6xMU_7YhTB7yR8EWc", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/gZs5yed5qmBxvmRInERDSQJV5V6xMU_7YhTB7yR8EWc", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T13:22:33Z" } ] } 2021-12-04 08:22:38,104:DEBUG:acme.client:Storing nonce: 0102My6weWVxLxOy69nEFx_VaPIVcGOXRRVSp3zDzkKyHbw 2021-12-04 08:22:38,105:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-04 08:22:38,105:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 08:22:38,105:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/gZs5yed5qmBxvmRInERDSQJV5V6xMU_7YhTB7yR8EWc [75.2.60.5]: "\n\n\n \n Prep: True 2021-12-04 08:22:39,736:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-04 08:22:39,737:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-04 08:22:39,737:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-04 08:22:39,742:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-04 08:22:39,744:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-04 08:22:39,746:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-04 08:22:39,863:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-04 08:22:39,864:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 13:22:39 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "TNIH244KTA4": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-04 08:22:39,865:INFO:certbot.main:Renewing an existing certificate 2021-12-04 08:22:39,985:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0509_key-certbot.pem 2021-12-04 08:22:39,991:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0509_csr-certbot.pem 2021-12-04 08:22:39,992:DEBUG:acme.client:Requesting fresh nonce 2021-12-04 08:22:39,992:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-04 08:22:40,030:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-04 08:22:40,031:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 13:22:40 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102lhEZAn4AlrHDSw3zzHpgG_GM6DogN-g-4Z8-boCvD7c X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-04 08:22:40,031:DEBUG:acme.client:Storing nonce: 0102lhEZAn4AlrHDSw3zzHpgG_GM6DogN-g-4Z8-boCvD7c 2021-12-04 08:22:40,031:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-04 08:22:40,033:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMmxoRVpBbjRBbHJIRFN3M3p6SHBnR19HTTZEb2dOLWctNFo4LWJvQ3ZEN2MiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "NSJU3UlYKydKpdbxXPuMHcXEWw9MJ0rSgxDK4K4Tm5GCoSNPyrYOIIfRbz6rBGBgNSm0cwdoN7cl24geHt8BSDO0yC5Al-5-U1vWdDnIrWMIs47MLdiFBDJVN9MiEUGY7oaLZKz-SU4ew1pOMzzTAemWvhXpi1wW36GQbUgSTZtFH8LZj8_9QbzhaROY38oVI3mP0CobhIPnFok-qgTLjk2rPMlo6ypeXblvaqqs33kLvMQCc3KX2Ew9u0sjtg4BJrGSL3ApKLv9S26KC44w5Z_hbRpXK62W21nWnujmOS2hcmJb4vbOzl2eUA7o3JZ4qMhIraSLqidUOM63a4y38A", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-04 08:22:40,809:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-04 08:22:40,810:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 04 Dec 2021 13:22:40 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44680611900 Replay-Nonce: 01022dRaDlgl4HTn7IFFjgPvVM0Nls-M8X5A_roTELWefo4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-11T13:22:40Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55376214020", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55376214030" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44680611900" } 2021-12-04 08:22:40,810:DEBUG:acme.client:Storing nonce: 01022dRaDlgl4HTn7IFFjgPvVM0Nls-M8X5A_roTELWefo4 2021-12-04 08:22:40,811:DEBUG:acme.client:JWS payload: b'' 2021-12-04 08:22:40,814:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55376214020: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMjJkUmFEbGdsNEhUbjdJRkZqZ1B2Vk0wTmxzLU04WDVBX3JvVEVMV2VmbzQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1Mzc2MjE0MDIwIn0", "signature": "h5Nw1AlXvj1aErDJgq0BFtfpDXE8P4Z1Lxmyrpv3le1JZkdmEnMS6mwM4hwrYsPEJOqE-YlmhIkVHOzP1mt2Xi6KboqCVmDzWk3KO3qFtnhf_E9_zXv658ORGxPo-bdh-sg0PeoAVRYKd9coRbTluQ3y_Jx4ccCd5vI1AicwsI1Ohz4-7MrJQzYd3ZRjWrSUJJQvpXWz3__QlYsN6sfqR-10CBfFUtVa2jiOzH_1nwLhpBtOtQYDdqdkjfNDK363yQT6E2OsmrJKQrJ-V5y1px9jysku8tJKURvUznQ9NLJ5aninukANdmlhpUb3zLYNlfCceJVNd8dLmHWwiMQGyA", "payload": "" } 2021-12-04 08:22:40,890:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55376214020 HTTP/1.1" 200 792 2021-12-04 08:22:40,892:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 13:22:40 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102hDhlh1wkIXjnAzogK9_pjohxhOVxozvaOhPGxUeM8pc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T13:22:40Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376214020/POCU7w", "token": "n5k5Fhw7bfGL3-bKF46BD3bp7WXmVect-NG3RxNSKEw" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376214020/CbgjZA", "token": "n5k5Fhw7bfGL3-bKF46BD3bp7WXmVect-NG3RxNSKEw" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376214020/S0qhrw", "token": "n5k5Fhw7bfGL3-bKF46BD3bp7WXmVect-NG3RxNSKEw" } ] } 2021-12-04 08:22:40,892:DEBUG:acme.client:Storing nonce: 0102hDhlh1wkIXjnAzogK9_pjohxhOVxozvaOhPGxUeM8pc 2021-12-04 08:22:40,893:DEBUG:acme.client:JWS payload: b'' 2021-12-04 08:22:40,896:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55376214030: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMmhEaGxoMXdrSVhqbkF6b2dLOV9wam9oeGhPVnhvenZhT2hQR3hVZU04cGMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1Mzc2MjE0MDMwIn0", "signature": "hdjo-zGrna5wIESjmbXtkPYZ7ccI6qrfZpsI_9lEqiUkTgNsQJNH7YK6kF8N1M0T-yvPFEbufZubkRbbIdf-t_m5APFgzAyYR5Uu_1yJYkFML1XVlNZDL7MWuLL7FfXWK1g0GV4vP_PbdokBV6-_wrhcnvFNMCD3Ey6OSzuuc_bv3SUmWGsEECvsQAvgINKKFCzqSJn4puqf8syF6gO5UwU4ZL9PYDaXFzwVtKrSWXJrGUD2fSzSkzFyQvOyvKAhdSVhkTX8rZPj8CHEd9faseXdPkji5hOHVdqp66EJ6i85izBT-6JUy5rLd3yFUNGOY1froMubFpJDQgEGNthRBQ", "payload": "" } 2021-12-04 08:22:40,969:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55376214030 HTTP/1.1" 200 796 2021-12-04 08:22:40,970:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 13:22:40 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 010122Rjo09HOLDc_MiSZbiL-CMrsSlkfBBwNcCt5o8sPv0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-11T13:22:40Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376214030/lkrFwA", "token": "Xq4DLQGjVj7ewdR9SN3XMrumpM1_DeL9VUnuQurrjPs" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376214030/F1VCqw", "token": "Xq4DLQGjVj7ewdR9SN3XMrumpM1_DeL9VUnuQurrjPs" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376214030/MW52UA", "token": "Xq4DLQGjVj7ewdR9SN3XMrumpM1_DeL9VUnuQurrjPs" } ] } 2021-12-04 08:22:40,971:DEBUG:acme.client:Storing nonce: 010122Rjo09HOLDc_MiSZbiL-CMrsSlkfBBwNcCt5o8sPv0 2021-12-04 08:22:40,972:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-04 08:22:40,972:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 08:22:40,972:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-04 08:22:41,042:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-04 08:22:41,043:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-04 08:22:41,043:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-04 08:22:41,043:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-04 08:22:41,044:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-04 08:22:41,044:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-04 08:22:41,045:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-04 08:22:41,045:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-04 08:22:41,045:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-04 08:22:41,045:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-04 08:22:41,046:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-04 08:22:41,046:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-04 08:22:41,046:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-04 08:22:41,048:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-04 08:22:41,049:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/n5k5Fhw7bfGL3-bKF46BD3bp7WXmVect-NG3RxNSKEw{default_type text/plain;return 200 n5k5Fhw7bfGL3-bKF46BD3bp7WXmVect-NG3RxNSKEw.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot location = /.well-known/acme-challenge/Xq4DLQGjVj7ewdR9SN3XMrumpM1_DeL9VUnuQurrjPs{default_type text/plain;return 200 Xq4DLQGjVj7ewdR9SN3XMrumpM1_DeL9VUnuQurrjPs.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-04 08:22:42,092:INFO:certbot.auth_handler:Waiting for verification... 2021-12-04 08:22:42,093:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 08:22:42,096:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376214020/POCU7w: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMTIyUmpvMDlIT0xEY19NaVNaYmlMLUNNcnNTbGtmQkJ3TmNDdDVvOHNQdjAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1Mzc2MjE0MDIwL1BPQ1U3dyJ9", "signature": "GOUk3emDv3vtZ2FiPe-eRLSd4hRSh3bfFm7R7IfiJC87qYqNlz4q97JUo6mgxjjt22oAUXeVsCuMn4Rj8_F9gq6Lw29U0CNJB0dyVVaPLbAqoZMnDBCNP31QtRVGVzEvQNOvfgTPLIm81-dWg-vt5dsmKl1ggVjv2N1U-h-DN9sJdE0rZ90nIe29-eUr2FdX6ovUl_e5duDaxTsBW8THDlW5Xxaq00EuQMadzpN-s9HvIhlvDlW9AZrDpw9RyNzpVpU0WuH78r_HQRSRqPuy8CEYsLzpE5EM4EEzy7MjLRGu1qXHRN5zWNPNcgcNkIUl1qiKVtD9wUQVfO1hKqrZhw", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 08:22:42,204:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55376214020/POCU7w HTTP/1.1" 200 186 2021-12-04 08:22:42,205:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 13:22:42 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376214020/POCU7w Replay-Nonce: 0102Q0MNghNbr9kznrcyasdxdHQPkymxCTqW914p3670ICk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376214020/POCU7w", "token": "n5k5Fhw7bfGL3-bKF46BD3bp7WXmVect-NG3RxNSKEw" } 2021-12-04 08:22:42,205:DEBUG:acme.client:Storing nonce: 0102Q0MNghNbr9kznrcyasdxdHQPkymxCTqW914p3670ICk 2021-12-04 08:22:42,206:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 08:22:42,207:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376214030/lkrFwA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMlEwTU5naE5icjlrem5yY3lhc2R4ZEhRUGt5bXhDVHFXOTE0cDM2NzBJQ2siLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1Mzc2MjE0MDMwL2xrckZ3QSJ9", "signature": "K3gVubReFpn-LhF6Ews57AmvFnTaUCsbbMAL3FmqGrA7u_DaXK6ecJfyL-EYrOJFNao6GT4sHylS4n062f1xDeJRIcYuhCrlKtmqn_2Y7oElWuIRgekPPayF7qCGM2rUyFAgSThmzr2OU5cPHbZaWFjn-dfHeAodZfFkQDFNW3BWq4Y_BgFveCkz3dIXVMyd7LS5apAzqjzrfCUCH5McCeZzLVffzg0mcJloUriiYHoVt8V1Bjn5aY0Mfe3B0GBvR6Zn0vZ4eSlXYSmENRHYTCmTteSa9ECFUUI01Cd1HXNZnJ6L8YjFFB06t0SRAmyN6O4jkFL-l9HOObI80vuNmg", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 08:22:42,298:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55376214030/lkrFwA HTTP/1.1" 200 186 2021-12-04 08:22:42,299:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 13:22:42 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376214030/lkrFwA Replay-Nonce: 0101A9kieOouUIlrC9CJFD7T1IFHM4zFx87sf4QtJmjnz8g X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376214030/lkrFwA", "token": "Xq4DLQGjVj7ewdR9SN3XMrumpM1_DeL9VUnuQurrjPs" } 2021-12-04 08:22:42,299:DEBUG:acme.client:Storing nonce: 0101A9kieOouUIlrC9CJFD7T1IFHM4zFx87sf4QtJmjnz8g 2021-12-04 08:22:43,301:DEBUG:acme.client:JWS payload: b'' 2021-12-04 08:22:43,303:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55376214020: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMUE5a2llT291VUlsckM5Q0pGRDdUMUlGSE00ekZ4ODdzZjRRdEptam56OGciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1Mzc2MjE0MDIwIn0", "signature": "ZN906UmVHTh3ZOexcRb_tgn7WQfGA-sJ01GfJofWdGHavKuwDhzawgkU36OOHk8ZG7zUFHUO80oryjb3Fn58kL3TIFvcaTo7XZ3VT737Zs5adNqEssoihz-JIxHd29bm-ikqzj8hoXQuFz1niWWioUKgC4hYx_NPWq8-qG_c6hY4pCu7AK7_iIQl9HG3rwS9as994kIT7JhBkbTgtkQAfL8J-X0vgJs8nvpSzwgseU-4i3gm0M5sqj2K1jo1QKkf1sFVcq7Fx-tryEntWvEdwSZ7gKBEGX0CxdltbvJMVwSUrAcJONJUQs9y_DiM3V-m-3ImUvOa13oeRAdDfryIDA", "payload": "" } 2021-12-04 08:22:43,384:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55376214020 HTTP/1.1" 200 1505 2021-12-04 08:22:43,385:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 13:22:43 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101KkqRRsu10AVcTRGp6S9oCORcSNx24w-Ssa2c6pcwpSc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T13:22:40Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/n5k5Fhw7bfGL3-bKF46BD3bp7WXmVect-NG3RxNSKEw [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376214020/POCU7w", "token": "n5k5Fhw7bfGL3-bKF46BD3bp7WXmVect-NG3RxNSKEw", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/n5k5Fhw7bfGL3-bKF46BD3bp7WXmVect-NG3RxNSKEw", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/n5k5Fhw7bfGL3-bKF46BD3bp7WXmVect-NG3RxNSKEw", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T13:22:42Z" } ] } 2021-12-04 08:22:43,385:DEBUG:acme.client:Storing nonce: 0101KkqRRsu10AVcTRGp6S9oCORcSNx24w-Ssa2c6pcwpSc 2021-12-04 08:22:43,386:DEBUG:acme.client:JWS payload: b'' 2021-12-04 08:22:43,387:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55376214030: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMUtrcVJSc3UxMEFWY1RSR3A2UzlvQ09SY1NOeDI0dy1Tc2EyYzZwY3dwU2MiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1Mzc2MjE0MDMwIn0", "signature": "JuFW7e0oiD-YJxkGSyQEDbbVwwGwb_vtKQC4jjyH2n32mb2D4s7AQM3Yp2Oy88oQdipul5W7m0LYmupvdqkg9eIwxfE03SbF3A2uPCZ_j29gD_2yiQATgzygwUZZJmtcVkZ8WKtNkCIyNRRmK2y3FGzqlJkLK4zpIcGlqiHX6Q7eejiQjvM5B1mPk6qLkWsxUSBH7X-ej8b5oOcbTsd40yBZ4NrYibh_dpS93Nj194hvXx5KcNleyzCud40uUEw0dJUbvUI9RNLgMOk-nrvwWtZfZbVQaPYom7LrWENMXeS4WMTk-of6fCSADKpYEv2Uy5ylLECb4roPv5sdl-Qx6w", "payload": "" } 2021-12-04 08:22:43,463:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55376214030 HTTP/1.1" 200 796 2021-12-04 08:22:43,463:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 13:22:43 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102-Q_JZ7k-VixmfqgDGt3kY39qIxeHuxPnRQcr0RgJWfU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-11T13:22:40Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376214030/lkrFwA", "token": "Xq4DLQGjVj7ewdR9SN3XMrumpM1_DeL9VUnuQurrjPs" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376214030/F1VCqw", "token": "Xq4DLQGjVj7ewdR9SN3XMrumpM1_DeL9VUnuQurrjPs" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376214030/MW52UA", "token": "Xq4DLQGjVj7ewdR9SN3XMrumpM1_DeL9VUnuQurrjPs" } ] } 2021-12-04 08:22:43,464:DEBUG:acme.client:Storing nonce: 0102-Q_JZ7k-VixmfqgDGt3kY39qIxeHuxPnRQcr0RgJWfU 2021-12-04 08:22:43,464:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-04 08:22:46,469:DEBUG:acme.client:JWS payload: b'' 2021-12-04 08:22:46,471:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55376214030: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMi1RX0paN2stVml4bWZxZ0RHdDNrWTM5cUl4ZUh1eFBuUlFjcjBSZ0pXZlUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1Mzc2MjE0MDMwIn0", "signature": "bWKeZrOAVCO0B0iO4047WYW1IK0FHhy7iwLLgsTn8RrkTr5UfjbcOO8XfxCSfkt_wFIMotj6zVscVcSsy4AsV7fCgVPNpGN2HmhaRx0TgaxACes_woxTa0I2ftY6iXsJsf9P7h0BvcDvV4_BJLGeiKbuooxO_mBjfS58YHb3ggoxpTAaMZ-T5eFXiDxGHD4IQe4u_XMMsVgaWHvjd7nSvlADC15B1XSbO6H7ieJQSLCx3A3_JR7ut6nz3EuHL2wY_9QgqXu7xZ6uxH6vaLBsq5FRvmck0UKDpuXSTDE9w_D5pbrwc3q855-SXQ0FVxGYJDkiZqy7blVoabHK7517xA", "payload": "" } 2021-12-04 08:22:46,547:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55376214030 HTTP/1.1" 200 1826 2021-12-04 08:22:46,548:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 13:22:46 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101HffJjYNAmKuEPbAjsK-Hf8aFuh34bHAogCJsEfwOprQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T13:22:40Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/Xq4DLQGjVj7ewdR9SN3XMrumpM1_DeL9VUnuQurrjPs [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55376214030/lkrFwA", "token": "Xq4DLQGjVj7ewdR9SN3XMrumpM1_DeL9VUnuQurrjPs", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/Xq4DLQGjVj7ewdR9SN3XMrumpM1_DeL9VUnuQurrjPs", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/Xq4DLQGjVj7ewdR9SN3XMrumpM1_DeL9VUnuQurrjPs", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/Xq4DLQGjVj7ewdR9SN3XMrumpM1_DeL9VUnuQurrjPs", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T13:22:42Z" } ] } 2021-12-04 08:22:46,548:DEBUG:acme.client:Storing nonce: 0101HffJjYNAmKuEPbAjsK-Hf8aFuh34bHAogCJsEfwOprQ 2021-12-04 08:22:46,549:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-04 08:22:46,550:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 08:22:46,550:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-04 08:22:46,550:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/n5k5Fhw7bfGL3-bKF46BD3bp7WXmVect-NG3RxNSKEw [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-12-04 08:22:47,797:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-12-04 08:22:47,797:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-12-04 08:22:47,797:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-04 14:23:07,260:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-04 14:23:07,260:DEBUG:certbot.main:Arguments: ['--nginx', '-d', 'example.com', '-d', 'www.example.com'] 2021-12-04 14:23:07,261:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-04 14:23:07,272:DEBUG:certbot.log:Root logging level set at 20 2021-12-04 14:23:07,272:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-04 14:23:07,273:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-12-04 14:23:07,530:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-04 14:23:07,531:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-04 14:23:07,532:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-04 14:23:07,537:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-04 14:23:07,538:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-04 14:23:07,540:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-04 14:23:07,669:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-04 14:23:07,670:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 19:23:07 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "vICS-8jsIRg": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2021-12-04 14:23:07,680:INFO:certbot.main:Obtaining a new certificate 2021-12-04 14:23:07,930:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0510_key-certbot.pem 2021-12-04 14:23:07,937:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0510_csr-certbot.pem 2021-12-04 14:23:07,937:DEBUG:acme.client:Requesting fresh nonce 2021-12-04 14:23:07,937:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-04 14:23:07,978:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-04 14:23:07,979:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 19:23:07 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01026jzQT33R6ZLgvSeruef8LaA4mKkO9JpescaUOHPyw2Q X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-04 14:23:07,979:DEBUG:acme.client:Storing nonce: 01026jzQT33R6ZLgvSeruef8LaA4mKkO9JpescaUOHPyw2Q 2021-12-04 14:23:07,979:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "example.com"\n },\n {\n "type": "dns",\n "value": "www.example.com"\n }\n ]\n}' 2021-12-04 14:23:07,982:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMjZqelFUMzNSNlpMZ3ZTZXJ1ZWY4TGFBNG1La085SnBlc2NhVU9IUHl3MlEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "FSxvr15QwEpdXpeyDLAMO3883fmOVPQ7eD-TCNkXU9OAfMAiV5S2aPAErUE_Ns0n0RSjoAqO1XwWg3_HnZPjfPwOy30w3J469bruy3ky8AMZxxDKEllVIqvTuMifqW6UxNaf7JEGjcRb_WR359JG1bi08QzhvrtvTl8x4f_7pCx8x6SpLLKdNLUj7C5XDF78sv7_Z-p1cagxW0hh6Miksj9Dm3WcIhr6rhLZTIskqqa8hYNLEr0lavtpxTxpWn6m9DeXstW2tYQXLBqT10xT6YfkzTrevXw7xkuP88bXOGSY5SK7rVjBvhDYco39pAba5jMcJs2-c3S-OPVOYM64Pg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImV4YW1wbGUuY29tIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy5leGFtcGxlLmNvbSIKICAgIH0KICBdCn0" } 2021-12-04 14:23:08,380:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-04 14:23:08,381:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 04 Dec 2021 19:23:08 