2023-03-05 04:10:43,491:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-05 04:10:43,492:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-05 04:10:43,492:DEBUG:certbot._internal.main:Arguments: ['-q'] 2023-03-05 04:10:43,492:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-05 04:10:43,509:DEBUG:certbot._internal.log:Root logging level set at 30 2023-03-05 04:10:43,527:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-05 04:10:43,529:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-05 04:10:43,541:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-05 04:10:43,554:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-05 04:10:43,609:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-05 04:10:43,611:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-05 04:10:43,614:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-05 04:10:43,620:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-05 04:10:43,620:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-05 04:10:43,620:INFO:certbot._internal.renewal:Non-interactive renewal: random delay of 11.037287974697671 seconds 2023-03-05 04:10:54,662:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-05 04:10:55,161:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-05 04:10:55,163:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-05 04:10:55,163:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-05 04:10:55,163:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-05 04:10:55,172:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-05 04:10:55,174:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-05 04:10:55,176:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-05 04:10:55,315:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-05 04:10:55,317:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Mar 2023 04:10:55 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "LRw48YDvDCc": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-05 04:10:55,321:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-05 04:10:55,384:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0091_key-certbot.pem 2023-03-05 04:10:55,390:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0091_csr-certbot.pem 2023-03-05 04:10:55,391:DEBUG:acme.client:Requesting fresh nonce 2023-03-05 04:10:55,391:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-05 04:10:55,435:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-05 04:10:55,436:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Mar 2023 04:10:55 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1DFACJJtLe4ULeX0aUjckIUgraysT-jUoozQAJI8AWQgcDU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-05 04:10:55,437:DEBUG:acme.client:Storing nonce: 1DFACJJtLe4ULeX0aUjckIUgraysT-jUoozQAJI8AWQgcDU 2023-03-05 04:10:55,437:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-05 04:10:55,442:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFERkFDSkp0TGU0VUxlWDBhVWpja0lVZ3JheXNULWpVb296UUFKSThBV1FnY0RVIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "Afz-Uwb3zk4HM-XLpbmKcPCZ-kZv72TOKXl3G0S4MgKxAyyluoTfN3j1eL0cTarU5QXXSIUH602I_naUinzFA9zkDhoHhnJWzrg5fpQF8wIcMltVBNnmgFSAn9-LXLOixvgfzNVrSrbeovDznhI_Gxk9j6lSzSqbQm0s36Y8t40-vJzATvwoSmKAsMHNvbmr7ctqYokHke7pmd5OwO1K6-yVmMYSwBJXN87aAHHxGQFzZ2zeIuQIqyDjSv_YOAEsHA-RyxAkdq3iFMrWqaXja8mOe1gn7-a4X5VmzTJMsbMMgMJ-wlTSRsqaDtXRb4I3f4VxEYfeTQKdOdYN7g8sBQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-05 04:10:55,506:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-05 04:10:55,507:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sun, 05 Mar 2023 04:10:55 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/167193092296 Replay-Nonce: 15C90ufbGtHPm1LNs38gZxcI2LTRFNtdhA9RkrU6pJWS6ic X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-06T13:26:00Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/206823406876" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/167193092296" } 2023-03-05 04:10:55,507:DEBUG:acme.client:Storing nonce: 15C90ufbGtHPm1LNs38gZxcI2LTRFNtdhA9RkrU6pJWS6ic 2023-03-05 04:10:55,507:DEBUG:acme.client:JWS payload: b'' 2023-03-05 04:10:55,509:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/206823406876: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjE1QzkwdWZiR3RIUG0xTE5zMzhnWnhjSTJMVFJGTnRkaEE5UmtyVTZwSldTNmljIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDY4MjM0MDY4NzYifQ", "signature": "UXNx_GybQ7wo7IN7mnfvmw2FjE8Qwr1bxE0I7XGpQarg01G_gLiLRGcoCN4zPE56hIdrSlmCMDa6b3dVSUDPZbsDaa7QNRd4OH1PRDurQ9lykp6UlWjCGNlxjvNTQDVzvQkMCjGy14EKnYebg2n8qQEzboYhyFrJTrbFb3kvW8uNMapTa-vPvMUSSGJbr8MOX51NelIFnyDgjZL6_j2wjJkk3akxsM-6eTH6aRtbQxmhUBZ25F2RouJ_cIoqhHv3Pq4kaz9HlSoJtbIIdgjyea7DYiegkzYi9kz4y9c7lZUyaWGynm5eEdZiPwpYjxIaEluN9vePslfgIYaa0kPXLw", "payload": "" } 2023-03-05 04:10:55,556:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/206823406876 HTTP/1.1" 200 794 2023-03-05 04:10:55,557:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Mar 2023 04:10:55 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 15C9ricpY68m7GCmZJgy3sVmpf0HREwjmXiXuZhL5mP7snE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-06T13:26:00Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/206823406876/D-oK8Q", "token": "3E6EK-EmfZ78kcA0YKolOVnycxk_X7mtw04tN57RKcM" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/206823406876/UFgJNQ", "token": "3E6EK-EmfZ78kcA0YKolOVnycxk_X7mtw04tN57RKcM" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/206823406876/8bj3WQ", "token": "3E6EK-EmfZ78kcA0YKolOVnycxk_X7mtw04tN57RKcM" } ] } 2023-03-05 04:10:55,557:DEBUG:acme.client:Storing nonce: 15C9ricpY68m7GCmZJgy3sVmpf0HREwjmXiXuZhL5mP7snE 2023-03-05 04:10:55,558:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-05 04:10:55,559:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-05 04:10:55,588:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-05 04:10:55,590:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-05 04:10:55,590:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-05 04:10:55,590:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-05 04:10:55,590:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-05 04:10:55,591:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-05 04:10:55,591:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-05 04:10:55,591:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-05 04:10:55,591:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-05 04:10:55,592:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-05 04:10:55,592:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-05 04:10:55,592:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-05 04:10:55,592:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-05 04:10:55,593:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-05 04:10:55,593:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-05 04:10:55,593:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-05 04:10:55,593:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-05 04:10:55,594:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-05 04:10:55,594:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-05 04:10:55,594:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-05 04:10:55,595:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-05 04:10:55,595:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-05 04:10:55,595:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-05 04:10:55,595:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-05 04:10:55,596:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-05 04:10:55,596:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-05 04:10:55,596:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-05 04:10:55,596:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-05 04:10:55,597:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-05 04:10:55,597:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-05 04:10:55,597:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-05 04:10:55,597:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-05 04:10:55,598:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-05 04:10:55,598:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-05 04:10:55,598:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-05 04:10:55,598:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-05 04:10:55,600:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/3E6EK-EmfZ78kcA0YKolOVnycxk_X7mtw04tN57RKcM{default_type text/plain;return 200 3E6EK-EmfZ78kcA0YKolOVnycxk_X7mtw04tN57RKcM.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-05 04:10:55,644:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-05 04:10:55,675:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-05 04:10:55,676:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-05 04:10:55,676:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-05 04:10:56,943:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-05 04:10:56,953:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-05 04:10:56,954:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-05 04:10:56,967:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-05 04:10:57,049:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-05 04:10:57,050:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-05 04:10:57,052:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-05 04:10:57,053:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-05 04:10:57,054:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-05 04:10:57,055:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-05 04:10:57,055:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-05 04:10:57,065:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-05 04:10:57,150:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-05 04:10:57,152:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert4.pem is signed by the certificate's issuer. 2023-03-05 04:10:57,153:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert4.pem is: OCSPCertStatus.GOOD 2023-03-05 04:10:57,154:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-16 07:57:10 UTC. 2023-03-05 04:10:57,154:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-05 04:10:57,154:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-05 04:10:57,501:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-05 04:10:57,502:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-05 04:10:57,503:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-05 04:10:57,503:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-05 04:10:57,511:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-05 04:10:57,512:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-05 04:10:57,514:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-05 04:10:57,648:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-05 04:10:57,648:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Mar 2023 04:10:57 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "ZO4p_2dviSE": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-05 04:10:57,650:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for metukim.xyz 2023-03-05 04:10:57,752:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0092_key-certbot.pem 2023-03-05 04:10:57,756:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0092_csr-certbot.pem 2023-03-05 04:10:57,758:DEBUG:acme.client:Requesting fresh nonce 2023-03-05 04:10:57,758:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-05 04:10:57,804:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-05 04:10:57,805:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Mar 2023 04:10:57 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 327CfYPnz2TYBQnTGgBGILz8zOeTTPk8EnFs-DFscKNATg4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-05 04:10:57,805:DEBUG:acme.client:Storing nonce: 327CfYPnz2TYBQnTGgBGILz8zOeTTPk8EnFs-DFscKNATg4 2023-03-05 04:10:57,806:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "metukim.xyz"\n }\n ]\n}' 2023-03-05 04:10:57,808:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjMyN0NmWVBuejJUWUJRblRHZ0JHSUx6OHpPZVRUUGs4RW5Gcy1ERnNjS05BVGc0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "p4XblXv_IdS-uVN6_2Ax-11OKaXaVYVuZFpFDARZSUmUWauAlmVov7ltU4rCbNzXOKxTA1tqiHl3FYsZgWIfzn2uhC4IZ1K2NeObFBQPXREQ1XCZP46a5oI0lpuvECp08OeF2oAbKXv3ukFf1-dPpBVi0yEaI4juao3fLQFG21coYO0d1PYvq99DlyrYkUtn8zK-CqOia5sXaISHGZ4n6ptAUoJAJVgj81vAirWy4b-56X0q_oX6x1V-rEfZt_OTYvy0pWbiaDcQvINd9FGuDx3wmcYTT3ZjDLy6Oy0pzbTu51vr-Pi3qfvVwJoIKVYsFDlWEQo7vRrD43T812danA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm1ldHVraW0ueHl6IgogICAgfQogIF0KfQ" } 2023-03-05 04:10:58,058:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 336 2023-03-05 04:10:58,059:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sun, 05 Mar 2023 04:10:58 GMT Content-Type: application/json Content-Length: 336 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/167467085376 Replay-Nonce: 15C9uR4uekYAoTmA5tWIhP_f_MdjVJ1PF8hvYqTL2k2p9aI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-08T00:09:18Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/207204184356" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/167467085376" } 2023-03-05 04:10:58,059:DEBUG:acme.client:Storing nonce: 15C9uR4uekYAoTmA5tWIhP_f_MdjVJ1PF8hvYqTL2k2p9aI 2023-03-05 04:10:58,060:DEBUG:acme.client:JWS payload: b'' 2023-03-05 04:10:58,062:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/207204184356: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjE1Qzl1UjR1ZWtZQW9UbUE1dFdJaFBfZl9NZGpWSjFQRjhodllxVEwyazJwOWFJIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDcyMDQxODQzNTYifQ", "signature": "zBWzPxO2DyoxW0D84tB1PltL_mzy7ognIqOhivw4V_WRgSp3wY8GhZIfQHaR6rLcRUJrPezNg1WawT8Bk_KZMajrZAJ_cbLHKtcAFdBrjYG2Y71p-V-rn9ZPt6GeckTSudJUYkLNk6n3v3LhdvYH_57HJ4ODmKekUQLjwRSp8XetDVhB2uKPRT8xKaGPOfxVBM5x-aYqaq1hL1fBq1FD_7sRZUkvZVOr2eoxGV0Any8Oux4JQkVksO4sjcnXQ7nkLJWreVfOXnPABqZE2-AHvbe9pf8kL_XrQKwAB23ZYPMhObA4ZC0wFA8wIVf5wqMfLUAFVGtAzNhiqRdyql7ewA", "payload": "" } 2023-03-05 04:10:58,111:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/207204184356 HTTP/1.1" 200 795 2023-03-05 04:10:58,111:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Mar 2023 04:10:58 GMT Content-Type: application/json Content-Length: 795 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1DFANjWFTqZraJ9Cwi4JF333UeD0GdTvpq6re63yzavTEro X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "metukim.xyz" }, "status": "pending", "expires": "2023-03-08T00:09:18Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/207204184356/dl_yDw", "token": "7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/207204184356/QJikEA", "token": "7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/207204184356/nbDArQ", "token": "7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs" } ] } 2023-03-05 04:10:58,112:DEBUG:acme.client:Storing nonce: 1DFANjWFTqZraJ9Cwi4JF333UeD0GdTvpq6re63yzavTEro 2023-03-05 04:10:58,112:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-05 04:10:58,113:INFO:certbot._internal.auth_handler:http-01 challenge for metukim.xyz 2023-03-05 04:10:58,132:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-05 04:10:58,133:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-05 04:10:58,133:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-05 04:10:58,133:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-05 04:10:58,134:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-05 04:10:58,134:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-05 04:10:58,134:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-05 04:10:58,135:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-05 04:10:58,135:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-05 04:10:58,135:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-05 04:10:58,135:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-05 04:10:58,136:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-05 04:10:58,136:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-05 04:10:58,136:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-05 04:10:58,137:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-05 04:10:58,137:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-05 04:10:58,137:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-05 04:10:58,137:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-05 04:10:58,138:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-05 04:10:58,138:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-05 04:10:58,138:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-05 04:10:58,138:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-05 04:10:58,139:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-05 04:10:58,139:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-05 04:10:58,139:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-05 04:10:58,140:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-05 04:10:58,140:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-05 04:10:58,140:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-05 04:10:58,141:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-05 04:10:58,141:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-05 04:10:58,141:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-05 04:10:58,141:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-05 04:10:58,142:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-05 04:10:58,142:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-05 04:10:58,142:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-05 04:10:58,142:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-05 04:10:58,144:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server { listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-05 04:10:58,145:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/metukim: server { server_name metukim.xyz ; root /var/www/metukim ; index index.html index.htm index.nginx-debian.html ; location / { try_files $uri $uri/ =404 ; } listen [::]:443 ssl; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/metukim.xyz/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/metukim.xyz/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = metukim.xyz) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name metukim.xyz ; return 404; # managed by Certbot location = /.well-known/acme-challenge/7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs{default_type text/plain;return 200 7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } 2023-03-05 04:10:58,174:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-05 04:10:58,208:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-05 04:10:58,208:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-05 04:10:58,208:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-05 04:10:59,552:ERROR:certbot._internal.renewal:Failed to renew certificate metukim.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-05 04:10:59,553:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-05 04:10:59,553:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-05 04:10:59,553:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-05 04:10:59,553:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) 2023-03-05 04:10:59,553:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-05 04:10:59,553:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) /etc/letsencrypt/live/metukim.xyz/fullchain.pem (failure) 2023-03-05 04:10:59,553:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-05 04:10:59,554:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2023-03-05 04:10:59,556:ERROR:certbot._internal.log:2 renew failure(s), 0 parse failure(s) 2023-03-05 18:45:13,279:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-05 18:45:13,280:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-05 18:45:13,280:DEBUG:certbot._internal.main:Arguments: ['-q'] 2023-03-05 18:45:13,280:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-05 18:45:13,295:DEBUG:certbot._internal.log:Root logging level set at 30 2023-03-05 18:45:13,316:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-05 18:45:13,318:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-05 18:45:13,329:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-05 18:45:13,342:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-05 18:45:13,413:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-05 18:45:13,415:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-05 18:45:13,420:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-05 18:45:13,430:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-05 18:45:13,430:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-05 18:45:13,430:INFO:certbot._internal.renewal:Non-interactive renewal: random delay of 315.9577914348677 seconds 2023-03-05 18:50:29,523:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-05 18:50:30,242:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-05 18:50:30,256:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-05 18:50:30,257:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-05 18:50:30,257:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-05 18:50:30,297:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-05 18:50:30,310:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-05 18:50:30,323:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-05 18:50:30,547:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-05 18:50:30,549:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Mar 2023 18:50:30 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "ZAfcy7DEBxg": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-05 18:50:30,570:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-05 18:50:30,766:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0093_key-certbot.pem 2023-03-05 18:50:30,772:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0093_csr-certbot.pem 2023-03-05 18:50:30,774:DEBUG:acme.client:Requesting fresh nonce 2023-03-05 18:50:30,774:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-05 18:50:30,846:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-05 18:50:30,847:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Mar 2023 18:50:30 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: F70EeHyIWaCbKBKmhvC8okZC3vrFWMxXysE4DOA6q0LS_0s X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-05 18:50:30,848:DEBUG:acme.client:Storing nonce: F70EeHyIWaCbKBKmhvC8okZC3vrFWMxXysE4DOA6q0LS_0s 2023-03-05 18:50:30,849:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-05 18:50:30,860:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkY3MEVlSHlJV2FDYktCS21odkM4b2taQzN2ckZXTXhYeXNFNERPQTZxMExTXzBzIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "TSC-R6TjHdWI2-JpndvJW9feh3OQtbj9Qc0IxqeeheoSGr4bZVk6YD5mGZw1YRHXYF7JKnuoOif1w-TkqP3aN5sUpbIla-l-pjafC0IE2VLVeCxG0xmGEpf4Rcmm176qcBmeWjx8T53Y_72xdANFogQNnvawRdam-1Jzon6Fae_15EDAdMTKGNxjFlPHkY__DtQyW-QJ5nCPUk4Mr5PTnfZsta4upw9r5c6tPYnchp2-vX2KjsRpUCqomq7n2mY-j2e5cRa5drB2riF25A1jbEHaLnsvG2rweaz94XuKBqLvAkm7BnNV4figIFhwuLEdPMS-uKq7suM6LhG7u-vQ-A", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-05 18:50:30,948:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-05 18:50:30,949:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sun, 05 Mar 2023 18:50:30 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/167193092296 Replay-Nonce: F977wPqt_mcSCSItmSPNqvgBhl_l-7w-kH6k3Yfr4gGM7_I X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-06T13:26:00Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/206823406876" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/167193092296" } 2023-03-05 18:50:30,949:DEBUG:acme.client:Storing nonce: F977wPqt_mcSCSItmSPNqvgBhl_l-7w-kH6k3Yfr4gGM7_I 2023-03-05 18:50:30,950:DEBUG:acme.client:JWS payload: b'' 2023-03-05 18:50:30,951:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/206823406876: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkY5Nzd3UHF0X21jU0NTSXRtU1BOcXZnQmhsX2wtN3cta0g2azNZZnI0Z0dNN19JIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDY4MjM0MDY4NzYifQ", "signature": "Zl5tOQmg4rh-wXUNMeF8f_EqGSaGuhCzf_WNxkr8PvNgaiPO6FMIiO2rQF-yB6S_2aPVyMrk9z_RdtzJB6zbo3Hruul9wMmwDbX068emzKFxmuPUQikO0LxNaSktlDfuux6nndl-btsCjp4Gc8EqFGXhYPMBcP8Z4IOqhyAToql6VStkZzfHAw3CAzrCPXU8gmhEGoMuE3mXtFKSQdKeVmkclbVbBxmyv6WVhysWL7AXEMcKS7geOpxrg7lR-N-d9HfSQUyJL-6chlqdntUnC5VDVPtuP6GNdIhmA1ueuMLEtFvDsTJ7vOX8eCSi_bzyLDfclRLYT2t5oPioto1NEw", "payload": "" } 2023-03-05 18:50:31,026:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/206823406876 HTTP/1.1" 200 794 2023-03-05 18:50:31,026:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Mar 2023 18:50:30 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A5FE8jKMG-Dl1U-ZZdMdwcVENdH0KJgVN2fkEthfLj8ucZc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-06T13:26:00Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/206823406876/D-oK8Q", "token": "3E6EK-EmfZ78kcA0YKolOVnycxk_X7mtw04tN57RKcM" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/206823406876/UFgJNQ", "token": "3E6EK-EmfZ78kcA0YKolOVnycxk_X7mtw04tN57RKcM" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/206823406876/8bj3WQ", "token": "3E6EK-EmfZ78kcA0YKolOVnycxk_X7mtw04tN57RKcM" } ] } 2023-03-05 18:50:31,026:DEBUG:acme.client:Storing nonce: A5FE8jKMG-Dl1U-ZZdMdwcVENdH0KJgVN2fkEthfLj8ucZc 2023-03-05 18:50:31,028:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-05 18:50:31,028:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-05 18:50:31,049:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-05 18:50:31,053:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-05 18:50:31,056:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-05 18:50:31,056:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-05 18:50:31,056:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-05 18:50:31,057:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-05 18:50:31,057:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-05 18:50:31,057:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-05 18:50:31,057:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-05 18:50:31,057:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-05 18:50:31,058:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-05 18:50:31,058:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-05 18:50:31,058:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-05 18:50:31,059:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-05 18:50:31,059:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-05 18:50:31,059:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-05 18:50:31,059:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-05 18:50:31,059:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-05 18:50:31,060:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-05 18:50:31,060:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-05 18:50:31,060:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-05 18:50:31,060:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-05 18:50:31,061:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-05 18:50:31,061:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-05 18:50:31,061:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-05 18:50:31,061:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-05 18:50:31,061:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-05 18:50:31,062:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-05 18:50:31,062:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-05 18:50:31,062:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-05 18:50:31,062:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-05 18:50:31,063:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-05 18:50:31,063:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-05 18:50:31,063:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-05 18:50:31,063:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-05 18:50:31,064:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-05 18:50:31,065:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/3E6EK-EmfZ78kcA0YKolOVnycxk_X7mtw04tN57RKcM{default_type text/plain;return 200 3E6EK-EmfZ78kcA0YKolOVnycxk_X7mtw04tN57RKcM.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-05 18:50:31,096:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-05 18:50:31,137:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-05 18:50:31,137:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-05 18:50:31,137:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-05 18:50:32,425:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-05 18:50:32,433:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-05 18:50:32,435:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-05 18:50:33,541:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-05 18:50:33,594:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-05 18:50:33,597:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-05 18:50:33,600:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-05 18:50:33,602:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-05 18:50:33,602:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-05 18:50:33,603:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-05 18:50:33,604:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-05 18:50:33,612:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-05 18:50:33,693:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-05 18:50:33,695:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert4.pem is signed by the certificate's issuer. 2023-03-05 18:50:33,695:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert4.pem is: OCSPCertStatus.GOOD 2023-03-05 18:50:33,697:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-16 07:57:10 UTC. 2023-03-05 18:50:33,697:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-05 18:50:33,697:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-05 18:50:33,985:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-05 18:50:33,986:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-05 18:50:33,986:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-05 18:50:33,986:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-05 18:50:33,993:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-05 18:50:33,994:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-05 18:50:33,996:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-05 18:50:34,126:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-05 18:50:34,127:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Mar 2023 18:50:34 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "r6tzqwQWCCM": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-05 18:50:34,129:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for metukim.xyz 2023-03-05 18:50:34,270:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0094_key-certbot.pem 2023-03-05 18:50:34,273:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0094_csr-certbot.pem 2023-03-05 18:50:34,274:DEBUG:acme.client:Requesting fresh nonce 2023-03-05 18:50:34,274:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-05 18:50:34,317:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-05 18:50:34,318:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Mar 2023 18:50:34 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1DFALDqtZ4l8KVF_dJ7WBjMojfvnu2LA9Pox6-vhzExZWgE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-05 18:50:34,318:DEBUG:acme.client:Storing nonce: 1DFALDqtZ4l8KVF_dJ7WBjMojfvnu2LA9Pox6-vhzExZWgE 2023-03-05 18:50:34,319:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "metukim.xyz"\n }\n ]\n}' 2023-03-05 18:50:34,320:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFERkFMRHF0WjRsOEtWRl9kSjdXQmpNb2pmdm51MkxBOVBveDYtdmh6RXhaV2dFIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "gWUyvXYX6hmwtUX8zcP98TtUpaPZlQs-UkKAyjqgloQcqrIwXlG759zZikIX9Ot3N3dYjINzerzXX65MA0_TbyPjF7ti-zMFRvSy3pFvBf3e0uJ-3PMOxLE2PcfGsxlsu7tkgPu64aleOnDyMo2Mhfk5pzP8u2eS5bXr-zoi3yOypaO2sKsS1kFzVvPnRPuXm6i5t9yVPuqVhIycyWNato5bBfSKtYLIXA4OHaX4oVWo-iUc-9px3wONAJmhbj0_CaVMywxoRlGKQXT-XUVYHTykJOGxO5q9bn50qoeaJHa_QBl0jdDGijFryPL9Ge2NJQQPHNU22erW0usCvunPJw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm1ldHVraW0ueHl6IgogICAgfQogIF0KfQ" } 2023-03-05 18:50:34,373:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 336 2023-03-05 18:50:34,374:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sun, 05 Mar 2023 18:50:34 GMT Content-Type: application/json Content-Length: 336 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/167467085376 Replay-Nonce: 15C90rLmSKxHg4EoGNadnmZkAEHtGU6FaIx88KPVQ8UpOw4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-08T00:09:18Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/207204184356" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/167467085376" } 2023-03-05 18:50:34,374:DEBUG:acme.client:Storing nonce: 15C90rLmSKxHg4EoGNadnmZkAEHtGU6FaIx88KPVQ8UpOw4 2023-03-05 18:50:34,374:DEBUG:acme.client:JWS payload: b'' 2023-03-05 18:50:34,376:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/207204184356: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjE1QzkwckxtU0t4SGc0RW9HTmFkbm1aa0FFSHRHVTZGYUl4ODhLUFZROFVwT3c0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDcyMDQxODQzNTYifQ", "signature": "hqBBn6VS9_1R3KqxTbRQrp4YT3FG6ZOR3hRcGOU2CNYetEXdtddYXUJtLj9pvLw2Yqv4sbcpUPLzTzU7hYEP8vcp-XDCecSWa8QGJIuFLNRBD5K4nHk7jbVvq7euH3oSnsUGUpgBdpKa2Pzvl0UJAKC_2oG-512DZgnT73neBa3if_gKz1dsD6KFmiWRXV4hzsovwymOwX18n8_DFl29TNC4QIBD9YmPEE5WXs4MgeMvTuuglTwQZ_xh0CFZluKmubRRzJ3SV5Edm6qvyPfqIaFTGMPUAlGMQkMdUU5eGzanRVakX5E8SALjrLBIzFZGstPrOREY43VhpjJ63AGnOA", "payload": "" } 2023-03-05 18:50:34,421:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/207204184356 HTTP/1.1" 200 795 2023-03-05 18:50:34,422:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sun, 05 Mar 2023 18:50:34 GMT Content-Type: application/json Content-Length: 795 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 327CMaFVR1t2TjNtvKBXf_lZma3686NgS8psQiAFL1c8BvQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "metukim.xyz" }, "status": "pending", "expires": "2023-03-08T00:09:18Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/207204184356/dl_yDw", "token": "7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/207204184356/QJikEA", "token": "7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/207204184356/nbDArQ", "token": "7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs" } ] } 2023-03-05 18:50:34,422:DEBUG:acme.client:Storing nonce: 327CMaFVR1t2TjNtvKBXf_lZma3686NgS8psQiAFL1c8BvQ 2023-03-05 18:50:34,423:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-05 18:50:34,423:INFO:certbot._internal.auth_handler:http-01 challenge for metukim.xyz 2023-03-05 18:50:34,441:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-05 18:50:34,442:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-05 18:50:34,443:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-05 18:50:34,443:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-05 18:50:34,443:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-05 18:50:34,444:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-05 18:50:34,444:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-05 18:50:34,444:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-05 18:50:34,444:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-05 18:50:34,445:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-05 18:50:34,445:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-05 18:50:34,445:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-05 18:50:34,445:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-05 18:50:34,446:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-05 18:50:34,446:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-05 18:50:34,446:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-05 18:50:34,447:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-05 18:50:34,447:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-05 18:50:34,447:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-05 18:50:34,447:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-05 18:50:34,448:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-05 18:50:34,448:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-05 18:50:34,448:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-05 18:50:34,448:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-05 18:50:34,449:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-05 18:50:34,449:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-05 18:50:34,449:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-05 18:50:34,449:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-05 18:50:34,449:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-05 18:50:34,450:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-05 18:50:34,450:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-05 18:50:34,450:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-05 18:50:34,451:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-05 18:50:34,451:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-05 18:50:34,451:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-05 18:50:34,451:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-05 18:50:34,452:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server { listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-05 18:50:34,453:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/metukim: server { server_name metukim.xyz ; root /var/www/metukim ; index index.html index.htm index.nginx-debian.html ; location / { try_files $uri $uri/ =404 ; } listen [::]:443 ssl; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/metukim.xyz/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/metukim.xyz/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = metukim.xyz) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name metukim.xyz ; return 404; # managed by Certbot location = /.well-known/acme-challenge/7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs{default_type text/plain;return 200 7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } 2023-03-05 18:50:34,479:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-05 18:50:34,505:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-05 18:50:34,505:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-05 18:50:34,506:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-05 18:50:35,976:ERROR:certbot._internal.renewal:Failed to renew certificate metukim.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-05 18:50:35,977:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-05 18:50:35,977:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-05 18:50:35,977:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-05 18:50:35,977:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) 2023-03-05 18:50:35,977:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-05 18:50:35,977:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) /etc/letsencrypt/live/metukim.xyz/fullchain.pem (failure) 2023-03-05 18:50:35,979:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-05 18:50:35,980:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2023-03-05 18:50:35,982:ERROR:certbot._internal.log:2 renew failure(s), 0 parse failure(s) 2023-03-06 07:17:08,035:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-06 07:17:08,036:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-06 07:17:08,036:DEBUG:certbot._internal.main:Arguments: ['-q'] 2023-03-06 07:17:08,036:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-06 07:17:08,071:DEBUG:certbot._internal.log:Root logging level set at 30 2023-03-06 07:17:08,071:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-06 07:17:08,074:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-06 07:17:08,086:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-06 07:17:08,096:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-06 07:17:08,167:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-06 07:17:08,168:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-06 07:17:08,172:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-06 07:17:08,177:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-06 07:17:08,178:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-06 07:17:08,178:INFO:certbot._internal.renewal:Non-interactive renewal: random delay of 42.16418032794711 seconds 2023-03-06 07:17:50,374:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-06 07:17:50,894:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-06 07:17:50,896:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-06 07:17:50,896:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-06 07:17:50,896:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-06 07:17:50,908:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-06 07:17:50,909:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-06 07:17:50,913:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-06 07:17:51,126:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-06 07:17:51,127:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 06 Mar 2023 07:17:51 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "0ZlJ-JHw0xs": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-06 07:17:51,130:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-06 07:17:51,274:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0095_key-certbot.pem 2023-03-06 07:17:51,279:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0095_csr-certbot.pem 2023-03-06 07:17:51,279:DEBUG:acme.client:Requesting fresh nonce 2023-03-06 07:17:51,280:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-06 07:17:51,350:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-06 07:17:51,351:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 06 Mar 2023 07:17:51 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A5FE3woZ9BM1JnShTopbLq-IPnJwHcY3srEkOQ4Oou99VHI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-06 07:17:51,351:DEBUG:acme.client:Storing nonce: A5FE3woZ9BM1JnShTopbLq-IPnJwHcY3srEkOQ4Oou99VHI 2023-03-06 07:17:51,352:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-06 07:17:51,354:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkE1RkUzd29aOUJNMUpuU2hUb3BiTHEtSVBuSndIY1kzc3JFa09RNE9vdTk5VkhJIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "XWq7pWAyTCeD8BqDeaViTztOcYBLE8HCj_dXY1HFApNfMQQPYHJyJoQivA1MU0CXytYggmFx3fEcSxiUVYVt-_UZNm0TeCVdHjoo3Td-fMHQBSmesiE8mz9I-t9CgSHgQzL7imrjSfrVhSFbgm6H8fbo6u7XpkIUQiazF4KA7PCvPH_WlM1RZmiC58BKzjc6cboMEJP7TWjTnm4ynwyh5208vrgzh6MdLDQwsUHYiG82kqLeZW2o9N6oOsFZyHEb1ylXz2ExaJsClTsj8HuEs40PTWl1j81lHf-sNP8ymmdegOr1fnhKvEvO5V7PdG-pTuccSsYiNwflFKik11fpQA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-06 07:17:51,440:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-06 07:17:51,441:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Mon, 06 Mar 2023 07:17:51 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/167193092296 Replay-Nonce: C400ZTdeJmqxz9YjOX8wHlW-U7p511s1AnYaJT7_JuAZspQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-06T13:26:00Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/206823406876" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/167193092296" } 2023-03-06 07:17:51,441:DEBUG:acme.client:Storing nonce: C400ZTdeJmqxz9YjOX8wHlW-U7p511s1AnYaJT7_JuAZspQ 2023-03-06 07:17:51,441:DEBUG:acme.client:JWS payload: b'' 2023-03-06 07:17:51,443:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/206823406876: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM0MDBaVGRlSm1xeHo5WWpPWDh3SGxXLVU3cDUxMXMxQW5ZYUpUN19KdUFac3BRIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDY4MjM0MDY4NzYifQ", "signature": "AHK0n0FUkkEWeHVQsLYMtYUoHOW4qa7lmPUNR4dgkeo0kOf46QlKDQoYUGsa9EmzQwBYLpw3pC-hPtj4Vpf7tGLgaGaGzSQQV0aHoGsh0JVbH_CBpXdNsaExnFm9Q9FD2BabwbpIcfqy-fZud2bt-7yvPJxzdrl4fL5_pYvicNr4YZc8EA7s3gOJwBBxYqHucnkm7d38BE6-DF4mByIUbR6ZSC217_Ld6CypQOn9ALP4eFnifBkwrD2l0doTQ6_GG55PKBpLJidV5Xz87cJ79ED4_1SXp4kSHMSGj8B6jO3aDv4UddgiMTGLkM74UOLaiu6joIFhYb2UBCSpQVQkZg", "payload": "" } 2023-03-06 07:17:51,517:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/206823406876 HTTP/1.1" 200 794 2023-03-06 07:17:51,518:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 06 Mar 2023 07:17:51 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: C400Rh4lorfRVdobGhTw1qTzjuu5RrTEttiTKAuECgxxmws X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-06T13:26:00Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/206823406876/D-oK8Q", "token": "3E6EK-EmfZ78kcA0YKolOVnycxk_X7mtw04tN57RKcM" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/206823406876/UFgJNQ", "token": "3E6EK-EmfZ78kcA0YKolOVnycxk_X7mtw04tN57RKcM" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/206823406876/8bj3WQ", "token": "3E6EK-EmfZ78kcA0YKolOVnycxk_X7mtw04tN57RKcM" } ] } 2023-03-06 07:17:51,518:DEBUG:acme.client:Storing nonce: C400Rh4lorfRVdobGhTw1qTzjuu5RrTEttiTKAuECgxxmws 2023-03-06 07:17:51,519:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-06 07:17:51,519:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-06 07:17:51,537:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-06 07:17:51,538:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-06 07:17:51,540:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-06 07:17:51,540:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-06 07:17:51,540:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-06 07:17:51,541:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-06 07:17:51,541:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-06 07:17:51,542:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-06 07:17:51,542:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-06 07:17:51,542:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-06 07:17:51,543:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-06 07:17:51,543:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-06 07:17:51,543:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-06 07:17:51,544:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-06 07:17:51,544:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-06 07:17:51,544:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-06 07:17:51,544:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-06 07:17:51,545:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-06 07:17:51,545:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-06 07:17:51,545:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-06 07:17:51,545:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-06 07:17:51,546:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-06 07:17:51,546:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-06 07:17:51,546:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-06 07:17:51,547:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-06 07:17:51,547:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-06 07:17:51,548:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-06 07:17:51,548:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-06 07:17:51,548:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-06 07:17:51,549:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-06 07:17:51,549:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-06 07:17:51,549:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-06 07:17:51,550:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-06 07:17:51,550:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-06 07:17:51,550:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-06 07:17:51,551:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-06 07:17:51,553:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/3E6EK-EmfZ78kcA0YKolOVnycxk_X7mtw04tN57RKcM{default_type text/plain;return 200 3E6EK-EmfZ78kcA0YKolOVnycxk_X7mtw04tN57RKcM.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-06 07:17:51,587:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-06 07:17:51,622:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-06 07:17:51,622:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-06 07:17:51,622:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-06 07:17:52,891:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-06 07:17:52,898:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-06 07:17:52,898:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-06 07:17:52,910:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-06 07:17:52,976:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-06 07:17:52,978:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-06 07:17:52,979:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-06 07:17:52,980:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-06 07:17:52,981:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-06 07:17:52,981:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-06 07:17:52,982:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-06 07:17:52,988:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-06 07:17:53,043:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-06 07:17:53,044:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert4.pem is signed by the certificate's issuer. 2023-03-06 07:17:53,045:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert4.pem is: OCSPCertStatus.GOOD 2023-03-06 07:17:53,046:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-16 07:57:10 UTC. 2023-03-06 07:17:53,046:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-06 07:17:53,046:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-06 07:17:53,335:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-06 07:17:53,335:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-06 07:17:53,336:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-06 07:17:53,336:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-06 07:17:53,343:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-06 07:17:53,344:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-06 07:17:53,345:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-06 07:17:53,556:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-06 07:17:53,557:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 06 Mar 2023 07:17:53 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "axo7PNF7TYQ": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-06 07:17:53,559:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for metukim.xyz 2023-03-06 07:17:53,658:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0096_key-certbot.pem 2023-03-06 07:17:53,661:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0096_csr-certbot.pem 2023-03-06 07:17:53,662:DEBUG:acme.client:Requesting fresh nonce 2023-03-06 07:17:53,662:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-06 07:17:53,732:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-06 07:17:53,732:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 06 Mar 2023 07:17:53 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: F977nORb-rU83wO1Su9V8uREXUG58MHFPWaZ1r1FuyKXqPU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-06 07:17:53,733:DEBUG:acme.client:Storing nonce: F977nORb-rU83wO1Su9V8uREXUG58MHFPWaZ1r1FuyKXqPU 2023-03-06 07:17:53,733:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "metukim.xyz"\n }\n ]\n}' 2023-03-06 07:17:53,735:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkY5NzduT1JiLXJVODN3TzFTdTlWOHVSRVhVRzU4TUhGUFdhWjFyMUZ1eUtYcVBVIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "mlj4AyhD3A7q6WlBs9zcuvo9CnIMg7C_5CH43b4D31FUDP_2ipFcScBPqSnjM6e5FTnrSF4gH6E6jcAc-tvUMqP9ybHmTARa7LZS8CUT9kwFzlen3Wtl6WyVZqsSxnlyNcxbQtSmjAz5jWeCmlkre1gpC6b_FWQYNo7FSXnj0iPKeJVmBWmei_08ixIwWBYBXlZeWN2P6CwanxyAZySDVjUjokvRn7Fyr7vNqqgCvpMEteWljQpyt3pDp9lhDZkNXC-HFEh1Tt3CWNJaZGC3iaTC_JScvDB02vTQVVcuPSzFoX8kUDMtI7E5ar003MNnU6XcUJXhBbMWDxd9ZYk1aQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm1ldHVraW0ueHl6IgogICAgfQogIF0KfQ" } 2023-03-06 07:17:53,811:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 336 2023-03-06 07:17:53,812:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Mon, 06 Mar 2023 07:17:53 GMT Content-Type: application/json Content-Length: 336 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/167467085376 Replay-Nonce: F977uQ0gIbZwehoKbKd86LbXHu1xd4qfreakVpO9sjXzXoo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-08T00:09:18Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/207204184356" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/167467085376" } 2023-03-06 07:17:53,812:DEBUG:acme.client:Storing nonce: F977uQ0gIbZwehoKbKd86LbXHu1xd4qfreakVpO9sjXzXoo 2023-03-06 07:17:53,813:DEBUG:acme.client:JWS payload: b'' 2023-03-06 07:17:53,814:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/207204184356: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkY5Nzd1UTBnSWJad2Vob0tiS2Q4NkxiWEh1MXhkNHFmcmVha1ZwTzlzalh6WG9vIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDcyMDQxODQzNTYifQ", "signature": "jHEluBShcnSdUkHnyYhQrEX4maWOkzMMeKCpmEpqKGDJBH33mQuadduQV0dc0wBkvlMjWMoRDp6RfG1yOwNpE4tzCv0KPCoNyUVQ07kBwMqmzb2Dh8X5Itj7UdRNgEn267Gsuxz_o9Yw4rdNJIOgY-3jY4QO3g0zdFlrwnVR89zA_TiBo9UiVygsZYdTfKY6SGoVB7cRBOX5gum7n3cZiBuWvfZoYrK4RfGG6850FCNcqrVlJ1SNOXHggG-2u0BtYIfLpwFRkJScAQA7QeZPM2g2DY-G2kLr2y4_xScbplrgl3LDW-G0-BsMyOAMWbQYF6_lU5MlbBal46uRdahsQA", "payload": "" } 2023-03-06 07:17:53,886:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/207204184356 HTTP/1.1" 200 795 2023-03-06 07:17:53,887:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 06 Mar 2023 07:17:53 GMT Content-Type: application/json Content-Length: 795 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: C400bPYo0ydObkk4OCSxQ5-hZbFzK5JPEL4s_CZm0ylaflw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "metukim.xyz" }, "status": "pending", "expires": "2023-03-08T00:09:18Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/207204184356/dl_yDw", "token": "7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/207204184356/QJikEA", "token": "7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/207204184356/nbDArQ", "token": "7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs" } ] } 2023-03-06 07:17:53,887:DEBUG:acme.client:Storing nonce: C400bPYo0ydObkk4OCSxQ5-hZbFzK5JPEL4s_CZm0ylaflw 2023-03-06 07:17:53,888:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-06 07:17:53,888:INFO:certbot._internal.auth_handler:http-01 challenge for metukim.xyz 2023-03-06 07:17:53,916:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-06 07:17:53,917:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-06 07:17:53,918:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-06 07:17:53,918:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-06 07:17:53,918:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-06 07:17:53,919:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-06 07:17:53,919:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-06 07:17:53,919:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-06 07:17:53,920:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-06 07:17:53,920:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-06 07:17:53,920:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-06 07:17:53,920:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-06 07:17:53,921:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-06 07:17:53,921:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-06 07:17:53,921:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-06 07:17:53,922:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-06 07:17:53,922:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-06 07:17:53,922:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-06 07:17:53,922:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-06 07:17:53,923:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-06 07:17:53,923:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-06 07:17:53,923:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-06 07:17:53,924:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-06 07:17:53,924:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-06 07:17:53,924:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-06 07:17:53,924:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-06 07:17:53,925:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-06 07:17:53,925:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-06 07:17:53,925:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-06 07:17:53,926:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-06 07:17:53,926:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-06 07:17:53,926:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-06 07:17:53,926:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-06 07:17:53,927:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-06 07:17:53,927:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-06 07:17:53,927:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-06 07:17:53,929:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server { listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-06 07:17:53,931:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/metukim: server { server_name metukim.xyz ; root /var/www/metukim ; index index.html index.htm index.nginx-debian.html ; location / { try_files $uri $uri/ =404 ; } listen [::]:443 ssl; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/metukim.xyz/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/metukim.xyz/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = metukim.xyz) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name metukim.xyz ; return 404; # managed by Certbot location = /.well-known/acme-challenge/7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs{default_type text/plain;return 200 7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } 2023-03-06 07:17:53,958:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-06 07:17:53,980:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-06 07:17:53,980:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-06 07:17:53,980:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-06 07:17:55,286:ERROR:certbot._internal.renewal:Failed to renew certificate metukim.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-06 07:17:55,289:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-06 07:17:55,289:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-06 07:17:55,289:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-06 07:17:55,289:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) 2023-03-06 07:17:55,289:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-06 07:17:55,290:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) /etc/letsencrypt/live/metukim.xyz/fullchain.pem (failure) 2023-03-06 07:17:55,290:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-06 07:17:55,291:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2023-03-06 07:17:55,292:ERROR:certbot._internal.log:2 renew failure(s), 0 parse failure(s) 2023-03-06 16:59:31,869:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-06 16:59:31,869:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-06 16:59:31,869:DEBUG:certbot._internal.main:Arguments: ['-q'] 2023-03-06 16:59:31,870:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-06 16:59:31,884:DEBUG:certbot._internal.log:Root logging level set at 30 2023-03-06 16:59:31,900:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-06 16:59:31,903:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-06 16:59:31,913:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-06 16:59:31,922:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-06 16:59:31,994:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-06 16:59:31,995:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-06 16:59:31,999:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-06 16:59:32,006:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-06 16:59:32,006:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-06 16:59:32,006:INFO:certbot._internal.renewal:Non-interactive renewal: random delay of 474.84320658535484 seconds 2023-03-06 17:07:26,974:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-06 17:07:27,711:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-06 17:07:27,718:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-06 17:07:27,719:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-06 17:07:27,719:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-06 17:07:27,749:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-06 17:07:27,754:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-06 17:07:27,764:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-06 17:07:27,986:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-06 17:07:27,988:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 06 Mar 2023 17:07:27 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "0Toivhatn5I": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-06 17:07:27,995:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-06 17:07:28,272:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0097_key-certbot.pem 2023-03-06 17:07:28,285:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0097_csr-certbot.pem 2023-03-06 17:07:28,291:DEBUG:acme.client:Requesting fresh nonce 2023-03-06 17:07:28,291:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-06 17:07:28,372:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-06 17:07:28,373:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 06 Mar 2023 17:07:28 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: C400FRfT7jDPmB3UhAyxKoex91jdhHFQ51acTkWSm4x5CSI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-06 17:07:28,373:DEBUG:acme.client:Storing nonce: C400FRfT7jDPmB3UhAyxKoex91jdhHFQ51acTkWSm4x5CSI 2023-03-06 17:07:28,374:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-06 17:07:28,379:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM0MDBGUmZUN2pEUG1CM1VoQXl4S29leDkxamRoSEZRNTFhY1RrV1NtNHg1Q1NJIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "mk3t8y1IAmRmHhchKBLCTeBfVmoLdOgT8KZ0G7WysIJ4ka-BD0vLOCP-XkNJJ3XVc8EYc8d8a-Y9WQjuqDxBf0m1oKuIg8npfcfto-A61t8V8rW0imxAnSLA0MDAKFZyWwBmnL-c4lrw2SqWNSuavDzxjpR23s-JKzuihramu1MNgM_qedHigYeRbGJJbes-RAHuEashnPnA62q4xxxSw0rrOIOoe9jwaII5LVvqEJiu39G-G-aD4oEfNTESqgCt0it-wWvlr683kDovzZ2ohhbR7EeZUIovvYLTrbW7BAjx0H-rr4t-R3qzBxRj8X9CfV_V-IpyQ68CPfGOAlQjQw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-06 17:07:28,498:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-06 17:07:28,499:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Mon, 06 Mar 2023 17:07:28 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/168546479487 Replay-Nonce: F977VruXSVrwUh1doP2HnktD0R_yRF-qtlPAUxWwkwX0qEc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-13T17:07:28Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/208713537227" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/168546479487" } 2023-03-06 17:07:28,499:DEBUG:acme.client:Storing nonce: F977VruXSVrwUh1doP2HnktD0R_yRF-qtlPAUxWwkwX0qEc 2023-03-06 17:07:28,499:DEBUG:acme.client:JWS payload: b'' 2023-03-06 17:07:28,501:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/208713537227: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkY5NzdWcnVYU1Zyd1VoMWRvUDJIbmt0RDBSX3lSRi1xdGxQQVV4V3drd1gwcUVjIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDg3MTM1MzcyMjcifQ", "signature": "PXMAG7W4SHoV3YoUelkLFiFnu4OpFnLmToyjxyzZ4g_IB2e6cOtFcqKueFlzlwlhsKBtzsmvGD91doUnNa9HuZW5opwgfvJ-55548cDeubII8CUNG9WbYZHp8l6R-VSzwmzf-nIiyI6MMvkIatWon-rmszk1BTPXn1eiY5qGKP6XL8DjTCg8D6fXWhsJSg8mUpJYyVPrFRPWi9MzWdE6wqXtSUl5X__ZeaHJgrIWLsFYMVRdHDm8uXTcISUtU4iehMazRCX_amBaR6RMmwBGClTY9If_1ta81SQW8Wml24_YkQup8vBQM1bKOXTmql4yeJVe72nO0Ju9tGhkzYLmXQ", "payload": "" } 2023-03-06 17:07:28,574:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/208713537227 HTTP/1.1" 200 794 2023-03-06 17:07:28,575:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 06 Mar 2023 17:07:28 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: F9779byWGojh9kSBmo05pp3X2zs1KfIMmPbRD_A3E_uhZgY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-13T17:07:28Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/_vYSRQ", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/oKirUA", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/0MevQw", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" } ] } 2023-03-06 17:07:28,576:DEBUG:acme.client:Storing nonce: F9779byWGojh9kSBmo05pp3X2zs1KfIMmPbRD_A3E_uhZgY 2023-03-06 17:07:28,577:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-06 17:07:28,577:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-06 17:07:28,620:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-06 17:07:28,622:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-06 17:07:28,628:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-06 17:07:28,629:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-06 17:07:28,629:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-06 17:07:28,629:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-06 17:07:28,630:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-06 17:07:28,630:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-06 17:07:28,630:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-06 17:07:28,630:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-06 17:07:28,631:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-06 17:07:28,631:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-06 17:07:28,631:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-06 17:07:28,631:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-06 17:07:28,631:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-06 17:07:28,632:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-06 17:07:28,632:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-06 17:07:28,632:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-06 17:07:28,632:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-06 17:07:28,632:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-06 17:07:28,633:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-06 17:07:28,633:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-06 17:07:28,633:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-06 17:07:28,633:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-06 17:07:28,633:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-06 17:07:28,638:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-06 17:07:28,638:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-06 17:07:28,638:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-06 17:07:28,639:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-06 17:07:28,639:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-06 17:07:28,639:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-06 17:07:28,639:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-06 17:07:28,639:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-06 17:07:28,642:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-06 17:07:28,642:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-06 17:07:28,643:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-06 17:07:28,644:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150{default_type text/plain;return 200 XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-06 17:07:28,758:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-06 17:07:28,839:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-06 17:07:28,840:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-06 17:07:28,840:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-06 17:07:30,494:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-06 17:07:30,500:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-06 17:07:30,502:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-06 17:07:30,550:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-06 17:07:30,610:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-06 17:07:30,614:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-06 17:07:30,618:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-06 17:07:30,622:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-06 17:07:30,623:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-06 17:07:30,624:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-06 17:07:30,624:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-06 17:07:30,631:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-06 17:07:30,689:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-06 17:07:30,691:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert4.pem is signed by the certificate's issuer. 2023-03-06 17:07:30,692:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert4.pem is: OCSPCertStatus.GOOD 2023-03-06 17:07:30,693:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-16 07:57:10 UTC. 2023-03-06 17:07:30,694:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-06 17:07:30,694:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-06 17:07:31,006:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-06 17:07:31,007:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-06 17:07:31,007:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-06 17:07:31,007:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-06 17:07:31,014:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-06 17:07:31,015:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-06 17:07:31,017:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-06 17:07:31,145:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-06 17:07:31,145:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 06 Mar 2023 17:07:31 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "1LdYje-z5dE": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-06 17:07:31,147:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for metukim.xyz 2023-03-06 17:07:31,241:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0098_key-certbot.pem 2023-03-06 17:07:31,245:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0098_csr-certbot.pem 2023-03-06 17:07:31,246:DEBUG:acme.client:Requesting fresh nonce 2023-03-06 17:07:31,246:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-06 17:07:31,290:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-06 17:07:31,290:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 06 Mar 2023 17:07:31 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: C878vQgqNiHTI5YPmy_7nvrqj8GsDi5nV9G-MiX_ga75IMA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-06 17:07:31,291:DEBUG:acme.client:Storing nonce: C878vQgqNiHTI5YPmy_7nvrqj8GsDi5nV9G-MiX_ga75IMA 2023-03-06 17:07:31,291:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "metukim.xyz"\n }\n ]\n}' 2023-03-06 17:07:31,292:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM4Nzh2UWdxTmlIVEk1WVBteV83bnZycWo4R3NEaTVuVjlHLU1pWF9nYTc1SU1BIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "eQi_gWic1coA59riU6nKjyyTfkbvRCmy5j1kDGbsqmTFihb75kuaj7VPoRIHJmLA0fBHVJQfoKmrWAspSu7fINJ9Eh6dCIG9Tvhea3upi9PrCfbtF5ul0B05Ss4kO9tlLRrj-poGZKE2v1KwtUNAxtPUimCcFx1UlWGUqz-Kunf6cJ0H3wwiEL_kd-BxeehezDJlJsRne9J78MG1JYkYKwclKuemvxD17060L8ftC4v3CpEhlI6L7zgtZIUlZK1LefSYg_nM-uslAY6WNCSxLTaPvn_5UflyR3bAZOc9liPKiHsl6I4k6m6UNf7RLd3G6ZV4-gro3NMCgD_Hk7Km8w", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm1ldHVraW0ueHl6IgogICAgfQogIF0KfQ" } 2023-03-06 17:07:31,347:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 336 2023-03-06 17:07:31,348:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Mon, 06 Mar 2023 17:07:31 GMT Content-Type: application/json Content-Length: 336 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/167467085376 Replay-Nonce: C878nK2naDz6WGKtPwNjZVXPBR_EfIenuT1EUs8Zl-1YoeI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-08T00:09:18Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/207204184356" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/167467085376" } 2023-03-06 17:07:31,348:DEBUG:acme.client:Storing nonce: C878nK2naDz6WGKtPwNjZVXPBR_EfIenuT1EUs8Zl-1YoeI 2023-03-06 17:07:31,349:DEBUG:acme.client:JWS payload: b'' 2023-03-06 17:07:31,351:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/207204184356: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM4NzhuSzJuYUR6NldHS3RQd05qWlZYUEJSX0VmSWVudVQxRVVzOFpsLTFZb2VJIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDcyMDQxODQzNTYifQ", "signature": "wugxBB2An1cKbKfJSanKDjg843DfyE9SIQ913PJe53v8h-A-KWC0ehVUtxjqRNqhTagP04GlRjBmMcuzNVw0zHdcjmacooqQgrY2ZekII_BDtc4qIVvR5ALIhhlfUoFg-bYhnMsVklrRJd021AipwGS8HdPuCPvoHjf0U_Qpj0Sd7qkx2bSabK2I_6ofep34KwSvJI3i2iLintjtNgofuMaVNj5ivhPUI07l9z0r3GpffWO3AwCoruqMn85fq3wbsSOEcLThAOIOfZZhZhd0Hqm_vmduOFESbYuC1SE3zcYzWKQbqjz_ga8OtIzu689X613M4HXtCa-6SXinhDPdBQ", "payload": "" } 2023-03-06 17:07:31,409:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/207204184356 HTTP/1.1" 200 795 2023-03-06 17:07:31,410:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 06 Mar 2023 17:07:31 GMT Content-Type: application/json Content-Length: 795 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 15C9CnAfswtRvHBKdKwAjUpAA-Fv-PTjAWpY95XbRX3-bY8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "metukim.xyz" }, "status": "pending", "expires": "2023-03-08T00:09:18Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/207204184356/dl_yDw", "token": "7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/207204184356/QJikEA", "token": "7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/207204184356/nbDArQ", "token": "7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs" } ] } 2023-03-06 17:07:31,410:DEBUG:acme.client:Storing nonce: 15C9CnAfswtRvHBKdKwAjUpAA-Fv-PTjAWpY95XbRX3-bY8 2023-03-06 17:07:31,411:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-06 17:07:31,411:INFO:certbot._internal.auth_handler:http-01 challenge for metukim.xyz 2023-03-06 17:07:31,444:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-06 17:07:31,445:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-06 17:07:31,446:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-06 17:07:31,446:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-06 17:07:31,447:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-06 17:07:31,447:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-06 17:07:31,448:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-06 17:07:31,448:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-06 17:07:31,449:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-06 17:07:31,449:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-06 17:07:31,449:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-06 17:07:31,450:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-06 17:07:31,450:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-06 17:07:31,451:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-06 17:07:31,451:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-06 17:07:31,452:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-06 17:07:31,452:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-06 17:07:31,452:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-06 17:07:31,453:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-06 17:07:31,454:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-06 17:07:31,454:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-06 17:07:31,455:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-06 17:07:31,455:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-06 17:07:31,455:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-06 17:07:31,456:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-06 17:07:31,456:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-06 17:07:31,457:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-06 17:07:31,457:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-06 17:07:31,457:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-06 17:07:31,458:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-06 17:07:31,458:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-06 17:07:31,459:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-06 17:07:31,459:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-06 17:07:31,459:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-06 17:07:31,460:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-06 17:07:31,460:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-06 17:07:31,462:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server { listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-06 17:07:31,464:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/metukim: server { server_name metukim.xyz ; root /var/www/metukim ; index index.html index.htm index.nginx-debian.html ; location / { try_files $uri $uri/ =404 ; } listen [::]:443 ssl; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/metukim.xyz/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/metukim.xyz/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = metukim.xyz) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name metukim.xyz ; return 404; # managed by Certbot location = /.well-known/acme-challenge/7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs{default_type text/plain;return 200 7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } 2023-03-06 17:07:31,499:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-06 17:07:31,535:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-06 17:07:31,536:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-06 17:07:31,536:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-06 17:07:33,122:ERROR:certbot._internal.renewal:Failed to renew certificate metukim.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-06 17:07:33,123:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-06 17:07:33,123:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-06 17:07:33,123:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-06 17:07:33,123:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) 2023-03-06 17:07:33,123:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-06 17:07:33,124:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) /etc/letsencrypt/live/metukim.xyz/fullchain.pem (failure) 2023-03-06 17:07:33,124:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-06 17:07:33,126:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2023-03-06 17:07:33,128:ERROR:certbot._internal.log:2 renew failure(s), 0 parse failure(s) 2023-03-07 06:41:38,526:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-07 06:41:38,532:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-07 06:41:38,532:DEBUG:certbot._internal.main:Arguments: ['-q'] 2023-03-07 06:41:38,532:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-07 06:41:38,706:DEBUG:certbot._internal.log:Root logging level set at 30 2023-03-07 06:41:38,707:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-07 06:41:38,713:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-07 06:41:38,766:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-07 06:41:38,795:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-07 06:41:38,874:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-07 06:41:38,876:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-07 06:41:38,880:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-07 06:41:38,903:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-07 06:41:38,903:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-07 06:41:38,903:INFO:certbot._internal.renewal:Non-interactive renewal: random delay of 101.17382191774999 seconds 2023-03-07 06:43:20,184:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-07 06:43:20,735:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-07 06:43:20,738:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-07 06:43:20,738:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-07 06:43:20,739:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-07 06:43:20,750:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-07 06:43:20,752:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-07 06:43:20,755:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-07 06:43:20,887:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-07 06:43:20,887:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 07 Mar 2023 06:43:20 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "10pjXc2tcPY": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-07 06:43:20,890:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-07 06:43:20,967:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0099_key-certbot.pem 2023-03-07 06:43:20,972:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0099_csr-certbot.pem 2023-03-07 06:43:20,973:DEBUG:acme.client:Requesting fresh nonce 2023-03-07 06:43:20,973:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-07 06:43:21,017:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-07 06:43:21,018:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 07 Mar 2023 06:43:20 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 15C9WYgmlaE67eVrOdoUZVA3ObCC4UR1RHwOr1X9iNZp0CI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-07 06:43:21,018:DEBUG:acme.client:Storing nonce: 15C9WYgmlaE67eVrOdoUZVA3ObCC4UR1RHwOr1X9iNZp0CI 2023-03-07 06:43:21,019:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-07 06:43:21,021:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjE1QzlXWWdtbGFFNjdlVnJPZG9VWlZBM09iQ0M0VVIxUkh3T3IxWDlpTlpwMENJIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "b0pn8TzfIBh15Mz_6OWn5fWjYN6GPscbTik8qKiCl7FAuf9KchLLocDI82cWRfP2oEI14B34iH-rYu0ctjbmYaDF9VKgNuAOeU66DmLLtbiZBITKujlUlyoMZp6eohEMiTQpk22sn7WyXHrZOvMSwqNYahKo52aJIzA-Ph-H8ZYIIojiWaSKGQwP9UdDXXyrFJOUjadumIImI_IXNn8twmxOMUYpDO1VjjCJEz_8WEMrx7316xcLGHiZBcMcEz4gfe6IGRelaoHHOrYA7tPMbfTMpyhplahsgj5rDWKZHkWOHCWDNhWTiKICiVFi5H4c30FEOBU-DehPNFrIWD2nfA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-07 06:43:21,078:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-07 06:43:21,078:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Tue, 07 Mar 2023 06:43:21 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/168546479487 Replay-Nonce: 1DFAsRsCU66W8diPgr3URev2V-KkeDZK_J-m3o0FNZjeD4A X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-13T17:07:28Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/208713537227" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/168546479487" } 2023-03-07 06:43:21,078:DEBUG:acme.client:Storing nonce: 1DFAsRsCU66W8diPgr3URev2V-KkeDZK_J-m3o0FNZjeD4A 2023-03-07 06:43:21,079:DEBUG:acme.client:JWS payload: b'' 2023-03-07 06:43:21,080:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/208713537227: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFERkFzUnNDVTY2VzhkaVBncjNVUmV2MlYtS2tlRFpLX0otbTNvMEZOWmplRDRBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDg3MTM1MzcyMjcifQ", "signature": "TKvc6SSgCzxasdyS_yCGZbPtLbb5WTXES4duoUsbJ2SbtRp8TvnjDdy1VHaQXqKB_wXRInpwoTl__QxhlLSqsuz69WTJU67Xrb7mr2pp7U1D4lAEdgj_HneDQliJxSMWgWJkMoqGkH4nG1IZ0U4dVP9t0cUVxMfTFn3pnN5wbWEaJwcS1GY8bscrAZHOB8chyMRCWyhUEVXtqv-nFN5-X8wt7hgZ-DM66J8BtUL7Dje5kztCCOiXubLgformMJ6E1orC5i5CZR6gcqScIUnw9oR6mmNYB9hfo-63gsOBUvfs24026siIYtPjREx4oxsstb12KfLIV4Ku2O5hyYCeig", "payload": "" } 2023-03-07 06:43:21,127:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/208713537227 HTTP/1.1" 200 794 2023-03-07 06:43:21,128:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 07 Mar 2023 06:43:21 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 15C9p4uzqBL-34g5gixv40alF4UF4fJ1ya9tUpjy8N3ct3M X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-13T17:07:28Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/_vYSRQ", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/oKirUA", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/0MevQw", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" } ] } 2023-03-07 06:43:21,128:DEBUG:acme.client:Storing nonce: 15C9p4uzqBL-34g5gixv40alF4UF4fJ1ya9tUpjy8N3ct3M 2023-03-07 06:43:21,129:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-07 06:43:21,129:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-07 06:43:21,149:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-07 06:43:21,150:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-07 06:43:21,152:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-07 06:43:21,152:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-07 06:43:21,153:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-07 06:43:21,153:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-07 06:43:21,153:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-07 06:43:21,154:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-07 06:43:21,154:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-07 06:43:21,154:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-07 06:43:21,154:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-07 06:43:21,155:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-07 06:43:21,155:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-07 06:43:21,155:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-07 06:43:21,155:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-07 06:43:21,156:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-07 06:43:21,156:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-07 06:43:21,156:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-07 06:43:21,156:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-07 06:43:21,157:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-07 06:43:21,157:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-07 06:43:21,157:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-07 06:43:21,158:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-07 06:43:21,158:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-07 06:43:21,158:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-07 06:43:21,158:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-07 06:43:21,159:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-07 06:43:21,159:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-07 06:43:21,159:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-07 06:43:21,159:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-07 06:43:21,160:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-07 06:43:21,160:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-07 06:43:21,160:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-07 06:43:21,160:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-07 06:43:21,160:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-07 06:43:21,161:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-07 06:43:21,162:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150{default_type text/plain;return 200 XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-07 06:43:21,191:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-07 06:43:21,219:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-07 06:43:21,219:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-07 06:43:21,219:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-07 06:43:22,522:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-07 06:43:22,531:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-07 06:43:22,531:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-07 06:43:22,545:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-07 06:43:22,617:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-07 06:43:22,619:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-07 06:43:22,620:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-07 06:43:22,622:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-07 06:43:22,622:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-07 06:43:22,623:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-07 06:43:22,623:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-07 06:43:22,630:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-07 06:43:22,701:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-07 06:43:22,702:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert4.pem is signed by the certificate's issuer. 