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44743143050 Replay-Nonce: 0102CgCRdtyCpicEFSj3nsuqziInVuSqtvmJcFOLse9X_z4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-11T19:23:08Z", "identifiers": [ { "type": "dns", "value": "example.com" }, { "type": "dns", "value": "www.example.com" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55451323230", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55451323240" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44743143050" } 2021-12-04 14:23:08,381:DEBUG:acme.client:Storing nonce: 0102CgCRdtyCpicEFSj3nsuqziInVuSqtvmJcFOLse9X_z4 2021-12-04 14:23:08,381:DEBUG:acme.client:JWS payload: b'' 2021-12-04 14:23:08,383:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55451323230: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMkNnQ1JkdHlDcGljRUZTajNuc3VxemlJblZ1U3F0dm1KY0ZPTHNlOVhfejQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDUxMzIzMjMwIn0", "signature": "Ff48kcvVXIdBhYjFHMgbFHlO2vVpDWAUnmJU7fFTgluvijIKBvtmq9nxS_ffqJIwHZWw0SkKkyjCsUVIPwq5x_bh0bMSGUYMqxD9OXM7dKGeYEREEwKVFCWGdjLN6IiIxXslCB36GbDEjiILelrIrX97Ad72q03htIltU92eGBWcUMKKiDnF7YJpFsjTpPMQLV0hsvpBoS49t1jj5S7RO0bMNwuS5paY5hcaFG2imbIV8XdRlSI8i-Cw0Duk6EctyTS6sJ7IMNh0Cx17yDzKypqpAAWricr6G6SGyJRpjnHh69nz-aiEFWagPHem5r2d3y-YSLedQG-sCJGlfliu2A", "payload": "" } 2021-12-04 14:23:08,471:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55451323230 HTTP/1.1" 200 792 2021-12-04 14:23:08,472:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 19:23:08 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101l4-NF6Gx-W105fu2zvsR0uy4xwvbIAtkFWa14_Eix6E X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "example.com" }, "status": "pending", "expires": "2021-12-11T19:23:08Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451323230/PEujmw", "token": "1I4BCWI6J-9aPPe_ujNGEjY03_g5kOdTIZoPgCv_fSc" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451323230/O637vw", "token": "1I4BCWI6J-9aPPe_ujNGEjY03_g5kOdTIZoPgCv_fSc" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451323230/bXwKgQ", "token": "1I4BCWI6J-9aPPe_ujNGEjY03_g5kOdTIZoPgCv_fSc" } ] } 2021-12-04 14:23:08,472:DEBUG:acme.client:Storing nonce: 0101l4-NF6Gx-W105fu2zvsR0uy4xwvbIAtkFWa14_Eix6E 2021-12-04 14:23:08,473:DEBUG:acme.client:JWS payload: b'' 2021-12-04 14:23:08,475:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55451323240: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMWw0LU5GNkd4LVcxMDVmdTJ6dnNSMHV5NHh3dmJJQXRrRldhMTRfRWl4NkUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDUxMzIzMjQwIn0", "signature": "Bu9LtaWD1OabPmNeFFBF6EJp-Ezc0Nx6S021FS4Rlz7ESUd6-MKJWCazENhRlXFbl36J1JPjhNiYQSYTAGtVM9kJA82mlOEdzVeDFMTLvnU73TVuijLrx8et6yTISVBx0UwgjChznqStjgMHWlAiEeLoeaKqsybjJCxbxSFjE75lui_PlKHXXR05s9puqMFFpu5UVC0oV5pr0CKNFJ4fZPm2juHtMQ0jGzN_hc8nYvHryO-glfSpRc534pfJVF1d0jRCC3alh3ctn5wEN7wepuhltk-ZbV8wWUrSYmdR5MCQLyB7UBc-73aeHcmpFLcGtxmsFRxp2c5gt1V-V9agOw", "payload": "" } 2021-12-04 14:23:08,635:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55451323240 HTTP/1.1" 200 796 2021-12-04 14:23:08,636:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 19:23:08 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102dZvkNgMOrxhK9brW5uIhy30khRb8wtham4IVaKZCbIc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.example.com" }, "status": "pending", "expires": "2021-12-11T19:23:08Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451323240/n9J_YA", "token": "kmmG3aBPw8Qc_azt3jCqbsp1TD2RXVgpZDDF06_JPdQ" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451323240/eKlZGw", "token": "kmmG3aBPw8Qc_azt3jCqbsp1TD2RXVgpZDDF06_JPdQ" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451323240/HZLTrQ", "token": "kmmG3aBPw8Qc_azt3jCqbsp1TD2RXVgpZDDF06_JPdQ" } ] } 2021-12-04 14:23:08,636:DEBUG:acme.client:Storing nonce: 0102dZvkNgMOrxhK9brW5uIhy30khRb8wtham4IVaKZCbIc 2021-12-04 14:23:08,637:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-04 14:23:08,637:INFO:certbot.auth_handler:http-01 challenge for example.com 2021-12-04 14:23:08,637:INFO:certbot.auth_handler:http-01 challenge for www.example.com 2021-12-04 14:23:08,681:INFO:certbot_nginx.http_01:Using default addresses 80 and [::]:80 for authentication. 2021-12-04 14:23:08,714:INFO:certbot_nginx.http_01:Using default addresses 80 and [::]:80 for authentication. 2021-12-04 14:23:08,716:DEBUG:certbot_nginx.http_01:Generated server block: [[['server'], [['listen', '80'], ['listen', '[::]:80'], ['server_name', 'example.com'], ['root', '/var/lib/letsencrypt/http_01_nonexistent'], [['location', '=', '/.well-known/acme-challenge/1I4BCWI6J-9aPPe_ujNGEjY03_g5kOdTIZoPgCv_fSc'], [['default_type', 'text/plain'], ['return', '200', '1I4BCWI6J-9aPPe_ujNGEjY03_g5kOdTIZoPgCv_fSc.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg']]]]], [['server'], [['listen', '80'], ['listen', '[::]:80'], ['server_name', 'www.example.com'], ['root', '/var/lib/letsencrypt/http_01_nonexistent'], [['location', '=', '/.well-known/acme-challenge/kmmG3aBPw8Qc_azt3jCqbsp1TD2RXVgpZDDF06_JPdQ'], [['default_type', 'text/plain'], ['return', '200', 'kmmG3aBPw8Qc_azt3jCqbsp1TD2RXVgpZDDF06_JPdQ.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg']]]]]] 2021-12-04 14:23:08,717:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-04 14:23:08,718:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-04 14:23:08,718:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-04 14:23:08,718:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-04 14:23:08,718:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-04 14:23:08,719:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-04 14:23:08,719:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-04 14:23:08,719:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-04 14:23:08,720:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-04 14:23:08,720:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-04 14:23:08,720:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-04 14:23:08,720:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-04 14:23:08,721:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-04 14:23:09,748:INFO:certbot.auth_handler:Waiting for verification... 2021-12-04 14:23:09,749:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 14:23:09,752:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451323230/PEujmw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMmRadmtOZ01PcnhoSzliclc1dUloeTMwa2hSYjh3dGhhbTRJVmFLWkNiSWMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1NDUxMzIzMjMwL1BFdWptdyJ9", "signature": "mpqF-pMXI0r0VRs1LrHvGh-Z9OtekAln1JmfzrzOTurtHe8TojIfcOPhFDunkKBvP2dL0e7MnvTpYeWdWdwRO1O1hYVv7hXj3xgXriiSfw5deRy3PlBIEbClYmlodk0fVb4lOQMiqCJh2fkY1eqHsHSD8fxaePE41kxyxFfIaM54C2oK6SeYIODPjqlJl833RwtYhHEVpc7IkP4RpZa5LXMQi5_d9eDaXOpESRJzi2Ug2UFR92KGgwpL5foPUZQRt8D0Mx_cQh5ElHe-hb8TFumG1_ddgJ1xG4oakHxiJQ4gq5DlWaYaP8mtk-JYA8afjXjFgdYDzARf4nx3yTvXLA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 14:23:09,873:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55451323230/PEujmw HTTP/1.1" 200 186 2021-12-04 14:23:09,874:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 19:23:09 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451323230/PEujmw Replay-Nonce: 01016S9wR1zReFDK4CeXLZFpVlyGubFDkNTXyz79UfKlQNw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451323230/PEujmw", "token": "1I4BCWI6J-9aPPe_ujNGEjY03_g5kOdTIZoPgCv_fSc" } 2021-12-04 14:23:09,874:DEBUG:acme.client:Storing nonce: 01016S9wR1zReFDK4CeXLZFpVlyGubFDkNTXyz79UfKlQNw 2021-12-04 14:23:09,875:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 14:23:09,877:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451323240/n9J_YA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMTZTOXdSMXpSZUZESzRDZVhMWkZwVmx5R3ViRkRrTlRYeXo3OVVmS2xRTnciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1NDUxMzIzMjQwL245Sl9ZQSJ9", "signature": "IJWzFv50suyPyiYKpumQJ3Tcx4XVZq5IYukSHVQ2KhZLU9uDYbyu0n3NA1qrqsjrRRc0uaYmdrh6YiJwrDSOPjebEC4EBZwq1Z5V_tlR_5VPS24NvZJwW_Icrft_rQgIGJFYypVMGH42VXG97fpM2Pppul3N4IKAdRrL4L-eanaN9pcTSBg5ZtaBdRMaZrcYIe6Tuyikk_b6zbRi3yZKXI2KdtTKKUJcjklQfNoolZ4kBbfHPVq7hxAETvORj6vt5VGT6BRDO0WNZS78GwSaFQd2AKzKk0EFBY6q3Z5NsLNdKYB0R5abAf2iv_xH_ft96z9WAwPEhLLmMIOL7t-kVg", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 14:23:09,996:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55451323240/n9J_YA HTTP/1.1" 200 186 2021-12-04 14:23:09,997:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 19:23:09 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451323240/n9J_YA Replay-Nonce: 0101LioXUjBts3NguAVspVq4O5fTIrCRrqGiGX75k0QHiYk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451323240/n9J_YA", "token": "kmmG3aBPw8Qc_azt3jCqbsp1TD2RXVgpZDDF06_JPdQ" } 2021-12-04 14:23:09,997:DEBUG:acme.client:Storing nonce: 0101LioXUjBts3NguAVspVq4O5fTIrCRrqGiGX75k0QHiYk 2021-12-04 14:23:10,999:DEBUG:acme.client:JWS payload: b'' 2021-12-04 14:23:11,001:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55451323230: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMUxpb1hVakJ0czNOZ3VBVnNwVnE0TzVmVElyQ1JycUdpR1g3NWswUUhpWWsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDUxMzIzMjMwIn0", "signature": "eJxRtSz7YJtE-ipopC16YnjmDzBBSimWxhC-Ebquugv-UH7qndeMSXxc-KmOF_AlzktTpg9-o3MzOVIQvX4rh4RGsQzxaE0vBivTOjY8_81Ipu3jnrGxN77X20kd_13cn-B9nRvWUqy0nNjIkHQV6k3wwWz6wsl5TVfp4gI8hDrNdhE5_ltl_ITPOa7Q1JzBWts8Pb4W3I09uIwErW661er7PIesdSjweTPR-FroYMo3asJXUeuenwVFS5VIdv42gI62jQRgB4U8zsHTY7EZu78xMn7V5OA2s6cQV_rPbzxFfnDlFyi6mfrDgJBaiCWy65L0QzRWPsp0U5AmzbwMbQ", "payload": "" } 2021-12-04 14:23:11,083:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55451323230 HTTP/1.1" 200 1319 2021-12-04 14:23:11,084:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 19:23:11 GMT Content-Type: application/json Content-Length: 1319 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101THAGbRqiVjG5fV4VgdAtRFO1Jt6Pe-UjcV2CBs_xaog X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "example.com" }, "status": "invalid", "expires": "2021-12-11T19:23:08Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from http://example.com/.well-known/acme-challenge/1I4BCWI6J-9aPPe_ujNGEjY03_g5kOdTIZoPgCv_fSc [2606:2800:220:1:248:1893:25c8:1946]: \"\u003c!doctype html\u003e\\n\u003chtml\u003e\\n\u003chead\u003e\\n \u003ctitle\u003eExample Domain\u003c/title\u003e\\n\\n \u003cmeta charset=\\\"utf-8\\\" /\u003e\\n \u003cmeta http-equiv=\\\"Content-type\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451323230/PEujmw", "token": "1I4BCWI6J-9aPPe_ujNGEjY03_g5kOdTIZoPgCv_fSc", "validationRecord": [ { "url": "http://example.com/.well-known/acme-challenge/1I4BCWI6J-9aPPe_ujNGEjY03_g5kOdTIZoPgCv_fSc", "hostname": "example.com", "port": "80", "addressesResolved": [ "93.184.216.34", "2606:2800:220:1:248:1893:25c8:1946" ], "addressUsed": "2606:2800:220:1:248:1893:25c8:1946" } ], "validated": "2021-12-04T19:23:09Z" } ] } 2021-12-04 14:23:11,084:DEBUG:acme.client:Storing nonce: 0101THAGbRqiVjG5fV4VgdAtRFO1Jt6Pe-UjcV2CBs_xaog 2021-12-04 14:23:11,085:DEBUG:acme.client:JWS payload: b'' 2021-12-04 14:23:11,087:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55451323240: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMVRIQUdiUnFpVmpHNWZWNFZnZEF0UkZPMUp0NlBlLVVqY1YyQ0JzX3hhb2ciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDUxMzIzMjQwIn0", "signature": "NJag7w4A6UFmxobdCJAr470XqK7kD9GpgVQs2lKbII5cWXV_J66tBsldvvCZ-LueOh7UfQxzePUGZfazD0VQ7UUNtePqTNj9oN_U00mEFv88TlSm3Pcke4iu78JGm-PzEd80n26SpHtiyz3ffwx6x1zv0C21tBPbTmIRx9BLmq7bgXi3nt32gAu4AfDIxZ00Q3eM1BO7r8WkOrmwwCHI-30NngSyT0jCEEHCLnKA6PJVP8u4UCpRqNIexXZyALnx5Y9bJ4ckJIoOUBkRWY0ln53YBWr2oBKI0xKsg9hrAUScqNplhJ1nNWpgczbhS9iQ0CGg3VFhfQ41MVo9t2XGyg", "payload": "" } 2021-12-04 14:23:11,174:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55451323240 HTTP/1.1" 200 1335 2021-12-04 14:23:11,175:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 19:23:11 GMT Content-Type: application/json Content-Length: 1335 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102TVRT9HNruNQg8tjkmhH6T31WUo_KmYkqf2zBaZSuEwg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.example.com" }, "status": "invalid", "expires": "2021-12-11T19:23:08Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from http://www.example.com/.well-known/acme-challenge/kmmG3aBPw8Qc_azt3jCqbsp1TD2RXVgpZDDF06_JPdQ [2606:2800:220:1:248:1893:25c8:1946]: \"\u003c!doctype html\u003e\\n\u003chtml\u003e\\n\u003chead\u003e\\n \u003ctitle\u003eExample Domain\u003c/title\u003e\\n\\n \u003cmeta charset=\\\"utf-8\\\" /\u003e\\n \u003cmeta http-equiv=\\\"Content-type\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451323240/n9J_YA", "token": "kmmG3aBPw8Qc_azt3jCqbsp1TD2RXVgpZDDF06_JPdQ", "validationRecord": [ { "url": "http://www.example.com/.well-known/acme-challenge/kmmG3aBPw8Qc_azt3jCqbsp1TD2RXVgpZDDF06_JPdQ", "hostname": "www.example.com", "port": "80", "addressesResolved": [ "93.184.216.34", "2606:2800:220:1:248:1893:25c8:1946" ], "addressUsed": "2606:2800:220:1:248:1893:25c8:1946" } ], "validated": "2021-12-04T19:23:09Z" } ] } 2021-12-04 14:23:11,175:DEBUG:acme.client:Storing nonce: 0102TVRT9HNruNQg8tjkmhH6T31WUo_KmYkqf2zBaZSuEwg 2021-12-04 14:23:11,176:WARNING:certbot.auth_handler:Challenge failed for domain example.com 2021-12-04 14:23:11,176:WARNING:certbot.auth_handler:Challenge failed for domain www.example.com 2021-12-04 14:23:11,176:INFO:certbot.auth_handler:http-01 challenge for example.com 2021-12-04 14:23:11,176:INFO:certbot.auth_handler:http-01 challenge for www.example.com 2021-12-04 14:23:11,177:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: example.com Type: unauthorized Detail: Invalid response from http://example.com/.well-known/acme-challenge/1I4BCWI6J-9aPPe_ujNGEjY03_g5kOdTIZoPgCv_fSc [2606:2800:220:1:248:1893:25c8:1946]: "\n\n\n Example Domain\n\n \n \n\n\n Example Domain\n\n \n load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1132, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/lib/python3/dist-packages/certbot/main.py", line 121, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/lib/python3/dist-packages/certbot/client.py", line 417, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/lib/python3/dist-packages/certbot/client.py", line 348, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/client.py", line 396, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-12-04 14:23:37,817:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-04 14:23:37,817:DEBUG:certbot.main:Arguments: ['--nginx', '-d', 'whatbank.com', '-d', 'www.whatbank.com'] 2021-12-04 14:23:37,818:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-04 14:23:37,828:DEBUG:certbot.log:Root logging level set at 20 2021-12-04 14:23:37,828:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-04 14:23:37,829:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-12-04 14:23:38,075:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-04 14:23:38,076:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-04 14:23:38,076:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-04 14:23:38,081:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-04 14:23:38,082:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-04 14:23:38,084:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-04 14:23:38,201:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-04 14:23:38,202:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 19:23:38 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "Jn-hPfL4Xxk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-04 14:23:38,213:INFO:certbot.main:Obtaining a new certificate 2021-12-04 14:23:38,273:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0511_key-certbot.pem 2021-12-04 14:23:38,280:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0511_csr-certbot.pem 2021-12-04 14:23:38,280:DEBUG:acme.client:Requesting fresh nonce 2021-12-04 14:23:38,280:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-04 14:23:38,318:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-04 14:23:38,319:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 19:23:38 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01024aYKnUrii6RqufnYvGrSLfHeljMjB-yDFtHZj8DgvqQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-04 14:23:38,319:DEBUG:acme.client:Storing nonce: 01024aYKnUrii6RqufnYvGrSLfHeljMjB-yDFtHZj8DgvqQ 2021-12-04 14:23:38,320:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.com"\n },\n {\n "type": "dns",\n "value": "www.whatbank.com"\n }\n ]\n}' 2021-12-04 14:23:38,322:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMjRhWUtuVXJpaTZScXVmbll2R3JTTGZIZWxqTWpCLXlERnRIWmo4RGd2cVEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "iXycnHG9MNi5-RwaIx6-44BOS69wdzwyqplbhMEHQnOTxJ27x2z4Vqk3P8vIPM1LgrQXIVOUJIwdSd6BtpNsIduX13Euergz2STfu9lmwuyR2_2K1-Y4ppgpJYZqzM0qsf0eW_ZWkmAVMRZeTpWON9zXNqhv5uoN-9q6qhtb46oEjuPMMFh6hIVr4Ha7J8WRCnm2MP1cqEtkzphxis54fGKEyJW1OzZTh7ggyUjbnSWP46eGHD0IrQBwzW3q-UVHVevbSM8oVrN9-3SGNSYv9aDQazckt3e-cGFnOqYzddLkczlWXGSH7t2VvNkG1_a53xsazGEzkVIjhWI4IUE69w", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNvbSIKICAgIH0sCiAgICB7CiAgICAgICJ0eXBlIjogImRucyIsCiAgICAgICJ2YWx1ZSI6ICJ3d3cud2hhdGJhbmsuY29tIgogICAgfQogIF0KfQ" } 2021-12-04 14:23:38,915:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 472 2021-12-04 14:23:38,916:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 04 Dec 2021 19:23:38 GMT Content-Type: application/json Content-Length: 472 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44743231210 Replay-Nonce: 01020HRaCwBScSM8cGQjjarUYq5GLR4sP81aJiFJhi7tBGI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-11T19:23:38Z", "identifiers": [ { "type": "dns", "value": "whatbank.com" }, { "type": "dns", "value": "www.whatbank.com" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55451426930", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55451426940" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44743231210" } 2021-12-04 14:23:38,916:DEBUG:acme.client:Storing nonce: 01020HRaCwBScSM8cGQjjarUYq5GLR4sP81aJiFJhi7tBGI 2021-12-04 14:23:38,917:DEBUG:acme.client:JWS payload: b'' 2021-12-04 14:23:38,919:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55451426930: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMjBIUmFDd0JTY1NNOGNHUWpqYXJVWXE1R0xSNHNQODFhSmlGSmhpN3RCR0kiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDUxNDI2OTMwIn0", "signature": "NBot1UqaRnSqzEmuTEPykEUGfCjaO9K6nA8FPNwuae1u0VKyw1kC-gc6IsklDCnwehpH2tnzlogsCwADJr9iL4vSSlCaC3OFmavkT29gAa5a9TAFhlHkg93iAE8ugejxRV0w1Y3XuUCK7FUvjxCSxkBLu1vDeU98t0sofazBwxre8K2Bgtd_oGBlehAJoaGqa33YB1bO8xfe-WMKqVRdkcXY-tm0a68RPMSUJ31wQdJCDWVJTBpJaZbuwO69nNMnAD7eAAEW-apekFU-07S9G4yZ3py5lWvhvBL8dueUtQEoVFfGqyE2U_YWn9I2fxGfg82yk-l9TI7oCGCS1MX_xQ", "payload": "" } 2021-12-04 14:23:38,992:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55451426930 HTTP/1.1" 200 793 2021-12-04 14:23:38,993:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 19:23:38 GMT Content-Type: application/json Content-Length: 793 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101vUB3JOrK07wWjALhIQRKTNsxNFzKPd3UnTzaE5fPcPE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.com" }, "status": "pending", "expires": "2021-12-11T19:23:38Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451426930/fZlZfg", "token": "An_P4BoUyDGHEZPUqJ-2neYW1N4ygq3mn1Li5QHpW1I" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451426930/M26TkQ", "token": "An_P4BoUyDGHEZPUqJ-2neYW1N4ygq3mn1Li5QHpW1I" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451426930/Zyl0cg", "token": "An_P4BoUyDGHEZPUqJ-2neYW1N4ygq3mn1Li5QHpW1I" } ] } 2021-12-04 14:23:38,993:DEBUG:acme.client:Storing nonce: 0101vUB3JOrK07wWjALhIQRKTNsxNFzKPd3UnTzaE5fPcPE 2021-12-04 14:23:38,994:DEBUG:acme.client:JWS payload: b'' 2021-12-04 14:23:38,995:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55451426940: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMXZVQjNKT3JLMDd3V2pBTGhJUVJLVE5zeE5GektQZDNVblR6YUU1ZlBjUEUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDUxNDI2OTQwIn0", "signature": "SUu9mQAE95KK_6vQmE6gw-_UYk8ef3dAF3qb7yJpwheAWnVrPlDBaq6weqsBZ2UOmqD7AGS3WEp1SNJ4jJfj7rCj8fH9oHImKEHAw6nQpmUL3AlRPJqhE-_oE-kvSgFXd61yNgkqGd8AysmR1KWIwGHgIabG1cQaqdioyhEXdKpNow3-IGHbOFCRXcn4L9hTE88CIqfMxJ8vbbjI4Fv0wuo9ZQYA619w4HhTIHuvSD4y3BU6YNd0EbfB5ysLfv4_xySXm5W0HlsuJQLZKdLbOIrYTFYxmt-lmdFeCH2zVWpWi0kL93m8zQflF_4QDCVIHQfQqK390iPfeJmQHB1qmA", "payload": "" } 2021-12-04 14:23:39,082:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55451426940 HTTP/1.1" 200 797 2021-12-04 14:23:39,083:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 19:23:39 GMT Content-Type: application/json Content-Length: 797 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101fdwYDFlT5G_kpYgd0zvesLu45leZ1MTLvw0B-D5J0-8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.com" }, "status": "pending", "expires": "2021-12-11T19:23:38Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451426940/gF5X3g", "token": "PU6lKYrporuLu-uq9cXV2ZPzg9s3Pd38U5f830YjEv8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451426940/-4xF6Q", "token": "PU6lKYrporuLu-uq9cXV2ZPzg9s3Pd38U5f830YjEv8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451426940/A4JZEg", "token": "PU6lKYrporuLu-uq9cXV2ZPzg9s3Pd38U5f830YjEv8" } ] } 2021-12-04 14:23:39,083:DEBUG:acme.client:Storing nonce: 0101fdwYDFlT5G_kpYgd0zvesLu45leZ1MTLvw0B-D5J0-8 2021-12-04 14:23:39,084:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-04 14:23:39,084:INFO:certbot.auth_handler:http-01 challenge for whatbank.com 2021-12-04 14:23:39,085:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.com 2021-12-04 14:23:39,128:INFO:certbot_nginx.http_01:Using default addresses 80 and [::]:80 for authentication. 2021-12-04 14:23:39,164:INFO:certbot_nginx.http_01:Using default addresses 80 and [::]:80 for authentication. 2021-12-04 14:23:39,166:DEBUG:certbot_nginx.http_01:Generated server block: [[['server'], [['listen', '80'], ['listen', '[::]:80'], ['server_name', 'whatbank.com'], ['root', '/var/lib/letsencrypt/http_01_nonexistent'], [['location', '=', '/.well-known/acme-challenge/An_P4BoUyDGHEZPUqJ-2neYW1N4ygq3mn1Li5QHpW1I'], [['default_type', 'text/plain'], ['return', '200', 'An_P4BoUyDGHEZPUqJ-2neYW1N4ygq3mn1Li5QHpW1I.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg']]]]], [['server'], [['listen', '80'], ['listen', '[::]:80'], ['server_name', 'www.whatbank.com'], ['root', '/var/lib/letsencrypt/http_01_nonexistent'], [['location', '=', '/.well-known/acme-challenge/PU6lKYrporuLu-uq9cXV2ZPzg9s3Pd38U5f830YjEv8'], [['default_type', 'text/plain'], ['return', '200', 'PU6lKYrporuLu-uq9cXV2ZPzg9s3Pd38U5f830YjEv8.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg']]]]]] 2021-12-04 14:23:39,167:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-04 14:23:39,167:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-04 14:23:39,168:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-04 14:23:39,168:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-04 14:23:39,168:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-04 14:23:39,168:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-04 14:23:39,169:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-04 14:23:39,169:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-04 14:23:39,169:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-04 14:23:39,169:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-04 14:23:39,170:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-04 14:23:39,170:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-04 14:23:39,171:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-04 14:23:40,203:INFO:certbot.auth_handler:Waiting for verification... 2021-12-04 14:23:40,205:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 14:23:40,207:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451426930/fZlZfg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMWZkd1lERmxUNUdfa3BZZ2QwenZlc0x1NDVsZVoxTVRMdncwQi1ENUowLTgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1NDUxNDI2OTMwL2ZabFpmZyJ9", "signature": "IEsIsp7oqwY7p5Fpq1U0l2Hbt06lZu0lXjJS6l_efohpNk_s0pyuETz7bIFZ-r9bRk2rqUan0tWzJpyr5mjcAFqugOfqb0UAu6w1hRDpmHfTersEEVhGz9mJwnD2mph0fOknllzKObKtssMofhDyjCTFxpve4FBZX8gjPHHNcMIh8utoJPsAakaYrgOzjrFRxWhqiigj0UPNoPRo6qBOqUZRpktfaH1bnib7o921IlCn_zU80V4O6rQTNUOuPLNvu39wcB3_yxOYsF3YptBtYPnli65OApoa74S8hvXACgH05v1xzwSAqlDgRGtJraUEFm9oxyUuLqoJ4koDadlbGg", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 14:23:40,303:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55451426930/fZlZfg HTTP/1.1" 200 186 2021-12-04 14:23:40,304:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 19:23:40 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451426930/fZlZfg Replay-Nonce: 0102lytm_V3cO36QIzzgp9HKPkNDWGuNek8gvjEDinSUYjo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451426930/fZlZfg", "token": "An_P4BoUyDGHEZPUqJ-2neYW1N4ygq3mn1Li5QHpW1I" } 2021-12-04 14:23:40,304:DEBUG:acme.client:Storing nonce: 0102lytm_V3cO36QIzzgp9HKPkNDWGuNek8gvjEDinSUYjo 2021-12-04 14:23:40,305:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 14:23:40,307:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451426940/gF5X3g: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMmx5dG1fVjNjTzM2UUl6emdwOUhLUGtORFdHdU5lazhndmpFRGluU1VZam8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1NDUxNDI2OTQwL2dGNVgzZyJ9", "signature": "UTcicd01KK0fCQ14rP6SLjZNyLWnhkhEmK454Y_mejjBLS7tiTmVUlbLpADhvMfaLFvpu-Un8uTKjAnukdBULT7aaNbJkv7yxgWsEpRdYvrYafj1QBtE-NXLCNGWAyRSCVaTya7_9MmAEuUxL2kxP2ZG0hIh13lgtFl1aXpUy5pZkqA4E81-q3xNVN9XcQt4CmiwpnH45-TniMLJwlj8EKkZtNcq61c6Q7-ey8ZbKlsHkSX462q7bdUW0v19nT24v7RFxjMti_RoeDbQxcBBV-THT8AQCwrAwuYAeOsT_65bRHb7pzuuZuOmm9vjJuHPOQ7edCGvhnvgGIeYd8Z2dQ", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 14:23:40,402:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55451426940/gF5X3g HTTP/1.1" 200 186 2021-12-04 14:23:40,403:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 19:23:40 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451426940/gF5X3g Replay-Nonce: 01022sNQCQ3OvIMgE2PHspLY-i5-XrPM4m6yNSA8HYKUJSg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451426940/gF5X3g", "token": "PU6lKYrporuLu-uq9cXV2ZPzg9s3Pd38U5f830YjEv8" } 2021-12-04 14:23:40,403:DEBUG:acme.client:Storing nonce: 01022sNQCQ3OvIMgE2PHspLY-i5-XrPM4m6yNSA8HYKUJSg 2021-12-04 14:23:41,405:DEBUG:acme.client:JWS payload: b'' 2021-12-04 14:23:41,407:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55451426930: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMjJzTlFDUTNPdklNZ0UyUEhzcExZLWk1LVhyUE00bTZ5TlNBOEhZS1VKU2ciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDUxNDI2OTMwIn0", "signature": "d6uMTDIK0r2bhNVCFKw7Q45bk7pTYJHuxjYPqHoAY-kGzqfVVKV7qUgbi18jgC1XQsn0ppyXIfN5b3jef5lBQVG6jx5cWHmEb1NQoMLr7zw7dIk5V4fmE-_ZeGEF3rFhUO3HLG8lWhg76a7JUE-60se7hHzVmb4utXizSvxtaD_h-KJfIl0PBBjCivQByqelvxkZPZyMujQ3E7F82KCCof_1NXb9xagtRsZLShkOEPu1IhM74tVp_wGTwIWb3NeMKMEGfLdIZzYHGNX33PUifGArqPZcDBQyl4-ldPULeut6JZLsDPb_yseT0AMUxiqMmydaMGVkwnn-0QXZKGzseA", "payload": "" } 2021-12-04 14:23:41,481:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55451426930 HTTP/1.1" 200 1166 2021-12-04 14:23:41,482:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 19:23:41 GMT Content-Type: application/json Content-Length: 1166 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102nlHWXMHTnq6im1Hu9ydr8Zi5QM4tK7WHPHDx0IUyjqs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.com" }, "status": "invalid", "expires": "2021-12-11T19:23:38Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from http://whatbank.com/.well-known/acme-challenge/An_P4BoUyDGHEZPUqJ-2neYW1N4ygq3mn1Li5QHpW1I [64.190.62.111]: \"\u003c!DOCTYPE html\u003e\u003chtml lang=\\\"en\\\" data-adblockkey=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXW\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451426930/fZlZfg", "token": "An_P4BoUyDGHEZPUqJ-2neYW1N4ygq3mn1Li5QHpW1I", "validationRecord": [ { "url": "http://whatbank.com/.well-known/acme-challenge/An_P4BoUyDGHEZPUqJ-2neYW1N4ygq3mn1Li5QHpW1I", "hostname": "whatbank.com", "port": "80", "addressesResolved": [ "64.190.62.111" ], "addressUsed": "64.190.62.111" } ], "validated": "2021-12-04T19:23:40Z" } ] } 2021-12-04 14:23:41,482:DEBUG:acme.client:Storing nonce: 0102nlHWXMHTnq6im1Hu9ydr8Zi5QM4tK7WHPHDx0IUyjqs 2021-12-04 14:23:41,482:DEBUG:acme.client:JWS payload: b'' 2021-12-04 14:23:41,484:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55451426940: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMm5sSFdYTUhUbnE2aW0xSHU5eWRyOFppNVFNNHRLN1dIUEhEeDBJVXlqcXMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDUxNDI2OTQwIn0", "signature": "ivXrtSdobiTspZ55NsBebZq-vIAF9Rd7Mf9vKvwtj36FA_MJNAAZfnLm9XXQleuuRtjoL1sNReQcJNreyPodl6uOEvg4dz2JB52YkO0SLgWhZCvX0cfXYbCePTJYLzJkud7MFIZDXgG0OtRwQ-W6D45KBVbRyQ2zpUGo7b-oKCTKtzvTDm--1qfF3JCGdRjH7bo89ZgZA-tjPf_NbVsFvtSBjatLHxF7VAIgDWAyIj7KqMl5B8ZSBm8_C4cTM30aydSCiDjXM3ykTSDPvKna8wnGxYlp6hxjfrVn7P27EG9DO0un9EHegRbzEy3nmfQRTpFKGv05Mxuh2LDRF24aXQ", "payload": "" } 2021-12-04 14:23:41,559:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55451426940 HTTP/1.1" 200 1182 2021-12-04 14:23:41,560:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 19:23:41 GMT Content-Type: application/json Content-Length: 1182 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01016Kiuz6nnKVoBe3jmea8DCxnrf3sM59J79LD9gwGI8j0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.com" }, "status": "invalid", "expires": "2021-12-11T19:23:38Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from http://www.whatbank.com/.well-known/acme-challenge/PU6lKYrporuLu-uq9cXV2ZPzg9s3Pd38U5f830YjEv8 [64.190.62.111]: \"\u003c!DOCTYPE html\u003e\u003chtml lang=\\\"en\\\" data-adblockkey=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXW\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55451426940/gF5X3g", "token": "PU6lKYrporuLu-uq9cXV2ZPzg9s3Pd38U5f830YjEv8", "validationRecord": [ { "url": "http://www.whatbank.com/.well-known/acme-challenge/PU6lKYrporuLu-uq9cXV2ZPzg9s3Pd38U5f830YjEv8", "hostname": "www.whatbank.com", "port": "80", "addressesResolved": [ "64.190.62.111" ], "addressUsed": "64.190.62.111" } ], "validated": "2021-12-04T19:23:40Z" } ] } 2021-12-04 14:23:41,561:DEBUG:acme.client:Storing nonce: 01016Kiuz6nnKVoBe3jmea8DCxnrf3sM59J79LD9gwGI8j0 2021-12-04 14:23:41,561:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.com 2021-12-04 14:23:41,561:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.com 2021-12-04 14:23:41,562:INFO:certbot.auth_handler:http-01 challenge for whatbank.com 2021-12-04 14:23:41,562:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.com 2021-12-04 14:23:41,562:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.com Type: unauthorized Detail: Invalid response from http://whatbank.com/.well-known/acme-challenge/An_P4BoUyDGHEZPUqJ-2neYW1N4ygq3mn1Li5QHpW1I [64.190.62.111]: " load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1132, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/lib/python3/dist-packages/certbot/main.py", line 121, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/lib/python3/dist-packages/certbot/client.py", line 417, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/lib/python3/dist-packages/certbot/client.py", line 348, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/client.py", line 396, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-12-04 15:06:31,962:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-04 15:06:31,962:DEBUG:certbot.main:Arguments: ['-q'] 2021-12-04 15:06:31,963:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-04 15:06:31,972:DEBUG:certbot.log:Root logging level set at 30 2021-12-04 15:06:31,973:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-04 15:06:31,981:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2021-12-04 15:06:31,990:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 15:06:31,991:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 15:06:31,992:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 15:06:31,995:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 15:06:31,996:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 15:06:31,996:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 15:06:32,000:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 15:06:32,001:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 15:06:32,001:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 15:06:32,004:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 15:06:32,005:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 15:06:32,006:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 15:06:32,010:INFO:certbot.renewal:Cert not yet due for renewal 2021-12-04 15:06:32,011:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer nginx 2021-12-04 15:06:32,011:DEBUG:certbot.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: 2021-12-04 15:06:32,014:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 23:08:15 UTC. 2021-12-04 15:06:32,014:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-04 15:06:32,014:INFO:certbot.renewal:Non-interactive renewal: random delay of 441.78055956920923 seconds 2021-12-04 15:13:53,859:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-12-04 15:13:54,143:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-04 15:13:54,144:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-04 15:13:54,144:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-04 15:13:54,144:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-04 15:13:54,148:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-04 15:13:54,150:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-04 15:13:54,152:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-04 15:13:54,306:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-04 15:13:54,307:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:13:54 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "2AfE0k_c1RY": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-04 15:13:54,307:INFO:certbot.main:Renewing an existing certificate 2021-12-04 15:13:54,463:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0512_key-certbot.pem 2021-12-04 15:13:54,471:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0512_csr-certbot.pem 2021-12-04 15:13:54,472:DEBUG:acme.client:Requesting fresh nonce 2021-12-04 15:13:54,472:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-04 15:13:54,523:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-04 15:13:54,523:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:13:54 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00023dPzHdX3Nqq6NrbLBGHGndLeto6N1jmuBMGPa7MwUq4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-04 15:13:54,524:DEBUG:acme.client:Storing nonce: 00023dPzHdX3Nqq6NrbLBGHGndLeto6N1jmuBMGPa7MwUq4 2021-12-04 15:13:54,524:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n }\n ]\n}' 2021-12-04 15:13:54,527:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjNkUHpIZFgzTnFxNk5yYkxCR0hHbmRMZXRvNk4xam11Qk1HUGE3TXdVcTQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "KoeMHwX7mWPwZrA9SBQeQIUAEL_lkhvd3EP8m7eZQp8oUBSpBXWf6TBafZyqpIAhSkMA7MgdBW7C8yZ6SUPKDnRkNrg-p_qOmKe9GiEPssevPc3JeqYTvzwnIqaBGYt6q3FFREDD1LO4Wo8MihQgwSSveVWWwwVu8sEH928CEInpZl6Yy2wQh1x-ckRPA_CXBcXhK-groxyEHcPOQLj5R75S3AirnEm0RuU4XXswQcikdvAWkpe88FzSQliQaoUCTNAo3jdJRNA1fh9t-PDO3_gwUG8bK3r6ty-khbBjcWfdRg9bOWkdlfs6nkKdlG2npFhiXsY52moQv4_M0ENFEA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfQogIF0KfQ" } 2021-12-04 15:13:54,932:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 333 2021-12-04 15:13:54,933:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 04 Dec 2021 20:13:54 GMT Content-Type: application/json Content-Length: 333 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44751807450 Replay-Nonce: 0001ywf6yLjH5fsRa375i-ZnttVJRI6Jt1YxAaL4Ry2wjBE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-11T20:13:54Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55461648660" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44751807450" } 2021-12-04 15:13:54,933:DEBUG:acme.client:Storing nonce: 0001ywf6yLjH5fsRa375i-ZnttVJRI6Jt1YxAaL4Ry2wjBE 2021-12-04 15:13:54,934:DEBUG:acme.client:JWS payload: b'' 2021-12-04 15:13:54,936:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55461648660: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXl3ZjZ5TGpINWZzUmEzNzVpLVpudHRWSlJJNkp0MVl4QWFMNFJ5MndqQkUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDYxNjQ4NjYwIn0", "signature": "BSCYeenLzbgqvfnhQvygmGnajf2tMxdGTiPWogWHZDSFa-MtpLi-Ny9cXRYDUfjLVvX8eHPomCcVaVSFSPZdOEQVPxhm3qMGEPTZEnuMnIYojAWqQ3wKIoYroCtVg2BJZFvzqVRipxuLCTWqSINir4n6Ba7HXhjzompRFrbnf5SR-7tUi1s8AhpEz18luk9cRQgeujwjW4zQn5G6qYLtlODDviDII2hOlTg4wshwWeXHq80hi2ecw27h_odfNlU_vS_ZGOMJbaEmfBVlaB7rAmGFuSJey0C9Nt_fGsqGGADKdRNDlKrRqoD1zGrxoljJAGXODAFXgGWwcQyxCAVv4Q", "payload": "" } 2021-12-04 15:13:54,996:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55461648660 HTTP/1.1" 200 792 2021-12-04 15:13:54,997:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:13:54 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002vco686zEUJVyea5QRM0v5DT91LGaNaBlSyw6jBoMDXk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T20:13:54Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461648660/DkbIoQ", "token": "CsVUEbbQ2FqMsSnnZnJNyySuKJhh6ENDUjZYbDscgnI" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461648660/IO7qjA", "token": "CsVUEbbQ2FqMsSnnZnJNyySuKJhh6ENDUjZYbDscgnI" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461648660/ez35rw", "token": "CsVUEbbQ2FqMsSnnZnJNyySuKJhh6ENDUjZYbDscgnI" } ] } 2021-12-04 15:13:54,997:DEBUG:acme.client:Storing nonce: 0002vco686zEUJVyea5QRM0v5DT91LGaNaBlSyw6jBoMDXk 2021-12-04 15:13:54,998:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-04 15:13:54,998:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 15:13:55,028:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-04 15:13:55,028:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-04 15:13:55,029:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-04 15:13:55,029:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-04 15:13:55,029:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-04 15:13:55,030:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-04 15:13:55,030:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-04 15:13:55,030:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-04 15:13:55,030:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-04 15:13:55,031:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-04 15:13:55,031:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-04 15:13:55,031:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-04 15:13:55,031:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-04 15:13:55,032:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-04 15:13:55,034:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/CsVUEbbQ2FqMsSnnZnJNyySuKJhh6ENDUjZYbDscgnI{default_type text/plain;return 200 CsVUEbbQ2FqMsSnnZnJNyySuKJhh6ENDUjZYbDscgnI.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-04 15:13:56,059:INFO:certbot.auth_handler:Waiting for verification... 