2023-03-07 06:43:22,703:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert4.pem is: OCSPCertStatus.GOOD 2023-03-07 06:43:22,704:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-16 07:57:10 UTC. 2023-03-07 06:43:22,704:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-07 06:43:22,704:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-07 06:43:22,994:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-07 06:43:22,995:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-07 06:43:22,995:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-07 06:43:22,995:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-07 06:43:23,004:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-07 06:43:23,005:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-07 06:43:23,007:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-07 06:43:23,137:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-07 06:43:23,138:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 07 Mar 2023 06:43:23 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "F76pHOhU_Pk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-07 06:43:23,140:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for metukim.xyz 2023-03-07 06:43:23,339:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0100_key-certbot.pem 2023-03-07 06:43:23,342:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0100_csr-certbot.pem 2023-03-07 06:43:23,343:DEBUG:acme.client:Requesting fresh nonce 2023-03-07 06:43:23,343:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-07 06:43:23,386:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-07 06:43:23,386:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 07 Mar 2023 06:43:23 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 327CM9daALf7pI11qzoY7tcKkcLDey3p3V5tylrB82V5c-c X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-07 06:43:23,386:DEBUG:acme.client:Storing nonce: 327CM9daALf7pI11qzoY7tcKkcLDey3p3V5tylrB82V5c-c 2023-03-07 06:43:23,387:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "metukim.xyz"\n }\n ]\n}' 2023-03-07 06:43:23,388:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjMyN0NNOWRhQUxmN3BJMTFxem9ZN3RjS2tjTERleTNwM1Y1dHlsckI4MlY1Yy1jIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "lQXMHnmzkrN1Fp_ME_Lv_aV6Yn7j1a6cOtn5Ttg00XGesBlkhVWeABJvIYg5M46MaJlIa2G1NhhTa1Y-VVwCMm65MvTRj9_1Ms47UYD36nl8mlJPpoorh0AT7oZjGZyzymcfoLMK08Qn_bIgp1nXY-UA8BnAVZtqmtMaB1b7zDdncFqdUl9lnJen07NOkR-PCBE_XNhzAMT63LETnNBmGv6QMnrKvMr_A6IvB8sYg2btji4F2u0pc07rrns75z5TsoekYJLehtFJ9W2M642OA-fPoCcuTfSiChTgt_td6GB2iBYt-J4uiArjj56tGFkEKrJzEKjiItyo8LpVldXnxg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm1ldHVraW0ueHl6IgogICAgfQogIF0KfQ" } 2023-03-07 06:43:23,437:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 336 2023-03-07 06:43:23,438:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Tue, 07 Mar 2023 06:43:23 GMT Content-Type: application/json Content-Length: 336 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/167467085376 Replay-Nonce: 327Cd_C97bZsgPS8pHUdzorvPmZdVTJwr-RqdHaLjd2RbPg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-08T00:09:18Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/207204184356" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/167467085376" } 2023-03-07 06:43:23,438:DEBUG:acme.client:Storing nonce: 327Cd_C97bZsgPS8pHUdzorvPmZdVTJwr-RqdHaLjd2RbPg 2023-03-07 06:43:23,438:DEBUG:acme.client:JWS payload: b'' 2023-03-07 06:43:23,440:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/207204184356: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjMyN0NkX0M5N2Jac2dQUzhwSFVkem9ydlBtWmRWVEp3ci1ScWRIYUxqZDJSYlBnIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDcyMDQxODQzNTYifQ", "signature": "oTMTLrXv1V76oxAHwqrD9ZiQ5rV6mVjBjcuR9BS2Go6-2MhBezjqZrEko2fixdv3t4UYCO8hRlTVAUvcCFrKFFyypBRPICU1LYfu8yXelc-4qHmE86ZXxanpC0zNNelXTSY7qWAYObJw-_lUYknGknM2Nuv6eeIb23nHHPXMjrXLaCbVkMtr2slNFB3u1V4Z6iSpYmZOzf-Zhn92mJ0wJ6ZfT6bngcWmsdTmwh_b_dkE8CDpkr76xI_nmNSFT8Y-O67GDvgtzNuMy0hiIwu5J0b0fZQF6nVtyjEbR8WQ-uyE2AtWj4wWz2NCgQMTcV-wNgvO4NUdLAy9sJ0SRIulTg", "payload": "" } 2023-03-07 06:43:23,485:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/207204184356 HTTP/1.1" 200 795 2023-03-07 06:43:23,486:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 07 Mar 2023 06:43:23 GMT Content-Type: application/json Content-Length: 795 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: C8781rYQx9kvyOz8BgW9CRAPRoPoWRnRiU4CRHeu1IWaBZs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "metukim.xyz" }, "status": "pending", "expires": "2023-03-08T00:09:18Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/207204184356/dl_yDw", "token": "7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/207204184356/QJikEA", "token": "7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/207204184356/nbDArQ", "token": "7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs" } ] } 2023-03-07 06:43:23,487:DEBUG:acme.client:Storing nonce: C8781rYQx9kvyOz8BgW9CRAPRoPoWRnRiU4CRHeu1IWaBZs 2023-03-07 06:43:23,487:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-07 06:43:23,488:INFO:certbot._internal.auth_handler:http-01 challenge for metukim.xyz 2023-03-07 06:43:23,506:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-07 06:43:23,506:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-07 06:43:23,507:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-07 06:43:23,507:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-07 06:43:23,507:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-07 06:43:23,507:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-07 06:43:23,508:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-07 06:43:23,508:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-07 06:43:23,508:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-07 06:43:23,508:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-07 06:43:23,508:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-07 06:43:23,509:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-07 06:43:23,509:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-07 06:43:23,509:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-07 06:43:23,509:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-07 06:43:23,510:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-07 06:43:23,510:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-07 06:43:23,510:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-07 06:43:23,510:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-07 06:43:23,511:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-07 06:43:23,511:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-07 06:43:23,511:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-07 06:43:23,511:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-07 06:43:23,511:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-07 06:43:23,512:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-07 06:43:23,512:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-07 06:43:23,512:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-07 06:43:23,512:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-07 06:43:23,513:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-07 06:43:23,513:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-07 06:43:23,513:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-07 06:43:23,513:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-07 06:43:23,513:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-07 06:43:23,514:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-07 06:43:23,514:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-07 06:43:23,514:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-07 06:43:23,515:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server { listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-07 06:43:23,516:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/metukim: server { server_name metukim.xyz ; root /var/www/metukim ; index index.html index.htm index.nginx-debian.html ; location / { try_files $uri $uri/ =404 ; } listen [::]:443 ssl; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/metukim.xyz/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/metukim.xyz/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = metukim.xyz) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name metukim.xyz ; return 404; # managed by Certbot location = /.well-known/acme-challenge/7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs{default_type text/plain;return 200 7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } 2023-03-07 06:43:23,539:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-07 06:43:23,563:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-07 06:43:23,563:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-07 06:43:23,563:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-07 06:43:24,846:ERROR:certbot._internal.renewal:Failed to renew certificate metukim.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-07 06:43:24,847:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-07 06:43:24,847:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-07 06:43:24,848:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-07 06:43:24,848:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) 2023-03-07 06:43:24,848:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-07 06:43:24,848:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) /etc/letsencrypt/live/metukim.xyz/fullchain.pem (failure) 2023-03-07 06:43:24,848:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-07 06:43:24,850:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2023-03-07 06:43:24,851:ERROR:certbot._internal.log:2 renew failure(s), 0 parse failure(s) 2023-03-07 17:56:21,554:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-07 17:56:21,554:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-07 17:56:21,554:DEBUG:certbot._internal.main:Arguments: ['-q'] 2023-03-07 17:56:21,554:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-07 17:56:21,593:DEBUG:certbot._internal.log:Root logging level set at 30 2023-03-07 17:56:21,593:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-07 17:56:21,595:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-07 17:56:21,606:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-07 17:56:21,619:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-07 17:56:21,697:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-07 17:56:21,699:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-07 17:56:21,703:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-07 17:56:21,708:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-07 17:56:21,709:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-07 17:56:21,709:INFO:certbot._internal.renewal:Non-interactive renewal: random delay of 82.88105415817297 seconds 2023-03-07 17:57:44,664:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-07 17:57:45,210:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-07 17:57:45,213:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-07 17:57:45,213:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-07 17:57:45,213:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-07 17:57:45,225:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-07 17:57:45,227:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-07 17:57:45,231:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-07 17:57:45,363:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-07 17:57:45,364:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 07 Mar 2023 17:57:45 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "UPh3D2HS0yQ": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-07 17:57:45,366:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-07 17:57:45,425:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0101_key-certbot.pem 2023-03-07 17:57:45,430:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0101_csr-certbot.pem 2023-03-07 17:57:45,431:DEBUG:acme.client:Requesting fresh nonce 2023-03-07 17:57:45,431:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-07 17:57:45,474:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-07 17:57:45,475:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 07 Mar 2023 17:57:45 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 15C9PwjSMTfSnAVIcstVpb6wwlqaBX5JxedyoTuJhW-49Yk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-07 17:57:45,475:DEBUG:acme.client:Storing nonce: 15C9PwjSMTfSnAVIcstVpb6wwlqaBX5JxedyoTuJhW-49Yk 2023-03-07 17:57:45,476:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-07 17:57:45,478:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjE1QzlQd2pTTVRmU25BVkljc3RWcGI2d3dscWFCWDVKeGVkeW9UdUpoVy00OVlrIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "PEvg_Rb74vpaSx4YIC6ELuINzYdpwmzRIPAJfUEC1ZbJVGmeZ_iN0IEcXrZeQBqeyBWlMa-pg40fIJoTE4eJXjrl6A82WyRzmanui_SRHrTK0ec3DajXO8EDf7ejXXr9ceFp3F41qHvZdIR4MnDkVZF0XnsGZEKLFL6yq_gQlIuYjkSt6_rDKPh2jTNHBaK7twiZx55Kgm-hMJZcYGCTApoP_huRpXIjjt6TYzCKFSZ98Qffs7p_xEh6ftaZlfCxnjXE0dutrK0xoC1gwkR7-v4Jvkqr1GFJFjri2xDRznXC5Jt4XGSd24KOBMvKp4J6eu8kN0LYJBwbwubQF16Wzg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-07 17:57:45,532:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-07 17:57:45,532:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Tue, 07 Mar 2023 17:57:45 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/168546479487 Replay-Nonce: 1DFA6i_Y7N9qdoQlxzjUJcHkDyLARqqXUIapwCodv4Sn02o X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-13T17:07:28Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/208713537227" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/168546479487" } 2023-03-07 17:57:45,532:DEBUG:acme.client:Storing nonce: 1DFA6i_Y7N9qdoQlxzjUJcHkDyLARqqXUIapwCodv4Sn02o 2023-03-07 17:57:45,533:DEBUG:acme.client:JWS payload: b'' 2023-03-07 17:57:45,535:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/208713537227: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFERkE2aV9ZN045cWRvUWx4empVSmNIa0R5TEFScXFYVUlhcHdDb2R2NFNuMDJvIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDg3MTM1MzcyMjcifQ", "signature": "fp9mWSlfcXHNDCykejBq2smQk1gkfxtmwpLag6S_75wwBWIiuIjeRfwXJ_v-ulY7kcKvly13ejm5wmqtmscdEYMZKNS0QRX51-YJmMP7yWYG-xDesQGGRC0R2S8ZDQN-cQDqqUnynSKF9F06rd7HPA60I-L4vRAiF8DyLDFxBjrxXuC0oj4OJ0pPBe-2nenMPrydQizLFRSKzmVz9KAE2_9wB7sxBUs6kpfu2_wo0pRZZkjmonsjR915ZPy_pLgaJ_i_Ppb5_za4ywgfS_wZwk-cXkdsmQUkYd_1Cbab2Ms4vlGoxvxGMGOS7zoZzFvihUD-2Au9zlLhPkYVpuCDzw", "payload": "" } 2023-03-07 17:57:45,582:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/208713537227 HTTP/1.1" 200 794 2023-03-07 17:57:45,582:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 07 Mar 2023 17:57:45 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 15C9UCvg25D3DAlsGIcK2A9pLSNmNGmvLKYnkZD6NlL22bA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-13T17:07:28Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/_vYSRQ", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/oKirUA", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/0MevQw", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" } ] } 2023-03-07 17:57:45,583:DEBUG:acme.client:Storing nonce: 15C9UCvg25D3DAlsGIcK2A9pLSNmNGmvLKYnkZD6NlL22bA 2023-03-07 17:57:45,584:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-07 17:57:45,584:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-07 17:57:45,611:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-07 17:57:45,612:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-07 17:57:45,614:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-07 17:57:45,614:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-07 17:57:45,614:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-07 17:57:45,614:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-07 17:57:45,615:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-07 17:57:45,615:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-07 17:57:45,615:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-07 17:57:45,616:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-07 17:57:45,616:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-07 17:57:45,617:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-07 17:57:45,617:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-07 17:57:45,617:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-07 17:57:45,618:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-07 17:57:45,618:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-07 17:57:45,618:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-07 17:57:45,619:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-07 17:57:45,619:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-07 17:57:45,619:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-07 17:57:45,619:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-07 17:57:45,620:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-07 17:57:45,620:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-07 17:57:45,620:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-07 17:57:45,620:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-07 17:57:45,621:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-07 17:57:45,621:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-07 17:57:45,622:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-07 17:57:45,622:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-07 17:57:45,623:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-07 17:57:45,623:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-07 17:57:45,623:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-07 17:57:45,624:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-07 17:57:45,624:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-07 17:57:45,624:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-07 17:57:45,625:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-07 17:57:45,627:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150{default_type text/plain;return 200 XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-07 17:57:45,659:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-07 17:57:45,686:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-07 17:57:45,686:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-07 17:57:45,686:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-07 17:57:47,187:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-07 17:57:47,195:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-07 17:57:47,195:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-07 17:57:47,219:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-07 17:57:47,291:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-07 17:57:47,293:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-07 17:57:47,294:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-07 17:57:47,296:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-07 17:57:47,296:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-07 17:57:47,297:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-07 17:57:47,297:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-07 17:57:47,317:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-07 17:57:47,387:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-07 17:57:47,389:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert4.pem is signed by the certificate's issuer. 2023-03-07 17:57:47,390:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert4.pem is: OCSPCertStatus.GOOD 2023-03-07 17:57:47,392:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-16 07:57:10 UTC. 2023-03-07 17:57:47,393:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-07 17:57:47,393:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-07 17:57:47,742:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-07 17:57:47,743:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-07 17:57:47,743:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-07 17:57:47,743:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-07 17:57:47,752:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-07 17:57:47,753:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-07 17:57:47,756:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-07 17:57:47,884:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-07 17:57:47,885:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 07 Mar 2023 17:57:47 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "9p2x_MUiGKk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-07 17:57:47,887:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for metukim.xyz 2023-03-07 17:57:48,157:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0102_key-certbot.pem 2023-03-07 17:57:48,161:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0102_csr-certbot.pem 2023-03-07 17:57:48,162:DEBUG:acme.client:Requesting fresh nonce 2023-03-07 17:57:48,162:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-07 17:57:48,206:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-07 17:57:48,206:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 07 Mar 2023 17:57:48 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1DFA_RxBp56RNDeDZa4zboaUjusfJ0qxwwNJWuvj8h3v3Zs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-07 17:57:48,207:DEBUG:acme.client:Storing nonce: 1DFA_RxBp56RNDeDZa4zboaUjusfJ0qxwwNJWuvj8h3v3Zs 2023-03-07 17:57:48,207:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "metukim.xyz"\n }\n ]\n}' 2023-03-07 17:57:48,209:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFERkFfUnhCcDU2Uk5EZURaYTR6Ym9hVWp1c2ZKMHF4d3dOSld1dmo4aDN2M1pzIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "y8DNnPvLChAqjhjsZsYanhvIb2kpcl871acKWfdeWR_m2XcdE0WAL5TEsVbnri-glY9GReUC_cR3ILIudUNr5ZC-oa2PESiDjWfW0-kg447TBGLfkbHGchhndQGP1ArS_rw0NOEfj-eDHArh4cQaG7uLuzCgZbwEeF-Q_flcOWA-lUOlzrqoO1XDDXPj59FylTiRFVpsxxc24dV5ejfsBQbfgh5heFq5xjcNGWT2wwCL0dksmFZQPWFsMVUM-pFxbV1RX69ANsirwc4__PV_enXHOJ7zogEURt1OwV5EXcaUdtt_l0zOnsKyXSGSvGItXGc8d5bYg-pO6QVkp-B4Ow", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm1ldHVraW0ueHl6IgogICAgfQogIF0KfQ" } 2023-03-07 17:57:48,259:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 336 2023-03-07 17:57:48,260:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Tue, 07 Mar 2023 17:57:48 GMT Content-Type: application/json Content-Length: 336 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/167467085376 Replay-Nonce: 327CwB92HY5xjlrMXrohrvXp6LXI2_TGfD8l3ONRSqh1qk0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-08T00:09:18Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/207204184356" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/167467085376" } 2023-03-07 17:57:48,260:DEBUG:acme.client:Storing nonce: 327CwB92HY5xjlrMXrohrvXp6LXI2_TGfD8l3ONRSqh1qk0 2023-03-07 17:57:48,260:DEBUG:acme.client:JWS payload: b'' 2023-03-07 17:57:48,262:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/207204184356: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjMyN0N3QjkySFk1eGpsck1Ycm9ocnZYcDZMWEkyX1RHZkQ4bDNPTlJTcWgxcWswIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDcyMDQxODQzNTYifQ", "signature": "j02gLhS-qz-vZ6DfsO74NwNqMvVf4IZ9b-1nSNGMOMvBHK3QRozIHcog42Nw25wOvSlUSM450iAFf-ZirKDjmJhWWubp5q9VH-EM3jTSE3M3yybYAZtJsefhIiqhJx4jsMkxZBBQ4dxaa4qu4k9U62ivZcRnkukxWj--Q2QKl774YPXi6VAe3DczX9wyGV4f82g4bD4tY_1L7tV0m1BovQenNcK-icx_TZ8-MNtwpOLlD5J1R2gGNbkzHk6HrCfTREx2lwHU0vJ-4nILDmSIMfItRrYIGmg2V7VKGEHEpvJc7XL3XASIKl1EqdtV-QruYvPh0yuQeTxLlyio66aOWw", "payload": "" } 2023-03-07 17:57:48,337:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/207204184356 HTTP/1.1" 200 795 2023-03-07 17:57:48,338:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 07 Mar 2023 17:57:48 GMT Content-Type: application/json Content-Length: 795 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 15C9xh6I2IyQUKPjlaxxsn20UAMt6dMUKU4Airn2p8qlr5Y X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "metukim.xyz" }, "status": "pending", "expires": "2023-03-08T00:09:18Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/207204184356/dl_yDw", "token": "7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/207204184356/QJikEA", "token": "7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/207204184356/nbDArQ", "token": "7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs" } ] } 2023-03-07 17:57:48,338:DEBUG:acme.client:Storing nonce: 15C9xh6I2IyQUKPjlaxxsn20UAMt6dMUKU4Airn2p8qlr5Y 2023-03-07 17:57:48,339:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-07 17:57:48,339:INFO:certbot._internal.auth_handler:http-01 challenge for metukim.xyz 2023-03-07 17:57:48,379:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-07 17:57:48,380:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-07 17:57:48,380:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-07 17:57:48,381:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-07 17:57:48,381:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-07 17:57:48,381:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-07 17:57:48,381:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-07 17:57:48,386:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-07 17:57:48,386:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-07 17:57:48,386:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-07 17:57:48,387:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-07 17:57:48,387:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-07 17:57:48,387:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-07 17:57:48,387:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-07 17:57:48,388:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-07 17:57:48,388:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-07 17:57:48,388:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-07 17:57:48,389:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-07 17:57:48,389:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-07 17:57:48,389:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-07 17:57:48,389:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-07 17:57:48,394:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-07 17:57:48,394:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-07 17:57:48,394:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-07 17:57:48,395:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-07 17:57:48,395:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-07 17:57:48,395:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-07 17:57:48,396:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-07 17:57:48,398:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-07 17:57:48,398:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-07 17:57:48,398:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-07 17:57:48,399:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-07 17:57:48,399:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-07 17:57:48,399:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-07 17:57:48,399:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-07 17:57:48,399:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-07 17:57:48,401:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server { listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-07 17:57:48,406:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/metukim: server { server_name metukim.xyz ; root /var/www/metukim ; index index.html index.htm index.nginx-debian.html ; location / { try_files $uri $uri/ =404 ; } listen [::]:443 ssl; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/metukim.xyz/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/metukim.xyz/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = metukim.xyz) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name metukim.xyz ; return 404; # managed by Certbot location = /.well-known/acme-challenge/7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs{default_type text/plain;return 200 7Q22Tcw2fgJ5drufpr_VXgOsQ170lL68TUMeKuLUKTs.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } 2023-03-07 17:57:48,466:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-07 17:57:48,517:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-07 17:57:48,517:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-07 17:57:48,517:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-07 17:57:49,863:ERROR:certbot._internal.renewal:Failed to renew certificate metukim.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-07 17:57:49,869:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-07 17:57:49,869:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-07 17:57:49,870:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-07 17:57:49,870:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) 2023-03-07 17:57:49,870:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-07 17:57:49,870:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) /etc/letsencrypt/live/metukim.xyz/fullchain.pem (failure) 2023-03-07 17:57:49,871:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-07 17:57:49,871:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2023-03-07 17:57:49,873:ERROR:certbot._internal.log:2 renew failure(s), 0 parse failure(s) 2023-03-08 09:07:14,043:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-08 09:07:14,043:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-08 09:07:14,043:DEBUG:certbot._internal.main:Arguments: ['-q'] 2023-03-08 09:07:14,043:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-08 09:07:14,061:DEBUG:certbot._internal.log:Root logging level set at 30 2023-03-08 09:07:14,077:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-08 09:07:14,081:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-08 09:07:14,094:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-08 09:07:14,109:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-08 09:07:14,174:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-08 09:07:14,175:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-08 09:07:14,179:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-08 09:07:14,186:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-08 09:07:14,186:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-08 09:07:14,186:INFO:certbot._internal.renewal:Non-interactive renewal: random delay of 472.3951036084617 seconds 2023-03-08 09:15:06,705:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-08 09:15:07,386:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-08 09:15:07,398:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-08 09:15:07,398:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-08 09:15:07,399:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-08 09:15:07,440:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-08 09:15:07,452:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-08 09:15:07,473:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-08 09:15:07,695:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-08 09:15:07,697:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 08 Mar 2023 09:15:07 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "dK1LVIO3JMA": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-08 09:15:07,708:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-08 09:15:07,781:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0103_key-certbot.pem 2023-03-08 09:15:07,787:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0103_csr-certbot.pem 2023-03-08 09:15:07,788:DEBUG:acme.client:Requesting fresh nonce 2023-03-08 09:15:07,789:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-08 09:15:07,859:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-08 09:15:07,860:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 08 Mar 2023 09:15:07 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: F70Ed2bdI7rL-iDihEpwtT-n_G1oHbq8reGmQ4Tm9RGSWJg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-08 09:15:07,861:DEBUG:acme.client:Storing nonce: F70Ed2bdI7rL-iDihEpwtT-n_G1oHbq8reGmQ4Tm9RGSWJg 2023-03-08 09:15:07,862:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-08 09:15:07,871:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkY3MEVkMmJkSTdyTC1pRGloRXB3dFQtbl9HMW9IYnE4cmVHbVE0VG05UkdTV0pnIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "VKsv7Dzbe0J5qHwyjlLF_fIRciLDd0HhepbB8t5qKm9vm83IcusZfBf2jM4DQ_gOsvoSMnV6vpPAxvf9tLBFw1Wdt-FfCQ1U0NUuLEczSDLPpOQQpLT-Mp4fUWwNim6Hl-RcTJ83wLcay5v_rGgdamDG6XE9mK-rG--2ZZvP1TZGExl3U8pQ6OpNGehgHq4kf_2TmbdJI_-LXlRmxvYE6bH9-khtE5fatwN1WZ7pch_aJfAQiWRB3TvOfJZ_rBXP2U3daIXJwzoRMbGasefefFHYHkgBR1VM5J7ltj1BB1tfhTUCqp6ETTchnkUmvB8_iaUeDO2atnBr-a5PSHRXOQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-08 09:15:07,959:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-08 09:15:07,960:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 08 Mar 2023 09:15:07 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/168546479487 Replay-Nonce: A5FEYP82Eb80OYJb-lOUB6J5vDN05fYB6tud5v9uDys_orE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-13T17:07:28Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/208713537227" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/168546479487" } 2023-03-08 09:15:07,960:DEBUG:acme.client:Storing nonce: A5FEYP82Eb80OYJb-lOUB6J5vDN05fYB6tud5v9uDys_orE 2023-03-08 09:15:07,961:DEBUG:acme.client:JWS payload: b'' 2023-03-08 09:15:07,962:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/208713537227: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkE1RkVZUDgyRWI4ME9ZSmItbE9VQjZKNXZETjA1ZllCNnR1ZDV2OXVEeXNfb3JFIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDg3MTM1MzcyMjcifQ", "signature": "LYcNGcoy29q3kCjnc_33vZ-Z6kOvSZnyJaBH4qavIz0UzT5Qe7YmVjOudbhn0MpSJSb2oVqtbLhiRsKWoiURoNtOz8sKPQbAGPrGv9XycrKEtGAFibZMZL9wKIcOtvKf7co4srUOPbqpRM2Ai93mwiJR9Z4mkOxYlF2gvJbwVo5XLGOmAsJq8GwP_qHTg3hRKbHNgFjLrFxwfKIXk_mcL07sPJp3eBnlNIbj_Z1EzWL3ShAMkTg1eYE39WnSfwPDPalbC5BQLd4XBRe8IfMi46sRYc1ir33ZpMQvn_WV-J_TC80xjb_4Lzzuwa4t7TKtdPomfQHe63M_nibRiZQt7A", "payload": "" } 2023-03-08 09:15:08,037:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/208713537227 HTTP/1.1" 200 794 2023-03-08 09:15:08,037:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 08 Mar 2023 09:15:07 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A5FE23t9IvC4WKpaTAnjsDykxW-TPbRTgvwDl3kJxQ2wdfk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-13T17:07:28Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/_vYSRQ", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/oKirUA", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/0MevQw", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" } ] } 2023-03-08 09:15:08,037:DEBUG:acme.client:Storing nonce: A5FE23t9IvC4WKpaTAnjsDykxW-TPbRTgvwDl3kJxQ2wdfk 2023-03-08 09:15:08,039:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-08 09:15:08,040:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-08 09:15:08,062:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-08 09:15:08,064:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-08 09:15:08,069:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-08 09:15:08,069:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-08 09:15:08,070:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-08 09:15:08,070:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-08 09:15:08,071:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-08 09:15:08,071:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-08 09:15:08,071:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-08 09:15:08,072:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-08 09:15:08,072:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-08 09:15:08,072:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-08 09:15:08,073:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-08 09:15:08,073:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-08 09:15:08,074:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-08 09:15:08,074:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-08 09:15:08,074:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-08 09:15:08,075:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-08 09:15:08,075:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-08 09:15:08,076:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-08 09:15:08,076:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-08 09:15:08,076:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-08 09:15:08,077:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-08 09:15:08,077:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-08 09:15:08,077:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-08 09:15:08,078:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-08 09:15:08,078:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-08 09:15:08,078:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-08 09:15:08,078:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-08 09:15:08,079:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-08 09:15:08,079:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-08 09:15:08,080:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-08 09:15:08,080:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-08 09:15:08,080:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-08 09:15:08,081:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-08 09:15:08,081:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-08 09:15:08,083:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150{default_type text/plain;return 200 XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-08 09:15:08,115:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-08 09:15:08,151:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-08 09:15:08,151:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-08 09:15:08,151:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-08 09:15:09,413:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-08 09:15:09,421:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-08 09:15:09,422:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-08 09:15:09,453:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-08 09:15:09,524:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-08 09:15:09,528:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-08 09:15:09,532:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-08 09:15:09,535:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-08 09:15:09,536:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-08 09:15:09,536:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-08 09:15:09,537:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-08 09:15:09,543:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-08 09:15:09,610:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-08 09:15:09,611:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert4.pem is signed by the certificate's issuer. 2023-03-08 09:15:09,612:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert4.pem is: OCSPCertStatus.GOOD 2023-03-08 09:15:09,613:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-16 07:57:10 UTC. 2023-03-08 09:15:09,613:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-08 09:15:09,613:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-08 09:15:09,876:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-08 09:15:09,877:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-08 09:15:09,877:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-08 09:15:09,877:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-08 09:15:09,885:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-08 09:15:09,885:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-08 09:15:09,887:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-08 09:15:10,098:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-08 09:15:10,099:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 08 Mar 2023 09:15:10 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "tcLpE0a4vL0": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2023-03-08 09:15:10,100:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for metukim.xyz 2023-03-08 09:15:10,345:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0104_key-certbot.pem 2023-03-08 09:15:10,348:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0104_csr-certbot.pem 2023-03-08 09:15:10,349:DEBUG:acme.client:Requesting fresh nonce 2023-03-08 09:15:10,350:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-08 09:15:10,420:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-08 09:15:10,421:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 08 Mar 2023 09:15:10 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A5FEqxhgRf-pp8UW5wnbCj7YVwL1ALlzu6gfpUEK8ru6c2E X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-08 09:15:10,421:DEBUG:acme.client:Storing nonce: A5FEqxhgRf-pp8UW5wnbCj7YVwL1ALlzu6gfpUEK8ru6c2E 2023-03-08 09:15:10,421:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "metukim.xyz"\n }\n ]\n}' 2023-03-08 09:15:10,423:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkE1RkVxeGhnUmYtcHA4VVc1d25iQ2o3WVZ3TDFBTGx6dTZnZnBVRUs4cnU2YzJFIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "yEjCoSkzsolocd4hE1oJuUUrHTczizx8eixMhyRRHio6mln2fcPsjpttukET630UoLb9ndmuLyrUIIOEq6_ZBiUucYeLltpDJ-uosVegMdx8IQ6wUyvqoMm9kyNkTfFtb840E7R52ZMib09ZK8k06ycKj5qCeNeirHsGYmsQ_KNLzokgb3JJR2ZaJ5ssO-Iy66DGd6aBenG4GY_qznNxZFgqZ-Nd9UVg_wXR9sCiGUVynSt_sjCRetdr5J1ro2Hy3blr_C6BuXc3CriCZ66RfXLiAYaHtsTKiqNP_QqH-VAVV51nTaks-VZCjmyAuUnkE_QPUg1fL7l8Zb_fabq-OA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm1ldHVraW0ueHl6IgogICAgfQogIF0KfQ" } 2023-03-08 09:15:10,529:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 336 2023-03-08 09:15:10,530:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 08 Mar 2023 09:15:10 GMT Content-Type: application/json Content-Length: 336 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/168868523197 Replay-Nonce: A5FEJQmHbSMZyAwZ4WVItYJ_8Zsm_HZb1xp57GYkoSUpunE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-15T09:15:10Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/209163021837" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/168868523197" } 2023-03-08 09:15:10,530:DEBUG:acme.client:Storing nonce: A5FEJQmHbSMZyAwZ4WVItYJ_8Zsm_HZb1xp57GYkoSUpunE 2023-03-08 09:15:10,531:DEBUG:acme.client:JWS payload: b'' 2023-03-08 09:15:10,532:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209163021837: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkE1RkVKUW1IYlNNWnlBd1o0V1ZJdFlKXzhac21fSFpiMXhwNTdHWWtvU1VwdW5FIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDkxNjMwMjE4MzcifQ", "signature": "mAXIe2XwD0arsArUdzjC_PWBHLPvVHDHpBDMvNaNjf_szaG1iZkSTFXDg6acOQp0kknK6pdL7DICLdrRfdQUtmAXLEva9fZzZmIyeNp3q4yUi6Qc-HsIF_LwlxqD4mMndrzEmYcH5aMSeB8muPSTgAPuOHnDFPpUcJ_oeTxIoYw-s3wp12h3Yt3tYySed3tL12v9j_aq3CwCebwmkxlgL-6gDcLDJeT3N-J-th0uywsBDr4_h4ELUl4zQ3kK5rrsuznRjVgcYadlFSzB7Ef9REEHQVjssC-tFJwEZd5q---MvTJxv18E43EQKn7YUfXrUMF8WxX8iR1CKNLN8v2bpA", "payload": "" } 2023-03-08 09:15:10,606:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209163021837 HTTP/1.1" 200 795 2023-03-08 09:15:10,606:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 08 Mar 2023 09:15:10 GMT Content-Type: application/json Content-Length: 795 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A5FEs8--Retv_9I3yYeVXkXvWMmcNUh9bPDA5uaHYaPQzC4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "metukim.xyz" }, "status": "pending", "expires": "2023-03-15T09:15:10Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/0wujUw", "token": "OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/xV_7xA", "token": "OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/L-i0dA", "token": "OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0" } ] } 2023-03-08 09:15:10,607:DEBUG:acme.client:Storing nonce: A5FEs8--Retv_9I3yYeVXkXvWMmcNUh9bPDA5uaHYaPQzC4 2023-03-08 09:15:10,607:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-08 09:15:10,607:INFO:certbot._internal.auth_handler:http-01 challenge for metukim.xyz 2023-03-08 09:15:10,626:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-08 09:15:10,627:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-08 09:15:10,627:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-08 09:15:10,628:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-08 09:15:10,628:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-08 09:15:10,628:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-08 09:15:10,629:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-08 09:15:10,629:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-08 09:15:10,629:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-08 09:15:10,629:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-08 09:15:10,630:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-08 09:15:10,630:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-08 09:15:10,630:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-08 09:15:10,630:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-08 09:15:10,631:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-08 09:15:10,631:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-08 09:15:10,631:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-08 09:15:10,631:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-08 09:15:10,632:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-08 09:15:10,632:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-08 09:15:10,632:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-08 09:15:10,632:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-08 09:15:10,633:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-08 09:15:10,633:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-08 09:15:10,633:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-08 09:15:10,634:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-08 09:15:10,634:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-08 09:15:10,634:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-08 09:15:10,634:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-08 09:15:10,635:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-08 09:15:10,635:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-08 09:15:10,635:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-08 09:15:10,635:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-08 09:15:10,635:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-08 09:15:10,636:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-08 09:15:10,636:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-08 09:15:10,638:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server { listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-08 09:15:10,639:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/metukim: server { server_name metukim.xyz ; root /var/www/metukim ; index index.html index.htm index.nginx-debian.html ; location / { try_files $uri $uri/ =404 ; } listen [::]:443 ssl; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/metukim.xyz/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/metukim.xyz/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = metukim.xyz) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name metukim.xyz ; return 404; # managed by Certbot location = /.well-known/acme-challenge/OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0{default_type text/plain;return 200 OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } 2023-03-08 09:15:10,663:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-08 09:15:10,688:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-08 09:15:10,688:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-08 09:15:10,688:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-08 09:15:12,090:ERROR:certbot._internal.renewal:Failed to renew certificate metukim.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-08 09:15:12,092:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-08 09:15:12,092:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-08 09:15:12,093:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-08 09:15:12,093:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) 2023-03-08 09:15:12,093:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-08 09:15:12,093:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) /etc/letsencrypt/live/metukim.xyz/fullchain.pem (failure) 2023-03-08 09:15:12,093:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-08 09:15:12,094:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2023-03-08 09:15:12,096:ERROR:certbot._internal.log:2 renew failure(s), 0 parse failure(s) 2023-03-08 18:44:58,701:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-08 18:44:58,702:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-08 18:44:58,702:DEBUG:certbot._internal.main:Arguments: ['-q'] 2023-03-08 18:44:58,702:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-08 18:44:58,719:DEBUG:certbot._internal.log:Root logging level set at 30 2023-03-08 18:44:58,735:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-08 18:44:58,738:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-08 18:44:58,750:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-08 18:44:58,760:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-08 18:44:58,819:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-08 18:44:58,821:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-08 18:44:58,826:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-08 18:44:58,833:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-08 18:44:58,833:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-08 18:44:58,833:INFO:certbot._internal.renewal:Non-interactive renewal: random delay of 247.44930525194388 seconds 2023-03-08 18:49:06,400:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-08 18:49:07,015:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-08 18:49:07,020:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-08 18:49:07,020:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-08 18:49:07,020:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-08 18:49:07,038:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-08 18:49:07,041:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-08 18:49:07,046:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-08 18:49:07,270:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-08 18:49:07,271:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 08 Mar 2023 18:49:07 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "38_MFRAONe4": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-08 18:49:07,277:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-08 18:49:07,411:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0105_key-certbot.pem 2023-03-08 18:49:07,418:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0105_csr-certbot.pem 2023-03-08 18:49:07,419:DEBUG:acme.client:Requesting fresh nonce 2023-03-08 18:49:07,419:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-08 18:49:07,490:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-08 18:49:07,491:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 08 Mar 2023 18:49:07 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A5FEXcRzfvza2p1a1RCvpuI9RU8uOyw_X9CQWyijKX8Wm0I X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-08 18:49:07,492:DEBUG:acme.client:Storing nonce: A5FEXcRzfvza2p1a1RCvpuI9RU8uOyw_X9CQWyijKX8Wm0I 2023-03-08 18:49:07,492:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-08 18:49:07,497:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkE1RkVYY1J6ZnZ6YTJwMWExUkN2cHVJOVJVOHVPeXdfWDlDUVd5aWpLWDhXbTBJIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "xesHQb8lEJHHt_KzwCYcHMnIs-hOMBH4dlBu4m426Sr80vsgbwpmP94VQZF6fzuZci6sM5WbY82Hc8nP2tQAEjYjurZA0oGxxSy4lCgPhfdzEClSeOqFEi3mQEyxd84WhSzQopqNivJlPE7fEu5b7tpiOJvqw1DhCEaFfyRvFrFZyOKBR6JonJ-J63SASo0j29ALWE_LGP4us489dcRLMVwBot3JYzSPgUe2F3F1Z0sunD0WZIDjcGQFrKTb1UFXeAmdFJNNsHs1qvT7EEXvVAFQEX5SHEahzusCG0jktCYzk5ivcARSp_oBZQLDACBONzp3Ep1fUsMe3d97UhUd6w", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-08 18:49:07,591:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-08 18:49:07,592:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 08 Mar 2023 18:49:07 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/168546479487 Replay-Nonce: 853FNu0N3qC6faXHWu81m-zpy0M7s29VU2yqsTC3dgHm8p8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-13T17:07:28Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/208713537227" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/168546479487" } 2023-03-08 18:49:07,592:DEBUG:acme.client:Storing nonce: 853FNu0N3qC6faXHWu81m-zpy0M7s29VU2yqsTC3dgHm8p8 2023-03-08 18:49:07,592:DEBUG:acme.client:JWS payload: b'' 2023-03-08 18:49:07,594:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/208713537227: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjg1M0ZOdTBOM3FDNmZhWEhXdTgxbS16cHkwTTdzMjlWVTJ5cXNUQzNkZ0htOHA4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDg3MTM1MzcyMjcifQ", "signature": "MOAyqHva__IM0CfklZMagGwO6i-cGszqLavOKo1fmSIyRLwES_BW0YFIfth_hNnydnS16U-9jXdqXLP0G8Q91WI-cxWc4ITA4sp_ByzDb8uTuSIEnh-uaLoQ5dVXQUohN5yzpWjr-YXcdbj2-JDLCzXEOFdV6ZBwUoZJGD9QOZcssZuCHTwwnlf4er3DaRRrTheWIjrX7vipFMsruXOT-mMf7MkWGAfsJ3sjPj5RG17OH2Ck1TgfYxa6rbvNHlIcCCQu36xswhRDYDxj0JNnjZqaUd_MLl2G2nZkeWpnbC7jr1-k8moirT-cSZI3VDFrjpOSAv0tlLbE0x2LCDXPBw", "payload": "" } 2023-03-08 18:49:07,667:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/208713537227 HTTP/1.1" 200 794 2023-03-08 18:49:07,668:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 08 Mar 2023 18:49:07 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: F70E0_5R7b2mBbkAaEhU72Ib6l4OB8ptnvIJnOxQAuCUNLE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-13T17:07:28Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/_vYSRQ", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/oKirUA", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/0MevQw", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" } ] } 2023-03-08 18:49:07,668:DEBUG:acme.client:Storing nonce: F70E0_5R7b2mBbkAaEhU72Ib6l4OB8ptnvIJnOxQAuCUNLE 2023-03-08 18:49:07,669:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-08 18:49:07,669:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-08 18:49:07,693:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-08 18:49:07,694:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-08 18:49:07,698:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-08 18:49:07,698:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-08 18:49:07,698:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-08 18:49:07,698:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-08 18:49:07,699:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-08 18:49:07,699:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-08 18:49:07,699:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-08 18:49:07,699:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-08 18:49:07,700:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-08 18:49:07,700:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-08 18:49:07,700:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-08 18:49:07,700:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-08 18:49:07,700:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-08 18:49:07,701:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-08 18:49:07,701:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-08 18:49:07,701:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-08 18:49:07,701:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-08 18:49:07,701:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-08 18:49:07,702:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-08 18:49:07,702:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-08 18:49:07,702:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-08 18:49:07,702:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-08 18:49:07,703:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-08 18:49:07,703:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-08 18:49:07,703:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-08 18:49:07,703:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-08 18:49:07,703:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-08 18:49:07,704:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-08 18:49:07,704:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-08 18:49:07,704:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-08 18:49:07,704:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-08 18:49:07,705:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-08 18:49:07,705:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-08 18:49:07,705:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-08 18:49:07,706:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150{default_type text/plain;return 200 XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-08 18:49:07,735:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-08 18:49:07,787:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-08 18:49:07,788:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-08 18:49:07,788:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-08 18:49:09,102:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-08 18:49:09,112:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-08 18:49:09,113:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-08 18:49:09,133:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-08 18:49:09,202:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-08 18:49:09,204:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-08 18:49:09,208:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-08 18:49:09,211:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-08 18:49:09,212:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-08 18:49:09,213:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-08 18:49:09,213:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-08 18:49:09,222:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-08 18:49:09,292:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-08 18:49:09,293:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert4.pem is signed by the certificate's issuer. 2023-03-08 18:49:09,294:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert4.pem is: OCSPCertStatus.GOOD 2023-03-08 18:49:09,295:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-16 07:57:10 UTC. 2023-03-08 18:49:09,295:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-08 18:49:09,295:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-08 18:49:09,596:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-08 18:49:09,597:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-08 18:49:09,597:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-08 18:49:09,597:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-08 18:49:09,604:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-08 18:49:09,605:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-08 18:49:09,607:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-08 18:49:09,818:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-08 18:49:09,819:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 08 Mar 2023 18:49:09 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "Piu60qCR-rE": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-08 18:49:09,821:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for metukim.xyz 2023-03-08 18:49:10,001:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0106_key-certbot.pem 2023-03-08 18:49:10,004:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0106_csr-certbot.pem 2023-03-08 18:49:10,006:DEBUG:acme.client:Requesting fresh nonce 2023-03-08 18:49:10,006:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-08 18:49:10,076:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-08 18:49:10,077:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 08 Mar 2023 18:49:10 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: F9770X25mTXk9fJX8YGAWzvVXgeGbZLPXTITCm7O42spKKw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-08 18:49:10,077:DEBUG:acme.client:Storing nonce: F9770X25mTXk9fJX8YGAWzvVXgeGbZLPXTITCm7O42spKKw 2023-03-08 18:49:10,077:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "metukim.xyz"\n }\n ]\n}' 2023-03-08 18:49:10,079:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkY5NzcwWDI1bVRYazlmSlg4WUdBV3p2VlhnZUdiWkxQWFRJVENtN080MnNwS0t3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "szwoB0JBESidi1eh-7AA1JUM64GnxvBD_Y7Ji4kxtWvB6Bu35MGL9F8lYx-wEGQM69wii6V5nItxiCmt1RlBV8ZZqHWAKZdz44af5j3BDRdbvayEi1-RC6BVG1WOLDyLg-P5yd0p1U9-OPCRyO9Xanssswk5SiyANsf-tpqfQKESeikMudHrOKwc7onX8to3UBYRRMlUdp8M17TE2AoPhgrDjR7mUwlzvmJa_nbMtFS6sSy6PI6ftoHRRwL2VOHuXggXvxbko2L4r4edsi45wkRYV15baQ3Hh2HpN082V6DYUpSFt2SCeITqgh-bn5f2eUMC9_cnpmryKLnaewCVFw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm1ldHVraW0ueHl6IgogICAgfQogIF0KfQ" } 2023-03-08 18:49:10,155:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 336 2023-03-08 18:49:10,155:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 08 Mar 2023 18:49:10 GMT Content-Type: application/json Content-Length: 336 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/168868523197 Replay-Nonce: F70EIUwC_s_OHY-lCNWNuktUY0ifeZxM2y6U9-nhRekgQ6k X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-15T09:15:10Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/209163021837" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/168868523197" } 2023-03-08 18:49:10,156:DEBUG:acme.client:Storing nonce: F70EIUwC_s_OHY-lCNWNuktUY0ifeZxM2y6U9-nhRekgQ6k 2023-03-08 18:49:10,156:DEBUG:acme.client:JWS payload: b'' 2023-03-08 18:49:10,157:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209163021837: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkY3MEVJVXdDX3NfT0hZLWxDTldOdWt0VVkwaWZlWnhNMnk2VTktbmhSZWtnUTZrIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDkxNjMwMjE4MzcifQ", "signature": "Zys_8xDDuSfJ6IhPHHVA2vWjDgFygMGVLgh1BNQCzxnj1eS8mLRpr6PrlmxtpxeBaCsGFYaw2yDnp8rhbYkoYWxmo-hGE3AmZ6YnuS0ESqkhTiMdczHEPFuDQP8Z5BfOj0xUuDNQp9IPi_XZxBZZcZwhC4hxZpWwpVceS4tNSLPBy2RzNsO6T6R3BAMRHUpWOCdF--3bU5Zhm0J1ZgNtGRIL8S2iri2KWoBMW3KN3Q0SujaKE4wAA-YHXc-L1Z9R9-JGqkW9bQBcH60lf9EbyAs-ZlNryBD6XeNMraKfnjmdKJgG9tpK8a4vfmms3WQGd17o_twOGDh6wOcLYZ3hDQ", "payload": "" } 2023-03-08 18:49:10,230:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209163021837 HTTP/1.1" 200 795 2023-03-08 18:49:10,230:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 08 Mar 2023 18:49:10 GMT Content-Type: application/json Content-Length: 795 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A5FEmYACika6J8v-zFEfnjVZNuuxRNyb-rF9MM3ZBbRmpQ0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "metukim.xyz" }, "status": "pending", "expires": "2023-03-15T09:15:10Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/0wujUw", "token": "OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/xV_7xA", "token": "OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/L-i0dA", "token": "OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0" } ] } 2023-03-08 18:49:10,231:DEBUG:acme.client:Storing nonce: A5FEmYACika6J8v-zFEfnjVZNuuxRNyb-rF9MM3ZBbRmpQ0 2023-03-08 18:49:10,231:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-08 18:49:10,231:INFO:certbot._internal.auth_handler:http-01 challenge for metukim.xyz 2023-03-08 18:49:10,251:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-08 18:49:10,252:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-08 18:49:10,252:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-08 18:49:10,252:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-08 18:49:10,252:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-08 18:49:10,253:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-08 18:49:10,253:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-08 18:49:10,253:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-08 18:49:10,253:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-08 18:49:10,254:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-08 18:49:10,254:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-08 18:49:10,254:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-08 18:49:10,254:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-08 18:49:10,255:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-08 18:49:10,255:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-08 18:49:10,255:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-08 18:49:10,255:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-08 18:49:10,255:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-08 18:49:10,256:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-08 18:49:10,256:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-08 18:49:10,256:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-08 18:49:10,256:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-08 18:49:10,257:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-08 18:49:10,257:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-08 18:49:10,257:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-08 18:49:10,257:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-08 18:49:10,257:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-08 18:49:10,258:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-08 18:49:10,258:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-08 18:49:10,258:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-08 18:49:10,258:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-08 18:49:10,259:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-08 18:49:10,259:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-08 18:49:10,259:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-08 18:49:10,259:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-08 18:49:10,259:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-08 18:49:10,261:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server { listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-08 18:49:10,262:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/metukim: server { server_name metukim.xyz ; root /var/www/metukim ; index index.html index.htm index.nginx-debian.html ; location / { try_files $uri $uri/ =404 ; } listen [::]:443 ssl; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/metukim.xyz/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/metukim.xyz/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = metukim.xyz) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name metukim.xyz ; return 404; # managed by Certbot location = /.well-known/acme-challenge/OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0{default_type text/plain;return 200 OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } 2023-03-08 18:49:10,285:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-08 18:49:10,308:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-08 18:49:10,309:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-08 18:49:10,309:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-08 18:49:11,643:ERROR:certbot._internal.renewal:Failed to renew certificate metukim.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-08 18:49:11,647:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-08 18:49:11,648:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-08 18:49:11,648:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-08 18:49:11,648:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) 2023-03-08 18:49:11,648:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-08 18:49:11,648:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) /etc/letsencrypt/live/metukim.xyz/fullchain.pem (failure) 2023-03-08 18:49:11,649:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-08 18:49:11,649:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2023-03-08 18:49:11,650:ERROR:certbot._internal.log:2 renew failure(s), 0 parse failure(s) 2023-03-09 08:37:08,903:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-09 08:37:08,904:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-09 08:37:08,904:DEBUG:certbot._internal.main:Arguments: [] 2023-03-09 08:37:08,905:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-09 08:37:08,924:DEBUG:certbot._internal.log:Root logging level set at 20 2023-03-09 08:37:08,948:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-09 08:37:08,951:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-09 08:37:08,964:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-09 08:37:08,977:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 08:37:09,051:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 08:37:09,053:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-09 08:37:09,058:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-09 08:37:09,067:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-09 08:37:09,067:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-09 08:37:09,068:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 08:37:09,588:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 08:37:09,589:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 08:37:09,589:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-09 08:37:09,589:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-09 08:37:09,599:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-09 08:37:09,600:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-09 08:37:09,602:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-09 08:37:09,818:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-09 08:37:09,819:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 08:37:09 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "pgzgHgTYbZo": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-09 08:37:09,821:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-09 08:37:09,923:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0107_key-certbot.pem 2023-03-09 08:37:09,932:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0107_csr-certbot.pem 2023-03-09 08:37:09,934:DEBUG:acme.client:Requesting fresh nonce 2023-03-09 08:37:09,934:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-09 08:37:10,009:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-09 08:37:10,010:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 08:37:09 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: F977PERyLc9JQgzBJu8mDl28DXNFcaA0xVyXmrisEJLCUi4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-09 08:37:10,011:DEBUG:acme.client:Storing nonce: F977PERyLc9JQgzBJu8mDl28DXNFcaA0xVyXmrisEJLCUi4 2023-03-09 08:37:10,011:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-09 08:37:10,015:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkY5NzdQRVJ5TGM5SlFnekJKdThtRGwyOERYTkZjYUEweFZ5WG1yaXNFSkxDVWk0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "CYuo7_qzuZ23F5kLbwaUvinaHPF5umSFuUf2j60Du5uTmUAW54QBvf_Zr74BEWvjOisa2flGDVTWUzHBwOj39lWP8duA-NuigssVYOZ5_wEy0Q20up083ilmkqkWLPFDfX6mbF227PAQjITBm4AxSdR0LNVxaabzE8xZK8skSmqEfBBEdeDpJ5CJ-hTnv-IRruYG4fDf1gV1B-t2_aEEa085kh8u6YsN-FNRH3462_LBpznret9-2fFtgmqZ430qJOI0-ejmA78N43BGNEq1nJ4v_renX0kEtg-ZdD9cDZ2_9pfY_SHRupaWnlgYasl-X0cnYJKlNIMkXZv1hO53EQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-09 08:37:10,100:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-09 08:37:10,101:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 09 Mar 2023 08:37:10 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/168546479487 Replay-Nonce: A5FEpffENfrkWeGeE3E2p4UslFGouZSvEJVE1ptwby8erq4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-13T17:07:28Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/208713537227" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/168546479487" } 2023-03-09 08:37:10,101:DEBUG:acme.client:Storing nonce: A5FEpffENfrkWeGeE3E2p4UslFGouZSvEJVE1ptwby8erq4 2023-03-09 08:37:10,102:DEBUG:acme.client:JWS payload: b'' 2023-03-09 08:37:10,104:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/208713537227: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkE1RkVwZmZFTmZya1dlR2VFM0UycDRVc2xGR291WlN2RUpWRTFwdHdieThlcnE0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDg3MTM1MzcyMjcifQ", "signature": "zkbXknsBsA0Qsr6qrwwnRYuTCPmxjf3t8vONz8XqmiLSyObkAiYghf2EcDX8mZZJM5n1ajNJXl9x43lSriizPO9RERcIvOE2BAyz1oyMYSwFaF2uG16k8dEWKNmnQ6LeaZQpz2WD9OxaknqSsKbJki9qMvtlmSlBk77SJ3lNUBKSGnx5uqK8jiEVRrT1ldB2BuuwRHv4Uj74pH-WhXXsRsMkDg5hqftBxzy5Jo2RWXZZryBoSF9FLnBr5ZUO2g4_rtj8rjKlEBDs3IzPvcgLjiDGIDBN7GITEknK-xdmcTISNZLMFdbvPUdyoZJw3K7LMnfrWntQgyWDbf1g0vR0sA", "payload": "" } 2023-03-09 08:37:10,178:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/208713537227 HTTP/1.1" 200 794 2023-03-09 08:37:10,179:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 08:37:10 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 853FTJTqkayqV98PlmhPfDMMZ1y3HG9_6vgn3f2326uuLeM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-13T17:07:28Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/_vYSRQ", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/oKirUA", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/0MevQw", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" } ] } 2023-03-09 08:37:10,179:DEBUG:acme.client:Storing nonce: 853FTJTqkayqV98PlmhPfDMMZ1y3HG9_6vgn3f2326uuLeM 2023-03-09 08:37:10,180:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-09 08:37:10,180:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-09 08:37:10,202:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-09 08:37:10,203:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-09 08:37:10,205:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-09 08:37:10,205:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-09 08:37:10,205:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-09 08:37:10,205:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-09 08:37:10,206:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-09 08:37:10,206:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-09 08:37:10,206:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-09 08:37:10,206:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-09 08:37:10,207:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-09 08:37:10,207:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-09 08:37:10,207:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-09 08:37:10,207:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-09 08:37:10,208:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-09 08:37:10,208:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-09 08:37:10,208:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-09 08:37:10,209:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-09 08:37:10,209:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-09 08:37:10,209:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-09 08:37:10,209:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-09 08:37:10,209:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-09 08:37:10,210:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-09 08:37:10,210:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-09 08:37:10,210:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-09 08:37:10,211:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-09 08:37:10,211:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-09 08:37:10,211:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-09 08:37:10,211:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-09 08:37:10,212:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-09 08:37:10,212:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-09 08:37:10,212:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-09 08:37:10,212:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-09 08:37:10,213:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-09 08:37:10,213:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-09 08:37:10,213:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-09 08:37:10,215:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150{default_type text/plain;return 200 XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-09 08:37:10,253:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-09 08:37:10,278:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-09 08:37:10,279:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-09 08:37:10,279:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-09 08:37:11,539:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-09 08:37:11,545:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-09 08:37:11,545:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-09 08:37:11,556:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 08:37:11,627:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 08:37:11,629:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-09 08:37:11,630:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-09 08:37:11,632:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-09 08:37:11,633:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 08:37:11,635:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-09 08:37:11,635:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-09 08:37:11,645:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 08:37:11,710:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 08:37:11,711:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert4.pem is signed by the certificate's issuer. 2023-03-09 08:37:11,712:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert4.pem is: OCSPCertStatus.GOOD 2023-03-09 08:37:11,713:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-16 07:57:10 UTC. 2023-03-09 08:37:11,713:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-09 08:37:11,714:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 08:37:12,049:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 08:37:12,050:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 08:37:12,050:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-09 08:37:12,050:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-09 08:37:12,061:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-09 08:37:12,063:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-09 08:37:12,065:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-09 08:37:12,275:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-09 08:37:12,275:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 08:37:12 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "SEs2ImspZX8": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-09 08:37:12,277:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for metukim.xyz 2023-03-09 08:37:12,432:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0108_key-certbot.pem 2023-03-09 08:37:12,435:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0108_csr-certbot.pem 2023-03-09 08:37:12,437:DEBUG:acme.client:Requesting fresh nonce 2023-03-09 08:37:12,437:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-09 08:37:12,508:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-09 08:37:12,509:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 08:37:12 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A5FE8Df1Oe_hFSY2_DONhw2XLvKJ4Dkz2CPIIhdW8iLRNKo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-09 08:37:12,509:DEBUG:acme.client:Storing nonce: A5FE8Df1Oe_hFSY2_DONhw2XLvKJ4Dkz2CPIIhdW8iLRNKo 2023-03-09 08:37:12,509:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "metukim.xyz"\n }\n ]\n}' 2023-03-09 08:37:12,511:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkE1RkU4RGYxT2VfaEZTWTJfRE9OaHcyWEx2S0o0RGt6MkNQSUloZFc4aUxSTktvIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "SR4qXbsCQKF82q8vhslg9S8F9uwXUhClewTAmdIS_LE251P3r1cr_V2Dgpl32l6fyBlcrcbtnGO4wYWE8rT17BNvKqy3ej3id6mrSoFeeGntGtb8PjpHvFQKvSNovcZqiW603eCX_J2rq7kXhFxsTyNd8JR3oEieM3POx4M7yurtfyKaMuBKOMPGvHkjE091_odrhtiIW40gCNti3le0eRG3xtc1VRMcPYzjBjP0591V1DnRb8yacnItUkjY7fHZHDRf0COem9rx78G5M3AR1ptpwaDUUjyOTbfhM5f0W6Etw3SutQ51GNi1kOOxbsRNDm9jkkDRjgdjDGBSuZkOiw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm1ldHVraW0ueHl6IgogICAgfQogIF0KfQ" } 2023-03-09 08:37:12,591:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 336 2023-03-09 08:37:12,592:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 09 Mar 2023 08:37:12 GMT Content-Type: application/json Content-Length: 336 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/168868523197 Replay-Nonce: F977jh95pHVctWTapeTo4UqQQwowt0JF5UovHmgnUhlSMyE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-15T09:15:10Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/209163021837" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/168868523197" } 2023-03-09 08:37:12,592:DEBUG:acme.client:Storing nonce: F977jh95pHVctWTapeTo4UqQQwowt0JF5UovHmgnUhlSMyE 2023-03-09 08:37:12,592:DEBUG:acme.client:JWS payload: b'' 2023-03-09 08:37:12,594:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209163021837: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkY5NzdqaDk1cEhWY3RXVGFwZVRvNFVxUVF3b3d0MEpGNVVvdkhtZ25VaGxTTXlFIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDkxNjMwMjE4MzcifQ", "signature": "a9zkXcMAgfyvtrl0hrshA4sReUunqcxbKMWURfRRuOB_OhmDsEAo4DCcCX2VR7X3nubw-cYbMv-tQrU_OvwXP1YR8vJOJOLt4xKk6ar1TcFjaCai1vayPD0L_vmYHReHGeoZAWMDf9T0uir4iCBY0LzbZxJKUeSM4TQzxqymWFHKiX2E456odaW7ZkKPY6ysYF18fC_EsLGbCxPgAT0-sBrs5-RupTEQ2g4LWwlKjH3Cvxmz1ByWkhPYsI6KKcuRMvESX9Ll1PnsNunMp1u2eJ8zryCLshPXTaA4mSqbZsVkj2gj1etG1Bdo6s6yzKq7YMqckMgYFWRf1YAJAkvG4w", "payload": "" } 2023-03-09 08:37:12,666:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209163021837 HTTP/1.1" 200 795 2023-03-09 08:37:12,667:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 08:37:12 GMT Content-Type: application/json Content-Length: 795 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: F977Uar6Un9ajJN05LpqGSHZg1Kw1MSzU8y_zwEHRFmGtcQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "metukim.xyz" }, "status": "pending", "expires": "2023-03-15T09:15:10Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/0wujUw", "token": "OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/xV_7xA", "token": "OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/L-i0dA", "token": "OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0" } ] } 2023-03-09 08:37:12,667:DEBUG:acme.client:Storing nonce: F977Uar6Un9ajJN05LpqGSHZg1Kw1MSzU8y_zwEHRFmGtcQ 2023-03-09 08:37:12,668:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-09 08:37:12,668:INFO:certbot._internal.auth_handler:http-01 challenge for metukim.xyz 2023-03-09 08:37:12,686:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-09 08:37:12,686:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-09 08:37:12,687:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-09 08:37:12,687:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-09 08:37:12,687:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-09 08:37:12,687:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-09 08:37:12,688:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-09 08:37:12,688:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-09 08:37:12,688:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-09 08:37:12,688:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-09 08:37:12,689:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-09 08:37:12,689:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-09 08:37:12,689:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-09 08:37:12,689:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-09 08:37:12,690:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-09 08:37:12,690:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-09 08:37:12,691:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-09 08:37:12,691:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-09 08:37:12,691:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-09 08:37:12,691:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-09 08:37:12,691:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-09 08:37:12,692:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-09 08:37:12,692:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-09 08:37:12,692:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-09 08:37:12,692:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-09 08:37:12,693:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-09 08:37:12,693:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-09 08:37:12,693:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-09 08:37:12,693:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-09 08:37:12,694:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-09 08:37:12,694:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-09 08:37:12,694:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-09 08:37:12,694:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-09 08:37:12,695:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-09 08:37:12,695:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-09 08:37:12,695:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-09 08:37:12,696:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server { listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-09 08:37:12,698:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/metukim: server { server_name metukim.xyz ; root /var/www/metukim ; index index.html index.htm index.nginx-debian.html ; location / { try_files $uri $uri/ =404 ; } listen [::]:443 ssl; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/metukim.xyz/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/metukim.xyz/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = metukim.xyz) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name metukim.xyz ; return 404; # managed by Certbot location = /.well-known/acme-challenge/OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0{default_type text/plain;return 200 OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } 2023-03-09 08:37:12,723:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-09 08:37:12,746:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-09 08:37:12,747:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-09 08:37:12,747:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-09 08:37:14,035:ERROR:certbot._internal.renewal:Failed to renew certificate metukim.