2021-12-04 15:13:56,060:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 15:13:56,062:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461648660/DkbIoQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMnZjbzY4NnpFVUpWeWVhNVFSTTB2NURUOTFMR2FOYUJsU3l3NmpCb01EWGsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1NDYxNjQ4NjYwL0RrYklvUSJ9", "signature": "BStB7viqIiVHOXryGX9cP_7CqmuxhHaWYFHqppp8asOn9I5XKRIIjVi6jgpzzrsvo0ILCjVaK51kBQkJ3Lt7nUyBSzOrXlAVmNUkgE0vEy6NFRsjURdhJg-5KgJp7cJlWYG3oDEtQjEgzGoTMJHJRx64uHiN4uBYMFhiMDhtUclDiwa4kd3X5v80CEGlzh0_BWJauaz_Kifbrmxs1u5S1yOoh-tJuuykFg4RTfUxOPwV8k0ByamOGunBWlPf7-_2dZrWDHrCd0KcY6DxlsJ1IQz11Kqb2w_r8vsTAPw8-jFs65SLcL6uofR6fS_rkfnZAAMjRDz_8Ji-sLNRYNCGig", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 15:13:57,102:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55461648660/DkbIoQ HTTP/1.1" 200 186 2021-12-04 15:13:57,103:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:13:57 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461648660/DkbIoQ Replay-Nonce: 0001XDV027UYBuv5ykFI5H3RysUn9UgRY3S8oCOinTyI3pQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461648660/DkbIoQ", "token": "CsVUEbbQ2FqMsSnnZnJNyySuKJhh6ENDUjZYbDscgnI" } 2021-12-04 15:13:57,103:DEBUG:acme.client:Storing nonce: 0001XDV027UYBuv5ykFI5H3RysUn9UgRY3S8oCOinTyI3pQ 2021-12-04 15:13:58,105:DEBUG:acme.client:JWS payload: b'' 2021-12-04 15:13:58,107:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55461648660: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMVhEVjAyN1VZQnV2NXlrRkk1SDNSeXNVbjlVZ1JZM1M4b0NPaW5UeUkzcFEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDYxNjQ4NjYwIn0", "signature": "bECAiqsyMJoWK4mU-UnjSsc6lNrjxs0rWeljzuFtoMxqXZss3ZN58ClU3DTqlwupXF_utlmVN24xpIsEuywoiQjxWPeTBUljJQYh_zlxaftDQG4JOYqhrZqIBDYditOzIiL115frogUJw0GRwu2ScaF2nBkaybaj62slCm3qB3EMtW9xkCMFum4MNRyYwteDWQYC3Xflr0wn10R66cFTgfRehsqoNTcuOgkiI_sXO5gbnCktUVwEQk3Wdm3twrA13PbbiidhKBAmOsO-lUwLou-FkQMefsVVA4fGy8QUuWyVK5oEHocCOq8r5seXHus2o2Wgowz_Lc09rYUrsfVB8Q", "payload": "" } 2021-12-04 15:13:58,167:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55461648660 HTTP/1.1" 200 792 2021-12-04 15:13:58,167:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:13:58 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002fTQODSftq7YUxYhHQ20pGvC-gcV_SQWCrAYI7b5vSZg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T20:13:54Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461648660/DkbIoQ", "token": "CsVUEbbQ2FqMsSnnZnJNyySuKJhh6ENDUjZYbDscgnI" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461648660/IO7qjA", "token": "CsVUEbbQ2FqMsSnnZnJNyySuKJhh6ENDUjZYbDscgnI" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461648660/ez35rw", "token": "CsVUEbbQ2FqMsSnnZnJNyySuKJhh6ENDUjZYbDscgnI" } ] } 2021-12-04 15:13:58,168:DEBUG:acme.client:Storing nonce: 0002fTQODSftq7YUxYhHQ20pGvC-gcV_SQWCrAYI7b5vSZg 2021-12-04 15:14:01,172:DEBUG:acme.client:JWS payload: b'' 2021-12-04 15:14:01,174:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55461648660: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmZUUU9EU2Z0cTdZVXhZaEhRMjBwR3ZDLWdjVl9TUVdDckFZSTdiNXZTWmciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDYxNjQ4NjYwIn0", "signature": "N9XjPmhAGukv-3xLXoW477E50u6Rn0doS7uwqo3rlBwoNuGj5tDXHiqOpT-9TswSU8IIXwI2gj192zIoXnPkt0MVYQ_7qMhyK_6WgIowFvrnYHvZIspvXvQu-WHug5t1rGWuwzLeDiG92sAD4Mw0NaDUQLWV0TLOg-i01Nvow1ovhhOlBGxC6hADY_yEmSxhjlbY3TTwZFr46XcVR17Rn2NJ8AWsJY2DH9SxCl-OEkqtqK5Uy3u8bzk8vVcGEMQJbbOnevzJTw8xwcp0pUJ25T9BRhfq6XHWin4aXYTJdahNuAxeCIbKN7qk7bDm46s1lAWPy8x27jQRawyXAl2kmA", "payload": "" } 2021-12-04 15:14:01,239:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55461648660 HTTP/1.1" 200 1505 2021-12-04 15:14:01,240:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:14:01 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002ekPYxBisCax9Ze-Qgs2bXmiPhn__cvsl23MvneiTWt4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T20:13:54Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/CsVUEbbQ2FqMsSnnZnJNyySuKJhh6ENDUjZYbDscgnI [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461648660/DkbIoQ", "token": "CsVUEbbQ2FqMsSnnZnJNyySuKJhh6ENDUjZYbDscgnI", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/CsVUEbbQ2FqMsSnnZnJNyySuKJhh6ENDUjZYbDscgnI", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/CsVUEbbQ2FqMsSnnZnJNyySuKJhh6ENDUjZYbDscgnI", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T20:13:57Z" } ] } 2021-12-04 15:14:01,240:DEBUG:acme.client:Storing nonce: 0002ekPYxBisCax9Ze-Qgs2bXmiPhn__cvsl23MvneiTWt4 2021-12-04 15:14:01,241:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-04 15:14:01,242:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 15:14:01,243:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/CsVUEbbQ2FqMsSnnZnJNyySuKJhh6ENDUjZYbDscgnI [75.2.60.5]: "\n\n\n \n Prep: True 2021-12-04 15:14:02,828:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-04 15:14:02,828:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-04 15:14:02,829:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-04 15:14:02,832:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-04 15:14:02,833:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-04 15:14:02,834:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-04 15:14:03,043:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-04 15:14:03,044:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:14:03 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "ABV32tLojlU": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-04 15:14:03,045:INFO:certbot.main:Renewing an existing certificate 2021-12-04 15:14:03,114:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0513_key-certbot.pem 2021-12-04 15:14:03,121:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0513_csr-certbot.pem 2021-12-04 15:14:03,122:DEBUG:acme.client:Requesting fresh nonce 2021-12-04 15:14:03,122:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-04 15:14:03,172:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-04 15:14:03,173:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:14:03 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001t_-QZH_eln3wpBSMGx_gAN6oflxieZ3QMf4CRilRIRs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-04 15:14:03,173:DEBUG:acme.client:Storing nonce: 0001t_-QZH_eln3wpBSMGx_gAN6oflxieZ3QMf4CRilRIRs 2021-12-04 15:14:03,173:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-04 15:14:03,175:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXRfLVFaSF9lbG4zd3BCU01HeF9nQU42b2ZseGllWjNRTWY0Q1JpbFJJUnMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "laeB_rL63vQtLsbqBjZIz2VMg4GpA9om0MEK-u78XJyYB6TuLUru-Nkn69se23KelrYfeM4KrCSyrHQGVk_DD_r4aYi2oMa_6hvLMG1L14MFxp_fTq0JPA9UopIR08ph_tAGeTZZdOOJCQhLM4PFlzSJ5U3CPMQECZDCIm_w6qe-wGKmL9xY1JrUGS-EggfO6jmIzqrgi-8hmDj0u6rKVwxAfo3LNoGAXfe1bpVttsCK6ABLQgoIE6nPbzNVJK4r5-A-4AZPUTC8J_3hRjGelRONQU9xWk4Jlm4kEmoulB7CH1ANax9iJ0he4mMP7XVhCH3nv6ruduwva1t-n7-lEw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-04 15:14:04,122:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-04 15:14:04,123:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 04 Dec 2021 20:14:04 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44751834470 Replay-Nonce: 0002ahApniXRh5J0vfxrFR-Tzt5C8CGqbsZ9pT9jYrob72c X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-11T20:14:04Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55461679540", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55461679550" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44751834470" } 2021-12-04 15:14:04,123:DEBUG:acme.client:Storing nonce: 0002ahApniXRh5J0vfxrFR-Tzt5C8CGqbsZ9pT9jYrob72c 2021-12-04 15:14:04,124:DEBUG:acme.client:JWS payload: b'' 2021-12-04 15:14:04,126:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55461679540: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmFoQXBuaVhSaDVKMHZmeHJGUi1UenQ1QzhDR3Fic1o5cFQ5allyb2I3MmMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDYxNjc5NTQwIn0", "signature": "q1aLQbsneG6FKLQjHRR3qXdfubJEAZRFB9J3VslCeL9qBms2KSslK_e7wLeXyZCAjdD-ofWrDfeOwcfBWce0iuomdaOISY1fzvRteyR8Shj1RotLKq3K3ZysNz2wVkCaEQO_hpkJY1uQWKulsMbfCBf0Eru2KEwghkrPejRiTcyoD-C3vOw2awFmgmMSKH91rCoJ07fDfGFj5s52ASjRyJ48fBy8M7KmJVOa82f99lWghe2_H-TM-q4M7VgZFsPfH4gOxi1RNMv5mc8EAVWHKBXxoPxUAyRuOJ-uL4-z4G8wnzZHOHBJeHaLrqTrs6eyTKasgaGD6OddD7Vc8Aj_dg", "payload": "" } 2021-12-04 15:14:04,226:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55461679540 HTTP/1.1" 200 792 2021-12-04 15:14:04,227:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:14:04 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001AzNwGmwuPxvIWpT4RC16aS8sqD67BNwgDArT-7DfcxI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T20:14:04Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461679540/FV4BhQ", "token": "lTEgjMPWX3g3CpINtocXKEYbUiqxlXtKxtORZlssMpo" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461679540/6OKWoA", "token": "lTEgjMPWX3g3CpINtocXKEYbUiqxlXtKxtORZlssMpo" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461679540/kPYIlA", "token": "lTEgjMPWX3g3CpINtocXKEYbUiqxlXtKxtORZlssMpo" } ] } 2021-12-04 15:14:04,227:DEBUG:acme.client:Storing nonce: 0001AzNwGmwuPxvIWpT4RC16aS8sqD67BNwgDArT-7DfcxI 2021-12-04 15:14:04,228:DEBUG:acme.client:JWS payload: b'' 2021-12-04 15:14:04,230:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55461679550: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMUF6TndHbXd1UHh2SVdwVDRSQzE2YVM4c3FENjdCTndnREFyVC03RGZjeEkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDYxNjc5NTUwIn0", "signature": "ZWtm3Nr-3Lhh4nghyVw-7VY8YkOXBDAGA-oSnQgZkhpRMxspSyU6qPuWQ5VAF1hZirAPObYUBtjmwNR0ISW_2laqzS7W9ECQy-qOkOyrT4WjdKmPkwHL-9djvhuaaDOxW6q_kQKMixVvmE0l98nnSr0mVb_vd_T8SaeiqC9A08ac0undHh8JZJ9iUyKjpbzVcEfSmsehFudhGG6m75tUSymReiqVbwXEEiglhpxwp1KGqhIbjA5f0IVkuo712Jq6aDBGxHTTrM4U9qcrMh2x7Ol85UKWF-0GrPTYaU720T0TvSHPNCHPYqk88LaMRsl3REjqncF1OmbOCfeYHK8sXA", "payload": "" } 2021-12-04 15:14:04,296:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55461679550 HTTP/1.1" 200 796 2021-12-04 15:14:04,296:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:14:04 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 000297gkhhlaaFF78ZJj5yJmyAAVdjd4a-7lgZ4Hfbthwjk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-11T20:14:04Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461679550/W6cPgg", "token": "Tk2XoDuT8D9IT62j0OPnsMqTHnB5u3y5j3H54S466og" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461679550/Wqr9Lw", "token": "Tk2XoDuT8D9IT62j0OPnsMqTHnB5u3y5j3H54S466og" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461679550/xf0nDw", "token": "Tk2XoDuT8D9IT62j0OPnsMqTHnB5u3y5j3H54S466og" } ] } 2021-12-04 15:14:04,297:DEBUG:acme.client:Storing nonce: 000297gkhhlaaFF78ZJj5yJmyAAVdjd4a-7lgZ4Hfbthwjk 2021-12-04 15:14:04,297:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-04 15:14:04,298:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 15:14:04,298:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-04 15:14:04,358:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-04 15:14:04,359:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-04 15:14:04,360:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-04 15:14:04,360:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-04 15:14:04,360:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-04 15:14:04,361:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-04 15:14:04,361:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-04 15:14:04,361:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-04 15:14:04,362:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-04 15:14:04,362:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-04 15:14:04,363:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-04 15:14:04,363:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-04 15:14:04,363:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-04 15:14:04,364:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-04 15:14:04,366:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/lTEgjMPWX3g3CpINtocXKEYbUiqxlXtKxtORZlssMpo{default_type text/plain;return 200 lTEgjMPWX3g3CpINtocXKEYbUiqxlXtKxtORZlssMpo.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot location = /.well-known/acme-challenge/Tk2XoDuT8D9IT62j0OPnsMqTHnB5u3y5j3H54S466og{default_type text/plain;return 200 Tk2XoDuT8D9IT62j0OPnsMqTHnB5u3y5j3H54S466og.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-04 15:14:05,399:INFO:certbot.auth_handler:Waiting for verification... 2021-12-04 15:14:05,400:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 15:14:05,402:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461679540/FV4BhQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMjk3Z2toaGxhYUZGNzhaSmo1eUpteUFBVmRqZDRhLTdsZ1o0SGZidGh3amsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1NDYxNjc5NTQwL0ZWNEJoUSJ9", "signature": "DT3s1-tvs6TEOddjxp8Z8XySHFTfDaiT1Ib-DTdzait2TrebIUKmEcrWMqvz1X9mmAYfuDU9uL5jodlA9BL18hyJKTvSdMz3cv6YZOYctMXLZtv4Pe6prxSJ8FQGJz_V_JW-jhpi7k9jIMgr17tG7uHMEES1bBbWtBPU-Kk_oJp-mUMkBhkxW0gjlnvONSXrvl2pMJgYfC-dDMkZgIzWaHIBC5kM13IMNL7hQ2zpgTtH4Plw7RuVJFk1NCk44dsPc91bYvoIyeWn0VUC-PWl1vatDNTKbnxF2EtwW2xF5TZCOmtHanBUTCdDNJrZFj7d4TXYB87vPoFL2feckpyEnQ", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 15:14:05,469:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55461679540/FV4BhQ HTTP/1.1" 200 186 2021-12-04 15:14:05,470:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:14:05 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461679540/FV4BhQ Replay-Nonce: 0002niXMTOWurRNxAkIPZQxWjw33N1kDAXsXAt4Ov67HU00 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461679540/FV4BhQ", "token": "lTEgjMPWX3g3CpINtocXKEYbUiqxlXtKxtORZlssMpo" } 2021-12-04 15:14:05,470:DEBUG:acme.client:Storing nonce: 0002niXMTOWurRNxAkIPZQxWjw33N1kDAXsXAt4Ov67HU00 2021-12-04 15:14:05,471:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 15:14:05,473:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461679550/W6cPgg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMm5pWE1UT1d1clJOeEFrSVBaUXhXanczM04xa0RBWHNYQXQ0T3Y2N0hVMDAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1NDYxNjc5NTUwL1c2Y1BnZyJ9", "signature": "a5k01u6chARQJCDlVMzIdug-EQDm0qp7kRax66uxybe4_OwlUk3tCCQ8IAOEHcYPqpRz77moWYDFF9PQmFUXWNj3zzszDh70xSBmIW1r8CoxUc6izZWdpqCAnhPqKcXdJjUnnBcAZqE8AmPt33w8gjMBH4rkGdlz8eJlfvKZa-6Nm6AqpCqiYsBqZ9MP7QX_LOp0wIRAEVnlPKwoU548k0ypfU3PPAqubY1dwAANuAgOw77bAZUbyVQBDxm8r-fUVVJ6224lR6NnAwbYfnZd47IL7Xn14RsZxouLPSYLk6U3tmHocMjNlT7LaaKQNf3SxQtDptjMbg05b50oDC1q0Q", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 15:14:05,546:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55461679550/W6cPgg HTTP/1.1" 200 186 2021-12-04 15:14:05,546:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:14:05 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461679550/W6cPgg Replay-Nonce: 0002YW734vHxSeh9FtZWeDkQ_svFtgcXDTh8MZSWE6McyIc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461679550/W6cPgg", "token": "Tk2XoDuT8D9IT62j0OPnsMqTHnB5u3y5j3H54S466og" } 2021-12-04 15:14:05,547:DEBUG:acme.client:Storing nonce: 0002YW734vHxSeh9FtZWeDkQ_svFtgcXDTh8MZSWE6McyIc 2021-12-04 15:14:06,547:DEBUG:acme.client:JWS payload: b'' 2021-12-04 15:14:06,550:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55461679540: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMllXNzM0dkh4U2VoOUZ0WldlRGtRX3N2RnRnY1hEVGg4TVpTV0U2TWN5SWMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDYxNjc5NTQwIn0", "signature": "bDJvuWdBDi5dP9c1nrhEW6S6bHgMO1VPI0CzLu59u7AIFdSr-_4tKkS2eW3nz-GB-0_tTpFBQh8LzrTeTheStxxqOypOfIPUxeBMfr1MEEPdTuW3CBqpgyZJZeGvhhkDqiuRut2-S2in5wdf85OJkMIKTwVDRlltarD1ljhEQVrabZydgEed3aFxUvnL7F6RcN6Cp2dC0MOxcSUnnAs0mgG3DoXc2aSMVZ5UeAzR8q_CNTlVc1194BmV45oBAMXPjZp2LALPV0sjJuspAdY0kMtuvMquoi44zbbf00QPPPES2tdIkAMTbStxdj75nTezicnCiVfohB6Q3qnPHwa4Og", "payload": "" } 2021-12-04 15:14:06,616:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55461679540 HTTP/1.1" 200 1505 2021-12-04 15:14:06,617:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:14:06 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002lZhMRO9R6iVZ-0Ew5Urq8jPpi6EAJREf4iKEoa6_8OA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T20:14:04Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/lTEgjMPWX3g3CpINtocXKEYbUiqxlXtKxtORZlssMpo [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461679540/FV4BhQ", "token": "lTEgjMPWX3g3CpINtocXKEYbUiqxlXtKxtORZlssMpo", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/lTEgjMPWX3g3CpINtocXKEYbUiqxlXtKxtORZlssMpo", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/lTEgjMPWX3g3CpINtocXKEYbUiqxlXtKxtORZlssMpo", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T20:14:05Z" } ] } 2021-12-04 15:14:06,617:DEBUG:acme.client:Storing nonce: 0002lZhMRO9R6iVZ-0Ew5Urq8jPpi6EAJREf4iKEoa6_8OA 2021-12-04 15:14:06,618:DEBUG:acme.client:JWS payload: b'' 2021-12-04 15:14:06,619:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55461679550: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmxaaE1STzlSNmlWWi0wRXc1VXJxOGpQcGk2RUFKUkVmNGlLRW9hNl84T0EiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDYxNjc5NTUwIn0", "signature": "ANjOM8vahqWM1zvgOIjka43S4acUDwXPTmN3F02oASh3SSwYLSw3qxtq1Oy0AXgcwnpm-t-yISM0_QUbcO8GixiHE7VMJEYHh0Avcb-LDhgqZUUGfhGIIpoIq3kGxW0T4GduD6V6wntg50-sAaMQnqyVNFCXX7zl57ZANLv5yXpHAMIN67yS8p0uVtcdD--xQTlIxD8x4knEATfQdqQUCtGxWvrPKADroMlDEOSSI7sYxYTtBrcE4yRRj6d6LIFPxK4ex3oEHc1NQ6ZKrsM274aH8vo-KOY5-k5vTOetvFi5U09QjYVHuqFnkbEaH99ipXXPi1FZJvwbXPdHazUGFA", "payload": "" } 2021-12-04 15:14:06,680:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55461679550 HTTP/1.1" 200 796 2021-12-04 15:14:06,681:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:14:06 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002YBwjcgyFEBGivFO7NFjypeh7bHz2sXbYv1cyKt6CmGQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-11T20:14:04Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461679550/W6cPgg", "token": "Tk2XoDuT8D9IT62j0OPnsMqTHnB5u3y5j3H54S466og" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461679550/Wqr9Lw", "token": "Tk2XoDuT8D9IT62j0OPnsMqTHnB5u3y5j3H54S466og" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461679550/xf0nDw", "token": "Tk2XoDuT8D9IT62j0OPnsMqTHnB5u3y5j3H54S466og" } ] } 2021-12-04 15:14:06,682:DEBUG:acme.client:Storing nonce: 0002YBwjcgyFEBGivFO7NFjypeh7bHz2sXbYv1cyKt6CmGQ 2021-12-04 15:14:06,682:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-04 15:14:09,685:DEBUG:acme.client:JWS payload: b'' 2021-12-04 15:14:09,687:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55461679550: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMllCd2pjZ3lGRUJHaXZGTzdORmp5cGVoN2JIejJzWGJZdjFjeUt0NkNtR1EiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDYxNjc5NTUwIn0", "signature": "afVLalEDB3DJ2SL2MfPZXddjWydoo7avAtQtlSs-wy2k__6hQiKJRC-F_hJn10mBXUh_VPe43_8pWy214dDknvhtAac7zR105gjYgaaVKJeoGqvQURHYfyjJYGBFjckRVRS7fC67m6NC_9OI_Xu4GxjatY74LqH1HH_Lk-OiOxgQ5evNkh-kgZNyDPkag5BYA4GVKilfaTh8bMUxwpcW3-RzV792axBflJQMr4ofqVIzm9QvUe0GrvxiFuiHqQXTO6hF4XOXe6kAIivcDH_xet_P4oMrCkY62KrQLuPfP6URry0WZI4agza1sCQkU8JuNP7mfPFaaFaxoNN6fYiH-w", "payload": "" } 2021-12-04 15:14:09,754:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55461679550 HTTP/1.1" 200 1826 2021-12-04 15:14:09,755:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:14:09 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002Sb0J-A3tiVZ39T6Pd9W2PlO17xPqplncpZ6lEPhMtbg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T20:14:04Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/Tk2XoDuT8D9IT62j0OPnsMqTHnB5u3y5j3H54S466og [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55461679550/W6cPgg", "token": "Tk2XoDuT8D9IT62j0OPnsMqTHnB5u3y5j3H54S466og", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/Tk2XoDuT8D9IT62j0OPnsMqTHnB5u3y5j3H54S466og", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/Tk2XoDuT8D9IT62j0OPnsMqTHnB5u3y5j3H54S466og", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/Tk2XoDuT8D9IT62j0OPnsMqTHnB5u3y5j3H54S466og", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T20:14:05Z" } ] } 2021-12-04 15:14:09,756:DEBUG:acme.client:Storing nonce: 0002Sb0J-A3tiVZ39T6Pd9W2PlO17xPqplncpZ6lEPhMtbg 2021-12-04 15:14:09,757:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-04 15:14:09,758:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 15:14:09,758:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-04 15:14:09,759:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/lTEgjMPWX3g3CpINtocXKEYbUiqxlXtKxtORZlssMpo [75.2.60.5]: "\n\n\n \n\n\n\n \n 2021-12-04 15:14:10,977:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2021-12-04 15:14:10,977:ERROR:certbot.renewal: /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem (failure) /etc/letsencrypt/live/whatbank.ca/fullchain.pem (failure) 2021-12-04 15:14:10,978:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2021-12-04 15:26:20,150:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-04 15:26:20,151:DEBUG:certbot.main:Arguments: ['--nginx', '-d', 'whatbank.ca', '-d', 'www.whatbank.ca'] 2021-12-04 15:26:20,151:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-04 15:26:20,163:DEBUG:certbot.log:Root logging level set at 20 2021-12-04 15:26:20,164:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-04 15:26:20,165:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-12-04 15:26:20,411:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-04 15:26:20,412:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-04 15:26:20,412:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-04 15:26:20,417:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-04 15:26:20,418:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-04 15:26:20,420:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-04 15:26:20,585:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-04 15:26:20,586:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:26:20 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "_1QvmfjAI1M": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-04 15:26:20,604:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 22:59:12 UTC. 2021-12-04 15:26:20,604:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-04 15:26:20,604:INFO:certbot.main:Renewing an existing certificate 2021-12-04 15:26:20,724:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0514_key-certbot.pem 2021-12-04 15:26:20,731:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0514_csr-certbot.pem 2021-12-04 15:26:20,732:DEBUG:acme.client:Requesting fresh nonce 2021-12-04 15:26:20,732:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-04 15:26:20,785:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-04 15:26:20,786:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:26:20 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 000174uo4ixmzEUda5xnsVVKABJld8O5MtwfwNJU2tkqtNo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-04 15:26:20,786:DEBUG:acme.client:Storing nonce: 000174uo4ixmzEUda5xnsVVKABJld8O5MtwfwNJU2tkqtNo 2021-12-04 15:26:20,787:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-04 15:26:20,789:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMTc0dW80aXhtekVVZGE1eG5zVlZLQUJKbGQ4TzVNdHdmd05KVTJ0a3F0Tm8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "KOUh7hUegR9rLoBZ35c4dvsB2nj0GvtUIZO7U7IfEqqSeIM9oUGMiuNvkuOPz6TvoYbP6OsMDSIpaI0sbA_yJYckoCaCrzOWI2ugKItIu7j9wyGrwkK5t_IMnF94Xmp5rFoQhuDN-OtGOnpoN2n3b4ip1LWpfQR-3yGGoNE5nfEusOjK5vEIVheEtR_dicG1fxCE2C-pcLPDrEmwM_D6oLe9RDRy6t3qKacgFeD8vutFi8Itlbllip3wQKWlKkmbU7wikAsDOkQs-4PS8CzkFjVAQ8HkR2lzCA4eLOvMydBaFLPeNzSdUhELigFx9tLzaFwvB5_fWTvOhuctcaFTyg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-04 15:26:22,560:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-04 15:26:22,561:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 04 Dec 2021 20:26:22 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44753908700 Replay-Nonce: 0002SZfekGuEvzPcF7b7y88Ts8UAlk7NRbU4apB5oSAKmiU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-11T20:26:22Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55464135660", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55464135670" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44753908700" } 2021-12-04 15:26:22,561:DEBUG:acme.client:Storing nonce: 0002SZfekGuEvzPcF7b7y88Ts8UAlk7NRbU4apB5oSAKmiU 2021-12-04 15:26:22,561:DEBUG:acme.client:JWS payload: b'' 2021-12-04 15:26:22,563:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55464135660: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMlNaZmVrR3VFdnpQY0Y3Yjd5ODhUczhVQWxrN05SYlU0YXBCNW9TQUttaVUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDY0MTM1NjYwIn0", "signature": "j0Fv0dCEKIbTq3yPgHMTVQ7Bvx-3v6x2R6C5LXb0__5bWF6J7unn0Vc1x0xK0Hck_ad9pJDky0K8ZuhmPvZfjQo2Ok_kGp7BkRf6JjpGH0AWOo4WRnaQtta9x20PCnALJFP3bxeQVO0vcSJtaJ5q7z3bn7IZaosh19sMBsmowML0p-EFqlqrSkE8U3sNbkAMCf0CMxuK_ELg0kTOCG9nEGzT7MIE7beU25pYq4Zp_0DwJlxoYf8QimE8r1cesm5AfZTpQ56IL1Pku2Z9O2-bnnluUBWSXcH9ruDmhvxna0__vTjTJv1gEmBxVXbUEQYlOTB8EH1ptf36nligLl4aAw", "payload": "" } 2021-12-04 15:26:22,627:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55464135660 HTTP/1.1" 200 792 2021-12-04 15:26:22,628:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:26:22 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002aaURvLpTFlKq_SxnlfBgxUD7vHyofZIl7jP0JNglpGk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T20:26:22Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55464135660/Bj6q1w", "token": "qln2LHOVpkBLW1IyncvvsPZ-ztKOnO7BtRaItcuH-pg" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55464135660/0QOD9w", "token": "qln2LHOVpkBLW1IyncvvsPZ-ztKOnO7BtRaItcuH-pg" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55464135660/_AwpJA", "token": "qln2LHOVpkBLW1IyncvvsPZ-ztKOnO7BtRaItcuH-pg" } ] } 2021-12-04 15:26:22,628:DEBUG:acme.client:Storing nonce: 0002aaURvLpTFlKq_SxnlfBgxUD7vHyofZIl7jP0JNglpGk 2021-12-04 15:26:22,629:DEBUG:acme.client:JWS payload: b'' 2021-12-04 15:26:22,630:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55464135670: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMmFhVVJ2THBURmxLcV9TeG5sZkJneFVEN3ZIeW9mWklsN2pQMEpOZ2xwR2siLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDY0MTM1NjcwIn0", "signature": "AwdJZL8UUCcRfFNFIjrfCueBEsYtLxC-Kg6SgDRpJXLvTtz5aPQwKaTyCa_8NN79Xka02zylRGyMAzsBDyRraUbJPy5jwweXyhO7ITVL7Nr4xCz_ArjXvZIKerGKC6r3dNMGmiM9psUnsCwihqUiOoiPYunhCg8xAQ_gAAHdAaQBEcU6KgAkkbzai1SRtlvWl8_GvaYx0gp1zDNlVh8fPP3EbgLU3sA6VxeQTeHuqxmrRz06Ohy-qqXoEOgrGG_Lfqo6ao71LxOBFRkAnrF_BbNJOwzZ6StcejfBN6cHtSCEvi-SUH0ztGRMAhZlhDTt-Nxt9Bvwt33X1Z1uBlUM0w", "payload": "" } 2021-12-04 15:26:22,703:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55464135670 HTTP/1.1" 200 796 2021-12-04 15:26:22,704:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:26:22 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001toRJ6kG2-25_5878lxnMKA4VbmHiIlDF3X7NF9zJuNw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-11T20:26:22Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55464135670/SOW1Bg", "token": "OnhfsGooTL8nXqopJZuBh3hMXZg3IlrTQLudYQmRhYk" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55464135670/nyvXCw", "token": "OnhfsGooTL8nXqopJZuBh3hMXZg3IlrTQLudYQmRhYk" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55464135670/NHfcFA", "token": "OnhfsGooTL8nXqopJZuBh3hMXZg3IlrTQLudYQmRhYk" } ] } 2021-12-04 15:26:22,704:DEBUG:acme.client:Storing nonce: 0001toRJ6kG2-25_5878lxnMKA4VbmHiIlDF3X7NF9zJuNw 2021-12-04 15:26:22,705:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-04 15:26:22,705:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 15:26:22,705:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-04 15:26:22,766:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-04 15:26:22,767:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-04 15:26:22,768:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-04 15:26:22,768:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-04 15:26:22,768:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-04 15:26:22,768:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-04 15:26:22,769:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-04 15:26:22,769:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-04 15:26:22,769:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-04 15:26:22,770:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-04 15:26:22,770:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-04 15:26:22,770:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-04 15:26:22,771:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-04 15:26:22,772:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-04 15:26:22,773:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/qln2LHOVpkBLW1IyncvvsPZ-ztKOnO7BtRaItcuH-pg{default_type text/plain;return 200 qln2LHOVpkBLW1IyncvvsPZ-ztKOnO7BtRaItcuH-pg.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot location = /.well-known/acme-challenge/OnhfsGooTL8nXqopJZuBh3hMXZg3IlrTQLudYQmRhYk{default_type text/plain;return 200 OnhfsGooTL8nXqopJZuBh3hMXZg3IlrTQLudYQmRhYk.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 20d; } } 2021-12-04 15:26:23,799:INFO:certbot.auth_handler:Waiting for verification... 2021-12-04 15:26:23,800:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 15:26:23,802:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55464135660/Bj6q1w: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXRvUko2a0cyLTI1XzU4NzhseG5NS0E0VmJtSGlJbERGM1g3TkY5ekp1TnciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1NDY0MTM1NjYwL0JqNnExdyJ9", "signature": "MvWkWVFBSL-KfAoYyLm2ivUsn-FNqhVaO400FResqdfwT2S9nvNY745_p0eMAOKsh1yhydWFTgof4XixJK6uo38oCvAyd5FoCiIjcuVrp4kjbz-5n-zTFNYTMaQ0_XQ2C98bQrlbJCzdLh7R6yr3K_GM37KDi3kg8tvaMsNlHWTY05hxmh5Vko0xP28hlysoax7T8XvnxOwcvXRz3xGoGS2P07jlXiS4wwDOirl5BeQj621y2YVSmDJcNJL68iw6zSN2bNCZv3p7UMenOfyr_6O1geT3oeGY7TLsmfbRBN-n-Zwm8pq1ci2_0dd4xtVgZyPcIu1NNFNVnRcTENM1bA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 15:26:23,875:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55464135660/Bj6q1w HTTP/1.1" 200 186 2021-12-04 15:26:23,876:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:26:23 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55464135660/Bj6q1w Replay-Nonce: 0001uMrEphVDbew3l2mUkQfpbRIJsxLZmB6o_EMOu75wTBQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55464135660/Bj6q1w", "token": "qln2LHOVpkBLW1IyncvvsPZ-ztKOnO7BtRaItcuH-pg" } 2021-12-04 15:26:23,876:DEBUG:acme.client:Storing nonce: 0001uMrEphVDbew3l2mUkQfpbRIJsxLZmB6o_EMOu75wTBQ 2021-12-04 15:26:23,877:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 15:26:23,879:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55464135670/SOW1Bg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXVNckVwaFZEYmV3M2wybVVrUWZwYlJJSnN4TFptQjZvX0VNT3U3NXdUQlEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1NDY0MTM1NjcwL1NPVzFCZyJ9", "signature": "PZ9s1rEklV-ER5cyX_899OO1yNWr-NYR3TLlhiiKnaaFWle6WDeIhS7Qz6watXkOcuEP0nlsU1nKnwpfyB5LiN8xIAQd-dc1T8m5ZmGmJuddxxcOHgQx3ZC0TaEVgy_jg4KkX3lmFdR1uLALQzKw05xC4tgwHJGot48sEWpv_1_B9gBP-cy6o-zd7LFgivukmU_mq-3qlbFNAv1PYwzkK-HcY1i5HX1rYfnacdE2JnJl9ITGmR1-S8RQNlUTmTbkwTj9i7v2aYCtG_qkTTp7aGOuejx71PyqdJgUV0XDRd_YznzvqMYAY5cyoAaxXTF7-xW2370cPXZ6WdvD0a0eKA", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 15:26:23,965:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55464135670/SOW1Bg HTTP/1.1" 200 186 2021-12-04 15:26:23,966:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:26:23 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55464135670/SOW1Bg Replay-Nonce: 0001r50bBwyJJ8U5pv2IE12fSufjsFqqvi2LuBsxy3BmvC8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55464135670/SOW1Bg", "token": "OnhfsGooTL8nXqopJZuBh3hMXZg3IlrTQLudYQmRhYk" } 2021-12-04 15:26:23,966:DEBUG:acme.client:Storing nonce: 0001r50bBwyJJ8U5pv2IE12fSufjsFqqvi2LuBsxy3BmvC8 2021-12-04 15:26:24,968:DEBUG:acme.client:JWS payload: b'' 2021-12-04 15:26:24,970:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55464135660: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMXI1MGJCd3lKSjhVNXB2MklFMTJmU3VmanNGcXF2aTJMdUJzeHkzQm12QzgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDY0MTM1NjYwIn0", "signature": "TCzuICQjpfePsJO7mrR2HHrfBFuOsjPuVZcu-WO2Juz344OIafd3KQgCZs2kwz72gbhoU72VtyCqu0GjRxekvms66ODT0oAkf5OK0nivNC0oxTDol5P27mMqZI1niXE1s3_ewxSZSsxWy94KBTPiJLs_nUhKt6XmCrXHj8CaMuz6IDk2jqPWcimVDBbgWY8c__wKvI7wKYOclBcV7mlP_IyVhoVaQniFed3mzmodtft2XKao2GfdUijR2HHFRsoMMIyF94H0Tzq8w3nchPzPGyNWGVXylt3UAiBrdJ-8J8qjsLlpwpIGXnGPIlOH5vMyH938-CKMcmxkIhjZ7BQKnA", "payload": "" } 2021-12-04 15:26:25,033:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55464135660 HTTP/1.1" 200 1505 2021-12-04 15:26:25,034:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:26:25 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002KKnF0z_kPvXCxXaNIFt9F7LLBzDXqq7hnKz_b8hUwSY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T20:26:22Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/qln2LHOVpkBLW1IyncvvsPZ-ztKOnO7BtRaItcuH-pg [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55464135660/Bj6q1w", "token": "qln2LHOVpkBLW1IyncvvsPZ-ztKOnO7BtRaItcuH-pg", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/qln2LHOVpkBLW1IyncvvsPZ-ztKOnO7BtRaItcuH-pg", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/qln2LHOVpkBLW1IyncvvsPZ-ztKOnO7BtRaItcuH-pg", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T20:26:23Z" } ] } 2021-12-04 15:26:25,035:DEBUG:acme.client:Storing nonce: 0002KKnF0z_kPvXCxXaNIFt9F7LLBzDXqq7hnKz_b8hUwSY 2021-12-04 15:26:25,036:DEBUG:acme.client:JWS payload: b'' 2021-12-04 15:26:25,038:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55464135670: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMktLbkYwel9rUHZYQ3hYYU5JRnQ5RjdMTEJ6RFhxcTdobkt6X2I4aFV3U1kiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDY0MTM1NjcwIn0", "signature": "gTAI1jWlQglfi6FOslqqGiT7a1bltSKODbzppuNiLkz6KQxwMpM66p47BaWPbFonc1ry-PCEsR9Kku53Y9pgIwyiEi6wOTRD8fpNanETJfLgoreP5Wy8P4oW5ua-jy2KwPmXIhys5z5KLiLBFrZkFOj6ui9t140PsclThiXtfrF7tglpuQYGaaFBemxZi8K9sGRHcPx0uJ77EGVOIzysEcILqf881CAvfgFCFi4O4cnHrRlykMpshOiASNVSRpLxrFBqjepnuVkgQVKdXFN6IHgD4MpyHkuf0r-hK4pDTkI80PBZaL-1PTigX4CYqRFnLWCCzmElxCijja3-GOboKw", "payload": "" } 2021-12-04 15:26:25,102:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55464135670 HTTP/1.1" 200 796 2021-12-04 15:26:25,102:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:26:25 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001nM-f0DoLfp7MkWyr7Z7DwOS_jG8BgV5pI842lRyoYt0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-11T20:26:22Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55464135670/SOW1Bg", "token": "OnhfsGooTL8nXqopJZuBh3hMXZg3IlrTQLudYQmRhYk" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55464135670/nyvXCw", "token": "OnhfsGooTL8nXqopJZuBh3hMXZg3IlrTQLudYQmRhYk" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55464135670/NHfcFA", "token": "OnhfsGooTL8nXqopJZuBh3hMXZg3IlrTQLudYQmRhYk" } ] } 2021-12-04 15:26:25,103:DEBUG:acme.client:Storing nonce: 0001nM-f0DoLfp7MkWyr7Z7DwOS_jG8BgV5pI842lRyoYt0 2021-12-04 15:26:25,103:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-04 15:26:28,105:DEBUG:acme.client:JWS payload: b'' 2021-12-04 15:26:28,107:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55464135670: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDAwMW5NLWYwRG9MZnA3TWtXeXI3WjdEd09TX2pHOEJnVjVwSTg0MmxSeW9ZdDAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDY0MTM1NjcwIn0", "signature": "M_vcH-AJVQBQveDpiZUNut78W-qLuyOlGcNsvCyXnb599r8nZvLGhSYXra2K3vNUH_34JnSQO8yGjH6dkeYBQ3GNm5IzvZ8ueo_ryNZ9tz0VEMaJuJvHzcLaERGRkxgGxGsGFhgFCcizqr_6krevsFlvTmfCKFBBie9lqyOUtLDf73i3FDP4mOwR_6ksSKbGBMV7NUHrlO5XCWJ_UWJKl51Oty1nj3Yj-n3EKJltuoE2HoA50IIqA5dK3WbYtKAopvj-F2QD2hG7TBPi7_-wB1li4adNbPSW8btN6tpYAHfNAYVqjilZuM61ZXXjOegTz3FRIZp6bMGiiHl4sVxqWQ", "payload": "" } 2021-12-04 15:26:28,170:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55464135670 HTTP/1.1" 200 1826 2021-12-04 15:26:28,171:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 20:26:28 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002Y1UgXFNbTIQqypqRm7_NpcLNd1L-W5dX8KQyIdGHkzc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T20:26:22Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/OnhfsGooTL8nXqopJZuBh3hMXZg3IlrTQLudYQmRhYk [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55464135670/SOW1Bg", "token": "OnhfsGooTL8nXqopJZuBh3hMXZg3IlrTQLudYQmRhYk", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/OnhfsGooTL8nXqopJZuBh3hMXZg3IlrTQLudYQmRhYk", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/OnhfsGooTL8nXqopJZuBh3hMXZg3IlrTQLudYQmRhYk", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/OnhfsGooTL8nXqopJZuBh3hMXZg3IlrTQLudYQmRhYk", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T20:26:23Z" } ] } 2021-12-04 15:26:28,171:DEBUG:acme.client:Storing nonce: 0002Y1UgXFNbTIQqypqRm7_NpcLNd1L-W5dX8KQyIdGHkzc 2021-12-04 15:26:28,171:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-04 15:26:28,172:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 15:26:28,172:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-04 15:26:28,172:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/qln2LHOVpkBLW1IyncvvsPZ-ztKOnO7BtRaItcuH-pg [75.2.60.5]: "\n\n\n \n\n\n\n \n load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1132, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/lib/python3/dist-packages/certbot/main.py", line 116, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 320, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/client.py", line 348, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/client.py", line 396, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-12-04 18:08:59,250:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-04 18:08:59,250:DEBUG:certbot.main:Arguments: [] 2021-12-04 18:08:59,250:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-04 18:08:59,263:DEBUG:certbot.log:Root logging level set at 20 2021-12-04 18:08:59,264:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-04 18:08:59,292:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-04 18:08:59,460:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-04 18:08:59,462:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/ex.whatbank.ca/cert.pem is signed by the certificate's issuer. 2021-12-04 18:08:59,465:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/ex.whatbank.ca/cert.pem is: OCSPCertStatus.GOOD 2021-12-04 18:08:59,470:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-04 18:08:59,495:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-04 18:08:59,496:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/iframe.whatbank.ca/cert.pem is signed by the certificate's issuer. 2021-12-04 18:08:59,497:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/iframe.whatbank.ca/cert.pem is: OCSPCertStatus.GOOD 2021-12-04 18:08:59,501:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-04 18:08:59,680:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-04 18:08:59,682:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/img.whatbank.ca/cert.pem is signed by the certificate's issuer. 