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-09 08:37:14,037:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-09 08:37:14,038:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 08:37:14,038:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-09 08:37:14,038:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) 2023-03-09 08:37:14,038:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-09 08:37:14,039:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) /etc/letsencrypt/live/metukim.xyz/fullchain.pem (failure) 2023-03-09 08:37:14,039:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 08:37:14,039:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2023-03-09 08:37:14,040:ERROR:certbot._internal.log:2 renew failure(s), 0 parse failure(s) 2023-03-09 08:39:31,942:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-09 08:39:31,943:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-09 08:39:31,943:DEBUG:certbot._internal.main:Arguments: [] 2023-03-09 08:39:31,944:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-09 08:39:31,967:DEBUG:certbot._internal.log:Root logging level set at 20 2023-03-09 08:39:32,003:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-09 08:39:32,008:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-09 08:39:32,019:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-09 08:39:32,031:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 08:39:32,040:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 08:39:32,041:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-09 08:39:32,045:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-09 08:39:32,052:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-09 08:39:32,052:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-09 08:39:32,052:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 08:39:32,527:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 08:39:32,529:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 08:39:32,529:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-09 08:39:32,529:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-09 08:39:32,537:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-09 08:39:32,538:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-09 08:39:32,539:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-09 08:39:32,669:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-09 08:39:32,670:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 08:39:32 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "j54XkKNeJT4": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-09 08:39:32,671:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-09 08:39:32,840:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0109_key-certbot.pem 2023-03-09 08:39:32,843:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0109_csr-certbot.pem 2023-03-09 08:39:32,844:DEBUG:acme.client:Requesting fresh nonce 2023-03-09 08:39:32,844:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-09 08:39:32,888:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-09 08:39:32,889:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 08:39:32 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1AADfWv7XFXUZE8bNJQtZZz6TMig8TYOdCA0TbWlMm2ACKI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-09 08:39:32,890:DEBUG:acme.client:Storing nonce: 1AADfWv7XFXUZE8bNJQtZZz6TMig8TYOdCA0TbWlMm2ACKI 2023-03-09 08:39:32,890:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-09 08:39:32,892:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFBQURmV3Y3WEZYVVpFOGJOSlF0Wlp6NlRNaWc4VFlPZENBMFRiV2xNbTJBQ0tJIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "CI951-aY1C8lN1qQAcDImL3yLoHmNm9deI7Zt6I3IOBr_RpPotwfWu0-rMOFy3ZvQcXOh-XMC2IEmwJTUb-UupS0rYHwiD8h9oBGORfzb4YuV6WxYW-3U6Ry8iKBYLJRKKVZTcUMKNxRAY2PRRonnh-bXPcecQiVMWtX0cnfS67gcJ_w8mPnG-hdgZgyRpuHG4ZRbMB6HJblcVSgCYN56xyRcGzCVdCOTEHVV1nokoXFjfnWh4I5GGxCWwmjJufM32Ltq44a6a12ZLLLEjIMacEzTJoJ7JSfKIvXMFJpTtAAcOE0R3B1HZSVjUesM1ZKjSZjMo0PXqg6EyojWhGD9w", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-09 08:39:32,946:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-09 08:39:32,947:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 09 Mar 2023 08:39:32 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/168546479487 Replay-Nonce: C878nAipgym_5gaVy_RHnSayvX0k-lKMtBGSpuR8Qu8BEQE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-13T17:07:28Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/208713537227" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/168546479487" } 2023-03-09 08:39:32,947:DEBUG:acme.client:Storing nonce: C878nAipgym_5gaVy_RHnSayvX0k-lKMtBGSpuR8Qu8BEQE 2023-03-09 08:39:32,947:DEBUG:acme.client:JWS payload: b'' 2023-03-09 08:39:32,949:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/208713537227: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM4NzhuQWlwZ3ltXzVnYVZ5X1JIblNheXZYMGstbEtNdEJHU3B1UjhRdThCRVFFIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDg3MTM1MzcyMjcifQ", "signature": "0Xrmea18nHbc6cAurF73-oxll0HbdCWlHlUxW0OuxIImBFYHclfIOiU9XCEOw-OexPyZAG8Ruoct5q_Lddx4cO3hUb1zjTnB3yTIVC9h1mdp_eX-s2cY178Z_ApDT1UJjgO2PHPPFxVS0oP1Qrsqds3xxpzCNik4Lzn0g_WBcHL2wPdkkdcs614OSOyBkAjtwG4nFTxr65_lQqULCOE74SqaEMEnE0gyrDbcxMwBEQyZvI3lcm4F1_t1VNCPNSr26NltMzeolbwqTAyC3G4dCnJ5bXxHBbt0JwI35mHdPsNoxrBmM7nP2SVejJrUyyiAjptWvdbHu1E1dFJkm8TUkw", "payload": "" } 2023-03-09 08:39:32,994:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/208713537227 HTTP/1.1" 200 794 2023-03-09 08:39:32,995:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 08:39:32 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: C878o6jBbwnypZkRXPYlNk1at30jd7oUnxlKdbfv3e1dJjc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-13T17:07:28Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/_vYSRQ", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/oKirUA", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/0MevQw", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" } ] } 2023-03-09 08:39:32,995:DEBUG:acme.client:Storing nonce: C878o6jBbwnypZkRXPYlNk1at30jd7oUnxlKdbfv3e1dJjc 2023-03-09 08:39:32,996:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-09 08:39:32,996:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-09 08:39:33,017:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-09 08:39:33,018:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-09 08:39:33,019:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-09 08:39:33,019:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-09 08:39:33,020:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-09 08:39:33,020:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-09 08:39:33,020:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-09 08:39:33,020:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-09 08:39:33,020:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-09 08:39:33,021:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-09 08:39:33,021:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-09 08:39:33,021:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-09 08:39:33,021:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-09 08:39:33,021:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-09 08:39:33,022:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-09 08:39:33,022:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-09 08:39:33,022:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-09 08:39:33,022:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-09 08:39:33,022:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-09 08:39:33,023:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-09 08:39:33,023:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-09 08:39:33,023:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-09 08:39:33,023:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-09 08:39:33,024:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-09 08:39:33,024:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-09 08:39:33,024:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-09 08:39:33,024:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-09 08:39:33,024:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-09 08:39:33,025:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-09 08:39:33,025:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-09 08:39:33,025:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-09 08:39:33,025:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-09 08:39:33,025:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-09 08:39:33,026:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-09 08:39:33,026:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-09 08:39:33,026:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-09 08:39:33,027:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150{default_type text/plain;return 200 XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-09 08:39:33,054:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-09 08:39:33,079:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-09 08:39:33,080:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-09 08:39:33,080:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-09 08:39:34,383:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-09 08:39:34,389:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-09 08:39:34,390:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-09 08:39:34,406:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 08:39:34,412:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 08:39:34,413:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-09 08:39:34,415:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-09 08:39:34,416:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-09 08:39:34,417:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 08:39:34,418:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-09 08:39:34,418:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-09 08:39:34,427:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 08:39:34,432:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 08:39:34,433:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert4.pem is signed by the certificate's issuer. 2023-03-09 08:39:34,434:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert4.pem is: OCSPCertStatus.GOOD 2023-03-09 08:39:34,435:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-16 07:57:10 UTC. 2023-03-09 08:39:34,435:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-09 08:39:34,435:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 08:39:34,775:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 08:39:34,775:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 08:39:34,776:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-09 08:39:34,776:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-09 08:39:34,783:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-09 08:39:34,784:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-09 08:39:34,785:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-09 08:39:34,913:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-09 08:39:34,914:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 08:39:34 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "scHE_3L2HSQ": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2023-03-09 08:39:34,916:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for metukim.xyz 2023-03-09 08:39:35,074:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0110_key-certbot.pem 2023-03-09 08:39:35,077:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0110_csr-certbot.pem 2023-03-09 08:39:35,078:DEBUG:acme.client:Requesting fresh nonce 2023-03-09 08:39:35,078:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-09 08:39:35,120:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-09 08:39:35,121:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 08:39:35 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 15C9q3IEkfbuErz7ZKC2kBf7AdiXLNyucu1w_M8edGr8_l0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-09 08:39:35,121:DEBUG:acme.client:Storing nonce: 15C9q3IEkfbuErz7ZKC2kBf7AdiXLNyucu1w_M8edGr8_l0 2023-03-09 08:39:35,121:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "metukim.xyz"\n }\n ]\n}' 2023-03-09 08:39:35,123:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjE1QzlxM0lFa2ZidUVyejdaS0Mya0JmN0FkaVhMTnl1Y3Uxd19NOGVkR3I4X2wwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "QLjhGKd5xGrPTzN3BKqdBhH6VOzvF7T-V2d-gK2nxh_IOuCpwDR7L1ZzKsT4P_lSBKzATN-SyMwnnCpe_eZ_0WwVjl6B57BqIRIrf7D7ApyS6VGgYw0gH6XBlMsZIToJ2rp5tSRP8GL7c4Tu7YPQpW_3RR6MVLKSnQMp6flBRGXcRf82O6_ty7tX4sSoDO0Okm_GficEZruFGnrOYwlQ4cTVvza_i1HoUkexbtZWM9RweWY081MxWfPhLXjjyahMHqPXW5qqZ952F0Vpq_LOY2ej36-FkWkFADTf61o88GCcqJBvRqBm48cOrpONA5zz0ez9Vg6lGFBeGQ6ALBKRRA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm1ldHVraW0ueHl6IgogICAgfQogIF0KfQ" } 2023-03-09 08:39:35,199:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 336 2023-03-09 08:39:35,200:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 09 Mar 2023 08:39:35 GMT Content-Type: application/json Content-Length: 336 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/168868523197 Replay-Nonce: C878eTRUN3b4J-3oCtyssM4zSyQpRqxEkaLxGQJI7SkfFQw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-15T09:15:10Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/209163021837" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/168868523197" } 2023-03-09 08:39:35,200:DEBUG:acme.client:Storing nonce: C878eTRUN3b4J-3oCtyssM4zSyQpRqxEkaLxGQJI7SkfFQw 2023-03-09 08:39:35,200:DEBUG:acme.client:JWS payload: b'' 2023-03-09 08:39:35,202:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209163021837: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM4NzhlVFJVTjNiNEotM29DdHlzc000elN5UXBScXhFa2FMeEdRSkk3U2tmRlF3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDkxNjMwMjE4MzcifQ", "signature": "nHHzjvwciIjYxCZSmaHwqj89dk4xoZjJ0Um1oZEPIHw8UG9qdgCAbBparrBHYi0XdHvLyFAfyngzEIQYGAmr2qgu7_Kv_BNnMj6ilV60Dg0gU9AcuyzKWBzIImWsY0HADzltauc_998SIgNx3KxZOsSZk7dZttowryqr-of_hHVyqKGoo5OhyLNrmfeW-SqbcfMdJ0SxkdKgFUwxPCbgxyz29UpHkzT0wHsVEiCC0Kua4B8UVy1eJTdYHwjkVawVyYaU9x5-tQ0wKS7HSJ0vQtnjIVyx95yi-CsvtsPppvdIpg2hfwYCGnMoHlP1I34X3RsziRVjGvnYmlClxW9-8Q", "payload": "" } 2023-03-09 08:39:35,247:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209163021837 HTTP/1.1" 200 795 2023-03-09 08:39:35,247:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 08:39:35 GMT Content-Type: application/json Content-Length: 795 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: C878V978_PzilF_baav4jcPXnhl2go6-OOzGIsvgHK_D9sE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "metukim.xyz" }, "status": "pending", "expires": "2023-03-15T09:15:10Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/0wujUw", "token": "OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/xV_7xA", "token": "OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/L-i0dA", "token": "OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0" } ] } 2023-03-09 08:39:35,248:DEBUG:acme.client:Storing nonce: C878V978_PzilF_baav4jcPXnhl2go6-OOzGIsvgHK_D9sE 2023-03-09 08:39:35,248:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-09 08:39:35,249:INFO:certbot._internal.auth_handler:http-01 challenge for metukim.xyz 2023-03-09 08:39:35,267:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-09 08:39:35,268:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-09 08:39:35,268:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-09 08:39:35,268:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-09 08:39:35,269:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-09 08:39:35,269:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-09 08:39:35,269:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-09 08:39:35,269:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-09 08:39:35,270:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-09 08:39:35,270:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-09 08:39:35,270:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-09 08:39:35,270:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-09 08:39:35,271:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-09 08:39:35,271:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-09 08:39:35,271:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-09 08:39:35,271:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-09 08:39:35,272:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-09 08:39:35,272:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-09 08:39:35,272:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-09 08:39:35,272:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-09 08:39:35,272:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-09 08:39:35,273:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-09 08:39:35,273:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-09 08:39:35,273:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-09 08:39:35,273:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-09 08:39:35,274:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-09 08:39:35,274:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-09 08:39:35,274:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-09 08:39:35,274:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-09 08:39:35,275:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-09 08:39:35,275:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-09 08:39:35,275:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-09 08:39:35,275:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-09 08:39:35,275:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-09 08:39:35,276:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-09 08:39:35,276:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-09 08:39:35,277:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server { listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-09 08:39:35,278:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/metukim: server { server_name metukim.xyz ; root /var/www/metukim ; index index.html index.htm index.nginx-debian.html ; location / { try_files $uri $uri/ =404 ; } listen [::]:443 ssl; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/metukim.xyz/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/metukim.xyz/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = metukim.xyz) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name metukim.xyz ; return 404; # managed by Certbot location = /.well-known/acme-challenge/OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0{default_type text/plain;return 200 OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } 2023-03-09 08:39:35,303:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-09 08:39:35,328:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-09 08:39:35,329:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-09 08:39:35,329:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-09 08:39:36,637:ERROR:certbot._internal.renewal:Failed to renew certificate metukim.xyz with error: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-09 08:39:36,638:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1123, in perform self.restart() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 919, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 1200, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] "server_names_hash_bucket_size" directive is duplicate in /etc/nginx/conf.d/ssowat.conf:3 2023-03-09 08:39:36,638:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 08:39:36,639:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-09 08:39:36,639:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) 2023-03-09 08:39:36,639:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-09 08:39:36,639:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) /etc/letsencrypt/live/metukim.xyz/fullchain.pem (failure) 2023-03-09 08:39:36,639:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 08:39:36,639:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 2 renew failure(s), 0 parse failure(s) 2023-03-09 08:39:36,641:ERROR:certbot._internal.log:2 renew failure(s), 0 parse failure(s) 2023-03-09 09:06:58,632:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-09 09:06:58,632:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-09 09:06:58,632:DEBUG:certbot._internal.main:Arguments: [] 2023-03-09 09:06:58,632:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-09 09:06:58,648:DEBUG:certbot._internal.log:Root logging level set at 20 2023-03-09 09:06:58,663:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-09 09:06:58,666:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-09 09:06:58,675:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-09 09:06:58,685:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 09:06:58,692:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 09:06:58,693:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-09 09:06:58,696:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-09 09:06:58,702:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-09 09:06:58,702:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-09 09:06:58,702:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 09:06:59,106:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 09:06:59,108:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 09:06:59,108:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-09 09:06:59,108:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-09 09:06:59,116:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-09 09:06:59,117:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-09 09:06:59,119:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-09 09:06:59,248:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-09 09:06:59,249:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:06:59 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "ZWjE9xt0mHE": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-09 09:06:59,251:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-09 09:06:59,426:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0111_key-certbot.pem 2023-03-09 09:06:59,429:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0111_csr-certbot.pem 2023-03-09 09:06:59,430:DEBUG:acme.client:Requesting fresh nonce 2023-03-09 09:06:59,430:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-09 09:06:59,473:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-09 09:06:59,473:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:06:59 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1AADzxrDA6YEtxFnFeTQ9dFYOQFQy2l-6J-Of-fZ7kJoWjs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-09 09:06:59,474:DEBUG:acme.client:Storing nonce: 1AADzxrDA6YEtxFnFeTQ9dFYOQFQy2l-6J-Of-fZ7kJoWjs 2023-03-09 09:06:59,474:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-09 09:06:59,476:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFBQUR6eHJEQTZZRXR4Rm5GZVRROWRGWU9RRlF5MmwtNkotT2YtZlo3a0pvV2pzIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "UHy7i9SoPOwY14Dc6NjqdzF96PovtgSDdX6Z-zKUa8KGL7TSGgFLcCp8fOshQqWIaAKps3gwN4LnCaJ-yqgkiyjVdM6ryrdb1C3MV9azwjcnUDvJ1BT9NDLCJY_KHWNLuH2Cb_iFQwRWHTH-zrfnNwBbik-McKtWiCtitwxyqWNjko6H2DwtHZqg82HcT4wkMYxJWLJ8OFf3cXF19RwkjPXKlQYV9TAPwqANcO7eFUihXpAzdAaJiC0amQUhn28OxYESaQtNNdjs71n2msA36SwSw33RxpamTg2dO_J460iGoLxYQEyLVNLpnCr472o0dy1NQIcaCy6R_s3Tpak3zg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-09 09:06:59,527:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-09 09:06:59,528:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 09 Mar 2023 09:06:59 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/168546479487 Replay-Nonce: C878VzqQ-h-hVIMhyWUt4cEiFcj9HTtDgGQ_mFLW8APTjg0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-13T17:07:28Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/208713537227" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/168546479487" } 2023-03-09 09:06:59,528:DEBUG:acme.client:Storing nonce: C878VzqQ-h-hVIMhyWUt4cEiFcj9HTtDgGQ_mFLW8APTjg0 2023-03-09 09:06:59,528:DEBUG:acme.client:JWS payload: b'' 2023-03-09 09:06:59,529:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/208713537227: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM4NzhWenFRLWgtaFZJTWh5V1V0NGNFaUZjajlIVHREZ0dRX21GTFc4QVBUamcwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDg3MTM1MzcyMjcifQ", "signature": "mSZc-jFrqo5q0uVPcOIm9C5pl_f3ZbDebClfNDMY4QwKkhOYU4snyoA2gY66cPSTU_ZtahOi2UkhEI3ictcFrKJqCdt7AZQxbybPiE3B2bhHJ3ffptQNXS9k7kKmFKvc1zqMFBFgssY-sdlUV4uJCb3o2zl9F1VaJuzZ_K-2sgIZaYDEn8n8gJLUAj2tDJHqIgwSEjSqTfCgpN5Pcb2Ho3SoT9B_RS_Rnf_B-SAKwDgo7LHwf2COXHSWuMGffaqK_z4mLtfJw2kLBbzPU_gxKW4YwY59U5n_5pO-yi5x-MuSHxQrDSZOTqCfOzXsYZrmj39qI6RXkDt-6N6elZGXrQ", "payload": "" } 2023-03-09 09:06:59,575:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/208713537227 HTTP/1.1" 200 794 2023-03-09 09:06:59,576:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:06:59 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 15C9_g7LyYNG130xg9B-kQFt8swiPfidbxj9dExZHfQS7u0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-13T17:07:28Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/_vYSRQ", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/oKirUA", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/0MevQw", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" } ] } 2023-03-09 09:06:59,576:DEBUG:acme.client:Storing nonce: 15C9_g7LyYNG130xg9B-kQFt8swiPfidbxj9dExZHfQS7u0 2023-03-09 09:06:59,576:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-09 09:06:59,577:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-09 09:06:59,599:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-09 09:06:59,600:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-09 09:06:59,601:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-09 09:06:59,601:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-09 09:06:59,602:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-09 09:06:59,602:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-09 09:06:59,602:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-09 09:06:59,602:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-09 09:06:59,603:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-09 09:06:59,603:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-09 09:06:59,603:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-09 09:06:59,603:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-09 09:06:59,603:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-09 09:06:59,604:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-09 09:06:59,604:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-09 09:06:59,604:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-09 09:06:59,604:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-09 09:06:59,605:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-09 09:06:59,605:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-09 09:06:59,605:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-09 09:06:59,605:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-09 09:06:59,605:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-09 09:06:59,606:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-09 09:06:59,606:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-09 09:06:59,606:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-09 09:06:59,606:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-09 09:06:59,606:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-09 09:06:59,607:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-09 09:06:59,607:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-09 09:06:59,607:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-09 09:06:59,607:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-09 09:06:59,607:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-09 09:06:59,608:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-09 09:06:59,608:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-09 09:06:59,608:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-09 09:06:59,608:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-09 09:06:59,610:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150{default_type text/plain;return 200 XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-09 09:07:00,673:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-03-09 09:07:00,674:DEBUG:acme.client:JWS payload: b'{}' 2023-03-09 09:07:00,676:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/_vYSRQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjE1QzlfZzdMeVlORzEzMHhnOUIta1FGdDhzd2lQZmlkYnhqOWRFeFpIZlFTN3UwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yMDg3MTM1MzcyMjcvX3ZZU1JRIn0", "signature": "yoNkwnaW_w4zAgV1kWRzwBATxDZJZbWeeAuRo_8oDNX7nC-C2Rf_UpOEcTLIb_dPu39eJSfTlX_yjFUaqmR8KbXelTNCv-bYXq6ZWBB-6QwJJhiJ5ado-WEKn2y2qs5F5yiE67S2Pufl9cadAHmX5gbPA-ZqXVfgV_XuCvsLYatZliGpjj-dxg2n3weTaUlo08KU_250mdlRUhmYVu2PAheTQnPZHpzpYgai7RHihy5zYBEgLOGbwIARmZhuyEMDzm41Z7sYZVwfixr_eJiyA_67Pw7HxAAvjfQ-Mc0-Xws-8uGLQUznd3UKrNbI_Tfy2IZSbQSNociO1ua-AfHstQ", "payload": "e30" } 2023-03-09 09:07:00,724:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/208713537227/_vYSRQ HTTP/1.1" 200 187 2023-03-09 09:07:00,725:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:07:00 GMT Content-Type: application/json Content-Length: 187 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/_vYSRQ Replay-Nonce: C878a_4YDEaZAUUgU4f41p4cQmuEnS2YphEyhcm6I1zk41E X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/_vYSRQ", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150" } 2023-03-09 09:07:00,725:DEBUG:acme.client:Storing nonce: C878a_4YDEaZAUUgU4f41p4cQmuEnS2YphEyhcm6I1zk41E 2023-03-09 09:07:01,727:DEBUG:acme.client:JWS payload: b'' 2023-03-09 09:07:01,729:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/208713537227: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM4NzhhXzRZREVhWkFVVWdVNGY0MXA0Y1FtdUVuUzJZcGhFeWhjbTZJMXprNDFFIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDg3MTM1MzcyMjcifQ", "signature": "NKqs4JpSolq5lIxg9SfaoxMq7UTD3H3ETzJaMuOuHM7vuXbgYB-jpbg9RCUenKg5zgDB9vYrmCGsuvSLCDPFdUiDj04Xc_yWdBetJ1oxHj8w3BSBBxKPLGXPrS4AhDg-nY1o8xLGMSnYsuhHkGL0dLiX7akXfdtfcO0g7gaKWA_lb8A5I8XTk-v_65I1EBvR2Av9hQyvuYUCKzhFYQIWRDzZKlcVjI15Pf9xTw5Ys2iV0X8tvAKleEEUIHQHSaGwYmtUOtaaFRINKTGLuo2t_5m_3BoXpKSFLUxvmN_qHRcV9kmLI_JrQTZ6O3Nnq6FYS-yD8NAfETyCh8FY8igJsw", "payload": "" } 2023-03-09 09:07:01,777:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/208713537227 HTTP/1.1" 200 1484 2023-03-09 09:07:01,777:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:07:01 GMT Content-Type: application/json Content-Length: 1484 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1DFAmnbnYgUcYEz7dEBt0NgNvAZYMZ4FWYeLPO4n34OiWFM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "invalid", "expires": "2023-03-13T17:07:28Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150: 404", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/208713537227/_vYSRQ", "token": "XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150", "validationRecord": [ { "url": "http://dagoth.xyz/.well-known/acme-challenge/XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150", "hostname": "dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" }, { "url": "https://dagoth.xyz/.well-known/acme-challenge/XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150", "hostname": "dagoth.xyz", "port": "443", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-09T09:07:00Z" } ] } 2023-03-09 09:07:01,778:DEBUG:acme.client:Storing nonce: 1DFAmnbnYgUcYEz7dEBt0NgNvAZYMZ4FWYeLPO4n34OiWFM 2023-03-09 09:07:01,778:WARNING:certbot._internal.auth_handler:Challenge failed for domain dagoth.xyz 2023-03-09 09:07:01,778:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-09 09:07:01,779:DEBUG:certbot._internal.reporter:Reporting to user: The following errors were reported by the server: Domain: dagoth.xyz Type: unauthorized Detail: 2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/XXujs5054AXRCTJpHHWPLndL2VkURnbVzb2phjqz150: 404 To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. 2023-03-09 09:07:01,780:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-09 09:07:01,780:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-09 09:07:01,780:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-09 09:07:03,037:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: Some challenges have failed. 2023-03-09 09:07:03,042:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-09 09:07:03,042:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-09 09:07:03,053:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 09:07:03,059:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 09:07:03,061:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-09 09:07:03,062:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-09 09:07:03,063:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-09 09:07:03,064:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 09:07:03,064:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-09 09:07:03,065:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-09 09:07:03,071:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 09:07:03,075:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 09:07:03,076:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert4.pem is signed by the certificate's issuer. 2023-03-09 09:07:03,077:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert4.pem is: OCSPCertStatus.GOOD 2023-03-09 09:07:03,078:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-16 07:57:10 UTC. 2023-03-09 09:07:03,078:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-09 09:07:03,078:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 09:07:03,377:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 09:07:03,378:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 09:07:03,378:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-09 09:07:03,379:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-09 09:07:03,385:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-09 09:07:03,386:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-09 09:07:03,387:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-09 09:07:03,519:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-09 09:07:03,520:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:07:03 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "Lp7AUPTwzy4": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-09 09:07:03,522:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for metukim.xyz 2023-03-09 09:07:03,572:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0112_key-certbot.pem 2023-03-09 09:07:03,575:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0112_csr-certbot.pem 2023-03-09 09:07:03,576:DEBUG:acme.client:Requesting fresh nonce 2023-03-09 09:07:03,576:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-09 09:07:03,625:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-09 09:07:03,625:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:07:03 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 15C9l1vh9FPMMrJV4_BVAltMSoBcz6t4sqzh7-pZn9_iV18 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-09 09:07:03,625:DEBUG:acme.client:Storing nonce: 15C9l1vh9FPMMrJV4_BVAltMSoBcz6t4sqzh7-pZn9_iV18 2023-03-09 09:07:03,626:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "metukim.xyz"\n }\n ]\n}' 2023-03-09 09:07:03,627:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjE1QzlsMXZoOUZQTU1ySlY0X0JWQWx0TVNvQmN6NnQ0c3F6aDctcFpuOV9pVjE4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "xIF_7KuG00WzhTvfFZh2FYGe8wM4QUWCInXQaSffGuRzLpguHt0mI_34Xk651kfOhWmJiD5amfdHXs5k0fvsH-JnfNnDumQn81V0213Ugegm98MqEdBImojWK7r0Is5xLGtOh5uUO1sXrf6-ajz_MGK3Nwg-GwWpfHmc7wKh7sznuYSDkdYFjFgC0BKFJxptoDAqZdC6SoZs6aoKtauzmIUIKTnOJpYn-6j2m7awxSo49LDGSyaO4L36jM-1HVL-v0nm5dBzbHbtSgDzSnfab9nOtB2iw28SrUC0zfiiUTlo_80_Njtep1hq7WrpFiObedHIRCbdczZ-QaGDWKD6MQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm1ldHVraW0ueHl6IgogICAgfQogIF0KfQ" } 2023-03-09 09:07:03,678:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 336 2023-03-09 09:07:03,678:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 09 Mar 2023 09:07:03 GMT Content-Type: application/json Content-Length: 336 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/168868523197 Replay-Nonce: 15C9fusBc1F2OHW-ifQpPykCcP2p5Ypv_duEvgssOvH2-6I X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-15T09:15:10Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/209163021837" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/168868523197" } 2023-03-09 09:07:03,679:DEBUG:acme.client:Storing nonce: 15C9fusBc1F2OHW-ifQpPykCcP2p5Ypv_duEvgssOvH2-6I 2023-03-09 09:07:03,679:DEBUG:acme.client:JWS payload: b'' 2023-03-09 09:07:03,680:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209163021837: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjE1QzlmdXNCYzFGMk9IVy1pZlFwUHlrQ2NQMnA1WXB2X2R1RXZnc3NPdkgyLTZJIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDkxNjMwMjE4MzcifQ", "signature": "PRdoB3Ky-NmHLCAb-WnVBifSZzVMkty6CPlThuQ_u09hW6mHCyE_Ctl6GhHMyWPV7kEUf0nIMe4m2JB40lHysJKsLoiIcunFF7s1m4IvKhFOr1e1cqDX4GZ5LeexdfSTu2fpHvbmr4O_C19Oo23-BXO7gMOen4JXpJH2A60Jq093O6-Kg47T3caxylFFQk68b9olLkKGuDizmHDFGqjPlBpNgzz_NItsjcyiJg3ZfKD99j6KlADUWefbEygwHeufpnA8lxJhmuEPHCW_yH-linfanRKtEz7NsP9bwQvrNrtAylpqTZjQ-wPd0idnLDc0e7eCIih7InMlgqDrSu_0wQ", "payload": "" } 2023-03-09 09:07:03,726:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209163021837 HTTP/1.1" 200 795 2023-03-09 09:07:03,727:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:07:03 GMT Content-Type: application/json Content-Length: 795 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: C878Plcom9hd1_XuaUi0w4_gDGrYy0WIIfFhMo41Xce9rJU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "metukim.xyz" }, "status": "pending", "expires": "2023-03-15T09:15:10Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/0wujUw", "token": "OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/xV_7xA", "token": "OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/L-i0dA", "token": "OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0" } ] } 2023-03-09 09:07:03,727:DEBUG:acme.client:Storing nonce: C878Plcom9hd1_XuaUi0w4_gDGrYy0WIIfFhMo41Xce9rJU 2023-03-09 09:07:03,728:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-09 09:07:03,728:INFO:certbot._internal.auth_handler:http-01 challenge for metukim.xyz 2023-03-09 09:07:03,746:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-09 09:07:03,747:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-09 09:07:03,748:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-09 09:07:03,748:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-09 09:07:03,748:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-09 09:07:03,748:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-09 09:07:03,748:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-09 09:07:03,749:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-09 09:07:03,749:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-09 09:07:03,749:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-09 09:07:03,749:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-09 09:07:03,750:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-09 09:07:03,750:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-09 09:07:03,750:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-09 09:07:03,750:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-09 09:07:03,751:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-09 09:07:03,751:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-09 09:07:03,751:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-09 09:07:03,751:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-09 09:07:03,751:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-09 09:07:03,752:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-09 09:07:03,752:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-09 09:07:03,752:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-09 09:07:03,752:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-09 09:07:03,753:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-09 09:07:03,753:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-09 09:07:03,753:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-09 09:07:03,753:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-09 09:07:03,753:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-09 09:07:03,754:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-09 09:07:03,754:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-09 09:07:03,754:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-09 09:07:03,754:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-09 09:07:03,755:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-09 09:07:03,755:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-09 09:07:03,755:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-09 09:07:03,756:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server { listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-09 09:07:03,757:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/metukim: server { server_name metukim.xyz ; root /var/www/metukim ; index index.html index.htm index.nginx-debian.html ; location / { try_files $uri $uri/ =404 ; } listen [::]:443 ssl; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/metukim.xyz/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/metukim.xyz/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = metukim.xyz) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name metukim.xyz ; return 404; # managed by Certbot location = /.well-known/acme-challenge/OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0{default_type text/plain;return 200 OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } 2023-03-09 09:07:04,808:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-03-09 09:07:04,809:DEBUG:acme.client:JWS payload: b'{}' 2023-03-09 09:07:04,811:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/0wujUw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM4NzhQbGNvbTloZDFfWHVhVWkwdzRfZ0RHcll5MFdJSWZGaE1vNDFYY2U5ckpVIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yMDkxNjMwMjE4MzcvMHd1alV3In0", "signature": "LYGbQBIuSXnvFVjPeTvmksym2F1pQLadWHVeXJ4JKeJZTawd8STmjNNVsXRnvj_7yCdkbVjb7jAGXgLM88ZqtNho7ygLmagzeSJgDCFlGpA4WkA7xkC0c5CZlxYzCDCAJZxn9YPrUsgkXnhgaU4sLMrad4tfLlctYSodjjwQcNxoh_4ZCdqq8Ym9_7J3SPrDUF63lkRN9rAL-9LYSbYnLITh5Jh65XP-jbXlQLRM-8G-s3lW0_HpuTCuC_k_3xKXpKA39CBSWY3QVi218DvUJRR9an_7LGltTVasqqeUOpCN77F9k9qVgBVWx3FJiySQcr1ZPCEE_DupxuCPEhAdQQ", "payload": "e30" } 2023-03-09 09:07:04,862:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/209163021837/0wujUw HTTP/1.1" 200 187 2023-03-09 09:07:04,863:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:07:04 GMT Content-Type: application/json Content-Length: 187 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/0wujUw Replay-Nonce: 1DFAJYNyCyczUHRx2ElK8e-B10ZAe9114nkq9xrQG2gYrZE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/0wujUw", "token": "OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0" } 2023-03-09 09:07:04,863:DEBUG:acme.client:Storing nonce: 1DFAJYNyCyczUHRx2ElK8e-B10ZAe9114nkq9xrQG2gYrZE 2023-03-09 09:07:05,865:DEBUG:acme.client:JWS payload: b'' 2023-03-09 09:07:05,867:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209163021837: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFERkFKWU55Q3ljelVIUngyRWxLOGUtQjEwWkFlOTExNG5rcTl4clFHMmdZclpFIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDkxNjMwMjE4MzcifQ", "signature": "eyoZtRauU34bFFf0hCqwPnU7-lVCwsLdVnNPgz8qtOlI6J7RA36J6u8Y7i0fxSEBODCwHYjZKtz2aXRDkAfycAKi9XQpoGu-UBdwfLFvF765BDPtB8676oywBwzQv3507imA4TbX332f6zQrAlavj_Re79h8Jo-z3AT3gWK17o4U27Vn0-t2FJZ4_-jdObZWyMp0yhkRsjbeHNTG_9ziLm_JaChIl4GgUIc8HhaC25VijObadJL8zpnOiXmoN4WFxZZhFQg8ykeak_G9lZg6mNa5Ykmd9dcf01nSayQgsA7IsLI-XeO51f-8vpvXRtB7l8Q1Ry3ZdBQJmb_AZDmmkg", "payload": "" } 2023-03-09 09:07:05,922:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209163021837 HTTP/1.1" 200 821 2023-03-09 09:07:05,923:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:07:05 GMT Content-Type: application/json Content-Length: 821 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1DFA9kzojvcU_E62-Vk8ni5q6NFVV23tThxkOuQEKYATchA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "metukim.xyz" }, "status": "valid", "expires": "2023-04-08T09:07:05Z", "challenges": [ { "type": "http-01", "status": "valid", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209163021837/0wujUw", "token": "OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0", "validationRecord": [ { "url": "http://metukim.xyz/.well-known/acme-challenge/OV5JKo3Ov_KDI380pMs941urHkCWggEBJzE2R_FKAo0", "hostname": "metukim.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-09T09:07:04Z" } ] } 2023-03-09 09:07:05,923:DEBUG:acme.client:Storing nonce: 1DFA9kzojvcU_E62-Vk8ni5q6NFVV23tThxkOuQEKYATchA 2023-03-09 09:07:05,924:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-09 09:07:05,924:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-09 09:07:07,201:DEBUG:certbot._internal.client:CSR: CSR(file='/etc/letsencrypt/csr/0112_csr-certbot.pem', data=b'-----BEGIN CERTIFICATE REQUEST-----\nMIICbjCCAVYCAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALo3\nSIhb7vrJ5Q8xtNyKQJI/nbIrV/JNhCrBMIkuX6l7idJpVirKCDlvdgo7cwriXq3U\n/6cx8IobCCzp7bJaI58mUbjNhSqvyNxVtdnNdD6J6BKW7lt3+xTG7YsIwVhsemWa\np7XiXresZCdHgHyqWv7ICcFOUdJEqPNi9EqCg1sOTbL6BRXVJxBgkiYs3eT3DALd\ncXjOKloAT6vyTA3AGeCBtdP84iuwN90sZunNpnP5rIz7sCUmwxNN3pLpp2rOk/eC\ne0S+knyvIgfAd7n1DxGIFdqgOZ7cYUDFAY7X11jOwwXijqIv7Wv/8zTalZNIUz8B\nAdByLbb41EL0uTGq1rkCAwEAAaApMCcGCSqGSIb3DQEJDjEaMBgwFgYDVR0RBA8w\nDYILbWV0dWtpbS54eXowDQYJKoZIhvcNAQELBQADggEBABPVZk5ixrJ1XERllgdI\nBaTk4fuCoPQPBcSmU3XyNV5DauKk0t4KPgptGpm85cufPlB5xxN9SoH3lV/Xq5cU\nrzcqWkavyNm4H8A+nejCC40gpXRLBlgJph/qa1PpObdstRIDbjBBoDenBJ1MY44S\nvJglBxMBPlZZsdUL8B6eEEtOhAjCVAKeoHtGCLDDETvJHhLEmEDV0y2Hakmi86b8\nGOE76V0JtRz5xO/yrSC44bllD7opSooaoMK2cFO70BTN/eL4iheI6qXiQKQGRRYI\n0Me2rBRyILrcLPX8bvnuxBuRZeVXAeYnFnZ08ISV1FukKxdBrSi9NW9I0MAOqjPN\nRkI=\n-----END CERTIFICATE REQUEST-----\n', form='pem') 2023-03-09 09:07:07,203:DEBUG:acme.client:JWS payload: b'{\n "csr": "MIICbjCCAVYCAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALo3SIhb7vrJ5Q8xtNyKQJI_nbIrV_JNhCrBMIkuX6l7idJpVirKCDlvdgo7cwriXq3U_6cx8IobCCzp7bJaI58mUbjNhSqvyNxVtdnNdD6J6BKW7lt3-xTG7YsIwVhsemWap7XiXresZCdHgHyqWv7ICcFOUdJEqPNi9EqCg1sOTbL6BRXVJxBgkiYs3eT3DALdcXjOKloAT6vyTA3AGeCBtdP84iuwN90sZunNpnP5rIz7sCUmwxNN3pLpp2rOk_eCe0S-knyvIgfAd7n1DxGIFdqgOZ7cYUDFAY7X11jOwwXijqIv7Wv_8zTalZNIUz8BAdByLbb41EL0uTGq1rkCAwEAAaApMCcGCSqGSIb3DQEJDjEaMBgwFgYDVR0RBA8wDYILbWV0dWtpbS54eXowDQYJKoZIhvcNAQELBQADggEBABPVZk5ixrJ1XERllgdIBaTk4fuCoPQPBcSmU3XyNV5DauKk0t4KPgptGpm85cufPlB5xxN9SoH3lV_Xq5cUrzcqWkavyNm4H8A-nejCC40gpXRLBlgJph_qa1PpObdstRIDbjBBoDenBJ1MY44SvJglBxMBPlZZsdUL8B6eEEtOhAjCVAKeoHtGCLDDETvJHhLEmEDV0y2Hakmi86b8GOE76V0JtRz5xO_yrSC44bllD7opSooaoMK2cFO70BTN_eL4iheI6qXiQKQGRRYI0Me2rBRyILrcLPX8bvnuxBuRZeVXAeYnFnZ08ISV1FukKxdBrSi9NW9I0MAOqjPNRkI"\n}' 2023-03-09 09:07:07,205:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/168868523197: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFERkE5a3pvanZjVV9FNjItVms4bmk1cTZORlZWMjN0VGh4a091UUVLWUFUY2hBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9maW5hbGl6ZS80OTUwMDYzNzAvMTY4ODY4NTIzMTk3In0", "signature": "jECJVoSgpwvhs7ZsSzEG3AIOI9fVFIS7-7BDf3JBDPyihaUXCuoGlbZ_gRIbE3XJ6kYOvW3l17MOpPolDGHa1Y97tIO8_XgqPyUF2LNYeYOAIFEGShleC8cY71vDI0A9W7cZD2xRX1sGvBCzMXDow-Meg81qJKajDL02GFA1zR3SuhJekoLyIrrO-Z3yb-OfhGRxLwnb1PybftejLKClsUl4ogMfWRLu72mSEVW5PZ_jA3cBSad-GyVj8n1nTD3Ga6v6V3xg_WxIYIZFfpUPQ015Vj7ielL2jKHjvcGGTPo9BnkVoIdQlRXSk0cYFLxyzbwb0hpC-0zHLqfIP3BYSw", "payload": "ewogICJjc3IiOiAiTUlJQ2JqQ0NBVllDQVFJd0FEQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQUxvM1NJaGI3dnJKNVE4eHROeUtRSklfbmJJclZfSk5oQ3JCTUlrdVg2bDdpZEpwVmlyS0NEbHZkZ283Y3dyaVhxM1VfNmN4OElvYkNDenA3YkphSTU4bVViak5oU3F2eU54VnRkbk5kRDZKNkJLVzdsdDMteFRHN1lzSXdWaHNlbVdhcDdYaVhyZXNaQ2RIZ0h5cVd2N0lDY0ZPVWRKRXFQTmk5RXFDZzFzT1RiTDZCUlhWSnhCZ2tpWXMzZVQzREFMZGNYak9LbG9BVDZ2eVRBM0FHZUNCdGRQODRpdXdOOTBzWnVuTnBuUDVySXo3c0NVbXd4Tk4zcExwcDJyT2tfZUNlMFMta255dklnZkFkN24xRHhHSUZkcWdPWjdjWVVERkFZN1gxMWpPd3dYaWpxSXY3V3ZfOHpUYWxaTklVejhCQWRCeUxiYjQxRUwwdVRHcTFya0NBd0VBQWFBcE1DY0dDU3FHU0liM0RRRUpEakVhTUJnd0ZnWURWUjBSQkE4d0RZSUxiV1YwZFd0cGJTNTRlWG93RFFZSktvWklodmNOQVFFTEJRQURnZ0VCQUJQVlprNWl4ckoxWEVSbGxnZElCYVRrNGZ1Q29QUVBCY1NtVTNYeU5WNURhdUtrMHQ0S1BncHRHcG04NWN1ZlBsQjV4eE45U29IM2xWX1hxNWNVcnpjcVdrYXZ5Tm00SDhBLW5lakNDNDBncFhSTEJsZ0pwaF9xYTFQcE9iZHN0UklEYmpCQm9EZW5CSjFNWTQ0U3ZKZ2xCeE1CUGxaWnNkVUw4QjZlRUV0T2hBakNWQUtlb0h0R0NMRERFVHZKSGhMRW1FRFYweTJIYWttaTg2YjhHT0U3NlYwSnRSejV4T195clNDNDRibGxEN29wU29vYW9NSzJjRk83MEJUTl9lTDRpaGVJNnFYaVFLUUdSUllJME1lMnJCUnlJTHJjTFBYOGJ2bnV4QnVSWmVWWEFlWW5GblowOElTVjFGdWtLeGRCclNpOU5XOUkwTUFPcWpQTlJrSSIKfQ" } 2023-03-09 09:07:07,843:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/finalize/495006370/168868523197 HTTP/1.1" 200 438 2023-03-09 09:07:07,844:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:07:07 GMT Content-Type: application/json Content-Length: 438 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/168868523197 Replay-Nonce: 1AADmo-2ZsAPY7F8cTM2no9Ru7B5_85PIC5R2ZPePDv1x-Q X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "valid", "expires": "2023-03-15T09:15:10Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/209163021837" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/168868523197", "certificate": "https://acme-v02.api.letsencrypt.org/acme/cert/041c5330c90a111106669ba0d866ed175fbd" } 2023-03-09 09:07:07,844:DEBUG:acme.client:Storing nonce: 1AADmo-2ZsAPY7F8cTM2no9Ru7B5_85PIC5R2ZPePDv1x-Q 2023-03-09 09:07:08,845:DEBUG:acme.client:JWS payload: b'' 2023-03-09 09:07:08,847:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/order/495006370/168868523197: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFBQURtby0yWnNBUFk3RjhjVE0ybm85UnU3QjVfODVQSUM1UjJaUGVQRHYxeC1RIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9vcmRlci80OTUwMDYzNzAvMTY4ODY4NTIzMTk3In0", "signature": "W4ua71lKTozZaqd-aEkt9jNX5oAiL1piPibWscWlPPJb5oDrHsFM5SOlNCePFagFqMFGVr_9kityaz4r56SlZQkJMlRyXvmxrao363bw5rEGWZjYecIy3kaAHsqJnjHc2_B88SCDokZJ7yCzRxFCZZIVzC4qi4mp1F81EeS7hRty-XUX8Kp8QYUKfjKhmmcySAdKKrwBLIHcxBKkUXgRpwnyUt1YALVxQsvaeOpc1ZTrxId5OivVIoAyiAL-OkxhREFfkkKID3SJtghI1IdfpmUGTYJLxDE6xSVxTsuRA0ae71904417O4ebtmNWb6q0gW7_dNEduYvBcdy6bbUMZQ", "payload": "" } 2023-03-09 09:07:08,896:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/order/495006370/168868523197 HTTP/1.1" 200 438 2023-03-09 09:07:08,897:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:07:08 GMT Content-Type: application/json Content-Length: 438 Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: C878D-HF3igweFhMMRSveg8ozp0RvCLf4fvctJRDNPTrZok X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "valid", "expires": "2023-03-15T09:15:10Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/209163021837" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/168868523197", "certificate": "https://acme-v02.api.letsencrypt.org/acme/cert/041c5330c90a111106669ba0d866ed175fbd" } 2023-03-09 09:07:08,897:DEBUG:acme.client:Storing nonce: C878D-HF3igweFhMMRSveg8ozp0RvCLf4fvctJRDNPTrZok 2023-03-09 09:07:08,897:DEBUG:acme.client:JWS payload: b'' 2023-03-09 09:07:08,899:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/cert/041c5330c90a111106669ba0d866ed175fbd: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM4NzhELUhGM2lnd2VGaE1NUlN2ZWc4b3pwMFJ2Q0xmNGZ2Y3RKUkROUFRyWm9rIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jZXJ0LzA0MWM1MzMwYzkwYTExMTEwNjY2OWJhMGQ4NjZlZDE3NWZiZCJ9", "signature": "f4vTNM2BjITW8OrzjDaT3Bu4-oXO2GCFOrAZu1vUEIChZN4a9d0dOy48JXddMYk21L0ZnLWHj_08bJTAYdGhhaPTj8HmiUgjtJqPanpdG5UgZjSzpteYvkmH7I8tOdn1SD9x17eZYPbzElMW_arW7CPPplLSEW4LV-cJO4DKxbhwYNXrPrLaXo3Au278y-jhazdpBQVQWM-xtCb1K_-EIehZIHWa2I54e-hPYcmZp4ojN3q5igkUwJYq5NF5VdaKK4jAPwTLKPlUODJNvBp6kwhdSoJKvdsyOx0A7tdi_e5_Fl6DHdNx_Bq-JsRf9s7K_p2lCZAn7TOeb6Br4dYSnQ", "payload": "" } 2023-03-09 09:07:08,947:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/cert/041c5330c90a111106669ba0d866ed175fbd HTTP/1.1" 200 5585 2023-03-09 09:07:08,947:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:07:08 GMT Content-Type: application/pem-certificate-chain Content-Length: 5585 Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="alternate" Replay-Nonce: C878bJCa0GJrTY9sHRXiXOLs2NYlmsffJmKx2AqqU_QY3As X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 -----BEGIN CERTIFICATE----- MIIFHDCCBASgAwIBAgISBBxTMMkKEREGZpug2GbtF1+9MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzAzMDkwODA3MDdaFw0yMzA2MDcwODA3MDZaMBYxFDASBgNVBAMT C21ldHVraW0ueHl6MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujdI iFvu+snlDzG03IpAkj+dsitX8k2EKsEwiS5fqXuJ0mlWKsoIOW92CjtzCuJerdT/ pzHwihsILOntslojnyZRuM2FKq/I3FW12c10PonoEpbuW3f7FMbtiwjBWGx6ZZqn teJet6xkJ0eAfKpa/sgJwU5R0kSo82L0SoKDWw5NsvoFFdUnEGCSJizd5PcMAt1x eM4qWgBPq/JMDcAZ4IG10/ziK7A33Sxm6c2mc/msjPuwJSbDE03ekumnas6T94J7 RL6SfK8iB8B3ufUPEYgV2qA5ntxhQMUBjtfXWM7DBeKOoi/ta//zNNqVk0hTPwEB 0HIttvjUQvS5MarWuQIDAQABo4ICRjCCAkIwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBQ5XVuXrZUoDrmsScGm9agWUGwWrTAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDm H6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5v LmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzAW BgNVHREEDzANggttZXR1a2ltLnh5ejBMBgNVHSAERTBDMAgGBmeBDAECATA3Bgsr BgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0 Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2ALc++yTfnE26dfI5xbpY9Gxd /ELPep81xJ4dCYEl7bSZAAABhsWfxHoAAAQDAEcwRQIhAKujA4n+EEfbJQy/VudN pGGmIONg4ziDHw9h4JQ28FkDAiBLmg43qCBjegu4NNNXs5F7N5+kLkwGw95Ou2O1 U3kEPAB2AK33vvp8/xDIi509nB4+GGq0Zyldz7EMJMqFhjTr3IKKAAABhsWfxLAA AAQDAEcwRQIgeOjnGjbTQU3qA8xwqMKwiTs00F4Fau+4mZwV3TJd8KMCIQD9Ogoy TUxdGLZ4TiJA83doJRz2f0OOUZ5qdAy/o/2jDjANBgkqhkiG9w0BAQsFAAOCAQEA pGlhXxpyM2xzxKtLmXIPPtG75+yRc5LvrSVRvJhZ9O2AFH3zG/5gwmAGf23IpA8x mHfE+AIUTMU7YyIOX5rjXB276LB1nMsMcoPIZvuQNwAbzz7iSUucy9zc4yq3SY/w Q1RgDTrPVpXK8wrWHu+kFnLcqAznbE4ERrWw3wvWR9n9ALMGV0Na6fOxFkSGSRk+ BSq2n14HzsxCsJhpdligS6A95iwuMQceoEC4utLqpggmT6aXuS8qS6UpFwGOPPc/ Y2lWbbe051gTtsI4KOS0wC19t66c0Y+wZuG/jGBmiEWK5PqkL3n3uU8SXjVraxVu GrRW17MNKlCyqcxJZRS7oA== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG /kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4 avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2 yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+ HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX nLRbwHOoq7hHwg== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/ MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK 4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5 bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4 FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1 c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx +tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC 5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW 9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5 -----END CERTIFICATE----- 2023-03-09 09:07:08,948:DEBUG:acme.client:Storing nonce: C878bJCa0GJrTY9sHRXiXOLs2NYlmsffJmKx2AqqU_QY3As 2023-03-09 09:07:08,950:DEBUG:certbot._internal.storage:Writing new private key to /etc/letsencrypt/archive/metukim.xyz/privkey5.pem. 2023-03-09 09:07:08,951:DEBUG:certbot._internal.storage:Writing certificate to /etc/letsencrypt/archive/metukim.xyz/cert5.pem. 2023-03-09 09:07:08,951:DEBUG:certbot._internal.storage:Writing chain to /etc/letsencrypt/archive/metukim.xyz/chain5.pem. 2023-03-09 09:07:08,951:DEBUG:certbot._internal.storage:Writing full chain to /etc/letsencrypt/archive/metukim.xyz/fullchain5.pem. 2023-03-09 09:07:08,953:DEBUG:certbot._internal.storage:Writing new config /etc/letsencrypt/renewal/metukim.xyz.conf.new. 2023-03-09 09:07:10,001:DEBUG:certbot.display.util:Notifying user: new certificate deployed with reload of nginx server; fullchain is /etc/letsencrypt/live/metukim.xyz/fullchain.pem 2023-03-09 09:07:10,002:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 09:07:10,002:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 09:07:10,002:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 09:07:10,003:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-09 09:07:10,003:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) 2023-03-09 09:07:10,003:DEBUG:certbot.display.util:Notifying user: The following renewals succeeded: 2023-03-09 09:07:10,003:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/metukim.xyz/fullchain.pem (success) 2023-03-09 09:07:10,003:ERROR:certbot._internal.renewal:The following renewals failed: 2023-03-09 09:07:10,003:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) 2023-03-09 09:07:10,003:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 09:07:10,003:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 1 renew failure(s), 0 parse failure(s) 2023-03-09 09:07:10,004:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s) 2023-03-09 09:23:01,675:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-09 09:23:01,675:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-09 09:23:01,675:DEBUG:certbot._internal.main:Arguments: [] 2023-03-09 09:23:01,675:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-09 09:23:01,688:DEBUG:certbot._internal.log:Root logging level set at 20 2023-03-09 09:23:01,704:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-09 09:23:01,707:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-09 09:23:01,716:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-09 09:23:01,726:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 09:23:01,737:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 09:23:01,738:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-09 09:23:01,742:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-09 09:23:01,748:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-09 09:23:01,748:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-09 09:23:01,748:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 09:23:02,189:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 09:23:02,192:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 09:23:02,192:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-09 09:23:02,192:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-09 09:23:02,200:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-09 09:23:02,201:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-09 09:23:02,203:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-09 09:23:02,336:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-09 09:23:02,337:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:23:02 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "GcO3FVp4OW8": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-09 09:23:02,339:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-09 09:23:02,421:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0113_key-certbot.pem 2023-03-09 09:23:02,424:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0113_csr-certbot.pem 2023-03-09 09:23:02,425:DEBUG:acme.client:Requesting fresh nonce 2023-03-09 09:23:02,425:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-09 09:23:02,469:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-09 09:23:02,469:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:23:02 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: C878F279hPVBV0F1v3bIV8Vc86iYnjsj4_o0_sFDJhe2vBg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-09 09:23:02,469:DEBUG:acme.client:Storing nonce: C878F279hPVBV0F1v3bIV8Vc86iYnjsj4_o0_sFDJhe2vBg 2023-03-09 09:23:02,470:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-09 09:23:02,473:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM4NzhGMjc5aFBWQlYwRjF2M2JJVjhWYzg2aVluanNqNF9vMF9zRkRKaGUydkJnIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "ggpK65R6ll_FclhWkrJcckWoYTlBnxGFM4H0kOlv-p-qkdttR_Uyhdvxegf6kOqz6tI0KWtWpoxDUtmY02MRKs6VBinu9Tb3Xoi9YzpKLImjj8rKpB0kR4W8WEvSu1bQpvJE264MA2QeZT3SLMh6em6qvp2DdqY0ciqsS9AxWoha_SR6datzunZkruGqPQQCr8JyDuHeuX_S4X26P8LHUuWyyE7Q8npoI3LtzeTX9Lwi6biw1JryjuS0oJH1O34BYvTL20UuL1lMIQceRjbj-oMfJLFtgtIHwDtWFfsL42En9ELjxbG_TGuXMp0L-t_8CwsWmDLPWCXcvtzjlJa1JA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-09 09:23:02,671:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-09 09:23:02,671:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 09 Mar 2023 09:23:02 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/169058567477 Replay-Nonce: 1DFAEY5LTEwGHtj-HVL5dx_6DCCohQiTKJvoY5YqdaFABQE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-16T09:23:02Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/209428464787" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/169058567477" } 2023-03-09 09:23:02,672:DEBUG:acme.client:Storing nonce: 1DFAEY5LTEwGHtj-HVL5dx_6DCCohQiTKJvoY5YqdaFABQE 2023-03-09 09:23:02,672:DEBUG:acme.client:JWS payload: b'' 2023-03-09 09:23:02,674:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209428464787: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFERkFFWTVMVEV3R0h0ai1IVkw1ZHhfNkRDQ29oUWlUS0p2b1k1WXFkYUZBQlFFIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk0Mjg0NjQ3ODcifQ", "signature": "RO8KGv_U9URU1SGeqtDm--n6v_-8Wmvs7YQc35QJ1F7lW3zZJBJmvvN8gGNF4t6mYuFaOBTd2UlpPLaxRgkzCEGBSBeKT2KEe0T5Ox6rPNv__zD09vmLpRjza11rEQTDwRScLNIQrCfsZoBVgXMi8E9qTbJ5bUWQiuthC0A64NYRCP_YzLV7K6C04t70gk_8q21vMSTzJPFo8mTNrYAcLhZ6FkwGCW1bi9VT3WXolDRD1buM1quHk8fArjTEA9lUC2AklexT5SHcn7REZxWI_bx91Iomn2mXyTJK6Zv9xV3itmFnrJJgzeqneUEkhKMwKeD_3UEw3sdOgn0Oh_khEw", "payload": "" } 2023-03-09 09:23:02,722:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209428464787 HTTP/1.1" 200 794 2023-03-09 09:23:02,723:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:23:02 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1DFA2lZgQnBUZn6sFZU5x_6SIKdZaCQU6kTZU9JHZX6uVp0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-16T09:23:02Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209428464787/dyZcoA", "token": "VKv5s1xUez1LANX-83F9okiYiIvsXyOrkdL0MPPthRE" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209428464787/0SLTyA", "token": "VKv5s1xUez1LANX-83F9okiYiIvsXyOrkdL0MPPthRE" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209428464787/2MsjHw", "token": "VKv5s1xUez1LANX-83F9okiYiIvsXyOrkdL0MPPthRE" } ] } 2023-03-09 09:23:02,723:DEBUG:acme.client:Storing nonce: 1DFA2lZgQnBUZn6sFZU5x_6SIKdZaCQU6kTZU9JHZX6uVp0 2023-03-09 09:23:02,724:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-09 09:23:02,724:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-09 09:23:02,745:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-09 09:23:02,746:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-09 09:23:02,747:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-09 09:23:02,747:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-09 09:23:02,747:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-09 09:23:02,747:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-09 09:23:02,748:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-09 09:23:02,748:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-09 09:23:02,748:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-09 09:23:02,749:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-09 09:23:02,749:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-09 09:23:02,749:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-09 09:23:02,749:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-09 09:23:02,750:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-09 09:23:02,750:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-09 09:23:02,750:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-09 09:23:02,750:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-09 09:23:02,751:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-09 09:23:02,751:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-09 09:23:02,751:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-09 09:23:02,751:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-09 09:23:02,752:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-09 09:23:02,752:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-09 09:23:02,752:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-09 09:23:02,752:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-09 09:23:02,753:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-09 09:23:02,753:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-09 09:23:02,753:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-09 09:23:02,753:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-09 09:23:02,754:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-09 09:23:02,754:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-09 09:23:02,754:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-09 09:23:02,754:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-09 09:23:02,755:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-09 09:23:02,755:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-09 09:23:02,755:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-09 09:23:02,756:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/VKv5s1xUez1LANX-83F9okiYiIvsXyOrkdL0MPPthRE{default_type text/plain;return 200 VKv5s1xUez1LANX-83F9okiYiIvsXyOrkdL0MPPthRE.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-09 09:23:03,813:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-03-09 09:23:03,814:DEBUG:acme.client:JWS payload: b'{}' 2023-03-09 09:23:03,816:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/209428464787/dyZcoA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFERkEybFpnUW5CVVpuNnNGWlU1eF82U0lLZFphQ1FVNmtUWlU5SkhaWDZ1VnAwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yMDk0Mjg0NjQ3ODcvZHlaY29BIn0", "signature": "qHUC7URK9NunNemetpt9Ra8N8o1eKEpsGjC05CP5GlmRX-Dxso2vCdtpM4L_Sj-cAp9kXpk-1eb-hZMzaG8V0kN1ysPLNcir8VrT8P-ETl8Yu8q2E7V6zWIy5QwPbvNc9BjQ6dpbO9j-f7smcfU8ByOnsfmKXlQm0vkDqf_6Y8X-RDzAYW3p_Q7nlXAR46NGRJYvYRaRFdlUACKP04Z2gMe6Bzd1X6-sUHZMPb1PzCvmPIlxYRgNPyziWyZ9BmhfwkDJb6yhXTCMsu76DyYwGzqBuiVyHIJTIixdmHO6cyUOjRKwItoaoIRI2yBBSkuRsFaivwtG3A9JwmWVHUdQXg", "payload": "e30" } 2023-03-09 09:23:03,866:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/209428464787/dyZcoA HTTP/1.1" 200 187 2023-03-09 09:23:03,867:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:23:03 GMT Content-Type: application/json Content-Length: 187 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/209428464787/dyZcoA Replay-Nonce: 1AADOKyAZf19sAh9tf56uKSypoYb7JqZJL0XHSJZCS2E-JM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209428464787/dyZcoA", "token": "VKv5s1xUez1LANX-83F9okiYiIvsXyOrkdL0MPPthRE" } 2023-03-09 09:23:03,867:DEBUG:acme.client:Storing nonce: 1AADOKyAZf19sAh9tf56uKSypoYb7JqZJL0XHSJZCS2E-JM 2023-03-09 09:23:04,869:DEBUG:acme.client:JWS payload: b'' 2023-03-09 09:23:04,871:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209428464787: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFBQURPS3lBWmYxOXNBaDl0ZjU2dUtTeXBvWWI3SnFaSkwwWEhTSlpDUzJFLUpNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk0Mjg0NjQ3ODcifQ", "signature": "Dh5GGjT0VSXcp7N22548UdYAVXf-94QEe5nPcN8NDnT5PLEQnJe7bvgJsXAjdlFdJaxYNiT9r01RsTwruaonsHsS3WUhyKU9Sn0Tk9rUPC1p55Y-dyPNYT7YOR0U14XTKVVKdkaBWBdaX4zhB_LttwjpXUYmvOPNZQCQqoOXcjn1hwiv18XeiXF5zE1GjEfeFqEea3rtk9sdK0ydeBAlwsuXxzfCmkJ9KMXDvQjgxU81phgD-XUv9JA3SthwEbhcAloLIDkDZlbhHNNK0NRBzRMfBy7RdgtIGQG3zE-vxZRezRVVIcpXxO6dlcYBfGWEUuq2sdl-vAK0ehzxbALYmA", "payload": "" } 2023-03-09 09:23:04,918:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209428464787 HTTP/1.1" 200 1484 2023-03-09 09:23:04,919:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:23:04 GMT Content-Type: application/json Content-Length: 1484 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 15C9VG5WiLls3llyzo2cDphxCGWvyw80qmu3ACLvrYxmzQY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "invalid", "expires": "2023-03-16T09:23:02Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/VKv5s1xUez1LANX-83F9okiYiIvsXyOrkdL0MPPthRE: 404", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209428464787/dyZcoA", "token": "VKv5s1xUez1LANX-83F9okiYiIvsXyOrkdL0MPPthRE", "validationRecord": [ { "url": "http://dagoth.xyz/.well-known/acme-challenge/VKv5s1xUez1LANX-83F9okiYiIvsXyOrkdL0MPPthRE", "hostname": "dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" }, { "url": "https://dagoth.xyz/.well-known/acme-challenge/VKv5s1xUez1LANX-83F9okiYiIvsXyOrkdL0MPPthRE", "hostname": "dagoth.xyz", "port": "443", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-09T09:23:03Z" } ] } 2023-03-09 09:23:04,919:DEBUG:acme.client:Storing nonce: 15C9VG5WiLls3llyzo2cDphxCGWvyw80qmu3ACLvrYxmzQY 2023-03-09 09:23:04,919:WARNING:certbot._internal.auth_handler:Challenge failed for domain dagoth.xyz 2023-03-09 09:23:04,920:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-09 09:23:04,920:DEBUG:certbot._internal.reporter:Reporting to user: The following errors were reported by the server: Domain: dagoth.xyz Type: unauthorized Detail: 2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/VKv5s1xUez1LANX-83F9okiYiIvsXyOrkdL0MPPthRE: 404 To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. 2023-03-09 09:23:04,921:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-09 09:23:04,922:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-09 09:23:04,922:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-09 09:23:06,180:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: Some challenges have failed. 2023-03-09 09:23:06,184:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-09 09:23:06,185:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-09 09:23:06,195:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 09:23:06,262:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 09:23:06,264:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-09 09:23:06,265:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-09 09:23:06,266:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-09 09:23:06,267:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 09:23:06,267:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-09 09:23:06,268:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-09 09:23:06,276:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 09:23:06,332:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 09:23:06,334:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert5.pem is signed by the certificate's issuer. 2023-03-09 09:23:06,334:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert5.pem is: OCSPCertStatus.GOOD 2023-03-09 09:23:06,335:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-09 09:23:06,336:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 09:23:06,337:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-09 09:23:06,337:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 09:23:06,337:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-09 09:23:06,337:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) /etc/letsencrypt/live/metukim.xyz/fullchain.pem expires on 2023-06-07 (skipped) 2023-03-09 09:23:06,338:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-09 09:23:06,338:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) 2023-03-09 09:23:06,338:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 09:23:06,338:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 1 renew failure(s), 0 parse failure(s) 2023-03-09 09:23:06,341:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s) 2023-03-09 09:34:38,270:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-09 09:34:38,272:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-09 09:34:38,272:DEBUG:certbot._internal.main:Arguments: [] 2023-03-09 09:34:38,272:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-09 09:34:38,292:DEBUG:certbot._internal.log:Root logging level set at 20 2023-03-09 09:34:38,327:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-09 09:34:38,332:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-09 09:34:38,341:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-09 09:34:38,353:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 09:34:38,364:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 09:34:38,367:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-09 09:34:38,370:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-09 09:34:38,379:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-09 09:34:38,379:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-09 09:34:38,380:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 09:34:38,447:ERROR:certbot.util:Error while running nginx -c /etc/nginx/nginx.conf -t. nginx: [warn] conflicting server name "dagoth.xyz" on 0.0.0.0:80, ignored nginx: [warn] conflicting server name "dagoth.xyz" on 0.0.0.0:443, ignored nginx: [emerg] "location" directive is not allowed here in /etc/nginx/nginx.conf:85 nginx: configuration file /etc/nginx/nginx.conf test failed 2023-03-09 09:34:38,448:DEBUG:certbot._internal.plugins.disco:Misconfigured PluginEntryPoint#nginx: Error while running nginx -c /etc/nginx/nginx.conf -t. nginx: [warn] conflicting server name "dagoth.xyz" on 0.0.0.0:80, ignored nginx: [warn] conflicting server name "dagoth.xyz" on 0.0.0.0:443, ignored nginx: [emerg] "location" directive is not allowed here in /etc/nginx/nginx.conf:85 nginx: configuration file /etc/nginx/nginx.conf test failed Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 928, in config_test util.run_script([self.conf('ctl'), "-c", self.nginx_conf, "-t"]) File "/usr/lib/python3/dist-packages/certbot/util.py", line 116, in run_script raise errors.SubprocessError(msg) certbot.errors.SubprocessError: Error while running nginx -c /etc/nginx/nginx.conf -t. nginx: [warn] conflicting server name "dagoth.xyz" on 0.0.0.0:80, ignored nginx: [warn] conflicting server name "dagoth.xyz" on 0.0.0.0:443, ignored nginx: [emerg] "location" directive is not allowed here in /etc/nginx/nginx.conf:85 nginx: configuration file /etc/nginx/nginx.conf test failed During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/disco.py", line 157, in prepare self._initialized.prepare() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 190, in prepare self.config_test() File "/usr/lib/python3/dist-packages/certbot_nginx/_internal/configurator.py", line 930, in config_test raise errors.MisconfigurationError(str(err)) certbot.errors.MisconfigurationError: Error while running nginx -c /etc/nginx/nginx.conf -t. nginx: [warn] conflicting server name "dagoth.xyz" on 0.0.0.0:80, ignored nginx: [warn] conflicting server name "dagoth.xyz" on 0.0.0.0:443, ignored nginx: [emerg] "location" directive is not allowed here in /etc/nginx/nginx.conf:85 nginx: configuration file /etc/nginx/nginx.conf test failed 2023-03-09 09:34:38,453:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: Error while running nginx -c /etc/nginx/nginx.conf -t. nginx: [warn] conflicting server name "dagoth.xyz" on 0.0.0.0:80, ignored nginx: [warn] conflicting server name "dagoth.xyz" on 0.0.0.0:443, ignored nginx: [emerg] "location" directive is not allowed here in /etc/nginx/nginx.conf:85 nginx: configuration file /etc/nginx/nginx.conf test failed 2023-03-09 09:34:38,455:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: Error while running nginx -c /etc/nginx/nginx.conf -t. nginx: [warn] conflicting server name "dagoth.xyz" on 0.0.0.0:80, ignored nginx: [warn] conflicting server name "dagoth.xyz" on 0.0.0.0:443, ignored nginx: [emerg] "location" directive is not allowed here in /etc/nginx/nginx.conf:85 nginx: configuration file /etc/nginx/nginx.conf test failed 2023-03-09 09:34:38,455:DEBUG:certbot._internal.plugins.selection:Selected authenticator None and installer None 2023-03-09 09:34:38,455:INFO:certbot._internal.main:Could not choose appropriate plugin: The nginx plugin is not working; there may be problems with your existing configuration. The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [warn] conflicting server name "dagoth.xyz" on 0.0.0.0:80, ignored\nnginx: [warn] conflicting server name "dagoth.xyz" on 0.0.0.0:443, ignored\nnginx: [emerg] "location" directive is not allowed here in /etc/nginx/nginx.conf:85\nnginx: configuration file /etc/nginx/nginx.conf test failed\n') 2023-03-09 09:34:38,455:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: The nginx plugin is not working; there may be problems with your existing configuration. The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [warn] conflicting server name "dagoth.xyz" on 0.0.0.0:80, ignored\nnginx: [warn] conflicting server name "dagoth.xyz" on 0.0.0.0:443, ignored\nnginx: [emerg] "location" directive is not allowed here in /etc/nginx/nginx.conf:85\nnginx: configuration file /etc/nginx/nginx.conf test failed\n') 2023-03-09 09:34:38,459:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1228, in renew_cert installer, auth = plug_sel.choose_configurator_plugins(config, plugins, "certonly") File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/selection.py", line 235, in choose_configurator_plugins diagnose_configurator_problem("authenticator", req_auth, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/selection.py", line 339, in diagnose_configurator_problem raise errors.PluginSelectionError(msg) certbot.errors.PluginSelectionError: The nginx plugin is not working; there may be problems with your existing configuration. The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [warn] conflicting server name "dagoth.xyz" on 0.0.0.0:80, ignored\nnginx: [warn] conflicting server name "dagoth.xyz" on 0.0.0.0:443, ignored\nnginx: [emerg] "location" directive is not allowed here in /etc/nginx/nginx.conf:85\nnginx: configuration file /etc/nginx/nginx.conf test failed\n') 2023-03-09 09:34:38,460:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-09 09:34:38,469:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 09:34:38,473:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 09:34:38,475:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-09 09:34:38,476:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-09 09:34:38,477:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-09 09:34:38,478:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 09:34:38,478:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-09 09:34:38,478:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-09 09:34:38,486:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 09:34:38,493:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 09:34:38,494:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert5.pem is signed by the certificate's issuer. 2023-03-09 09:34:38,495:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert5.pem is: OCSPCertStatus.GOOD 2023-03-09 09:34:38,496:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-09 09:34:38,497:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 09:34:38,497:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-09 09:34:38,498:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 09:34:38,498:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-09 09:34:38,498:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) /etc/letsencrypt/live/metukim.xyz/fullchain.pem expires on 2023-06-07 (skipped) 2023-03-09 09:34:38,499:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-09 09:34:38,499:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) 2023-03-09 09:34:38,499:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 09:34:38,499:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 1 renew failure(s), 0 parse failure(s) 2023-03-09 09:34:38,500:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s) 2023-03-09 09:45:20,592:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-09 09:45:20,592:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-09 09:45:20,592:DEBUG:certbot._internal.main:Arguments: [] 2023-03-09 09:45:20,592:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-09 09:45:20,606:DEBUG:certbot._internal.log:Root logging level set at 20 2023-03-09 09:45:20,628:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-09 09:45:20,631:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-09 09:45:20,644:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-09 09:45:20,655:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 09:45:20,664:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 09:45:20,665:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-09 09:45:20,669:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-09 09:45:20,675:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-09 09:45:20,675:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-09 09:45:20,676:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 09:45:21,018:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 09:45:21,020:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 09:45:21,020:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-09 09:45:21,020:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-09 09:45:21,029:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-09 09:45:21,031:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-09 09:45:21,032:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-09 09:45:21,161:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-09 09:45:21,162:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:45:21 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "3XR5MHIHn_g": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-09 09:45:21,164:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-09 09:45:21,260:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0114_key-certbot.pem 2023-03-09 09:45:21,264:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0114_csr-certbot.pem 2023-03-09 09:45:21,264:DEBUG:acme.client:Requesting fresh nonce 2023-03-09 09:45:21,265:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-09 09:45:21,307:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-09 09:45:21,308:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:45:21 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1AADT2gIR7jWgbtIjxQKbHcutdYMG6W7IGaqpAORxnB4yuY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-09 09:45:21,308:DEBUG:acme.client:Storing nonce: 1AADT2gIR7jWgbtIjxQKbHcutdYMG6W7IGaqpAORxnB4yuY 2023-03-09 09:45:21,308:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-09 09:45:21,310:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFBQURUMmdJUjdqV2didElqeFFLYkhjdXRkWU1HNlc3SUdhcXBBT1J4bkI0eXVZIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "V67UQB0026bci6UghykAU7Ic-UMiuCPqDkRkVljwPT6ww2Qj6T-Dk08CRVwTy0iRKDVMg9G0LFdwa0dHO0KX2XuRAxvXrUPfjdBYcqvGAy9ltCyQD0E_cCUqThfzvS0DNe_nqBVavWQAMm0o2DE31hRu9s6w7Uor_6MUT8_zB71Dm0Agn2c-f3-Lb8dl7AgVAz78Yp-7rvna9cuS5DulTGRsa84EeX1KN6fWsBN1_o1dTeaQbyUeOSOSrhqBdMLb7_pAHYUmNGYLYecc5x3lc4q1swleKE0wJVkEbgyYifCOMpHdV-EMlUtV1NNb5JXHPNVHef48A7HhwVUQtku84w", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-09 09:45:21,487:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-09 09:45:21,488:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 09 Mar 2023 09:45:21 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/169061323107 Replay-Nonce: 1DFAuo9BVilEnwiqoRv1sYk5AjrfITYXhZaI1DPJ-wWIJC8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-16T09:45:21Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/209432233217" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/169061323107" } 2023-03-09 09:45:21,488:DEBUG:acme.client:Storing nonce: 1DFAuo9BVilEnwiqoRv1sYk5AjrfITYXhZaI1DPJ-wWIJC8 2023-03-09 09:45:21,488:DEBUG:acme.client:JWS payload: b'' 2023-03-09 09:45:21,490:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209432233217: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFERkF1bzlCVmlsRW53aXFvUnYxc1lrNUFqcmZJVFlYaFphSTFEUEotd1dJSkM4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk0MzIyMzMyMTcifQ", "signature": "giP-gMOObUQ4AJspYSa9HP4gpahf7Ba40V8shYR_IbiTlF2sS8ehcKUKFFn9SPEOK0pVymE1CG2Lv53Ixwt02wluaNDRb3CppfCyvFs9-5cbAcu7Jdn4rRxkttkJPNInGaP8erUJhVt2YxF7v8Ho319vnl6tCHxAfO26zvCjVL538MF98UxYx8Z3SFDf6VlH3QiZ7UthQgnmM2sPUUZQUxcp6OnOOXX7AlZQrJqoCdzVP1jqN--KVLuw25H-waTGGdXBT8uzyvuFCWsGoFEUI72ChLhGfcjyYpVof_pnUoyqIPNjTzv46aVC77ncFaiNFkcBINV5YHjvxQTLaNnbSg", "payload": "" } 2023-03-09 09:45:21,535:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209432233217 HTTP/1.1" 200 794 2023-03-09 09:45:21,535:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:45:21 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1AADTOO81FOiCFmoUM8kUzzfWBz2AUEiIEBm9UMuND3zh8k X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-16T09:45:21Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209432233217/96wiqw", "token": "CxE4swuWzfBDxfgCCCiUJycV16oaiOaQgCrMlVi0t2s" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209432233217/xb1_1A", "token": "CxE4swuWzfBDxfgCCCiUJycV16oaiOaQgCrMlVi0t2s" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209432233217/BMaLHw", "token": "CxE4swuWzfBDxfgCCCiUJycV16oaiOaQgCrMlVi0t2s" } ] } 2023-03-09 09:45:21,536:DEBUG:acme.client:Storing nonce: 1AADTOO81FOiCFmoUM8kUzzfWBz2AUEiIEBm9UMuND3zh8k 2023-03-09 09:45:21,536:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-09 09:45:21,537:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-09 09:45:21,558:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-09 09:45:21,560:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-09 09:45:21,560:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-09 09:45:21,561:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-09 09:45:21,561:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-09 09:45:21,561:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-09 09:45:21,561:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-09 09:45:21,562:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-09 09:45:21,562:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-09 09:45:21,562:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-09 09:45:21,562:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-09 09:45:21,562:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-09 09:45:21,563:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-09 09:45:21,563:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-09 09:45:21,563:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-09 09:45:21,563:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-09 09:45:21,564:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-09 09:45:21,564:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-09 09:45:21,564:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-09 09:45:21,564:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-09 09:45:21,564:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-09 09:45:21,565:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-09 09:45:21,565:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-09 09:45:21,565:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-09 09:45:21,565:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-09 09:45:21,566:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-09 09:45:21,566:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-09 09:45:21,566:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-09 09:45:21,566:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-09 09:45:21,567:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-09 09:45:21,567:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-09 09:45:21,567:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-09 09:45:21,567:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-09 09:45:21,568:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-09 09:45:21,568:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-09 09:45:21,568:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-09 09:45:21,569:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/CxE4swuWzfBDxfgCCCiUJycV16oaiOaQgCrMlVi0t2s{default_type text/plain;return 200 CxE4swuWzfBDxfgCCCiUJycV16oaiOaQgCrMlVi0t2s.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-09 09:45:22,626:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-03-09 09:45:22,630:DEBUG:acme.client:JWS payload: b'{}' 2023-03-09 09:45:22,634:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/209432233217/96wiqw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFBQURUT084MUZPaUNGbW9VTThrVXp6ZldCejJBVUVpSUVCbTlVTXVORDN6aDhrIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yMDk0MzIyMzMyMTcvOTZ3aXF3In0", "signature": "Aeitlg1aTvwbGTBlSMGFuzyCPVMzzWCD1oyIC_bBUU28cQMqH0Vctp9ijPKwfrGkU1ezlwdl6l4YD642vGnNLe4fALqFhvKz8hrWKCCZ7ykNL-h5jloGB1VYU9-AOesgN_kDX249kbaeuyQ6g_O3XC-fHFkGiXa7-k85-XmJ_Gr63ibPn13UDf_l59KSuh_unUpN19OfrC9JK34Kdz7n3F4S_LwkLmtwc0yB2c86dFJVGx4dGmkFGNjLlocRfbr2pDpZ9kO5nOFgJ9W-1kVPf4BFPNA1bCAI1wHcCi4h_7BAscJ2qP7aWTZVLqors6ML1DtPbDCMHRsciOwC6uJShw", "payload": "e30" } 2023-03-09 09:45:22,688:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/209432233217/96wiqw HTTP/1.1" 200 187 2023-03-09 09:45:22,689:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:45:22 GMT Content-Type: application/json Content-Length: 187 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/209432233217/96wiqw Replay-Nonce: 1DFAwvWBbD4U0pKbQ36hSookIyAUVeMpMHBKR4LGDtyBDWY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209432233217/96wiqw", "token": "CxE4swuWzfBDxfgCCCiUJycV16oaiOaQgCrMlVi0t2s" } 2023-03-09 09:45:22,689:DEBUG:acme.client:Storing nonce: 1DFAwvWBbD4U0pKbQ36hSookIyAUVeMpMHBKR4LGDtyBDWY 2023-03-09 09:45:23,692:DEBUG:acme.client:JWS payload: b'' 2023-03-09 09:45:23,695:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209432233217: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFERkF3dldCYkQ0VTBwS2JRMzZoU29va0l5QVVWZU1wTUhCS1I0TEdEdHlCRFdZIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk0MzIyMzMyMTcifQ", "signature": "ZEDQScYOeRXSF1JmUMgfUFm63JzDq-56dEAllIxzfQfePQQ6DhZt38Wcjli75ow1r0yCBGeP3QJ4GBBka8cfI2v64AQ5Ft_GX1dLC-8TByr_P7V8dwIF8Cl5AKlO5YJ3nZGHdcxRPFRQwwpuMLUJ_9Mg5S9n89aVdaLC0D_0tDHk9zM3NLYNBPBGtd63r52rmL6L-BDEsxWId5dvCiTX6Qlw8nyw36hoo1L_S6uMYe2JHvKcRR9GilAtanepMPJjOv3c0MLqTEBvgd7tPCZ__3G0kljJ8W3Ne8PT6RikAgPS8nsMBIxTNPr4USLAwwPL0OXetBHwkyhH6hnaDV0N9A", "payload": "" } 2023-03-09 09:45:23,740:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209432233217 HTTP/1.1" 200 1484 2023-03-09 09:45:23,740:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 09:45:23 GMT Content-Type: application/json Content-Length: 1484 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: C878g5B0lB6XiUldtXQp1ELK173_255BVjNBhi6ToYwkKj8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "invalid", "expires": "2023-03-16T09:45:21Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/CxE4swuWzfBDxfgCCCiUJycV16oaiOaQgCrMlVi0t2s: 404", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209432233217/96wiqw", "token": "CxE4swuWzfBDxfgCCCiUJycV16oaiOaQgCrMlVi0t2s", "validationRecord": [ { "url": "http://dagoth.xyz/.well-known/acme-challenge/CxE4swuWzfBDxfgCCCiUJycV16oaiOaQgCrMlVi0t2s", "hostname": "dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" }, { "url": "https://dagoth.xyz/.well-known/acme-challenge/CxE4swuWzfBDxfgCCCiUJycV16oaiOaQgCrMlVi0t2s", "hostname": "dagoth.xyz", "port": "443", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-09T09:45:22Z" } ] } 2023-03-09 09:45:23,741:DEBUG:acme.client:Storing nonce: C878g5B0lB6XiUldtXQp1ELK173_255BVjNBhi6ToYwkKj8 2023-03-09 09:45:23,741:WARNING:certbot._internal.auth_handler:Challenge failed for domain dagoth.xyz 2023-03-09 09:45:23,742:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-09 09:45:23,743:DEBUG:certbot._internal.reporter:Reporting to user: The following errors were reported by the server: Domain: dagoth.xyz Type: unauthorized Detail: 2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/CxE4swuWzfBDxfgCCCiUJycV16oaiOaQgCrMlVi0t2s: 404 To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. 2023-03-09 09:45:23,745:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-09 09:45:23,745:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-09 09:45:23,745:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-09 09:45:25,063:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: Some challenges have failed. 