2021-12-04 18:08:59,683:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/img.whatbank.ca/cert.pem is: OCSPCertStatus.GOOD 2021-12-04 18:08:59,689:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-04 18:08:59,754:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-04 18:08:59,756:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/lawrencepilch.com-0001/cert.pem is signed by the certificate's issuer. 2021-12-04 18:08:59,757:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/lawrencepilch.com-0001/cert.pem is: OCSPCertStatus.GOOD 2021-12-04 18:08:59,762:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-04 18:08:59,831:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-04 18:08:59,833:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/lawrencepilch.com/cert.pem is signed by the certificate's issuer. 2021-12-04 18:08:59,833:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/lawrencepilch.com/cert.pem is: OCSPCertStatus.GOOD 2021-12-04 18:08:59,837:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-04 18:08:59,905:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-04 18:08:59,907:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/whatbank.ca-0001/cert.pem is signed by the certificate's issuer. 2021-12-04 18:08:59,908:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/whatbank.ca-0001/cert.pem is: OCSPCertStatus.GOOD 2021-12-04 18:08:59,912:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-04 18:08:59,985:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-04 18:08:59,987:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/whatbank.ca/cert.pem is signed by the certificate's issuer. 2021-12-04 18:08:59,987:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/whatbank.ca/cert.pem is: OCSPCertStatus.GOOD 2021-12-04 18:08:59,992:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-04 18:09:00,067:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-04 18:09:00,069:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/www.lawrencepilch.com/cert.pem is signed by the certificate's issuer. 2021-12-04 18:09:00,070:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/www.lawrencepilch.com/cert.pem is: OCSPCertStatus.GOOD 2021-12-04 18:13:25,364:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-04 18:13:25,364:DEBUG:certbot.main:Arguments: ['--nginx', '-d', 'whatbank.ca', '-d', 'www.whatbank.ca'] 2021-12-04 18:13:25,364:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-04 18:13:25,375:DEBUG:certbot.log:Root logging level set at 20 2021-12-04 18:13:25,376:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-04 18:13:25,377:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-12-04 18:13:25,626:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-04 18:13:25,627:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-04 18:13:25,627:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-04 18:13:25,633:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-04 18:13:25,634:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-12-04 18:13:25,636:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-12-04 18:13:25,749:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-12-04 18:13:25,750:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 23:13:25 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "mhEOyHQu6jA": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-04 18:13:25,770:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 22:59:12 UTC. 2021-12-04 18:13:25,771:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-04 18:13:25,771:INFO:certbot.main:Renewing an existing certificate 2021-12-04 18:13:25,849:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0515_key-certbot.pem 2021-12-04 18:13:25,861:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0515_csr-certbot.pem 2021-12-04 18:13:25,862:DEBUG:acme.client:Requesting fresh nonce 2021-12-04 18:13:25,862:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-04 18:13:25,900:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-04 18:13:25,901:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 23:13:25 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102o2Sn_cyUGd9wxnmj4yDVWhkHjyguv012MKMFKv-1omg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-04 18:13:25,902:DEBUG:acme.client:Storing nonce: 0102o2Sn_cyUGd9wxnmj4yDVWhkHjyguv012MKMFKv-1omg 2021-12-04 18:13:25,902:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-04 18:13:25,906:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMm8yU25fY3lVR2Q5d3hubWo0eURWV2hrSGp5Z3V2MDEyTUtNRkt2LTFvbWciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "QfcLQaZwDmoYGzmX2WJTS8hPhH_JwFi4xjMjTZ5_dY5dYsfN5w_aqzOzmwWP_fB7lvEm8ErU32AaGmAYPMBZc9CE9zDD16vYsA7Dzo6o6yOsPHkGyxWwBjPuWgOrdk_HHkBGDTFUOcHCAytoMeR8zgTIzVYjQUub76J_XyOV9suebEQXoKsCPuPf8Wr9DezffVhu3hGcNjr90umLZTaw11-OACeJPkdqbbTwM86knjbhMVwj-8Rf8DRQeCGDL2vndyrcXkHtlwSnvhFrWyCTKJX4Zehc2VE-0LT0NlbuWwam4svRMp_G6vwg3aCMWPsqHWaLUuFkobDLq9tqV4NVBw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-04 18:13:26,218:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 470 2021-12-04 18:13:26,219:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 04 Dec 2021 23:13:26 GMT Content-Type: application/json Content-Length: 470 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/38813962/44782705230 Replay-Nonce: 0101Tb84miGPdX-0MrjWzqS51PVuNxkydU9Bof20adibj38 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-11T23:13:26Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55498678610", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/55498678620" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/38813962/44782705230" } 2021-12-04 18:13:26,220:DEBUG:acme.client:Storing nonce: 0101Tb84miGPdX-0MrjWzqS51PVuNxkydU9Bof20adibj38 2021-12-04 18:13:26,220:DEBUG:acme.client:JWS payload: b'' 2021-12-04 18:13:26,223:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55498678610: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMVRiODRtaUdQZFgtME1yald6cVM1MVBWdU54a3lkVTlCb2YyMGFkaWJqMzgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDk4Njc4NjEwIn0", "signature": "llgxQLzxiCFA9LJnBpuguNLMmTk-tMpMdm63F4MFH2CabcMOWQ56y9GgvjFCVEKVg68F0wZXfalPDMX3nkKmrsrCNBBRmBUjBtV4IJ0mo9x_b6166RtF28r4n_nMGIVfeZRytrMignXuUinwtdkmDCnq2e9Bbrcf2BBUvq0OXDkeRx4FEF6BhqlBkhD-FtfMBvLc3RyL8Y0SIdDHxxZgtG7kfIREgsNR114DmrdproIOL75Cc5MQZ7bHdrxSSB39I22tQRQxXKyWrqAeywM8_1AoxswLw-APuC0vHCOiEGTdSvSsL92KwlUwFC9uNR2vc2he2EnU_V4-ibR7uY4HeA", "payload": "" } 2021-12-04 18:13:26,299:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55498678610 HTTP/1.1" 200 792 2021-12-04 18:13:26,300:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 23:13:26 GMT Content-Type: application/json Content-Length: 792 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101NKDgIPquOx-Cw8jHBHRY1cGBzeC8jxpT226y6W-TNqA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-11T23:13:26Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55498678610/PxSz5Q", "token": "Hwa68Qkbwf2veesTEetkMazxjjg_9jnp8KdRoNB19DI" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55498678610/mgUqBQ", "token": "Hwa68Qkbwf2veesTEetkMazxjjg_9jnp8KdRoNB19DI" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55498678610/5B-taQ", "token": "Hwa68Qkbwf2veesTEetkMazxjjg_9jnp8KdRoNB19DI" } ] } 2021-12-04 18:13:26,301:DEBUG:acme.client:Storing nonce: 0101NKDgIPquOx-Cw8jHBHRY1cGBzeC8jxpT226y6W-TNqA 2021-12-04 18:13:26,301:DEBUG:acme.client:JWS payload: b'' 2021-12-04 18:13:26,303:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55498678620: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMU5LRGdJUHF1T3gtQ3c4akhCSFJZMWNHQnplQzhqeHBUMjI2eTZXLVROcUEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDk4Njc4NjIwIn0", "signature": "j9U2KesXUYRF8EcoqKf8-0ju4Ercluwp1bikb9HK_y_lMBdxlMKeracqX1NodYTIsmNwybZC48BZ3Kh6tv4MxlDRA6zXCZIZd4YuFawjdWaVL5aziNwbplHJgZraUCYY5_HWQBw0G99NbPdP2qMmqlmHmFziTBH6Dg306uz-NH0yyXspRlFKVJWZnOkLcBUWyRPldWOei2Y5bxIZ1Xwo5eVUUgEgMrC7RNN0eZ6KhY7lgeASUq9jkCwoHsK9flMhrvd0re2-nqIpPfvjjUsmP6n-PX3AxLaPrl4HU65how-AUEM9URT4rFAUWA_XrD36-3SdYpPDM_3J8AWc_Rcy5Q", "payload": "" } 2021-12-04 18:13:26,381:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55498678620 HTTP/1.1" 200 796 2021-12-04 18:13:26,382:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 23:13:26 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101pf2KvN9vGl4AGoBWuIvYk_kPWX1zjM2NGxCmv2icWzM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-11T23:13:26Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55498678620/koJL7w", "token": "us_5ncIFqnKVcH_OBAkv_lvol3YDkKVkHy14A-ndZ6k" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55498678620/kn1WQg", "token": "us_5ncIFqnKVcH_OBAkv_lvol3YDkKVkHy14A-ndZ6k" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55498678620/GbNe6A", "token": "us_5ncIFqnKVcH_OBAkv_lvol3YDkKVkHy14A-ndZ6k" } ] } 2021-12-04 18:13:26,383:DEBUG:acme.client:Storing nonce: 0101pf2KvN9vGl4AGoBWuIvYk_kPWX1zjM2NGxCmv2icWzM 2021-12-04 18:13:26,383:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-04 18:13:26,384:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 18:13:26,384:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-04 18:13:26,444:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-04 18:13:26,445:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-04 18:13:26,445:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-04 18:13:26,446:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-04 18:13:26,446:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-04 18:13:26,446:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-04 18:13:26,447:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-04 18:13:26,447:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-04 18:13:26,447:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-04 18:13:26,447:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-04 18:13:26,448:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-04 18:13:26,448:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-04 18:13:26,448:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-04 18:13:26,449:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-04 18:13:26,451:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/Hwa68Qkbwf2veesTEetkMazxjjg_9jnp8KdRoNB19DI{default_type text/plain;return 200 Hwa68Qkbwf2veesTEetkMazxjjg_9jnp8KdRoNB19DI.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot location = /.well-known/acme-challenge/us_5ncIFqnKVcH_OBAkv_lvol3YDkKVkHy14A-ndZ6k{default_type text/plain;return 200 us_5ncIFqnKVcH_OBAkv_lvol3YDkKVkHy14A-ndZ6k.UtlQBtgKWAIHUGpWckZwlZQqONngmqZPsd2D523qXUg;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; # location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; # proxy_http_version 1.1; # proxy_set_header Upgrade $http_upgrade; # proxy_set_header Connection $connection_upgrade; # proxy_read_timeout 20d; # } } 2021-12-04 18:13:27,478:INFO:certbot.auth_handler:Waiting for verification... 2021-12-04 18:13:27,479:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 18:13:27,482:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55498678610/PxSz5Q: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMXBmMkt2Tjl2R2w0QUdvQld1SXZZa19rUFdYMXpqTTJOR3hDbXYyaWNXek0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1NDk4Njc4NjEwL1B4U3o1USJ9", "signature": "SJFglbtvaV-RJoukauprVmcPUWHf3rs5zYylhKPRbxgIwJCVnGuLLDVaoiz5No9VMvVF_SvmP_OeGt4aGIzbxms2Y2m0-vrOw5jdVQhI7iU7ZH_sT3ckQTNi6uzSwyPv66Nak5T9maFW1iv9Kwz8E6hK1EIYKydiVuAK4Lmrtcl738B3qict7Ij7EoxEwpQuhzNn0eKuaBfVPrzGpSxvI9Pk9FwPlYGkSm2FmyO6JmrPMPJUkQq9aqHr5aYi1LGHRG62FpoLTPbbBiycf1BreJeZ7E2LEzPB8mP8r5Dg8sXMTjkxMabS2eBIZjaMc_XG31MMBQiQAvP2ECu10PZU7w", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 18:13:27,588:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55498678610/PxSz5Q HTTP/1.1" 200 186 2021-12-04 18:13:27,589:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 23:13:27 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55498678610/PxSz5Q Replay-Nonce: 0102qP10TOubdhSo7I9VEhNjg8jHnM53KrwcnVVUBuukcG8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55498678610/PxSz5Q", "token": "Hwa68Qkbwf2veesTEetkMazxjjg_9jnp8KdRoNB19DI" } 2021-12-04 18:13:27,590:DEBUG:acme.client:Storing nonce: 0102qP10TOubdhSo7I9VEhNjg8jHnM53KrwcnVVUBuukcG8 2021-12-04 18:13:27,590:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 18:13:27,592:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/55498678620/koJL7w: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMnFQMTBUT3ViZGhTbzdJOVZFaE5qZzhqSG5NNTNLcndjblZWVUJ1dWtjRzgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzU1NDk4Njc4NjIwL2tvSkw3dyJ9", "signature": "bMC2uWiIr40lvDIgdu6J8DBXV3cqU99ZwFsUZ0P8KYTebqoJ21NFFffd34F5QKaunJorINfLrS1Wntwak4RJgcfGhNaLPUNrKWRzXYcuswA5s7VPiYy8vRtEz-7nbJRrgEH25sCo05_k-y-_kEQoDJIlDBZBeiV1Ncpb6svu7q9w2QcdfD1bf2KmjmbGlMLCs8xbIC0JTtCHABdYcBxt2gaJbYJXLmM7Q30M9c7aXGDxIbUz9GycElIv-ZEbPyB3KMoZdnfKYNuMRcP1AiJKxiRGZPXAb18RCWy2dlQ8P_ZoAOT-CRztiPOOpW-9oWUnEKZBYMgytr9wgiR37xcBoQ", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 18:13:27,698:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/55498678620/koJL7w HTTP/1.1" 200 186 2021-12-04 18:13:27,699:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 23:13:27 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/55498678620/koJL7w Replay-Nonce: 01011kWpS_FWayHO7GWwocSCR2qRFFEt9OZTQyuI7-39A5M X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55498678620/koJL7w", "token": "us_5ncIFqnKVcH_OBAkv_lvol3YDkKVkHy14A-ndZ6k" } 2021-12-04 18:13:27,699:DEBUG:acme.client:Storing nonce: 01011kWpS_FWayHO7GWwocSCR2qRFFEt9OZTQyuI7-39A5M 2021-12-04 18:13:28,701:DEBUG:acme.client:JWS payload: b'' 2021-12-04 18:13:28,703:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55498678610: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMTFrV3BTX0ZXYXlITzdHV3dvY1NDUjJxUkZGRXQ5T1pUUXl1STctMzlBNU0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDk4Njc4NjEwIn0", "signature": "ly-fPjinoxLXcv-AdcePCLC2__DcU3oAiJck2u3rUoF68KsjuPPV3N15lVyaUDcqsEldI8LahT_Ct3C0mruiklyQicrXzEmqHjRkUprdxt9ILElWO-N5JDR1YkJmqEcVBsjqR0ziqnIrTWVwhhyWb4THXxPCd4HYb5lRD4zEnB7LJGdfNwGSfolKgEqCNhgLLz9hO5E9lHm_revLOtVGFe8_WToRI9DbwKPstSEJmRvM16S9yDeUvfX4J8RGwqjj71Mg36vTkUgZ6oZ7iMgNMqqIVWpk7pd30bFbrZzyNUtORDh8EMLlOkcPzkDjqW_A_dwDQTLM2yZisKpuXPD-Vg", "payload": "" } 2021-12-04 18:13:28,781:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55498678610 HTTP/1.1" 200 1505 2021-12-04 18:13:28,782:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 23:13:28 GMT Content-Type: application/json Content-Length: 1505 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102BPiHsxGCSkOfbkQxr1_XvKGlE5O5s02v8V6TUkLDBTA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T23:13:26Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/Hwa68Qkbwf2veesTEetkMazxjjg_9jnp8KdRoNB19DI [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55498678610/PxSz5Q", "token": "Hwa68Qkbwf2veesTEetkMazxjjg_9jnp8KdRoNB19DI", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/Hwa68Qkbwf2veesTEetkMazxjjg_9jnp8KdRoNB19DI", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/Hwa68Qkbwf2veesTEetkMazxjjg_9jnp8KdRoNB19DI", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T23:13:27Z" } ] } 2021-12-04 18:13:28,783:DEBUG:acme.client:Storing nonce: 0102BPiHsxGCSkOfbkQxr1_XvKGlE5O5s02v8V6TUkLDBTA 2021-12-04 18:13:28,783:DEBUG:acme.client:JWS payload: b'' 2021-12-04 18:13:28,785:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/55498678620: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzg4MTM5NjIiLCAibm9uY2UiOiAiMDEwMkJQaUhzeEdDU2tPZmJrUXhyMV9YdktHbEU1TzVzMDJ2OFY2VFVrTERCVEEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzU1NDk4Njc4NjIwIn0", "signature": "cYo-q2MBq4B8f5_EaPPWrepUTXUhV-qtpVj_g1Mbm47E53xWCKGtxnY91otXL-XpDV5MUmZo7pI-O__rTPdK7XoANDGhbfpeihEAusuizoMjmnka5WqWo_mQHmA_bv61o5AkWbgheCPX-H-CKMoKHTPoVAuRbn4BSXPIOr7c2i1012xsYPYW8-GCRBgOdt1JrfrFe9RXACbnuNlXZtGCuaS9iRxHjCJeu1VMmGw-N-G6UQj4UFk8PFSWeK6BoFW8GKxlS627SuJ5B7KhsOjpDw13SIU7znEXkrkVIREUBkPaYlf3NPL2CtEx_ZVE9IWrG7oRJijraum84WeYu0t3Jg", "payload": "" } 2021-12-04 18:13:28,864:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/55498678620 HTTP/1.1" 200 1826 2021-12-04 18:13:28,865:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 04 Dec 2021 23:13:28 GMT Content-Type: application/json Content-Length: 1826 Connection: keep-alive Boulder-Requester: 38813962 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101CugUsvo6IBrt9NCrsQdSYEvQF5Z4v1ZN9zqaZozgxUQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-11T23:13:26Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/us_5ncIFqnKVcH_OBAkv_lvol3YDkKVkHy14A-ndZ6k [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/55498678620/koJL7w", "token": "us_5ncIFqnKVcH_OBAkv_lvol3YDkKVkHy14A-ndZ6k", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/us_5ncIFqnKVcH_OBAkv_lvol3YDkKVkHy14A-ndZ6k", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/us_5ncIFqnKVcH_OBAkv_lvol3YDkKVkHy14A-ndZ6k", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/us_5ncIFqnKVcH_OBAkv_lvol3YDkKVkHy14A-ndZ6k", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-04T23:13:27Z" } ] } 2021-12-04 18:13:28,866:DEBUG:acme.client:Storing nonce: 0101CugUsvo6IBrt9NCrsQdSYEvQF5Z4v1ZN9zqaZozgxUQ 2021-12-04 18:13:28,866:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-04 18:13:28,867:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-04 18:13:28,867:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 18:13:28,868:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-04 18:13:28,868:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/Hwa68Qkbwf2veesTEetkMazxjjg_9jnp8KdRoNB19DI [75.2.60.5]: "\n\n\n \n\n\n\n \n load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1132, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/lib/python3/dist-packages/certbot/main.py", line 116, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 320, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/client.py", line 348, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/client.py", line 396, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-12-04 19:35:26,062:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-04 19:35:26,062:DEBUG:certbot.main:Arguments: ['-d', 'whatbank.ca-0001'] 2021-12-04 19:35:26,062:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-04 19:35:26,074:DEBUG:certbot.log:Root logging level set at 20 2021-12-04 19:35:26,075:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-04 19:35:41,090:DEBUG:certbot.storage:Removed /etc/letsencrypt/renewal/whatbank.ca-0001.conf 2021-12-04 19:35:41,090:DEBUG:certbot.storage:Removed /etc/letsencrypt/live/whatbank.ca-0001/cert.pem 2021-12-04 19:35:41,090:DEBUG:certbot.storage:Removed /etc/letsencrypt/live/whatbank.ca-0001/privkey.pem 2021-12-04 19:35:41,091:DEBUG:certbot.storage:Removed /etc/letsencrypt/live/whatbank.ca-0001/chain.pem 2021-12-04 19:35:41,091:DEBUG:certbot.storage:Removed /etc/letsencrypt/live/whatbank.ca-0001/fullchain.pem 2021-12-04 19:35:41,091:DEBUG:certbot.storage:Removed /etc/letsencrypt/live/whatbank.ca-0001/README 2021-12-04 19:35:41,092:DEBUG:certbot.storage:Removed /etc/letsencrypt/live/whatbank.ca-0001 2021-12-04 19:35:41,092:DEBUG:certbot.storage:Removed /etc/letsencrypt/archive/whatbank.ca-0001 2021-12-04 19:35:53,230:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-04 19:35:53,230:DEBUG:certbot.main:Arguments: ['--cert-name', 'whatbank.ca', '--dry-run'] 2021-12-04 19:35:53,230:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-04 19:35:53,242:DEBUG:certbot.log:Root logging level set at 20 2021-12-04 19:35:53,243:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-04 19:35:53,253:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2021-12-04 19:35:53,253:DEBUG:certbot.cli:Var dry_run=True (set by user). 2021-12-04 19:35:53,254:DEBUG:certbot.cli:Var server={'staging', 'dry_run'} (set by user). 2021-12-04 19:35:53,254:DEBUG:certbot.cli:Var dry_run=True (set by user). 2021-12-04 19:35:53,254:DEBUG:certbot.cli:Var server={'staging', 'dry_run'} (set by user). 2021-12-04 19:35:53,254:DEBUG:certbot.cli:Var account={'server'} (set by user). 2021-12-04 19:35:53,266:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 22:59:12 UTC. 2021-12-04 19:35:53,266:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-04 19:35:53,267:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-12-04 19:35:53,524:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-04 19:35:53,526:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-04 19:35:53,526:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-04 19:35:53,526:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-04 19:35:53,532:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-04 19:35:53,534:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory. 2021-12-04 19:35:53,537:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org:443 2021-12-04 19:35:53,728:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 822 2021-12-04 19:35:53,730:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Dec 2021 00:35:53 GMT Content-Type: application/json Content-Length: 822 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "THT4i0VtZjg": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org/docs/staging-environment/" }, "newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-staging-v02.api.letsencrypt.org/get/draft-aaron-ari/renewalInfo/", "revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-04 19:35:53,730:INFO:certbot.main:Renewing an existing certificate 2021-12-04 19:35:53,817:DEBUG:acme.client:Requesting fresh nonce 2021-12-04 19:35:53,817:DEBUG:acme.client:Sending HEAD request to https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-04 19:35:53,869:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-04 19:35:53,870:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Dec 2021 00:35:53 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001agHdeDOXbsGVlxEXK_ay7XGDBLiDOiqp1XRZWtyrR5A X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-04 19:35:53,871:DEBUG:acme.client:Storing nonce: 0001agHdeDOXbsGVlxEXK_ay7XGDBLiDOiqp1XRZWtyrR5A 2021-12-04 19:35:53,871:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-04 19:35:53,874:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82NTEwNTMxIiwgIm5vbmNlIjogIjAwMDFhZ0hkZURPWGJzR1ZseEVYS19heTdYR0RCTGlET2lxcDFYUlpXdHlyUjVBIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "x8UiKD3FKp4o_TWSj1U3U97GYy-DYNtzjGKg44DkaPS4a3D4JsKeLHEgHPDvg5hhFT7Q99-dj9QMHp_wJYx0vszXWu9wrG74FTBuWv4bQDHhTS3D4-_MgLbBDtoTR41PMr1wRtGcSIO1QJADZHAac2XidnDB1kivWFA3myVzzrfMU7hA3zYvKEOxTK8LocvkBiohwAltBwYpJWyAkC3ByQCgA6pmiQcp_2p9PyDRP6PtTzc_tn1iFLArQwdqpjrR_zslTllVhhi3nPlN7gIgXA7ZD1WlUuUv8yUNJBiinVeb6ue_R52_jotrE3xtYJTJHCyHLxBWhai1baVhULUIbw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-04 19:35:53,949:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 490 2021-12-04 19:35:53,950:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sun, 05 Dec 2021 00:35:53 GMT Content-Type: application/json Content-Length: 490 Connection: keep-alive Boulder-Requester: 6510531 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/6510531/1190459868 Replay-Nonce: 0001vW6fcTMP367fIgsskEUHPC0WP5WQWs5-xrn7Ym0DAvI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-12T00:35:53Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/1098901178", "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/1098901188" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/6510531/1190459868" } 2021-12-04 19:35:53,950:DEBUG:acme.client:Storing nonce: 0001vW6fcTMP367fIgsskEUHPC0WP5WQWs5-xrn7Ym0DAvI 2021-12-04 19:35:53,950:DEBUG:acme.client:JWS payload: b'' 2021-12-04 19:35:53,952:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/1098901178: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82NTEwNTMxIiwgIm5vbmNlIjogIjAwMDF2VzZmY1RNUDM2N2ZJZ3Nza0VVSFBDMFdQNVdRV3M1LXhybjdZbTBEQXZJIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzEwOTg5MDExNzgifQ", "signature": "bDgv0DP7eRT7ym6_r9aM2a0mcEiyYA4anGULAJ6qM2uyM69o9L8M6ZZa8RosN77CYU29cf5sjfpX9UDR6XjeLCbvihvefAK3khPiQZzO4CVtbmWL_D0GZwnAw6XgLI67UA8E3Xw0m7kW5pzlNGj-wTGVZT9dQPm7v2JGmtoObz6bOmHE60Z3iUm1tbemX4m5hD7KqWKJjxX23HBbyljqs3X3Wbk2T5tK94weIEEqsbdzw8CB9M1iyLM1R401eKNMe6sRGfWb7-bGgUmVg5qTxlwsiWTlAy2j-dLIZtNsDh6B15gy280pg41MxF_ukyr4vTlLXzDJ8KuvA4ho9vHtyQ", "payload": "" } 2021-12-04 19:35:54,007:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/1098901178 HTTP/1.1" 200 813 2021-12-04 19:35:54,008:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Dec 2021 00:35:53 GMT Content-Type: application/json Content-Length: 813 Connection: keep-alive Boulder-Requester: 6510531 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00029_iJx15BcWm11WJc9kHT0lPtYyiph8j-e8oH7HTfHKw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-12T00:35:53Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098901178/wa4QxQ", "token": "EaNvRAU7O8mmV6TraP2VvejZeoFDCWpJ6pWWg0oDsUo" }, { "type": "dns-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098901178/z-QqcA", "token": "EaNvRAU7O8mmV6TraP2VvejZeoFDCWpJ6pWWg0oDsUo" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098901178/h8OAcQ", "token": "EaNvRAU7O8mmV6TraP2VvejZeoFDCWpJ6pWWg0oDsUo" } ] } 2021-12-04 19:35:54,008:DEBUG:acme.client:Storing nonce: 00029_iJx15BcWm11WJc9kHT0lPtYyiph8j-e8oH7HTfHKw 2021-12-04 19:35:54,009:DEBUG:acme.client:JWS payload: b'' 2021-12-04 19:35:54,012:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/1098901188: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82NTEwNTMxIiwgIm5vbmNlIjogIjAwMDI5X2lKeDE1QmNXbTExV0pjOWtIVDBsUHRZeWlwaDhqLWU4b0g3SFRmSEt3IiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzEwOTg5MDExODgifQ", "signature": "jQuqu1kdr5HFk9ECVfwaDnIbBTIPcaHL-BDvvLZfmFdUFeo0rYtBu015-Hx1v-NRu60y6VDVA-UEh_GiZMfyuoBcDm5wyqFsnhxX1VWwwS6mfzFAvDWiIYT5szyiviYRcdkuVIKEnnc8kkyNTr7_kxsNbZn5kLdOFlyl2Fdbn-WXkOudym0rvTvrdN_b1gJMt5vgUwBr_WE5D0yWlPJdUu3lLAn8rQM9BJbma78z5_uf8sLpZx5ElP0BN6qHLDfyU-GkG_ruj53-y2MqV9x5t991cQuAj96wSzry8cd96ioX7D3W6TzHm9hrg75rTU55OVYP6JOoYx2ddYfwnWBhRw", "payload": "" } 2021-12-04 19:35:54,068:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/1098901188 HTTP/1.1" 200 817 2021-12-04 19:35:54,068:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Dec 2021 00:35:54 GMT Content-Type: application/json Content-Length: 817 Connection: keep-alive Boulder-Requester: 6510531 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002xxral-xPQy_8m_qtzCuPXsjpjP6dDwkrVQD7Bq_OmFE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-12T00:35:53Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098901188/3UkkQA", "token": "E0DXV7QPJBtnz_SffqQ6_Gbs7vr8PYLEFSoUHTYrIfI" }, { "type": "dns-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098901188/aBAdzw", "token": "E0DXV7QPJBtnz_SffqQ6_Gbs7vr8PYLEFSoUHTYrIfI" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098901188/Pyahaw", "token": "E0DXV7QPJBtnz_SffqQ6_Gbs7vr8PYLEFSoUHTYrIfI" } ] } 2021-12-04 19:35:54,069:DEBUG:acme.client:Storing nonce: 0002xxral-xPQy_8m_qtzCuPXsjpjP6dDwkrVQD7Bq_OmFE 2021-12-04 19:35:54,069:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-04 19:35:54,070:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 19:35:54,070:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-04 19:35:54,129:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-04 19:35:54,130:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-04 19:35:54,130:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-04 19:35:54,131:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-04 19:35:54,131:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-04 19:35:54,131:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-04 19:35:54,132:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-04 19:35:54,132:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-04 19:35:54,132:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-04 19:35:54,133:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-04 19:35:54,133:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-04 19:35:54,133:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-04 19:35:54,133:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-04 19:35:54,134:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-04 19:35:54,136:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/EaNvRAU7O8mmV6TraP2VvejZeoFDCWpJ6pWWg0oDsUo{default_type text/plain;return 200 EaNvRAU7O8mmV6TraP2VvejZeoFDCWpJ6pWWg0oDsUo.mFOFkyiUHa0wIsskh_DYJ3lRVJ0xETsJDXxpSD2g-2o;} # managed by Certbot location = /.well-known/acme-challenge/E0DXV7QPJBtnz_SffqQ6_Gbs7vr8PYLEFSoUHTYrIfI{default_type text/plain;return 200 E0DXV7QPJBtnz_SffqQ6_Gbs7vr8PYLEFSoUHTYrIfI.mFOFkyiUHa0wIsskh_DYJ3lRVJ0xETsJDXxpSD2g-2o;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; # location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; # proxy_http_version 1.1; # proxy_set_header Upgrade $http_upgrade; # proxy_set_header Connection $connection_upgrade; # proxy_read_timeout 20d; # } } 2021-12-04 19:35:55,159:INFO:certbot.auth_handler:Waiting for verification... 2021-12-04 19:35:55,161:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 19:35:55,163:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098901178/wa4QxQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82NTEwNTMxIiwgIm5vbmNlIjogIjAwMDJ4eHJhbC14UFF5XzhtX3F0ekN1UFhzanBqUDZkRHdrclZRRDdCcV9PbUZFIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzEwOTg5MDExNzgvd2E0UXhRIn0", "signature": "RMNLDNFQJt29Gq-64z0i4d4Re5NSyQdqfWQS2SA48qXpO9c5PMmFlTBCa_rrfhj8nHamz5WWgj4DRnE7o2eaO26YxfIdriQc7RF-pRT2m0JCwvJhHLJjqqOPmIzGwLK6Q1iuxJDfGsbeitpSTUsMNlpjuzC58t7wmPydK7FVZ0apvcCf0hTxzSkBN3KWnrBN6vQIbOmuSPlrsrK1MOXbOyzaKZ7Rp3GP3e0YFP_5gw8j5W60x6BpGtYMzTiDIdiQ11PUfTObQP6N5RKe2nvdrfKaPIIWlzfgy7eEIcPBvRQlyAlbG4711BZ_XHibL1GOS547LFYffLF4G69j5wIOpQ", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 19:35:55,221:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/1098901178/wa4QxQ HTTP/1.1" 200 193 2021-12-04 19:35:55,222:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Dec 2021 00:35:55 GMT Content-Type: application/json Content-Length: 193 Connection: keep-alive Boulder-Requester: 6510531 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098901178/wa4QxQ Replay-Nonce: 00027XauOUun20oYMUttf_lZrQzasnEaToOyVDdd9W2OfMM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098901178/wa4QxQ", "token": "EaNvRAU7O8mmV6TraP2VvejZeoFDCWpJ6pWWg0oDsUo" } 2021-12-04 19:35:55,222:DEBUG:acme.client:Storing nonce: 00027XauOUun20oYMUttf_lZrQzasnEaToOyVDdd9W2OfMM 2021-12-04 19:35:55,223:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 19:35:55,225:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098901188/3UkkQA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82NTEwNTMxIiwgIm5vbmNlIjogIjAwMDI3WGF1T1V1bjIwb1lNVXR0Zl9sWnJRemFzbkVhVG9PeVZEZGQ5VzJPZk1NIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzEwOTg5MDExODgvM1Vra1FBIn0", "signature": "C_dEJOEuoGpSfNgO3_NYva6P00QonGe-PldwNJcrLIgzhDxu8greOYjiTNVIiCjEiubn8l18HCMqeXMFoXe8btOh3c0YBvy5Ji8p-ApCsqKfWSf4aLDdHcb6UqZAaRBFxTf1KKMlnavO5JAdgsz2nv-aTTbVihTAFsCfJ0n5Yz2JWTQF6fscVVKUh2kpvNGsX-6Sjb1KtRe55pKohuYWRqg9rKgPyeM35Gm9JggRB4gqgzYLmnhtt9-W-aM3wFRoGSKl6d4DbP6-ns_OXWiT_JXl2jLUieVxmSM2P_NywrNUIrK_ZjYq16l5ZbtSmBWBYFwDp1HzLLIjq-rcDllVPQ", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 19:35:55,317:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/1098901188/3UkkQA HTTP/1.1" 200 193 2021-12-04 19:35:55,318:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Dec 2021 00:35:55 GMT Content-Type: application/json Content-Length: 193 Connection: keep-alive Boulder-Requester: 6510531 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098901188/3UkkQA Replay-Nonce: 0001GAcdgWxfi3ojd1HXqpLTrtGpOxR7839dDTHcSBHrZRY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098901188/3UkkQA", "token": "E0DXV7QPJBtnz_SffqQ6_Gbs7vr8PYLEFSoUHTYrIfI" } 2021-12-04 19:35:55,318:DEBUG:acme.client:Storing nonce: 0001GAcdgWxfi3ojd1HXqpLTrtGpOxR7839dDTHcSBHrZRY 2021-12-04 19:35:56,320:DEBUG:acme.client:JWS payload: b'' 2021-12-04 19:35:56,322:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/1098901178: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82NTEwNTMxIiwgIm5vbmNlIjogIjAwMDFHQWNkZ1d4Zmkzb2pkMUhYcXBMVHJ0R3BPeFI3ODM5ZERUSGNTQkhyWlJZIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzEwOTg5MDExNzgifQ", "signature": "i42jQO0kCIvQV4E73Ng7rsnsO3ZbfA4KlokbwvfWcjJCI3-jlFGz04iu0UMi_6Gy53FLpyATeOx3M-fTIPaZtav2nUVmnRO_tpOO2Du8sa_ELOt-I3QYNzhx_XqgR6wAFNFNGD-d5KwMDTaYYNE_HW7V3W3fngX-Pb9xiN5MpKzs_c-qldtWSArvj_pIUWvyNeeXd3Tqs5To8FHgzdYhAuEnpevVd1trOhCWPVSCJSPUUdg8uBzT_yVS5aBH3BvA6xHiCMGNT--QcKSNwOAAAJ3IPdFlTs1bYd8HewhctagIj6RyIvoaGB2LHhAwbGbHs601TUn-Dcrl--j_xoTOEg", "payload": "" } 2021-12-04 19:35:56,377:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/1098901178 HTTP/1.1" 200 1512 2021-12-04 19:35:56,378:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Dec 2021 00:35:56 GMT Content-Type: application/json Content-Length: 1512 Connection: keep-alive Boulder-Requester: 6510531 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001-SOW9enMIhQ4c43qaPy8tv3O5VZh_v_ejVZ6sxo6oNo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-12T00:35:53Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/EaNvRAU7O8mmV6TraP2VvejZeoFDCWpJ6pWWg0oDsUo [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098901178/wa4QxQ", "token": "EaNvRAU7O8mmV6TraP2VvejZeoFDCWpJ6pWWg0oDsUo", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/EaNvRAU7O8mmV6TraP2VvejZeoFDCWpJ6pWWg0oDsUo", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/EaNvRAU7O8mmV6TraP2VvejZeoFDCWpJ6pWWg0oDsUo", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-05T00:35:55Z" } ] } 2021-12-04 19:35:56,378:DEBUG:acme.client:Storing nonce: 0001-SOW9enMIhQ4c43qaPy8tv3O5VZh_v_ejVZ6sxo6oNo 2021-12-04 19:35:56,379:DEBUG:acme.client:JWS payload: b'' 2021-12-04 19:35:56,381:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/1098901188: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82NTEwNTMxIiwgIm5vbmNlIjogIjAwMDEtU09XOWVuTUloUTRjNDNxYVB5OHR2M081VlpoX3ZfZWpWWjZzeG82b05vIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzEwOTg5MDExODgifQ", "signature": "TRBs6Q55TpRNL0lLuwOVurCDBGIiRQvz77tfBclEF-UHLZRtNxlzXf78uEiv01OiGiYouCVnTfXNUTgUQ2sCfDvJqQENv95WFzbfBGedfB-Cog04e9Be6jF586p6ApTgy7cJMq-b_7a8OjrZDVMpoa_RsGkxecIKRbI2zgQickZnU4M4ZirpzpOYlbvvys5r2RURA8Gwxu1FTszaVzZxRPuGqVmkFwqnMwbPusr9nW7RB1rSdNLsEKlcC6UryMBalS6GK0tg08tc8yowyl2BSHcN5ph0_iq9Y5efSCcAuKQooNlMBG8Y0EX_CwwQop_m_PSUGdBQoVN7D_Zqkb7Apg", "payload": "" } 2021-12-04 19:35:56,436:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/1098901188 HTTP/1.1" 200 1833 2021-12-04 19:35:56,437:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Dec 2021 00:35:56 GMT Content-Type: application/json Content-Length: 1833 Connection: keep-alive Boulder-Requester: 6510531 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001PqtM5SWCu8Y2SoQ71gLX_ueArMXmsX9wVKB3USPXKo0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-12T00:35:53Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/E0DXV7QPJBtnz_SffqQ6_Gbs7vr8PYLEFSoUHTYrIfI [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098901188/3UkkQA", "token": "E0DXV7QPJBtnz_SffqQ6_Gbs7vr8PYLEFSoUHTYrIfI", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/E0DXV7QPJBtnz_SffqQ6_Gbs7vr8PYLEFSoUHTYrIfI", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/E0DXV7QPJBtnz_SffqQ6_Gbs7vr8PYLEFSoUHTYrIfI", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/E0DXV7QPJBtnz_SffqQ6_Gbs7vr8PYLEFSoUHTYrIfI", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-05T00:35:55Z" } ] } 2021-12-04 19:35:56,437:DEBUG:acme.client:Storing nonce: 0001PqtM5SWCu8Y2SoQ71gLX_ueArMXmsX9wVKB3USPXKo0 2021-12-04 19:35:56,438:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-04 19:35:56,438:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-04 19:35:56,438:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 19:35:56,439:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-04 19:35:56,439:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/EaNvRAU7O8mmV6TraP2VvejZeoFDCWpJ6pWWg0oDsUo [75.2.60.5]: "\n\n\n \n\n\n\n \n load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 1 renew failure(s), 0 parse failure(s) 2021-12-04 19:41:42,445:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-04 19:41:42,445:DEBUG:certbot.main:Arguments: [] 2021-12-04 19:41:42,445:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-04 19:41:42,457:DEBUG:certbot.log:Root logging level set at 20 2021-12-04 19:41:42,457:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-04 19:41:42,518:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-04 19:41:42,556:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-04 19:41:42,558:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/ex.whatbank.ca/cert.pem is signed by the certificate's issuer. 2021-12-04 19:41:42,561:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/ex.whatbank.ca/cert.pem is: OCSPCertStatus.GOOD 2021-12-04 19:41:42,567:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-04 19:41:42,591:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-04 19:41:42,592:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/iframe.whatbank.ca/cert.pem is signed by the certificate's issuer. 2021-12-04 19:41:42,593:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/iframe.whatbank.ca/cert.pem is: OCSPCertStatus.GOOD 2021-12-04 19:41:42,597:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-04 19:41:42,622:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-04 19:41:42,624:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/img.whatbank.ca/cert.pem is signed by the certificate's issuer. 2021-12-04 19:41:42,625:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/img.whatbank.ca/cert.pem is: OCSPCertStatus.GOOD 2021-12-04 19:41:42,630:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-04 19:41:42,660:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-04 19:41:42,661:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/lawrencepilch.com-0001/cert.pem is signed by the certificate's issuer. 2021-12-04 19:41:42,662:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/lawrencepilch.com-0001/cert.pem is: OCSPCertStatus.GOOD 2021-12-04 19:41:42,666:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-04 19:41:42,691:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-04 19:41:42,692:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/lawrencepilch.com/cert.pem is signed by the certificate's issuer. 2021-12-04 19:41:42,693:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/lawrencepilch.com/cert.pem is: OCSPCertStatus.GOOD 2021-12-04 19:41:42,697:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-04 19:41:42,726:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-04 19:41:42,727:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/whatbank.ca/cert.pem is signed by the certificate's issuer. 2021-12-04 19:41:42,729:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/whatbank.ca/cert.pem is: OCSPCertStatus.GOOD 2021-12-04 19:41:42,735:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2021-12-04 19:41:42,760:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2021-12-04 19:41:42,761:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/live/www.lawrencepilch.com/cert.pem is signed by the certificate's issuer. 