2023-03-09 09:45:25,077:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-09 09:45:25,077:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-09 09:45:25,092:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 09:45:25,100:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 09:45:25,101:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-09 09:45:25,103:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-09 09:45:25,105:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-09 09:45:25,105:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 09:45:25,106:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-09 09:45:25,107:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-09 09:45:25,114:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 09:45:25,119:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 09:45:25,120:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert5.pem is signed by the certificate's issuer. 2023-03-09 09:45:25,121:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert5.pem is: OCSPCertStatus.GOOD 2023-03-09 09:45:25,122:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-09 09:45:25,123:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 09:45:25,124:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-09 09:45:25,124:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 09:45:25,125:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-09 09:45:25,125:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) /etc/letsencrypt/live/metukim.xyz/fullchain.pem expires on 2023-06-07 (skipped) 2023-03-09 09:45:25,126:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-09 09:45:25,126:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) 2023-03-09 09:45:25,127:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 09:45:25,127:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 1 renew failure(s), 0 parse failure(s) 2023-03-09 09:45:25,129:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s) 2023-03-09 11:44:28,547:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-09 11:44:28,548:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-09 11:44:28,548:DEBUG:certbot._internal.main:Arguments: ['-q'] 2023-03-09 11:44:28,548:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-09 11:44:28,686:DEBUG:certbot._internal.log:Root logging level set at 30 2023-03-09 11:44:28,687:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-09 11:44:28,689:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-09 11:44:28,707:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-09 11:44:28,732:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 11:44:28,746:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 11:44:28,748:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-09 11:44:28,755:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-09 11:44:28,777:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-09 11:44:28,777:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-09 11:44:28,777:INFO:certbot._internal.renewal:Non-interactive renewal: random delay of 14.018081595716247 seconds 2023-03-09 11:44:42,810:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 11:44:43,339:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 11:44:43,341:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 11:44:43,342:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-09 11:44:43,342:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-09 11:44:43,354:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-09 11:44:43,356:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-09 11:44:43,361:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-09 11:44:43,575:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-09 11:44:43,576:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 11:44:43 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "u7gbS6JI_b8": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2023-03-09 11:44:43,579:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-09 11:44:43,650:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0115_key-certbot.pem 2023-03-09 11:44:43,656:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0115_csr-certbot.pem 2023-03-09 11:44:43,657:DEBUG:acme.client:Requesting fresh nonce 2023-03-09 11:44:43,657:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-09 11:44:43,728:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-09 11:44:43,728:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 11:44:43 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: F977PAj5EbJreg_T4v9weE89-PsczoDs9gJ4-G7fjcZfRkA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-09 11:44:43,729:DEBUG:acme.client:Storing nonce: F977PAj5EbJreg_T4v9weE89-PsczoDs9gJ4-G7fjcZfRkA 2023-03-09 11:44:43,729:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-09 11:44:43,732:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkY5NzdQQWo1RWJKcmVnX1Q0djl3ZUU4OS1Qc2N6b0RzOWdKNC1HN2ZqY1pmUmtBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "txGwae-s3CmGfITEqozfV1VQkG2sl39voTzrtTYUMFRcl4fpoTEy3AKkTgeG3EXC_-rZiwLieNbJuBEymZclIge9xqpb_3Ybtg06oaANZyVzeyl0X3g1fD8gA74hDRR6-pxQRNsSe7FhIIoB6Moi_xJH7NbBnpjes5rzHFkt3vBldL0phi9L_irBjVKu69XY2XDHly5FNXC63adxw3S6-ntQFQG2RgW8KBQ2TkBhhuOIzMCPh8gzJgeuao7-s7Zr_iZ5sujsOEYC_GV9_UWH3_zM18rvzWsW9P1WBpVMgju8QZXLv02RaddlYh5pEgx2d98UyyOyuUwPLFJXjy-4iA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-09 11:44:43,835:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-09 11:44:43,839:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 09 Mar 2023 11:44:43 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/169076186357 Replay-Nonce: A5FEL7Q9q4SWCbAhdY3-sM3tX5h7P4859ggKVN0m20xeX60 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-16T11:44:43Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/209453028437" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/169076186357" } 2023-03-09 11:44:43,839:DEBUG:acme.client:Storing nonce: A5FEL7Q9q4SWCbAhdY3-sM3tX5h7P4859ggKVN0m20xeX60 2023-03-09 11:44:43,839:DEBUG:acme.client:JWS payload: b'' 2023-03-09 11:44:43,841:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209453028437: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkE1RkVMN1E5cTRTV0NiQWhkWTMtc00zdFg1aDdQNDg1OWdnS1ZOMG0yMHhlWDYwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk0NTMwMjg0MzcifQ", "signature": "KERKyrj02dRxyyBUc0RbmB7jpE67nI_JYKf58YMiTrMQJUCy7d7jIlFulBkcg0Km6sCriCka64kZEvGg04ICPTrpQ7b5ScXXiLBNv3d3vIRT3lOdL1Aq8V5XeZu_hXtR7duD3f9ID1cNPn-YM7d0uX3GOFQlLOoXXPsFIEZO5NA1ta1ynXABekPFevCKKxWoEHfbZ95UoD0PlqfS0mwnVxYRXJ7kO7XVxNBBvI1C6_xzcD_a0DNcyIEPqS0JNkxjY9CNVUtpFLCtHTCdtgg285uhHr2oGZ9G1kcLgVXAKYvqNLJu99arTMWRzEIWn94cWkiOXaCDNGqlziHab5EhLQ", "payload": "" } 2023-03-09 11:44:43,941:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209453028437 HTTP/1.1" 200 794 2023-03-09 11:44:43,942:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 11:44:43 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A5FEbb2WwaN96KZJ4G0Rwa1qp4P2pOpn-RHRytpAfHXqpZM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-16T11:44:43Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209453028437/Wzg0cQ", "token": "BleoaxdivhQKcBUbU3bYbIGOv9YFDuF_ff8BH3VqFGg" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209453028437/vsaRlQ", "token": "BleoaxdivhQKcBUbU3bYbIGOv9YFDuF_ff8BH3VqFGg" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209453028437/RcV6Fw", "token": "BleoaxdivhQKcBUbU3bYbIGOv9YFDuF_ff8BH3VqFGg" } ] } 2023-03-09 11:44:43,942:DEBUG:acme.client:Storing nonce: A5FEbb2WwaN96KZJ4G0Rwa1qp4P2pOpn-RHRytpAfHXqpZM 2023-03-09 11:44:43,943:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-09 11:44:43,943:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-09 11:44:43,962:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-09 11:44:43,963:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-09 11:44:43,964:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-09 11:44:43,964:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-09 11:44:43,965:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-09 11:44:43,965:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-09 11:44:43,965:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-09 11:44:43,965:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-09 11:44:43,965:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-09 11:44:43,966:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-09 11:44:43,966:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-09 11:44:43,966:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-09 11:44:43,966:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-09 11:44:43,967:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-09 11:44:43,967:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-09 11:44:43,967:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-09 11:44:43,967:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-09 11:44:43,968:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-09 11:44:43,968:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-09 11:44:43,968:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-09 11:44:43,968:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-09 11:44:43,969:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-09 11:44:43,969:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-09 11:44:43,969:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-09 11:44:43,969:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-09 11:44:43,970:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-09 11:44:43,970:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-09 11:44:43,970:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-09 11:44:43,970:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-09 11:44:43,970:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-09 11:44:43,971:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-09 11:44:43,971:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-09 11:44:43,971:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-09 11:44:43,971:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-09 11:44:43,971:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-09 11:44:43,972:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-09 11:44:43,973:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/BleoaxdivhQKcBUbU3bYbIGOv9YFDuF_ff8BH3VqFGg{default_type text/plain;return 200 BleoaxdivhQKcBUbU3bYbIGOv9YFDuF_ff8BH3VqFGg.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-09 11:44:45,018:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-03-09 11:44:45,020:DEBUG:acme.client:JWS payload: b'{}' 2023-03-09 11:44:45,023:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/209453028437/Wzg0cQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkE1RkViYjJXd2FOOTZLWko0RzBSd2ExcXA0UDJwT3BuLVJIUnl0cEFmSFhxcFpNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yMDk0NTMwMjg0MzcvV3pnMGNRIn0", "signature": "AtpLoOHlbSinT6i4Pd92eUxBbCvV0wLjtzWFxRgaG1RDoXynP4F_zwS6C7ayZizvFHGt_SqGgkv1RgKgZKs5RDCa08mMsEb5p7FUHWcoAxlw1ulBC9JBYhUkUCjWl6k3kfsSg8w_BpUA0aj6FxjhT2Xt4OZjc7Athjcvd7fh0QxlSuGafjcZ8tGW2tA404Gl0Yfz6rSNiF1mmkGUGwtEg4ieSYfdNRF4HdbdmwA1l7EI5idS-c7BeQZcpcYicxuGFsy35KELlBMWYfVe0_Z5Y-BZuuniyZKwPCLm0PkKdHzj3rQoOrri23hmAvIAGCYgeQAxoZ2cnifMkNEV-jJifg", "payload": "e30" } 2023-03-09 11:44:45,099:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/209453028437/Wzg0cQ HTTP/1.1" 200 187 2023-03-09 11:44:45,100:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 11:44:45 GMT Content-Type: application/json Content-Length: 187 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/209453028437/Wzg0cQ Replay-Nonce: A5FEINUT8HWIoib6p5CZutiyc5s-hUvP2ny1WrDPNCHFnc4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209453028437/Wzg0cQ", "token": "BleoaxdivhQKcBUbU3bYbIGOv9YFDuF_ff8BH3VqFGg" } 2023-03-09 11:44:45,101:DEBUG:acme.client:Storing nonce: A5FEINUT8HWIoib6p5CZutiyc5s-hUvP2ny1WrDPNCHFnc4 2023-03-09 11:44:46,103:DEBUG:acme.client:JWS payload: b'' 2023-03-09 11:44:46,105:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209453028437: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkE1RkVJTlVUOEhXSW9pYjZwNUNadXRpeWM1cy1oVXZQMm55MVdyRFBOQ0hGbmM0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk0NTMwMjg0MzcifQ", "signature": "BaA5Y8L7DGvmltRpaz_bDYES7__rk9KEh_zAFg_hF6HNp1zVOBijy1f9c7Zv2GI7VgRLjoJqMA0vbfLXybNkL1cCJhomR1YnLP1qcWacs7JxYKc9HV2fegd-6uYFoQ7DC7OkMio84vtuc85C7Orh6v3sxqADjg_Fkf2FjOHvEIJUHi78zxP1ZUndZ2tTGUmnc_U1YBL7a5grcyXnolvbTu6XtPPQ0lLC9i-elPtk-LG9j2_C_rvA8XK2fMk5_qfyFnWKkNLf8Uwvmfv-Ukiubl6r-RsFe-hGmgy7PIUnjF913SDu2MLtEGvDcPz1WBRA1vb3umj-0Iw1FngwJU3Peg", "payload": "" } 2023-03-09 11:44:46,191:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209453028437 HTTP/1.1" 200 1484 2023-03-09 11:44:46,192:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 11:44:46 GMT Content-Type: application/json Content-Length: 1484 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: F70EVsx6AOHNCGeAJowRXidob3H-GAUSxk9oMKPt9LenDPU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "invalid", "expires": "2023-03-16T11:44:43Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/BleoaxdivhQKcBUbU3bYbIGOv9YFDuF_ff8BH3VqFGg: 404", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209453028437/Wzg0cQ", "token": "BleoaxdivhQKcBUbU3bYbIGOv9YFDuF_ff8BH3VqFGg", "validationRecord": [ { "url": "http://dagoth.xyz/.well-known/acme-challenge/BleoaxdivhQKcBUbU3bYbIGOv9YFDuF_ff8BH3VqFGg", "hostname": "dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" }, { "url": "https://dagoth.xyz/.well-known/acme-challenge/BleoaxdivhQKcBUbU3bYbIGOv9YFDuF_ff8BH3VqFGg", "hostname": "dagoth.xyz", "port": "443", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-09T11:44:45Z" } ] } 2023-03-09 11:44:46,192:DEBUG:acme.client:Storing nonce: F70EVsx6AOHNCGeAJowRXidob3H-GAUSxk9oMKPt9LenDPU 2023-03-09 11:44:46,193:WARNING:certbot._internal.auth_handler:Challenge failed for domain dagoth.xyz 2023-03-09 11:44:46,196:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-09 11:44:46,196:DEBUG:certbot._internal.reporter:Reporting to user: The following errors were reported by the server: Domain: dagoth.xyz Type: unauthorized Detail: 2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/BleoaxdivhQKcBUbU3bYbIGOv9YFDuF_ff8BH3VqFGg: 404 To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. 2023-03-09 11:44:46,198:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-09 11:44:46,198:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-09 11:44:46,198:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-09 11:44:47,465:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: Some challenges have failed. 2023-03-09 11:44:47,473:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-09 11:44:47,474:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-09 11:44:47,493:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 11:44:47,500:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 11:44:47,502:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-09 11:44:47,503:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-09 11:44:47,505:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-09 11:44:47,505:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 11:44:47,506:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-09 11:44:47,507:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-09 11:44:47,513:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 11:44:47,517:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 11:44:47,519:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert5.pem is signed by the certificate's issuer. 2023-03-09 11:44:47,520:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert5.pem is: OCSPCertStatus.GOOD 2023-03-09 11:44:47,521:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-09 11:44:47,521:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 11:44:47,522:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-09 11:44:47,522:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 11:44:47,522:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-09 11:44:47,522:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) /etc/letsencrypt/live/metukim.xyz/fullchain.pem expires on 2023-06-07 (skipped) 2023-03-09 11:44:47,522:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-09 11:44:47,523:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) 2023-03-09 11:44:47,523:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 11:44:47,523:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 1 renew failure(s), 0 parse failure(s) 2023-03-09 11:44:47,525:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s) 2023-03-09 12:52:31,454:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-09 12:52:31,455:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-09 12:52:31,455:DEBUG:certbot._internal.main:Arguments: [] 2023-03-09 12:52:31,455:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-09 12:52:31,481:DEBUG:certbot._internal.log:Root logging level set at 20 2023-03-09 12:52:31,482:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-09 12:52:31,484:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-09 12:52:31,493:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-09 12:52:31,510:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 12:52:31,518:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 12:52:31,519:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-09 12:52:31,524:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-09 12:52:31,533:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-09 12:52:31,534:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-09 12:52:31,534:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 12:52:31,932:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 12:52:31,933:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 12:52:31,933:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-09 12:52:31,933:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-09 12:52:31,942:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-09 12:52:31,943:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-09 12:52:31,945:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-09 12:52:32,077:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-09 12:52:32,077:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 12:52:32 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "Ku2cI_eUtdo": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-09 12:52:32,079:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-09 12:52:32,205:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0116_key-certbot.pem 2023-03-09 12:52:32,210:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0116_csr-certbot.pem 2023-03-09 12:52:32,210:DEBUG:acme.client:Requesting fresh nonce 2023-03-09 12:52:32,210:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-09 12:52:32,253:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-09 12:52:32,254:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 12:52:32 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: C878dC2La0N_9hevWRiIOXpUL7Ds2cMeIfB9pFtnDGtfhkQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-09 12:52:32,254:DEBUG:acme.client:Storing nonce: C878dC2La0N_9hevWRiIOXpUL7Ds2cMeIfB9pFtnDGtfhkQ 2023-03-09 12:52:32,255:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-09 12:52:32,257:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM4NzhkQzJMYTBOXzloZXZXUmlJT1hwVUw3RHMyY01lSWZCOXBGdG5ER3RmaGtRIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "qDWbmMSlpmW2uMf-KwJ8s4Z79cMVi4nRg90Sfrh8pbsn9nJCShe61nDkE7aDc9TvP2BBt7tH9ZCeTKjbSR-J-zOVsY-KmpFaU1ZoxCVWF3yH5gC5o_VHXWYh8RTDoiEVtgUOmjSXe9ZCC06PyjXKNlDG9DMaKjf9up_FYmgeDlwBr4xrfefaEy2DeiYYbAz8Wb2w4NwY9s9dqYhhIwE6N_7cbszPR7tcQYSZdte53Xs5AtfNeAUlCUZboMNFRd8qIOSpeZqcrL_8QEL4dhYfwKSv-pAylysPZrkFLocjhplKtPargOHqSt8hNAAJzEDC3FymxYyfnEBx0K96T-IDmQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-09 12:52:32,431:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-09 12:52:32,432:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 09 Mar 2023 12:52:32 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/169084730107 Replay-Nonce: 1DFATf0pIJ9wO2A2hA1CFQjEWQlFK7WLGQg6njdB9r8cyGY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-16T12:52:32Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/209464904377" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/169084730107" } 2023-03-09 12:52:32,432:DEBUG:acme.client:Storing nonce: 1DFATf0pIJ9wO2A2hA1CFQjEWQlFK7WLGQg6njdB9r8cyGY 2023-03-09 12:52:32,432:DEBUG:acme.client:JWS payload: b'' 2023-03-09 12:52:32,434:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209464904377: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFERkFUZjBwSUo5d08yQTJoQTFDRlFqRVdRbEZLN1dMR1FnNm5qZEI5cjhjeUdZIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk0NjQ5MDQzNzcifQ", "signature": "yH229kJ051Y0F_d8Ui1pmK7vcFgsd7TwqtXcQlC_NtSqHQ3slNVgXVP1wUtSkVZEMWloMd7kULFR_D1cViIbzXNJeADoF0Bd5dr1K-Frqa3kAkunZREYbOEhal0TO_jiZLGheZn4xWXd1uTyx6_PYp7lAUSC-mx1dSLNGq0NQRHo98-mNxB2D9Mslcsb6GEBohX4y_42NBO-HN-zjW7OD9oc_7CN8WnfOCeBtlDvU3aW334S_xYN8Pp9_AXFpt9gt9b4I6skrgLYYz28NMm-2S5Jd8ROCQy-JZDRkxvfYPdFha8aC-YCsFRMhVqnnVTpFz_IDfqrA7d-VgmHSeNilw", "payload": "" } 2023-03-09 12:52:32,481:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209464904377 HTTP/1.1" 200 794 2023-03-09 12:52:32,482:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 12:52:32 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: C878fFm43QjX8bzPGUWfeF2RrKXlPWUa2K5y9eXW2JnTLm4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-16T12:52:32Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209464904377/AIDLpw", "token": "-yT4JAKVZwXca9ce88FOvJrdJYHLfB5JSpw7oQx9vKc" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209464904377/uWGaEA", "token": "-yT4JAKVZwXca9ce88FOvJrdJYHLfB5JSpw7oQx9vKc" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209464904377/w0alLw", "token": "-yT4JAKVZwXca9ce88FOvJrdJYHLfB5JSpw7oQx9vKc" } ] } 2023-03-09 12:52:32,482:DEBUG:acme.client:Storing nonce: C878fFm43QjX8bzPGUWfeF2RrKXlPWUa2K5y9eXW2JnTLm4 2023-03-09 12:52:32,483:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-09 12:52:32,483:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-09 12:52:32,501:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-09 12:52:32,502:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-09 12:52:32,503:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-09 12:52:32,503:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-09 12:52:32,503:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-09 12:52:32,503:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-09 12:52:32,504:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-09 12:52:32,504:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-09 12:52:32,504:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-09 12:52:32,504:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-09 12:52:32,505:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-09 12:52:32,505:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-09 12:52:32,505:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-09 12:52:32,505:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-09 12:52:32,505:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-09 12:52:32,506:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-09 12:52:32,506:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-09 12:52:32,506:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-09 12:52:32,506:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-09 12:52:32,506:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-09 12:52:32,507:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-09 12:52:32,507:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-09 12:52:32,507:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-09 12:52:32,507:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-09 12:52:32,508:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-09 12:52:32,508:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-09 12:52:32,508:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-09 12:52:32,508:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-09 12:52:32,509:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-09 12:52:32,509:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-09 12:52:32,509:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-09 12:52:32,509:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-09 12:52:32,509:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-09 12:52:32,510:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-09 12:52:32,510:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-09 12:52:32,510:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-09 12:52:32,512:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/-yT4JAKVZwXca9ce88FOvJrdJYHLfB5JSpw7oQx9vKc{default_type text/plain;return 200 -yT4JAKVZwXca9ce88FOvJrdJYHLfB5JSpw7oQx9vKc.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-09 12:52:33,566:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-03-09 12:52:33,567:DEBUG:acme.client:JWS payload: b'{}' 2023-03-09 12:52:33,569:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/209464904377/AIDLpw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM4NzhmRm00M1FqWDhielBHVVdmZUYyUnJLWGxQV1VhMks1eTllWFcySm5UTG00IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yMDk0NjQ5MDQzNzcvQUlETHB3In0", "signature": "S76_i69gkmYdqMMcNI3ouCp-Q2pyIu506Yl25gutR-69OxGMJsHfZzi2kI-I8ssjcpx80OjXZ1bJDpmF1bqle5hUqCvSiBULnXcQBJ36h_kJZLH0Z0-rGB5CzeBerCjHcF-pYWOD4CZ1CMmXNjD5d4y2RzKkWmmsbsZ9kGvr3HEKEk1tFTJdGbGlgE8KpbJRAFVLZWvVuDACtFuley2wcwuxrJaTlV4TWTKmgYx3o6FZ9BpXrDrIb95MGtJJt5zJ_aeBv_rv1Kxx_JKFqed2Ydvy9SZrUZJlG8Ay1uwO-r3hInlsatu2tm5QOwrM8ebLC8DPv1SLzqO3yOWNuzKO1g", "payload": "e30" } 2023-03-09 12:52:33,619:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/209464904377/AIDLpw HTTP/1.1" 200 187 2023-03-09 12:52:33,619:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 12:52:33 GMT Content-Type: application/json Content-Length: 187 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/209464904377/AIDLpw Replay-Nonce: 15C9duTteaiWMNMV9F81BFKK8p8iGN6eGd9VnJRvQRXo3P8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209464904377/AIDLpw", "token": "-yT4JAKVZwXca9ce88FOvJrdJYHLfB5JSpw7oQx9vKc" } 2023-03-09 12:52:33,619:DEBUG:acme.client:Storing nonce: 15C9duTteaiWMNMV9F81BFKK8p8iGN6eGd9VnJRvQRXo3P8 2023-03-09 12:52:34,622:DEBUG:acme.client:JWS payload: b'' 2023-03-09 12:52:34,628:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209464904377: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjE1QzlkdVR0ZWFpV01OTVY5RjgxQkZLSzhwOGlHTjZlR2Q5Vm5KUnZRUlhvM1A4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk0NjQ5MDQzNzcifQ", "signature": "kc8js0-C_ECnePbpW4uE4vYujI9sdjNRkIrI72fS-nyGWWDqVLiRkK6XBnfFoZ3zIb9ZSl8Lv4opxYwvgSzUuZF2w3Prz-UEKOV1nppWNhyNQdZpgcbLoM5i7aBBZMnrYtw6-wtU02qjGAPeM6YFe0kkAojGVX3b_KeGR7SVrCKCuidk33daFVYMEZJ_otHX39T9BWWzFXhpeHsHZ-xEn7GFYYF9Z-1OEVli-7Ru9NV5NWdrOUjPO_VVdVCw3u0KWj73hDhI7HoOVAV0Zj-Douig-JmBXS6OZ7EuPfbYvxmiEPfu58phFqhc1J_RhObjMmrPeBmI1U2n9qdG-IKXlA", "payload": "" } 2023-03-09 12:52:34,705:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209464904377 HTTP/1.1" 200 1484 2023-03-09 12:52:34,708:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 12:52:34 GMT Content-Type: application/json Content-Length: 1484 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1AADQah4R_k5q0Z20IBK0NG12aaKFdlVU5FR633rkwlYfyI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "invalid", "expires": "2023-03-16T12:52:32Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/-yT4JAKVZwXca9ce88FOvJrdJYHLfB5JSpw7oQx9vKc: 404", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209464904377/AIDLpw", "token": "-yT4JAKVZwXca9ce88FOvJrdJYHLfB5JSpw7oQx9vKc", "validationRecord": [ { "url": "http://dagoth.xyz/.well-known/acme-challenge/-yT4JAKVZwXca9ce88FOvJrdJYHLfB5JSpw7oQx9vKc", "hostname": "dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" }, { "url": "https://dagoth.xyz/.well-known/acme-challenge/-yT4JAKVZwXca9ce88FOvJrdJYHLfB5JSpw7oQx9vKc", "hostname": "dagoth.xyz", "port": "443", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-09T12:52:33Z" } ] } 2023-03-09 12:52:34,709:DEBUG:acme.client:Storing nonce: 1AADQah4R_k5q0Z20IBK0NG12aaKFdlVU5FR633rkwlYfyI 2023-03-09 12:52:34,711:WARNING:certbot._internal.auth_handler:Challenge failed for domain dagoth.xyz 2023-03-09 12:52:34,711:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-09 12:52:34,712:DEBUG:certbot._internal.reporter:Reporting to user: The following errors were reported by the server: Domain: dagoth.xyz Type: unauthorized Detail: 2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/-yT4JAKVZwXca9ce88FOvJrdJYHLfB5JSpw7oQx9vKc: 404 To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. 2023-03-09 12:52:34,715:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-09 12:52:34,715:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-09 12:52:34,715:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-09 12:52:36,420:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: Some challenges have failed. 2023-03-09 12:52:36,432:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-09 12:52:36,435:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-09 12:52:36,481:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 12:52:36,492:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 12:52:36,496:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-09 12:52:36,499:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-09 12:52:36,503:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-09 12:52:36,504:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 12:52:36,506:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-09 12:52:36,507:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-09 12:52:36,519:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 12:52:36,532:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 12:52:36,534:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert5.pem is signed by the certificate's issuer. 2023-03-09 12:52:36,535:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert5.pem is: OCSPCertStatus.GOOD 2023-03-09 12:52:36,537:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-09 12:52:36,539:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 12:52:36,540:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-09 12:52:36,540:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 12:52:36,541:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-09 12:52:36,541:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) /etc/letsencrypt/live/metukim.xyz/fullchain.pem expires on 2023-06-07 (skipped) 2023-03-09 12:52:36,541:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-09 12:52:36,542:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) 2023-03-09 12:52:36,542:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 12:52:36,544:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 1 renew failure(s), 0 parse failure(s) 2023-03-09 12:52:36,546:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s) 2023-03-09 12:54:01,824:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-09 12:54:01,825:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-09 12:54:01,825:DEBUG:certbot._internal.main:Arguments: ['--cert-name', 'withme.algorithmz.net', '--nginx'] 2023-03-09 12:54:01,825:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-09 12:54:01,859:DEBUG:certbot._internal.log:Root logging level set at 20 2023-03-09 12:54:01,859:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-09 12:54:01,860:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 427, in handle_renewal_request conf_files = [storage.renewal_file_for_certname(config, config.certname)] File "/usr/lib/python3/dist-packages/certbot/_internal/storage.py", line 57, in renewal_file_for_certname raise errors.CertStorageError("No certificate found with name {0} (expected " certbot.errors.CertStorageError: No certificate found with name withme.algorithmz.net (expected /etc/letsencrypt/renewal/withme.algorithmz.net.conf). 2023-03-09 12:54:01,865:ERROR:certbot._internal.log:No certificate found with name withme.algorithmz.net (expected /etc/letsencrypt/renewal/withme.algorithmz.net.conf). 2023-03-09 12:56:51,388:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-09 12:56:51,389:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-09 12:56:51,389:DEBUG:certbot._internal.main:Arguments: [] 2023-03-09 12:56:51,389:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-09 12:56:51,401:DEBUG:certbot._internal.log:Root logging level set at 20 2023-03-09 12:56:51,417:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-09 12:56:51,419:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-09 12:56:51,428:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-09 12:56:51,438:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 12:56:51,453:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 12:56:51,454:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-09 12:56:51,458:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-09 12:56:51,463:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-09 12:56:51,464:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-09 12:56:51,464:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 12:56:51,796:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 12:56:51,797:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 12:56:51,798:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-09 12:56:51,798:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-09 12:56:51,807:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-09 12:56:51,808:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-09 12:56:51,810:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-09 12:56:51,940:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-09 12:56:51,941:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 12:56:51 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "-KiyefADo8w": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-09 12:56:51,943:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-09 12:56:51,992:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0117_key-certbot.pem 2023-03-09 12:56:51,997:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0117_csr-certbot.pem 2023-03-09 12:56:51,998:DEBUG:acme.client:Requesting fresh nonce 2023-03-09 12:56:51,998:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-09 12:56:52,042:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-09 12:56:52,043:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 12:56:52 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 15C9mY6KkHx1_WJJ-Bca3xozX0nYnRYTDVYSm_RdbDB76S0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-09 12:56:52,043:DEBUG:acme.client:Storing nonce: 15C9mY6KkHx1_WJJ-Bca3xozX0nYnRYTDVYSm_RdbDB76S0 2023-03-09 12:56:52,043:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-09 12:56:52,045:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjE1QzltWTZLa0h4MV9XSkotQmNhM3hvelgwblluUllURFZZU21fUmRiREI3NlMwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "MXIjMH6fi3x7g3L4UYoKWsXjphEFVSeidsYkaQsq5PU3LYdLy9opalN7TghM5pq4l4-1z-Z2hjdulZLn9DUaO-ht5T61h5MSONNnP6ViFTOPPWZAH_KuIyhgGd-axN2-Wds3Qn3CBPUUre8qzkQmzahKZASA2omoPFyHDCfKBZxT-7EyuuPOu0vyeGkt33TdjAWFD3XLoyUEJ1wpmm0kuOTvPZN8CMiQlonupQZ5rVB855xhD3bJCPFVs4Zb_pQRvMVnocph04znIg7Os1KzhKJUWP-Oh8c9iIJ_Ifx403-nKZ86xbkd9msNU5_7xRUHxkdpaktzIJzsRvTtl6k4Og", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-09 12:56:52,225:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-09 12:56:52,225:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 09 Mar 2023 12:56:52 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/169085254717 Replay-Nonce: C878HGCCiUDSFd8BqSTBUbrkEK-KfSKUKlHAnvPWH8IySZA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-16T12:56:52Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/209465628587" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/169085254717" } 2023-03-09 12:56:52,226:DEBUG:acme.client:Storing nonce: C878HGCCiUDSFd8BqSTBUbrkEK-KfSKUKlHAnvPWH8IySZA 2023-03-09 12:56:52,226:DEBUG:acme.client:JWS payload: b'' 2023-03-09 12:56:52,227:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209465628587: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM4NzhIR0NDaVVEU0ZkOEJxU1RCVWJya0VLLUtmU0tVS2xIQW52UFdIOEl5U1pBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk0NjU2Mjg1ODcifQ", "signature": "bEyx-NXLLPfc5YMjp5iagio3CAqgc2uFEKp3aNqp_2bOekIZj53FbB61f20ruX-xC88qNqwrwG7Z11Ui1Jw5_nMD9kouvSrQe4JF_3kOaZztDhl4RM1reEyfsBAah5WWaEZOGWOknF86RC4hbuVOAoPbbNWXtMRNtXaEbQ5UHqD0ENg-bNSCk1yZ9_wFnHiBq01AUwlafCCodCZWLIcWw10is4hyua1NvAocz2EdO5SVemNpQ3Qw4P5W8dL103D0cMZXZNQ6OdNAQjGX9BDoYGkvHrNCH2BmGI_HX3pSnkL8tf9kuEWxy2om_x1EPQKH7JiaD4HHcDjsUGkT8Z208w", "payload": "" } 2023-03-09 12:56:52,286:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209465628587 HTTP/1.1" 200 794 2023-03-09 12:56:52,286:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 12:56:52 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1DFAWdnDWKojOMUbaIrlKvlURq3QoWkr02B00rVLrdPGbvs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-16T12:56:52Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209465628587/IdfPhw", "token": "N_1HD_JO3ue7VjPhodm7rxDHGcBpel0n-HoPkyfcMYk" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209465628587/-Y1ncQ", "token": "N_1HD_JO3ue7VjPhodm7rxDHGcBpel0n-HoPkyfcMYk" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209465628587/0hSpgw", "token": "N_1HD_JO3ue7VjPhodm7rxDHGcBpel0n-HoPkyfcMYk" } ] } 2023-03-09 12:56:52,287:DEBUG:acme.client:Storing nonce: 1DFAWdnDWKojOMUbaIrlKvlURq3QoWkr02B00rVLrdPGbvs 2023-03-09 12:56:52,287:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-09 12:56:52,288:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-09 12:56:52,309:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-09 12:56:52,310:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-09 12:56:52,311:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-09 12:56:52,311:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-09 12:56:52,312:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-09 12:56:52,312:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-09 12:56:52,313:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-09 12:56:52,313:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-09 12:56:52,313:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-09 12:56:52,314:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-09 12:56:52,314:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-09 12:56:52,314:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-09 12:56:52,315:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-09 12:56:52,315:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-09 12:56:52,316:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-09 12:56:52,316:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-09 12:56:52,316:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-09 12:56:52,316:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-09 12:56:52,317:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-09 12:56:52,317:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-09 12:56:52,317:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-09 12:56:52,318:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-09 12:56:52,318:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-09 12:56:52,318:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-09 12:56:52,319:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-09 12:56:52,319:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-09 12:56:52,319:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-09 12:56:52,320:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-09 12:56:52,320:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-09 12:56:52,320:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-09 12:56:52,321:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-09 12:56:52,321:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-09 12:56:52,321:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-09 12:56:52,322:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-09 12:56:52,322:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-09 12:56:52,322:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-09 12:56:52,324:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/N_1HD_JO3ue7VjPhodm7rxDHGcBpel0n-HoPkyfcMYk{default_type text/plain;return 200 N_1HD_JO3ue7VjPhodm7rxDHGcBpel0n-HoPkyfcMYk.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-09 12:56:53,401:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-03-09 12:56:53,402:DEBUG:acme.client:JWS payload: b'{}' 2023-03-09 12:56:53,405:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/209465628587/IdfPhw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFERkFXZG5EV0tvak9NVWJhSXJsS3ZsVVJxM1FvV2tyMDJCMDByVkxyZFBHYnZzIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yMDk0NjU2Mjg1ODcvSWRmUGh3In0", "signature": "MbvZdy6lsjjG6FHisJk6fh_vQlSHENAEV9cIrHjG1XP6YQSCI0HcxAZoYXVkOmn1f9HgqbIlczngAwOhMLlAGwxrtQXhtvZJ3WiDLyThAXhFDjKBZ21RjQ9ichq4l5ftWEIUdyhgtOVXYtX4TdQQVWm8tzM2uUs6VGQTVsvJR-gJKq4dDvBqVySsNboTFjedpQ3mS7u9vbd1qOxNP2jEBetAFcP03XoyZrKzlI1eWK80JDtZjhH5OsHiTek6KR6sOmAFQyF84Lw6tYjHjzfNI8RSmDOaLnOFS4f8FoCb11oTNzQzcES-nONShZangTs6y_3vdopUBuEooa8-1kmr-A", "payload": "e30" } 2023-03-09 12:56:53,453:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/209465628587/IdfPhw HTTP/1.1" 200 187 2023-03-09 12:56:53,454:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 12:56:53 GMT Content-Type: application/json Content-Length: 187 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/209465628587/IdfPhw Replay-Nonce: C878Wqxd68cdq4iLgHI1iDMnGCyh-T8Zko1va94babumFZE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209465628587/IdfPhw", "token": "N_1HD_JO3ue7VjPhodm7rxDHGcBpel0n-HoPkyfcMYk" } 2023-03-09 12:56:53,454:DEBUG:acme.client:Storing nonce: C878Wqxd68cdq4iLgHI1iDMnGCyh-T8Zko1va94babumFZE 2023-03-09 12:56:54,456:DEBUG:acme.client:JWS payload: b'' 2023-03-09 12:56:54,458:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209465628587: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM4NzhXcXhkNjhjZHE0aUxnSEkxaURNbkdDeWgtVDhaa28xdmE5NGJhYnVtRlpFIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk0NjU2Mjg1ODcifQ", "signature": "mwRABnli86TZdYgPZAT2saFR4uLx_W8cAnDIcS5Q7AO8fRVmfu78s2RG3nPvTHRIFxZsCGs2cR24F7WF7CZVgEtrkg26B0by9w02UhuSV-m8ZPlmGvoeyOtfuoJnmtNQf002oRZf5Y7Ib888Q2ZEXVlIWU8EF0wupRLDoAIGijXd6NfqQY3vdQpV3EDIyKt7YFHDeXCrMesUSRkQ4r0CdbUQ7MhzNNFQLyolz_Nafh3eLosVdA98YZkKTMup26c875M-r4U9jRnYiNSRF-6-vQzPeyiYp9iAoAGQb5qGdPs4FhCbz7BVztBrZYy0IuuzMfDMQG00WiCJaVfJYLUmWA", "payload": "" } 2023-03-09 12:56:54,503:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209465628587 HTTP/1.1" 200 1484 2023-03-09 12:56:54,504:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 12:56:54 GMT Content-Type: application/json Content-Length: 1484 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 15C95UQyydn4xdKRZhLza10U9BTyg0uLFNOoJPQ7kKGv_kI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "invalid", "expires": "2023-03-16T12:56:52Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/N_1HD_JO3ue7VjPhodm7rxDHGcBpel0n-HoPkyfcMYk: 404", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209465628587/IdfPhw", "token": "N_1HD_JO3ue7VjPhodm7rxDHGcBpel0n-HoPkyfcMYk", "validationRecord": [ { "url": "http://dagoth.xyz/.well-known/acme-challenge/N_1HD_JO3ue7VjPhodm7rxDHGcBpel0n-HoPkyfcMYk", "hostname": "dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" }, { "url": "https://dagoth.xyz/.well-known/acme-challenge/N_1HD_JO3ue7VjPhodm7rxDHGcBpel0n-HoPkyfcMYk", "hostname": "dagoth.xyz", "port": "443", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-09T12:56:53Z" } ] } 2023-03-09 12:56:54,504:DEBUG:acme.client:Storing nonce: 15C95UQyydn4xdKRZhLza10U9BTyg0uLFNOoJPQ7kKGv_kI 2023-03-09 12:56:54,505:WARNING:certbot._internal.auth_handler:Challenge failed for domain dagoth.xyz 2023-03-09 12:56:54,505:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-09 12:56:54,506:DEBUG:certbot._internal.reporter:Reporting to user: The following errors were reported by the server: Domain: dagoth.xyz Type: unauthorized Detail: 2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/N_1HD_JO3ue7VjPhodm7rxDHGcBpel0n-HoPkyfcMYk: 404 To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. 