2021-12-04 19:41:42,762:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/live/www.lawrencepilch.com/cert.pem is: OCSPCertStatus.GOOD 2021-12-04 19:42:16,026:DEBUG:certbot.main:certbot version: 0.40.0 2021-12-04 19:42:16,027:DEBUG:certbot.main:Arguments: ['--cert-name', 'whatbank.ca', '--dry-run'] 2021-12-04 19:42:16,027:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-12-04 19:42:16,042:DEBUG:certbot.log:Root logging level set at 20 2021-12-04 19:42:16,043:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2021-12-04 19:42:16,058:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2021-12-04 19:42:16,058:DEBUG:certbot.cli:Var dry_run=True (set by user). 2021-12-04 19:42:16,058:DEBUG:certbot.cli:Var server={'dry_run', 'staging'} (set by user). 2021-12-04 19:42:16,058:DEBUG:certbot.cli:Var dry_run=True (set by user). 2021-12-04 19:42:16,058:DEBUG:certbot.cli:Var server={'dry_run', 'staging'} (set by user). 2021-12-04 19:42:16,058:DEBUG:certbot.cli:Var account={'server'} (set by user). 2021-12-04 19:42:16,072:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-12-13 22:59:12 UTC. 2021-12-04 19:42:16,072:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2021-12-04 19:42:16,073:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2021-12-04 19:42:16,387:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-04 19:42:16,389:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2021-12-04 19:42:16,389:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2021-12-04 19:42:16,389:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-12-04 19:42:16,393:DEBUG:certbot.main:Picked account: ), creation_host='ubuntu-s-1vcpu-1gb-tor1-01'))> 2021-12-04 19:42:16,395:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory. 2021-12-04 19:42:16,398:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org:443 2021-12-04 19:42:16,566:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 822 2021-12-04 19:42:16,567:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Dec 2021 00:42:16 GMT Content-Type: application/json Content-Length: 822 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "1Km3aM8l0Ts": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org/docs/staging-environment/" }, "newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-staging-v02.api.letsencrypt.org/get/draft-aaron-ari/renewalInfo/", "revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-12-04 19:42:16,567:INFO:certbot.main:Renewing an existing certificate 2021-12-04 19:42:16,837:DEBUG:acme.client:Requesting fresh nonce 2021-12-04 19:42:16,837:DEBUG:acme.client:Sending HEAD request to https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce. 2021-12-04 19:42:16,887:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-12-04 19:42:16,888:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Dec 2021 00:42:16 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002Hm8F1A6FjewHKsTLyK8jfzq_zMoCaziapCuG79nACeA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-12-04 19:42:16,888:DEBUG:acme.client:Storing nonce: 0002Hm8F1A6FjewHKsTLyK8jfzq_zMoCaziapCuG79nACeA 2021-12-04 19:42:16,889:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "whatbank.ca"\n },\n {\n "type": "dns",\n "value": "www.whatbank.ca"\n }\n ]\n}' 2021-12-04 19:42:16,891:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82NTEwNTMxIiwgIm5vbmNlIjogIjAwMDJIbThGMUE2Rmpld0hLc1RMeUs4amZ6cV96TW9DYXppYXBDdUc3OW5BQ2VBIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "DuNzhpjJEbfYgiVtP4q4vecNd74PoAf7MCyIkwAmXgBM0W9ci1Ngry-dfmPr_ep0MOHxr3hXB7ymovxtMSn0ha-4CeG2GW_3BrgHHD5N-uqr7n8N2tPK6SGpRfbj4A0UzryBlUPnyJw1xKExV2PTMnk9KbwrSL7goLqPuEsQP8pandi-9pziif9O8OqHqplFU9hvtwloKuukBx3m739muchxnnwHAlJ4xB7cIvhs8GFbrHp6ga5H1x7nPseH2GJ0pDbGl8p_kd6TtDokDsKQS_YL_2Bu56uEC5Bo_UuC2lYv0ZNcjM9FvbpQr4a4fq0UB2idajePDJqpUwtawj3PIg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndoYXRiYW5rLmNhIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy53aGF0YmFuay5jYSIKICAgIH0KICBdCn0" } 2021-12-04 19:42:17,118:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 490 2021-12-04 19:42:17,120:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sun, 05 Dec 2021 00:42:17 GMT Content-Type: application/json Content-Length: 490 Connection: keep-alive Boulder-Requester: 6510531 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/6510531/1190497758 Replay-Nonce: 0002IdmrFfdbzP1ImJKQRYNMboa9hXpjw6qsmSJ5QsCAguo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-12-12T00:42:17Z", "identifiers": [ { "type": "dns", "value": "whatbank.ca" }, { "type": "dns", "value": "www.whatbank.ca" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/1098937178", "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/1098937188" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/6510531/1190497758" } 2021-12-04 19:42:17,120:DEBUG:acme.client:Storing nonce: 0002IdmrFfdbzP1ImJKQRYNMboa9hXpjw6qsmSJ5QsCAguo 2021-12-04 19:42:17,120:DEBUG:acme.client:JWS payload: b'' 2021-12-04 19:42:17,123:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/1098937178: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82NTEwNTMxIiwgIm5vbmNlIjogIjAwMDJJZG1yRmZkYnpQMUltSktRUllOTWJvYTloWHBqdzZxc21TSjVRc0NBZ3VvIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzEwOTg5MzcxNzgifQ", "signature": "MqP2xTB5s5Q5Or-b8jl41_EQtVPAGHo3s-QBrMxJvPTxQ6roHANSIqEm7VDE2L0-l6v43fjXCDyWM_Bg46jRzSXAb9z5mjHomLRw55iQXPz6eoG1MUJkMQ-kr96o4Xgm933jYTNexsc4HliNVL33c6FGfb6ChMjrUFGutF1K2QhOb5zDQC1HqBTbPpNO81MjO7oL8STLqZhKF2MjGPir2Qi34BpB_-jnaVNHYd37cgZbQhmzF2rhjw-KwHUYAwqjiy8hZFSqGsMZwfQ-YaR3Tl8pviy_x2ZXx-2jotsl8LUm3evcu_XOo3uQqiL0SjPbpRNWzxj5kXMaI9ynVLY7YA", "payload": "" } 2021-12-04 19:42:17,177:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/1098937178 HTTP/1.1" 200 813 2021-12-04 19:42:17,178:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Dec 2021 00:42:17 GMT Content-Type: application/json Content-Length: 813 Connection: keep-alive Boulder-Requester: 6510531 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002GMrPZkvtgq3aSTcSBf_TEwTifwWbjHcuwSoIFvht7yM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "pending", "expires": "2021-12-12T00:42:17Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098937178/iOnhaQ", "token": "53gdtlVIFHlsVXXRnKvS82PZMjmxEwLhv0xooXOQ5tk" }, { "type": "dns-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098937178/Txlqog", "token": "53gdtlVIFHlsVXXRnKvS82PZMjmxEwLhv0xooXOQ5tk" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098937178/mTOf5w", "token": "53gdtlVIFHlsVXXRnKvS82PZMjmxEwLhv0xooXOQ5tk" } ] } 2021-12-04 19:42:17,178:DEBUG:acme.client:Storing nonce: 0002GMrPZkvtgq3aSTcSBf_TEwTifwWbjHcuwSoIFvht7yM 2021-12-04 19:42:17,178:DEBUG:acme.client:JWS payload: b'' 2021-12-04 19:42:17,180:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/1098937188: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82NTEwNTMxIiwgIm5vbmNlIjogIjAwMDJHTXJQWmt2dGdxM2FTVGNTQmZfVEV3VGlmd1diakhjdXdTb0lGdmh0N3lNIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzEwOTg5MzcxODgifQ", "signature": "M2K_kMr0r3PY8u3hFYM3BcBW7cnBNS2GxNFA8ogoUx7Yvxc7jY4u5dkRy7ZoI9hEzta7dhyBOobZmXDDjjgK4cQHPaKD3K8ijt_evpSIf-9H-TRtLwsbEtL88vSQpr7o8hKC0Zcp4RTBSEmvJkjVKO0XU4nfYT7Umqxxs536DbtqBF_7FN8KNXK_fu1PWCC9Tu8TZM7yu2X3vQas9tgnKbtuuejMWURcAZ4JLgpyqRv_pcb5mv0ljm4aGIZwOMnwj_-3jxi-wV7Y1ZlTDCkwvd7MF1BgPpB0RLhggJJ1OadCKyd9OMcvvBOYIv_vFlVkaou4mEwrZinEoJUbpgk4WQ", "payload": "" } 2021-12-04 19:42:17,234:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/1098937188 HTTP/1.1" 200 817 2021-12-04 19:42:17,235:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Dec 2021 00:42:17 GMT Content-Type: application/json Content-Length: 817 Connection: keep-alive Boulder-Requester: 6510531 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001U_-82tTqSMv-x9TwWZm6hdm3FReOmCrAFr2mfQyKAEs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "pending", "expires": "2021-12-12T00:42:17Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098937188/EE4Log", "token": "0YgqNozeliSPT0eve46-7BVIvsw6g5C6e1ZqIZQFbVA" }, { "type": "dns-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098937188/WhXM7w", "token": "0YgqNozeliSPT0eve46-7BVIvsw6g5C6e1ZqIZQFbVA" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098937188/vEGpHw", "token": "0YgqNozeliSPT0eve46-7BVIvsw6g5C6e1ZqIZQFbVA" } ] } 2021-12-04 19:42:17,235:DEBUG:acme.client:Storing nonce: 0001U_-82tTqSMv-x9TwWZm6hdm3FReOmCrAFr2mfQyKAEs 2021-12-04 19:42:17,236:INFO:certbot.auth_handler:Performing the following challenges: 2021-12-04 19:42:17,237:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 19:42:17,237:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-04 19:42:17,299:DEBUG:certbot_nginx.http_01:Generated server block: [] 2021-12-04 19:42:17,299:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-12-04 19:42:17,300:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-12-04 19:42:17,300:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/img.whatbank.ca 2021-12-04 19:42:17,300:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-12-04 19:42:17,301:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-12-04 19:42:17,301:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/lawrencepilch.com 2021-12-04 19:42:17,301:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/ex.whatbank.ca 2021-12-04 19:42:17,302:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-12-04 19:42:17,302:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/whatbank.ca 2021-12-04 19:42:17,302:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-12-04 19:42:17,302:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/iframe.whatbank.ca 2021-12-04 19:42:17,303:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2021-12-04 19:42:17,304:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; # Map proxy settings for RStudio map $http_upgrade $connection_upgrade { default upgrade; '' close; } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-12-04 19:42:17,305:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/whatbank.ca: server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = whatbank.ca) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name whatbank.ca www.whatbank.ca; return 301 https://$server_name$request_uri; location = /.well-known/acme-challenge/53gdtlVIFHlsVXXRnKvS82PZMjmxEwLhv0xooXOQ5tk{default_type text/plain;return 200 53gdtlVIFHlsVXXRnKvS82PZMjmxEwLhv0xooXOQ5tk.mFOFkyiUHa0wIsskh_DYJ3lRVJ0xETsJDXxpSD2g-2o;} # managed by Certbot location = /.well-known/acme-challenge/0YgqNozeliSPT0eve46-7BVIvsw6g5C6e1ZqIZQFbVA{default_type text/plain;return 200 0YgqNozeliSPT0eve46-7BVIvsw6g5C6e1ZqIZQFbVA.mFOFkyiUHa0wIsskh_DYJ3lRVJ0xETsJDXxpSD2g-2o;} # managed by Certbot } server { listen 443 ssl; server_name whatbank.ca www.whatbank.ca; ssl_certificate /etc/letsencrypt/live/whatbank.ca/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/whatbank.ca/privkey.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; # location / { # proxy_pass https://infallible-hypatia-9e85e7.netlify.app; # proxy_redirect http://178.128.239.248:3838/ https://$host/; # proxy_http_version 1.1; # proxy_set_header Upgrade $http_upgrade; # proxy_set_header Connection $connection_upgrade; # proxy_read_timeout 20d; # } } 2021-12-04 19:42:18,335:INFO:certbot.auth_handler:Waiting for verification... 2021-12-04 19:42:18,336:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 19:42:18,338:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098937178/iOnhaQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82NTEwNTMxIiwgIm5vbmNlIjogIjAwMDFVXy04MnRUcVNNdi14OVR3V1ptNmhkbTNGUmVPbUNyQUZyMm1mUXlLQUVzIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzEwOTg5MzcxNzgvaU9uaGFRIn0", "signature": "ENvA9oBJjUc_bH1dB5DEdyTAVRoIQhil2WtpyaevuRGoEgzKXVRuYIw8xeDfivDQgqOFdHpkr7XPJVXMHmiMkBul8wMD6r275WkjW6rI8ucb3HhBvegYSm5q0FTQ9Fd_i8z2IYRG1AS2_cLA6iXNtFK8hx-glLsNV_7AHPCgm7FIy2aM_omx6KSl869Jh4gWduqs25c4qCokH1i11mslaG5s--RWPKlFTzy9_QjhG0QGxNEEOgv_UMSqjpniANw9wRxoZVcnoaXQ3HaAijhTOEi8mZPs6_UbKQXI6oqxFMMjNbFAGdEYlaDObgSGyil2_IspQB2Xkxx5k5lY30QEzw", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 19:42:18,394:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/1098937178/iOnhaQ HTTP/1.1" 200 193 2021-12-04 19:42:18,395:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Dec 2021 00:42:18 GMT Content-Type: application/json Content-Length: 193 Connection: keep-alive Boulder-Requester: 6510531 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098937178/iOnhaQ Replay-Nonce: 0001gTzk-wSNtiYEexx3YwakCwd9G8AVtNlJl9kF1dbZwLA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098937178/iOnhaQ", "token": "53gdtlVIFHlsVXXRnKvS82PZMjmxEwLhv0xooXOQ5tk" } 2021-12-04 19:42:18,396:DEBUG:acme.client:Storing nonce: 0001gTzk-wSNtiYEexx3YwakCwd9G8AVtNlJl9kF1dbZwLA 2021-12-04 19:42:18,397:DEBUG:acme.client:JWS payload: b'{\n "resource": "challenge",\n "type": "http-01"\n}' 2021-12-04 19:42:18,399:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098937188/EE4Log: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82NTEwNTMxIiwgIm5vbmNlIjogIjAwMDFnVHprLXdTTnRpWUVleHgzWXdha0N3ZDlHOEFWdE5sSmw5a0YxZGJad0xBIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzEwOTg5MzcxODgvRUU0TG9nIn0", "signature": "Myh4EP-hx18whalX09lOKSCw-oT2_9MIKWbE-z721q1EISNKfEslveZxo5_-QwIubDZr5DckVm8OAJe2QpUJAxqCJWWmwa4WvWwsyrAJt_tIWCnwDdBNv1mI0C2Ja55xsgSyIP4IwuYvMlyo07WtdpMlD4FehbsQMGpP56PXWOYLLj0KLulZfmSRV_qj9sIpU7Zb9lGW0KHrVJMnI_9TmuGRq3pYNFXTdB6QMMdyOHiH52IctHjZcNNWYhtQAkLR-E9cA4KNiYvqJDzAyKiLUr5qtG7rTfox2QqrDerPcTsGMFh0IWlhPYxAwg8fEAfosiIXvasUhvDHerhdUY79kg", "payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0" } 2021-12-04 19:42:18,454:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/1098937188/EE4Log HTTP/1.1" 200 193 2021-12-04 19:42:18,455:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Dec 2021 00:42:18 GMT Content-Type: application/json Content-Length: 193 Connection: keep-alive Boulder-Requester: 6510531 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098937188/EE4Log Replay-Nonce: 0001o0KKgOavTZk2CGre57xwAWpn5Q_rWPN3YEEHIp__Uzs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098937188/EE4Log", "token": "0YgqNozeliSPT0eve46-7BVIvsw6g5C6e1ZqIZQFbVA" } 2021-12-04 19:42:18,455:DEBUG:acme.client:Storing nonce: 0001o0KKgOavTZk2CGre57xwAWpn5Q_rWPN3YEEHIp__Uzs 2021-12-04 19:42:19,456:DEBUG:acme.client:JWS payload: b'' 2021-12-04 19:42:19,459:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/1098937178: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82NTEwNTMxIiwgIm5vbmNlIjogIjAwMDFvMEtLZ09hdlRaazJDR3JlNTd4d0FXcG41UV9yV1BOM1lFRUhJcF9fVXpzIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzEwOTg5MzcxNzgifQ", "signature": "JsctxHZ0fY7Wn2XK3bYbsYGJrzDi-A-uvCFoGpG6h4Hb1jqLiTLZb6tCBadU5vZyGGYVNHNKwE17qVSnc8fCZmU47CQqhtLdVXkQTkDP7pUq33ZXie71h3sMWcuYzqFLCc3oGSv9pm_TDDmq-PGOtC4Ya0kiZmnXGQxNA4EILctZoNiLvmFzA_e-mIhT5ZYpLkBSROqG0J2DXW0vOm1Qt5exzgWjRDQbqzmiIWB3yLES6V0VIbdavQ8hn1DOon3XI7BptsbsH3C6Wj2XXn2YQF4UHqbDATgES1ZVC_gZ_A4-KgD1Owwvc5RG4lrQC3-hsXoZA4DfZz5ie-qGl5jqQw", "payload": "" } 2021-12-04 19:42:19,995:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/1098937178 HTTP/1.1" 200 1512 2021-12-04 19:42:19,996:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Dec 2021 00:42:19 GMT Content-Type: application/json Content-Length: 1512 Connection: keep-alive Boulder-Requester: 6510531 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002e8B1yEINyqypJtvYMOae3GIwVeV_nG7MZZBRr9GbGXA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "whatbank.ca" }, "status": "invalid", "expires": "2021-12-12T00:42:17Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/53gdtlVIFHlsVXXRnKvS82PZMjmxEwLhv0xooXOQ5tk [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098937178/iOnhaQ", "token": "53gdtlVIFHlsVXXRnKvS82PZMjmxEwLhv0xooXOQ5tk", "validationRecord": [ { "url": "http://whatbank.ca/.well-known/acme-challenge/53gdtlVIFHlsVXXRnKvS82PZMjmxEwLhv0xooXOQ5tk", "hostname": "whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/53gdtlVIFHlsVXXRnKvS82PZMjmxEwLhv0xooXOQ5tk", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-05T00:42:18Z" } ] } 2021-12-04 19:42:19,996:DEBUG:acme.client:Storing nonce: 0002e8B1yEINyqypJtvYMOae3GIwVeV_nG7MZZBRr9GbGXA 2021-12-04 19:42:19,997:DEBUG:acme.client:JWS payload: b'' 2021-12-04 19:42:19,999:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/1098937188: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC82NTEwNTMxIiwgIm5vbmNlIjogIjAwMDJlOEIxeUVJTnlxeXBKdHZZTU9hZTNHSXdWZVZfbkc3TVpaQlJyOUdiR1hBIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzEwOTg5MzcxODgifQ", "signature": "bNsVyEquhT6FAiJ1ddKcc_IIjriJO2j_-k0XFLJ5U_34I568wW0rRVt4LaEUjg54BnkuGbTn25CpXcKVzSJ7aOwj0xoFz-RYcNYdN3hP8UuACOsJajaxODqczHXl2_jgbIbreBOHWu8IbyCZGwwbihYfWX3qKLfvc4xHLhMcHLFQLEavb0uQALss2_j3RVo9i8Z_35EVXWsaXm8xtqZ0rVK5MxCNyXcdbYHMQVnGnTRqJKpbc73KYi60rEhiIU471dAM644HPG_kL5FQnk1nyu5UXR_5l8EkuK0kOjSjW-s3JhBVNK4wsR6dBqxZ35N416wsh8Bqb7dVSRUMQmmAJw", "payload": "" } 2021-12-04 19:42:20,052:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/1098937188 HTTP/1.1" 200 1833 2021-12-04 19:42:20,053:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Dec 2021 00:42:20 GMT Content-Type: application/json Content-Length: 1833 Connection: keep-alive Boulder-Requester: 6510531 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001d9Z7eOUPgs6CdtaB7soxEiIHFcSBRiHehm9svGIs9uE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.whatbank.ca" }, "status": "invalid", "expires": "2021-12-12T00:42:17Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from https://whatbank.ca/.well-known/acme-challenge/0YgqNozeliSPT0eve46-7BVIvsw6g5C6e1ZqIZQFbVA [75.2.60.5]: \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en-us\\\"\u003e\\n\u003chead\u003e\\n \u003cmeta charset=\\\"utf-8\\\"\u003e\\n\u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial\"", "status": 403 }, "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/1098937188/EE4Log", "token": "0YgqNozeliSPT0eve46-7BVIvsw6g5C6e1ZqIZQFbVA", "validationRecord": [ { "url": "http://www.whatbank.ca/.well-known/acme-challenge/0YgqNozeliSPT0eve46-7BVIvsw6g5C6e1ZqIZQFbVA", "hostname": "www.whatbank.ca", "port": "80", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://www.whatbank.ca/.well-known/acme-challenge/0YgqNozeliSPT0eve46-7BVIvsw6g5C6e1ZqIZQFbVA", "hostname": "www.whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" }, { "url": "https://whatbank.ca/.well-known/acme-challenge/0YgqNozeliSPT0eve46-7BVIvsw6g5C6e1ZqIZQFbVA", "hostname": "whatbank.ca", "port": "443", "addressesResolved": [ "75.2.60.5" ], "addressUsed": "75.2.60.5" } ], "validated": "2021-12-05T00:42:18Z" } ] } 2021-12-04 19:42:20,054:DEBUG:acme.client:Storing nonce: 0001d9Z7eOUPgs6CdtaB7soxEiIHFcSBRiHehm9svGIs9uE 2021-12-04 19:42:20,055:WARNING:certbot.auth_handler:Challenge failed for domain whatbank.ca 2021-12-04 19:42:20,055:WARNING:certbot.auth_handler:Challenge failed for domain www.whatbank.ca 2021-12-04 19:42:20,056:INFO:certbot.auth_handler:http-01 challenge for whatbank.ca 2021-12-04 19:42:20,056:INFO:certbot.auth_handler:http-01 challenge for www.whatbank.ca 2021-12-04 19:42:20,057:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: whatbank.ca Type: unauthorized Detail: Invalid response from https://whatbank.ca/.well-known/acme-challenge/53gdtlVIFHlsVXXRnKvS82PZMjmxEwLhv0xooXOQ5tk [75.2.60.5]: "\n\n\n \n\n\n\n \n load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 486, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)