2023-03-09 12:56:54,507:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-09 12:56:54,507:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-09 12:56:54,508:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-09 12:56:55,790:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: Some challenges have failed. 2023-03-09 12:56:55,800:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-09 12:56:55,800:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-09 12:56:55,810:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 12:56:55,815:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 12:56:55,816:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert5.pem is signed by the certificate's issuer. 2023-03-09 12:56:55,817:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert5.pem is: OCSPCertStatus.GOOD 2023-03-09 12:56:55,818:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-09 12:56:55,819:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 12:56:55,819:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-09 12:56:55,819:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 12:56:55,820:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-09 12:56:55,820:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/metukim.xyz/fullchain.pem expires on 2023-06-07 (skipped) 2023-03-09 12:56:55,820:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-09 12:56:55,820:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) 2023-03-09 12:56:55,821:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 12:56:55,821:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 1 renew failure(s), 0 parse failure(s) 2023-03-09 12:56:55,822:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s) 2023-03-09 13:07:08,697:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-09 13:07:08,698:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-09 13:07:08,698:DEBUG:certbot._internal.main:Arguments: ['--dry-run'] 2023-03-09 13:07:08,699:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-09 13:07:08,719:DEBUG:certbot._internal.log:Root logging level set at 20 2023-03-09 13:07:08,736:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-09 13:07:08,738:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-09 13:07:08,748:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-09 13:07:08,748:DEBUG:certbot._internal.cli:Var dry_run=True (set by user). 2023-03-09 13:07:08,748:DEBUG:certbot._internal.cli:Var server={'dry_run', 'staging'} (set by user). 2023-03-09 13:07:08,748:DEBUG:certbot._internal.cli:Var dry_run=True (set by user). 2023-03-09 13:07:08,748:DEBUG:certbot._internal.cli:Var server={'dry_run', 'staging'} (set by user). 2023-03-09 13:07:08,748:DEBUG:certbot._internal.cli:Var account={'server'} (set by user). 2023-03-09 13:07:08,757:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 13:07:08,765:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 13:07:08,766:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-09 13:07:08,770:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-09 13:07:08,776:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-09 13:07:08,776:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-09 13:07:08,777:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 13:07:09,193:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 13:07:09,195:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 13:07:09,195:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-09 13:07:09,195:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-09 13:07:09,468:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory. 2023-03-09 13:07:09,470:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org:443 2023-03-09 13:07:09,683:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 830 2023-03-09 13:07:09,684:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:09 GMT Content-Type: application/json Content-Length: 830 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "PorX_qe2XeY": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org/docs/staging-environment/" }, "newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-staging-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-09 13:07:09,684:DEBUG:acme.client:Requesting fresh nonce 2023-03-09 13:07:09,685:DEBUG:acme.client:Sending HEAD request to https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-09 13:07:09,755:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-09 13:07:09,756:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:09 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A272mq6AMeglcbyhOgnZWhp338DXfwMuURID3vbD-U7ECQw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-09 13:07:09,756:DEBUG:acme.client:Storing nonce: A272mq6AMeglcbyhOgnZWhp338DXfwMuURID3vbD-U7ECQw 2023-03-09 13:07:09,756:DEBUG:acme.client:JWS payload: b'{\n "termsOfServiceAgreed": true,\n "contact": []\n}' 2023-03-09 13:07:09,759:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-acct: { "protected": "eyJhbGciOiAiUlMyNTYiLCAiandrIjogeyJuIjogIjUxMEJkN284NlNGbGF1ckRISllfdUdmUnN2SDZCZE92ZTNtM2VRUWxfTFFyZDZkMk5XSHQyZzh6QzRDUkdiby1pYnZZYmJPeEVRMnlhaXFoX0RrTHA2THJWR2NsX1pabFVNUnhZNjd0QXZTbGNmZHFDMmRQek5ldjg0NGc3MURtTWhmazhaaEV2b1F2ZjhxM181S1Z0d09EcDM1blQxSDlYdVB2VUtGdGhDUXZFQ1BXRzNidTFpOWUtVUNLcVJ3NkswY1lNTVhYMHdLUGlvYVFxVWZEeE9SSVhrVHppeFUtSU9LTTZKZVhyRlh4ZUZkYVVnQnEwWWNZaXNpWDdGQW9YSmpQZWcyb2UzX0ZRbWZkeUVwNUc1eEh1aGJSRWQ2Y0JQaG5RUk81T3Q0YV84N000aEtWVHdna0RuNFpfU3ozcXozZ3VfSF80UjcxdFFUMk8tTGJEdyIsICJlIjogIkFRQUIiLCAia3R5IjogIlJTQSJ9LCAibm9uY2UiOiAiQTI3Mm1xNkFNZWdsY2J5aE9nblpXaHAzMzhEWGZ3TXVVUklEM3ZiRC1VN0VDUXciLCAidXJsIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LWFjY3QifQ", "signature": "i4ry2TRN0IZoRuV74KZzhMi_tkrSxRiVxfv6wIPaHDB2IzkcyLIMkcYexNufa51tYrO1c0xV6HKkqHQDB1-lZSjqNAswWL5EyoBfuuZR-xzHiv3I8ixwy1AVXRWGDJ89fbIN3JRRPMyCAZYD0DuKDh95DcN4iVPtHAfEihkClkKDYqzH7z7Jjvm8NIhq3xKT__M0nfRDo5VXv17H_NkWJ4c6MzshfjayOFss-7vbF5NwKWZ-qdGaja9_jSfwyylKJKaj8f-v-KgNIct0Y7bss-8SBvvN1RllqbwVuHN7_M-N3NibiNsE78czS6YoYxSb8gOm9xjRHqQoGkwAO45Hww", "payload": "ewogICJ0ZXJtc09mU2VydmljZUFncmVlZCI6IHRydWUsCiAgImNvbnRhY3QiOiBbXQp9" } 2023-03-09 13:07:09,869:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-acct HTTP/1.1" 201 531 2023-03-09 13:07:09,869:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 09 Mar 2023 13:07:09 GMT Content-Type: application/json Content-Length: 531 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="terms-of-service" Location: https://acme-staging-v02.api.letsencrypt.org/acme/acct/92221854 Replay-Nonce: A272FObDMDhw4nDkb1ZlqMC6VmUYF9ROmpWo58g8Aq7VFZE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "key": { "kty": "RSA", "n": "510Bd7o86SFlaurDHJY_uGfRsvH6BdOve3m3eQQl_LQrd6d2NWHt2g8zC4CRGbo-ibvYbbOxEQ2yaiqh_DkLp6LrVGcl_ZZlUMRxY67tAvSlcfdqC2dPzNev844g71DmMhfk8ZhEvoQvf8q3_5KVtwODp35nT1H9XuPvUKFthCQvECPWG3bu1i9e-UCKqRw6K0cYMMXX0wKPioaQqUfDxORIXkTzixU-IOKM6JeXrFXxeFdaUgBq0YcYisiX7FAoXJjPeg2oe3_FQmfdyEp5G5xHuhbREd6cBPhnQRO5Ot4a_87M4hKVTwgkDn4Z_Sz3qz3gu_H_4R71tQT2O-LbDw", "e": "AQAB" }, "initialIp": "2001:19f0:5:5eac:5400:3ff:fef1:f13c", "createdAt": "2023-03-09T13:07:09.824706195Z", "status": "valid" } 2023-03-09 13:07:09,869:DEBUG:acme.client:Storing nonce: A272FObDMDhw4nDkb1ZlqMC6VmUYF9ROmpWo58g8Aq7VFZE 2023-03-09 13:07:09,871:DEBUG:certbot.display.util:Notifying user: Account registered. 2023-03-09 13:07:09,872:DEBUG:certbot._internal.main:Picked account: )>), contact=(), agreement=None, status='valid', terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-staging-v02.api.letsencrypt.org/acme/acct/92221854', new_authzr_uri=None, terms_of_service='https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf'), e95b577d068034dae86f20ee11240e69, Meta(creation_dt=datetime.datetime(2023, 3, 9, 13, 7, 9, tzinfo=), creation_host='vultr.guest', register_to_eff=None))> 2023-03-09 13:07:09,874:DEBUG:certbot.display.util:Notifying user: Simulating renewal of an existing certificate for dagoth.xyz 2023-03-09 13:07:09,946:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-09 13:07:09,947:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJBMjcyRk9iRE1EaHc0bkRrYjFabHFNQzZWbVVZRjlST21wV281OGc4QXE3VkZaRSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "nJf3aY_Q0LNV_2xOMOQOFmPzb5GY5Tb1t5KsGKz04eAdsaHugHIOWBPLYB3Oy8YW5zpY6y-_9kd6DpICDhBQV_xCTmejTTOht4n7yWJQM7kmQPBnSa-FqIo948SnJqJFoBdyXoUB1b2J6hVdN_W9PfH8N-qXgUZHLFXkDSgTP9tQ9DESeIxDrdR3SyjZ0wJ7lkUsufbVvm-D1ZAnqdaN4mLftFCZpHyQ0qpE_ZfscQ2uHNVPaobXJeJ2Yav2YXsoU-CPw0J4Db5n_eZWwlOYq7o2rj_KQKSGqpX_s5SMT6ANiP928zwvgSOIknl1B4e74PRn0oTA1pRWc6QtgCKu_g", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-09 13:07:10,052:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 346 2023-03-09 13:07:10,052:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 09 Mar 2023 13:07:10 GMT Content-Type: application/json Content-Length: 346 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/92221854/7641468454 Replay-Nonce: B37C1DTRRESaWnYf9eVoZt3BZJnnykIlOY8lPuHuh34hoUY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-16T13:07:10Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655909314" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7641468454" } 2023-03-09 13:07:10,053:DEBUG:acme.client:Storing nonce: B37C1DTRRESaWnYf9eVoZt3BZJnnykIlOY8lPuHuh34hoUY 2023-03-09 13:07:10,053:DEBUG:acme.client:JWS payload: b'' 2023-03-09 13:07:10,054:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655909314: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCMzdDMURUUlJFU2FXbllmOWVWb1p0M0JaSm5ueWtJbE9ZOGxQdUh1aDM0aG9VWSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjU1OTA5MzE0In0", "signature": "SPOetpdczwmZJR2SSQzulNGGwvpxrG2ij8VuUFFPzuR_HEVzaKJtjDDmcduOsCPGn3rqURT830XGFmgLeN8-cH-KUXaZVZEuOjyErMaA9Fhh1Lcw7M_spLSu-Isnn2wRrAoZPOiDAK-9YjWbuNUYZf1lZlB7WLZmMpr-46capsEpp0VFccFOlbfp-GY5Q3bA125O0clIzhNNycyBNHICJCKGSasCzsdGTi-uQyHCbfDMv8jCnwkrW12KfH0wP67ivBwHTQPEs_Qv1REMhXPcARGEqjLpKM5R7tdrb_b5eJdwgWHr1LkRoCAt7yFsKAhuQqDU3Ku9uUAEhpGkGOw_dA", "payload": "" } 2023-03-09 13:07:10,128:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5655909314 HTTP/1.1" 200 812 2023-03-09 13:07:10,129:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:10 GMT Content-Type: application/json Content-Length: 812 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A2723kBsY1EZRd3wSjv9McW0E88nVNr2WZmvSuBzfQobOlM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-16T13:07:10Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655909314/RxXiVw", "token": "fT5vxPsFVuocnrjvQTgRJm0EFvUnw5_9QjFuxWLgrDc" }, { "type": "dns-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655909314/LJkEOg", "token": "fT5vxPsFVuocnrjvQTgRJm0EFvUnw5_9QjFuxWLgrDc" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655909314/EVyVig", "token": "fT5vxPsFVuocnrjvQTgRJm0EFvUnw5_9QjFuxWLgrDc" } ] } 2023-03-09 13:07:10,129:DEBUG:acme.client:Storing nonce: A2723kBsY1EZRd3wSjv9McW0E88nVNr2WZmvSuBzfQobOlM 2023-03-09 13:07:10,130:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-09 13:07:10,131:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-09 13:07:10,149:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-09 13:07:10,150:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-09 13:07:10,150:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-09 13:07:10,151:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-09 13:07:10,151:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-09 13:07:10,151:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-09 13:07:10,151:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-09 13:07:10,152:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-09 13:07:10,152:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-09 13:07:10,152:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-09 13:07:10,152:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-09 13:07:10,152:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-09 13:07:10,153:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-09 13:07:10,153:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-09 13:07:10,153:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-09 13:07:10,153:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-09 13:07:10,154:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-09 13:07:10,154:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-09 13:07:10,154:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-09 13:07:10,154:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-09 13:07:10,154:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-09 13:07:10,155:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-09 13:07:10,155:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-09 13:07:10,155:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-09 13:07:10,155:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-09 13:07:10,156:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-09 13:07:10,156:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-09 13:07:10,156:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-09 13:07:10,156:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-09 13:07:10,156:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-09 13:07:10,157:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-09 13:07:10,157:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-09 13:07:10,157:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-09 13:07:10,157:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-09 13:07:10,158:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-09 13:07:10,158:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-09 13:07:10,159:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/fT5vxPsFVuocnrjvQTgRJm0EFvUnw5_9QjFuxWLgrDc{default_type text/plain;return 200 fT5vxPsFVuocnrjvQTgRJm0EFvUnw5_9QjFuxWLgrDc.rutHM0HPUvW9biKo3hmSituCng-hbrpi2dBppfbsoM4;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-09 13:07:11,226:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-03-09 13:07:11,228:DEBUG:acme.client:JWS payload: b'{}' 2023-03-09 13:07:11,230:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655909314/RxXiVw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJBMjcyM2tCc1kxRVpSZDN3U2p2OU1jVzBFODhuVk5yMldabXZTdUJ6ZlFvYk9sTSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My81NjU1OTA5MzE0L1J4WGlWdyJ9", "signature": "AHQCyRy2R6FAP0nGnUBb0-YU5mQaAEDAUPz-WKgl1SkOCYISqQeh5SbqlfNvlJMbIhXabER4EG0Y6SaPiH3bemu2rUKjB3xJVc0dVVm6n23ofpEwAjaLgPvsxAfolYhufKQh9k7IeTtgVZUb5_wKmh5NQiJTyaZ9tdGpHFvFHL1LhXvRZi38T_kHKATSJx8eDZU2YY876QoJON5RmYX3QcpejHw6tlxsdNUt6iT_U4DP8-V1jdt02-ql1bkRoIKj_S5kGoBJA6vIwbSWi_9mFdIiB9W-ExeBpNf5bcETxYSfGzitwWK72RvWIr_-DXB26w4fM2O4AfeY56D4OLNjRQ", "payload": "e30" } 2023-03-09 13:07:11,307:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/5655909314/RxXiVw HTTP/1.1" 200 193 2023-03-09 13:07:11,308:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:11 GMT Content-Type: application/json Content-Length: 193 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655909314/RxXiVw Replay-Nonce: B37CM6e39xe19Kgc8Uy-xzENjOTc6QaXUQDqYnawUqocKy0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655909314/RxXiVw", "token": "fT5vxPsFVuocnrjvQTgRJm0EFvUnw5_9QjFuxWLgrDc" } 2023-03-09 13:07:11,308:DEBUG:acme.client:Storing nonce: B37CM6e39xe19Kgc8Uy-xzENjOTc6QaXUQDqYnawUqocKy0 2023-03-09 13:07:12,310:DEBUG:acme.client:JWS payload: b'' 2023-03-09 13:07:12,312:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655909314: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCMzdDTTZlMzl4ZTE5S2djOFV5LXh6RU5qT1RjNlFhWFVRRHFZbmF3VXFvY0t5MCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjU1OTA5MzE0In0", "signature": "b70VVL2hjqv21PB6ZhMiOZqEvwS-YwWPfNoiLEr78T5jhx5lxFEeXidDlSEjqM-3PV5fd5O6KkcO691J2BXGSnEznM4QQgEO9w6nW1jDzJYmwATux9P5j86r8tCL7zKFyr7uJlaoLz6u7dWWm6TuusSaawS-LFeKCqj8Mj-bm4ig5hXu5mmYjso-nse7TtIkPSMTz1BvQi9WSV8r7vBObqzeIcXRx6WgYpggewEVFMHHUePcXm860kXottrfrzS3wm_-8qr8tJZasXqeH8u7UTqJ-xitC_Lps5B102NZ0vYIOFr7gODSQMcRdXe8JhyEBqHXDOIJSPZKeeHKMavuSw", "payload": "" } 2023-03-09 13:07:12,386:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5655909314 HTTP/1.1" 200 1490 2023-03-09 13:07:12,386:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:12 GMT Content-Type: application/json Content-Length: 1490 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: B37CrElpXXC8tE3kgNH5abjJsHPV3ixtwHS3uZzWPXn-eSk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "invalid", "expires": "2023-03-16T13:07:10Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/fT5vxPsFVuocnrjvQTgRJm0EFvUnw5_9QjFuxWLgrDc: 404", "status": 403 }, "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655909314/RxXiVw", "token": "fT5vxPsFVuocnrjvQTgRJm0EFvUnw5_9QjFuxWLgrDc", "validationRecord": [ { "url": "http://dagoth.xyz/.well-known/acme-challenge/fT5vxPsFVuocnrjvQTgRJm0EFvUnw5_9QjFuxWLgrDc", "hostname": "dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" }, { "url": "https://dagoth.xyz/.well-known/acme-challenge/fT5vxPsFVuocnrjvQTgRJm0EFvUnw5_9QjFuxWLgrDc", "hostname": "dagoth.xyz", "port": "443", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-09T13:07:11Z" } ] } 2023-03-09 13:07:12,387:DEBUG:acme.client:Storing nonce: B37CrElpXXC8tE3kgNH5abjJsHPV3ixtwHS3uZzWPXn-eSk 2023-03-09 13:07:12,387:WARNING:certbot._internal.auth_handler:Challenge failed for domain dagoth.xyz 2023-03-09 13:07:12,387:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-09 13:07:12,388:DEBUG:certbot._internal.reporter:Reporting to user: The following errors were reported by the server: Domain: dagoth.xyz Type: unauthorized Detail: 2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/fT5vxPsFVuocnrjvQTgRJm0EFvUnw5_9QjFuxWLgrDc: 404 To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. 2023-03-09 13:07:12,390:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-09 13:07:12,390:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-09 13:07:12,390:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-09 13:07:13,685:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: Some challenges have failed. 2023-03-09 13:07:13,691:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-09 13:07:13,691:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-09 13:07:13,693:DEBUG:certbot._internal.cli:Var dry_run=True (set by user). 2023-03-09 13:07:13,693:DEBUG:certbot._internal.cli:Var server={'dry_run', 'staging'} (set by user). 2023-03-09 13:07:13,693:DEBUG:certbot._internal.cli:Var dry_run=True (set by user). 2023-03-09 13:07:13,693:DEBUG:certbot._internal.cli:Var server={'dry_run', 'staging'} (set by user). 2023-03-09 13:07:13,693:DEBUG:certbot._internal.cli:Var account={'server'} (set by user). 2023-03-09 13:07:13,701:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 13:07:13,709:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 13:07:13,711:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-09 13:07:13,712:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-09 13:07:13,713:INFO:certbot._internal.renewal:Cert not due for renewal, but simulating renewal for dry run 2023-03-09 13:07:13,713:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 13:07:13,994:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 13:07:13,995:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 13:07:13,995:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-09 13:07:13,995:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-09 13:07:14,003:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-09 13:07:14,004:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory. 2023-03-09 13:07:14,005:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org:443 2023-03-09 13:07:14,215:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 830 2023-03-09 13:07:14,216:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:14 GMT Content-Type: application/json Content-Length: 830 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "NtTCHveyPxg": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org/docs/staging-environment/" }, "newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-staging-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-09 13:07:14,217:DEBUG:certbot.display.util:Notifying user: Simulating renewal of an existing certificate for mail.dagoth.xyz and www.mail.dagoth.xyz 2023-03-09 13:07:14,299:DEBUG:acme.client:Requesting fresh nonce 2023-03-09 13:07:14,300:DEBUG:acme.client:Sending HEAD request to https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-09 13:07:14,370:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-09 13:07:14,371:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:14 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: B37CFflCH18f6lrK380fZgyD46bDMNna6-lf2WOJGeOG2dY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-09 13:07:14,371:DEBUG:acme.client:Storing nonce: B37CFflCH18f6lrK380fZgyD46bDMNna6-lf2WOJGeOG2dY 2023-03-09 13:07:14,372:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "mail.dagoth.xyz"\n },\n {\n "type": "dns",\n "value": "www.mail.dagoth.xyz"\n }\n ]\n}' 2023-03-09 13:07:14,373:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCMzdDRmZsQ0gxOGY2bHJLMzgwZlpneUQ0NmJETU5uYTYtbGYyV09KR2VPRzJkWSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "HY-L3MPhrYaxh7lAFZ2-KgpHexEy8aHX6Nbzfe8n3zotblVWlpv0cO0zti9E5oGOg6SWDJ2vPCO164-Aiwb2IkxY-qKgD20pF1kF_qnQ-zrR7g5W2z0JqPZUV-fs9XG8xarNpkyowR2AaZzSqMfyhVa9r61DTS7kBdwEZ2gOJWfKPz-xNBcatzZIE2_C2U7SjUmm883vHMnlPBE1VE6w3Msa_6CoyD3DGYetP2O94PR94Cl6hPtyzLcMwLGXW-3xdSGTueHs0dorO7GDXuZYSHQfO9243hSLM7yBMkdHMWu_Hy_hQAMrLBG638eZs3RJ__UAmZWRIb1DMTsGytXwdg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm1haWwuZGFnb3RoLnh5eiIKICAgIH0sCiAgICB7CiAgICAgICJ0eXBlIjogImRucyIsCiAgICAgICJ2YWx1ZSI6ICJ3d3cubWFpbC5kYWdvdGgueHl6IgogICAgfQogIF0KfQ" } 2023-03-09 13:07:14,479:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 499 2023-03-09 13:07:14,480:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 09 Mar 2023 13:07:14 GMT Content-Type: application/json Content-Length: 499 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/92221854/7641469684 Replay-Nonce: A272FqJghwYR6rIJqgIwUGflaw8Dyt_eeEf01b0_pVYouvU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-16T13:07:14Z", "identifiers": [ { "type": "dns", "value": "mail.dagoth.xyz" }, { "type": "dns", "value": "www.mail.dagoth.xyz" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910044", "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910054" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7641469684" } 2023-03-09 13:07:14,481:DEBUG:acme.client:Storing nonce: A272FqJghwYR6rIJqgIwUGflaw8Dyt_eeEf01b0_pVYouvU 2023-03-09 13:07:14,481:DEBUG:acme.client:JWS payload: b'' 2023-03-09 13:07:14,483:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910044: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJBMjcyRnFKZ2h3WVI2cklKcWdJd1VHZmxhdzhEeXRfZWVFZjAxYjBfcFZZb3V2VSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjU1OTEwMDQ0In0", "signature": "41Sm8-KTQ79r-ztsAMREsyQFpD-4Z3VYIVMGMhWCGZK9sEcJq1fl8SHHxg2xInBMUelreJlq6X603kRp_YqHAurNotZeiuHbx9pi_1GdIR3ojul72Oh7Edi4NldrwML54ekm_Cy4WDmSKScLQwJnlOevYkBo0lrWDNFjmlFbQohVY_lnsz4Hkpv3aVYoFyKyGhKPzZslf489FCW3PdlmA1s5TCDabAPSL1LX42VDU5v2IVQPi1sDvTcrdxxiSPQIeEl91QCgZSKAfXCQiHsLuTwDTe3KYLcCtEB-zqltoI-DnP3rLwPbYN-rXQmPg15v4tV9rx7Fcb6vQ9j4o72eGA", "payload": "" } 2023-03-09 13:07:14,558:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5655910044 HTTP/1.1" 200 817 2023-03-09 13:07:14,558:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:14 GMT Content-Type: application/json Content-Length: 817 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: BEB9nnDrNj-BJ8BHhKB7LTaACdLpHcH1j0s-hQnrZilfZyk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "mail.dagoth.xyz" }, "status": "pending", "expires": "2023-03-16T13:07:14Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910044/-7Vdhw", "token": "BUyjLkLORkM49UaDS8U1u3cHuq73UaRsletJlu3wGAg" }, { "type": "dns-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910044/m0Zd4w", "token": "BUyjLkLORkM49UaDS8U1u3cHuq73UaRsletJlu3wGAg" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910044/93LVJA", "token": "BUyjLkLORkM49UaDS8U1u3cHuq73UaRsletJlu3wGAg" } ] } 2023-03-09 13:07:14,559:DEBUG:acme.client:Storing nonce: BEB9nnDrNj-BJ8BHhKB7LTaACdLpHcH1j0s-hQnrZilfZyk 2023-03-09 13:07:14,559:DEBUG:acme.client:JWS payload: b'' 2023-03-09 13:07:14,561:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910054: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCRUI5bm5Eck5qLUJKOEJIaEtCN0xUYUFDZExwSGNIMWowcy1oUW5yWmlsZlp5ayIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjU1OTEwMDU0In0", "signature": "WUwWW8HNW9AKu6cxPFBocsuq1qLcNM9vf4C0Ew8bqzYU7yEUVwAh46k9OHoNhd8GWspdQoOAryKmPQqQN2FRNYOY1e1_aFMi9GdbGQay7OBRvdbsHUo8OKeJe2xUfQKd3wOl6r13kCxkeEuAJylt5ED7GxX_tkCMIcuziWh-k0S-37XVN0VPhfHSN_G9COlLvzKw-rPZd8Tp1V91AqWG6SijBKFNgHDmLjiZOe4rbFuPA0g5eRWlNOmXrU-M8HFRBVuiUKUbA2Cpmj79jDCspduC55EM57PwsaqEZXj83kqLuK077k29AORai2OU98DpcNp1H_emcN47Sd07tTBoug", "payload": "" } 2023-03-09 13:07:14,633:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5655910054 HTTP/1.1" 200 821 2023-03-09 13:07:14,634:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:14 GMT Content-Type: application/json Content-Length: 821 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 8F05W82afKRGSOGmDERNAwS6anqtQxw8dB5JC1hXQAR3a1M X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.mail.dagoth.xyz" }, "status": "pending", "expires": "2023-03-16T13:07:14Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910054/R8JlCg", "token": "hHndj9vR3KUKB_hzcKu5XWTuAfwFktoV4UZqL_r1Uoo" }, { "type": "dns-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910054/GUf-Mw", "token": "hHndj9vR3KUKB_hzcKu5XWTuAfwFktoV4UZqL_r1Uoo" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910054/UKLJ1Q", "token": "hHndj9vR3KUKB_hzcKu5XWTuAfwFktoV4UZqL_r1Uoo" } ] } 2023-03-09 13:07:14,634:DEBUG:acme.client:Storing nonce: 8F05W82afKRGSOGmDERNAwS6anqtQxw8dB5JC1hXQAR3a1M 2023-03-09 13:07:14,635:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-09 13:07:14,635:INFO:certbot._internal.auth_handler:http-01 challenge for mail.dagoth.xyz 2023-03-09 13:07:14,635:INFO:certbot._internal.auth_handler:http-01 challenge for www.mail.dagoth.xyz 2023-03-09 13:07:14,697:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-09 13:07:14,698:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-09 13:07:14,698:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-09 13:07:14,698:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-09 13:07:14,699:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-09 13:07:14,699:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-09 13:07:14,699:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-09 13:07:14,699:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-09 13:07:14,699:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-09 13:07:14,700:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-09 13:07:14,700:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-09 13:07:14,700:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-09 13:07:14,700:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-09 13:07:14,700:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-09 13:07:14,701:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-09 13:07:14,701:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-09 13:07:14,701:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-09 13:07:14,701:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-09 13:07:14,701:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-09 13:07:14,702:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-09 13:07:14,702:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-09 13:07:14,702:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-09 13:07:14,702:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-09 13:07:14,702:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-09 13:07:14,703:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-09 13:07:14,703:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-09 13:07:14,703:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-09 13:07:14,703:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-09 13:07:14,703:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-09 13:07:14,704:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-09 13:07:14,704:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-09 13:07:14,704:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-09 13:07:14,704:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-09 13:07:14,704:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-09 13:07:14,705:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-09 13:07:14,705:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-09 13:07:14,706:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server { listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-09 13:07:14,707:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/mail: server { root /var/www/mail; index index.html index.htm index.nginx-debian.html; server_name mail.dagoth.xyz www.mail.dagoth.xyz; location / { try_files $uri $uri/ =404; } listen [::]:443 ssl; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/mail.dagoth.xyz/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.mail.dagoth.xyz) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = mail.dagoth.xyz) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name mail.dagoth.xyz www.mail.dagoth.xyz; return 404; # managed by Certbot location = /.well-known/acme-challenge/BUyjLkLORkM49UaDS8U1u3cHuq73UaRsletJlu3wGAg{default_type text/plain;return 200 BUyjLkLORkM49UaDS8U1u3cHuq73UaRsletJlu3wGAg.rutHM0HPUvW9biKo3hmSituCng-hbrpi2dBppfbsoM4;} # managed by Certbot location = /.well-known/acme-challenge/hHndj9vR3KUKB_hzcKu5XWTuAfwFktoV4UZqL_r1Uoo{default_type text/plain;return 200 hHndj9vR3KUKB_hzcKu5XWTuAfwFktoV4UZqL_r1Uoo.rutHM0HPUvW9biKo3hmSituCng-hbrpi2dBppfbsoM4;} # managed by Certbot } 2023-03-09 13:07:15,752:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-03-09 13:07:15,753:DEBUG:acme.client:JWS payload: b'{}' 2023-03-09 13:07:15,756:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910044/-7Vdhw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICI4RjA1VzgyYWZLUkdTT0dtREVSTkF3UzZhbnF0UXh3OGRCNUpDMWhYUUFSM2ExTSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My81NjU1OTEwMDQ0Ly03VmRodyJ9", "signature": "oaVhqKubGbeLHeOKR1aMSaeuEeGlnQSbfwXvPWdRLFC_fNKq6EXDJC8lXOuiEA5gsDv9EXN-lMJuKvk7I1C_JcSZ68ARQidE6t74zc4X9EFKno6WXxgQ2Qpkh0otsUwxNTLaHo2cNuGT8h0-vNT6Jb9h0M2qu8Qq0CpOHZR-jgq_7s-V9mzIAVL8P74UQQFzDqZYs6PLFQWXR_olHSlm5siNuGZ4NsMChsQMmRS3pShuyEbGTu4O8GCBL8zoNYI75y8NSK8hmkCvsdNOkBvzy9NSqGrbDrGC_w_qPzknlFY5ZhUwif5wmYUEBGLrd-WnJpQsIDcNenHkEgoiQ_jskQ", "payload": "e30" } 2023-03-09 13:07:15,833:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/5655910044/-7Vdhw HTTP/1.1" 200 193 2023-03-09 13:07:15,834:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:15 GMT Content-Type: application/json Content-Length: 193 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910044/-7Vdhw Replay-Nonce: BEB95FQSSNjrle6zbIWYIY-NMEWrLajYTP3GWVqegOa7X3I X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910044/-7Vdhw", "token": "BUyjLkLORkM49UaDS8U1u3cHuq73UaRsletJlu3wGAg" } 2023-03-09 13:07:15,834:DEBUG:acme.client:Storing nonce: BEB95FQSSNjrle6zbIWYIY-NMEWrLajYTP3GWVqegOa7X3I 2023-03-09 13:07:15,834:DEBUG:acme.client:JWS payload: b'{}' 2023-03-09 13:07:15,836:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910054/R8JlCg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCRUI5NUZRU1NOanJsZTZ6YklXWUlZLU5NRVdyTGFqWVRQM0dXVnFlZ09hN1gzSSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My81NjU1OTEwMDU0L1I4SmxDZyJ9", "signature": "EYAxpMzKcqI8tJ61s3VUcY45ZoMbHi528gTTWrZPmihPm8X6-WlT7xXDk47bzVEzbPp1yx303Kp82mnpZswiEFEg-nu6BGUOaEsGAU5twEgxp3-c-GnzE5IhJDgKYywNQOEozNEuGhi5xQCWCZtAzh-XeZF3CgiOl3V69B85SafMbUCx6HUJK0mVclSvwPcjJVCv7zfacCdacfvscl6gK0F5glcvrYdEhq0zcVgmCrDDfOxmeVo97J-lQYaPJglRBTI0DOT8yqt-ypVDmI9V1KL_s4h76K8TOcng0BwNdp8VmjeWzLNkC_wFYBMJDDwyoOLvP7AG6AptPzCvrnAJPA", "payload": "e30" } 2023-03-09 13:07:15,910:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/5655910054/R8JlCg HTTP/1.1" 200 193 2023-03-09 13:07:15,910:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:15 GMT Content-Type: application/json Content-Length: 193 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910054/R8JlCg Replay-Nonce: BEB9bKORYWiBWsOptPHCQkqgLIhoYozio71m0Foa8jhN-ws X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910054/R8JlCg", "token": "hHndj9vR3KUKB_hzcKu5XWTuAfwFktoV4UZqL_r1Uoo" } 2023-03-09 13:07:15,911:DEBUG:acme.client:Storing nonce: BEB9bKORYWiBWsOptPHCQkqgLIhoYozio71m0Foa8jhN-ws 2023-03-09 13:07:16,913:DEBUG:acme.client:JWS payload: b'' 2023-03-09 13:07:16,915:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910044: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCRUI5YktPUllXaUJXc09wdFBIQ1FrcWdMSWhvWW96aW83MW0wRm9hOGpoTi13cyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjU1OTEwMDQ0In0", "signature": "a7Xogs0RFlJOXEtmIqcrGM1tPxijmWKdr3xd5cFY2IN2vnOOD4G64xHe-yiGYFgk8-Do1KVBcaaaWZQw_K8IEuuNElG7baDTmNmwybVBtA0ahDzJVUPaj3JrAgP0V9FERKi2XX-KEalMN926KakpfCFlAn3VDIYKGanAJDgbV4C99WDA0ui11t6K9SMrWflBmQNKqxOhXIICOm-2rSPx1bjuqpMN_imlZ3pbBkbd_C__2ZQkE1F2E4iPm1W8HsOvktUi9x9QORHwslhS5c6meQ8x40B4CcB406Eowxxd9Ef8Y2EmKUv6Y3V64h4JRimp7TZFnCO-rmABq1iGlmAgPA", "payload": "" } 2023-03-09 13:07:16,987:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5655910044 HTTP/1.1" 200 839 2023-03-09 13:07:16,988:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:16 GMT Content-Type: application/json Content-Length: 839 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A272VrVobX0wuKj1bJDhlwao66LAjtyVda4-qoiiKg_4e18 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "mail.dagoth.xyz" }, "status": "valid", "expires": "2023-04-08T13:07:15Z", "challenges": [ { "type": "http-01", "status": "valid", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910044/-7Vdhw", "token": "BUyjLkLORkM49UaDS8U1u3cHuq73UaRsletJlu3wGAg", "validationRecord": [ { "url": "http://mail.dagoth.xyz/.well-known/acme-challenge/BUyjLkLORkM49UaDS8U1u3cHuq73UaRsletJlu3wGAg", "hostname": "mail.dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-09T13:07:15Z" } ] } 2023-03-09 13:07:16,988:DEBUG:acme.client:Storing nonce: A272VrVobX0wuKj1bJDhlwao66LAjtyVda4-qoiiKg_4e18 2023-03-09 13:07:16,989:DEBUG:acme.client:JWS payload: b'' 2023-03-09 13:07:16,991:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910054: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJBMjcyVnJWb2JYMHd1S2oxYkpEaGx3YW82NkxBanR5VmRhNC1xb2lpS2dfNGUxOCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjU1OTEwMDU0In0", "signature": "ZU48nffcd4GFhJy3hh3nQsECZpGga42eNAyTve6umJvkV5te6Sy-N26x5I6c4gbEvV3dNFPr1zZ-oZ9XLqB5R3mVnfl_kGK6nykUwnR4SPJjQqGS9tjGOQGJTzUmDUkiV8i416h3A5aMumLZt2hMXb2dyu3QtVbsVBw2qXZ-bI0w9B2yag-zxzijZcLEZBANNH0k6NIoh4eA9bMk5lvU24k491Dbkayy-6Azl7DC8H2ay27C02Z5fpdyFeSnk0EeRG3TT5cVnYzF3SIBEf8DknL90McgpgkDIxt9LHdL_QoBJXrK90HNZUM0UR2r6tJeLtysjm8NWztvdLn7f1Jxag", "payload": "" } 2023-03-09 13:07:17,066:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5655910054 HTTP/1.1" 200 851 2023-03-09 13:07:17,066:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:17 GMT Content-Type: application/json Content-Length: 851 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: B37CpQ0E6s26GMFPBT6cSDgeNPl-nxiQGRHZssErG_qA0k4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.mail.dagoth.xyz" }, "status": "valid", "expires": "2023-04-08T13:07:16Z", "challenges": [ { "type": "http-01", "status": "valid", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910054/R8JlCg", "token": "hHndj9vR3KUKB_hzcKu5XWTuAfwFktoV4UZqL_r1Uoo", "validationRecord": [ { "url": "http://www.mail.dagoth.xyz/.well-known/acme-challenge/hHndj9vR3KUKB_hzcKu5XWTuAfwFktoV4UZqL_r1Uoo", "hostname": "www.mail.dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-09T13:07:15Z" } ] } 2023-03-09 13:07:17,067:DEBUG:acme.client:Storing nonce: B37CpQ0E6s26GMFPBT6cSDgeNPl-nxiQGRHZssErG_qA0k4 2023-03-09 13:07:17,067:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-09 13:07:17,067:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-09 13:07:18,329:DEBUG:certbot._internal.client:CSR: CSR(file=None, data=b'-----BEGIN CERTIFICATE REQUEST-----\nMIIChzCCAW8CAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANKQ\ntlnQwcd8uw2mPJDhvEyZGYqax/dqguhQcTHJVt/ef9eQiCpjy1P0G2TXSQKZIxx1\nE9XqkAmgjCP/yiHb5vLIwCORGbTkqis94fflgT0UZJ7bDf8kVJukJ4ZAv4bG+Aaw\ntL5AB5u3delM4aEL30Fly/quBVZiEsTvwQX/JqXcsZzI1dzeLEEANTDaFEUONKjW\ncw/z/kVtX70CMh4xjuCZLU+aevtHVmUbD6QnMCyFG+Mi9IFWStuvyqG0X2ptURhk\noTAtvVjrRlPgc8PapSA2+9MSGpbqddl6+PNQg9WypFvb/U0WsFTEPTunDNHZnTgU\nCURwVWDrh4AsekUfwD8CAwEAAaBCMEAGCSqGSIb3DQEJDjEzMDEwLwYDVR0RBCgw\nJoIPbWFpbC5kYWdvdGgueHl6ghN3d3cubWFpbC5kYWdvdGgueHl6MA0GCSqGSIb3\nDQEBCwUAA4IBAQA3E7j14Mm/ylxj/fC0lxVKVA0WM8dFVDcvtAcjyaVa+rXlWsyz\nWoODtHHegQuEWFvhQgOj9iTWhzDxCNzjB78gInZ7haeRmMgKhota4NDwcZa15zcv\nSYgAfuWN5O+15qWPIK6hPW1Hef2VM5eJfkQnlRZ8kHpF5ToGq/EoB5u2A0LOGSff\nWdIYO36YPDa4zJ+AfHfLqZhP4dl+eoj/JclTPyhp0Xyu38NnOw79/GQx+mYqoDEE\nxr1qJTFEruA4h6/KJzVulCw/nrfoLEIoU4a1h5car1mX0nO+tbD82aZYR8You0b2\nCXRJ1IPG9AzFF7l48m5mv2rtRqpeTH+WzB9o\n-----END CERTIFICATE REQUEST-----\n', form='pem') 2023-03-09 13:07:18,332:DEBUG:acme.client:JWS payload: b'{\n "csr": "MIIChzCCAW8CAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANKQtlnQwcd8uw2mPJDhvEyZGYqax_dqguhQcTHJVt_ef9eQiCpjy1P0G2TXSQKZIxx1E9XqkAmgjCP_yiHb5vLIwCORGbTkqis94fflgT0UZJ7bDf8kVJukJ4ZAv4bG-AawtL5AB5u3delM4aEL30Fly_quBVZiEsTvwQX_JqXcsZzI1dzeLEEANTDaFEUONKjWcw_z_kVtX70CMh4xjuCZLU-aevtHVmUbD6QnMCyFG-Mi9IFWStuvyqG0X2ptURhkoTAtvVjrRlPgc8PapSA2-9MSGpbqddl6-PNQg9WypFvb_U0WsFTEPTunDNHZnTgUCURwVWDrh4AsekUfwD8CAwEAAaBCMEAGCSqGSIb3DQEJDjEzMDEwLwYDVR0RBCgwJoIPbWFpbC5kYWdvdGgueHl6ghN3d3cubWFpbC5kYWdvdGgueHl6MA0GCSqGSIb3DQEBCwUAA4IBAQA3E7j14Mm_ylxj_fC0lxVKVA0WM8dFVDcvtAcjyaVa-rXlWsyzWoODtHHegQuEWFvhQgOj9iTWhzDxCNzjB78gInZ7haeRmMgKhota4NDwcZa15zcvSYgAfuWN5O-15qWPIK6hPW1Hef2VM5eJfkQnlRZ8kHpF5ToGq_EoB5u2A0LOGSffWdIYO36YPDa4zJ-AfHfLqZhP4dl-eoj_JclTPyhp0Xyu38NnOw79_GQx-mYqoDEExr1qJTFEruA4h6_KJzVulCw_nrfoLEIoU4a1h5car1mX0nO-tbD82aZYR8You0b2CXRJ1IPG9AzFF7l48m5mv2rtRqpeTH-WzB9o"\n}' 2023-03-09 13:07:18,335:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7641469684: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCMzdDcFEwRTZzMjZHTUZQQlQ2Y1NEZ2VOUGwtbnhpUUdSSFpzc0VyR19xQTBrNCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9maW5hbGl6ZS85MjIyMTg1NC83NjQxNDY5Njg0In0", "signature": "jMrQbln078HiPrV8oR2jkLaTB6UJIILiSl9YpTVrPbrWvT1h--VrdbdkCeQ5aEMX2Yc2SwS6TeYJpStw0y98r9E7uK12QniwFgEOzk3Q54WQja36omGw9wv9RjrlePMWX4l3HqGTaQdXUOfq1BWuX5C7fHVSpujUx6lu4rBSNmJ6TRfvS1XQFzchK_zYoCWdMhon0vP738TGdGswH2nQsw706RGw8VEyZLC4DL5ifuoYE3JF0FUo1x7PBUjNtQPPVhZdPNXQfeqqk1AvZSfD8ioFUkbUzxMSzq8rKRO2ymCyTzbhIaVVEB19---D3F5dB9RmWH9G3iIYACmv5lNjsQ", "payload": "ewogICJjc3IiOiAiTUlJQ2h6Q0NBVzhDQVFJd0FEQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQU5LUXRsblF3Y2Q4dXcybVBKRGh2RXlaR1lxYXhfZHFndWhRY1RISlZ0X2VmOWVRaUNwankxUDBHMlRYU1FLWkl4eDFFOVhxa0FtZ2pDUF95aUhiNXZMSXdDT1JHYlRrcWlzOTRmZmxnVDBVWko3YkRmOGtWSnVrSjRaQXY0YkctQWF3dEw1QUI1dTNkZWxNNGFFTDMwRmx5X3F1QlZaaUVzVHZ3UVhfSnFYY3NaekkxZHplTEVFQU5URGFGRVVPTktqV2N3X3pfa1Z0WDcwQ01oNHhqdUNaTFUtYWV2dEhWbVViRDZRbk1DeUZHLU1pOUlGV1N0dXZ5cUcwWDJwdFVSaGtvVEF0dlZqclJsUGdjOFBhcFNBMi05TVNHcGJxZGRsNi1QTlFnOVd5cEZ2Yl9VMFdzRlRFUFR1bkROSFpuVGdVQ1VSd1ZXRHJoNEFzZWtVZndEOENBd0VBQWFCQ01FQUdDU3FHU0liM0RRRUpEakV6TURFd0x3WURWUjBSQkNnd0pvSVBiV0ZwYkM1a1lXZHZkR2d1ZUhsNmdoTjNkM2N1YldGcGJDNWtZV2R2ZEdndWVIbDZNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUEzRTdqMTRNbV95bHhqX2ZDMGx4VktWQTBXTThkRlZEY3Z0QWNqeWFWYS1yWGxXc3l6V29PRHRISGVnUXVFV0Z2aFFnT2o5aVRXaHpEeENOempCNzhnSW5aN2hhZVJtTWdLaG90YTRORHdjWmExNXpjdlNZZ0FmdVdONU8tMTVxV1BJSzZoUFcxSGVmMlZNNWVKZmtRbmxSWjhrSHBGNVRvR3FfRW9CNXUyQTBMT0dTZmZXZElZTzM2WVBEYTR6Si1BZkhmTHFaaFA0ZGwtZW9qX0pjbFRQeWhwMFh5dTM4Tm5Pdzc5X0dReC1tWXFvREVFeHIxcUpURkVydUE0aDZfS0p6VnVsQ3dfbnJmb0xFSW9VNGExaDVjYXIxbVgwbk8tdGJEODJhWllSOFlvdTBiMkNYUkoxSVBHOUF6RkY3bDQ4bTVtdjJydFJxcGVUSC1XekI5byIKfQ" } 2023-03-09 13:07:18,548:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/finalize/92221854/7641469684 HTTP/1.1" 200 609 2023-03-09 13:07:18,549:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:18 GMT Content-Type: application/json Content-Length: 609 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/92221854/7641469684 Replay-Nonce: 8F05tibCmURo-x41yjON0F_lvl6riI1VV55BX2EvY50y50c X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "valid", "expires": "2023-03-16T13:07:14Z", "identifiers": [ { "type": "dns", "value": "mail.dagoth.xyz" }, { "type": "dns", "value": "www.mail.dagoth.xyz" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910044", "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910054" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7641469684", "certificate": "https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa5d7eddc33ef58efd8ff45f13975028ba01" } 2023-03-09 13:07:18,549:DEBUG:acme.client:Storing nonce: 8F05tibCmURo-x41yjON0F_lvl6riI1VV55BX2EvY50y50c 2023-03-09 13:07:19,551:DEBUG:acme.client:JWS payload: b'' 2023-03-09 13:07:19,553:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/order/92221854/7641469684: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICI4RjA1dGliQ21VUm8teDQxeWpPTjBGX2x2bDZyaUkxVlY1NUJYMkV2WTUweTUwYyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9vcmRlci85MjIyMTg1NC83NjQxNDY5Njg0In0", "signature": "FlcQrhBCGUecifdmocOT0FD35YSM8HJEzCw0RXCG0Qxd3EO7ET5X-Qf_Zpf-PkRwkmxarB38kDD7fsUFn6EzkxnZXjXz0pud63oy6FS3kPmkK2Bo2y3K7grjPL7BY0Yfv_4UupOfho2tsjafYvEOjBsPAMpwhvE9BXe2LIJKC5_tC-LJD9_0HxbbXu7QjkQ8g3C49qPadQ0uDBbfyztK7itIiRwoFqgqy_72LnscGc2jUqAAnkf209HwyZyAnbckTBhW0ZTN9h394jt5Pi_fevYx_Fd1-bYWSrTOEZMDhhU7Uc2K_Dx90xV3GeffqVTce1UY79aqReYP-LK0t0FdUQ", "payload": "" } 2023-03-09 13:07:19,629:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/order/92221854/7641469684 HTTP/1.1" 200 609 2023-03-09 13:07:19,630:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:19 GMT Content-Type: application/json Content-Length: 609 Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: B37CAVKzGbRmVU6GZy_fGgeL1tr62dz0th6mNnLfU8hL6Sk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "valid", "expires": "2023-03-16T13:07:14Z", "identifiers": [ { "type": "dns", "value": "mail.dagoth.xyz" }, { "type": "dns", "value": "www.mail.dagoth.xyz" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910044", "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910054" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7641469684", "certificate": "https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa5d7eddc33ef58efd8ff45f13975028ba01" } 2023-03-09 13:07:19,630:DEBUG:acme.client:Storing nonce: B37CAVKzGbRmVU6GZy_fGgeL1tr62dz0th6mNnLfU8hL6Sk 2023-03-09 13:07:19,631:DEBUG:acme.client:JWS payload: b'' 2023-03-09 13:07:19,634:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa5d7eddc33ef58efd8ff45f13975028ba01: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCMzdDQVZLekdiUm1WVTZHWnlfZkdnZUwxdHI2MmR6MHRoNm1ObkxmVThoTDZTayIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jZXJ0L2ZhNWQ3ZWRkYzMzZWY1OGVmZDhmZjQ1ZjEzOTc1MDI4YmEwMSJ9", "signature": "LxlkcCe_NV6KCLhmWBbzD2bA6aXK8xgZ2u7dxp5M7x69zJhoRJiBYCPjcH_uJ4Zi7G1Exmfr35FVRhAwkdbFqe78j9Kq_LYUjU_1fhC4hTlQFZ-5NNkVaB04bGUB2CNQU034cPZkKzjl-80kGv1TBRIpj4-HXcujS1RgEpHc4aLdynSpfEV5HAjpL3ZiWRV5y5pbg_47vMvIarJbDYH8lVxmoK__InqaTTFVKJIu0dx-IOjbz-vePeVAJjM_aKzn3ROT4IG-TSjlBUx6hheNe7Sw_SQKFxDD2IxlGPgvO0XdmdfZfmadxXmVNFrzh5-sOMkH9AG88UVg-gB2cc9j3A", "payload": "" } 2023-03-09 13:07:19,710:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/cert/fa5d7eddc33ef58efd8ff45f13975028ba01 HTTP/1.1" 200 5767 2023-03-09 13:07:19,711:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:19 GMT Content-Type: application/pem-certificate-chain Content-Length: 5767 Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="alternate" Replay-Nonce: 8F05FKLtQOSfhoZE8r61hHbgQTfHZH877HIc-mw9ytngZ-Y X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 -----BEGIN CERTIFICATE----- MIIFazCCBFOgAwIBAgITAPpdft3DPvWO/Y/0XxOXUCi6ATANBgkqhkiG9w0BAQsF ADBZMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXKFNUQUdJTkcpIExldCdzIEVuY3J5 cHQxKDAmBgNVBAMTHyhTVEFHSU5HKSBBcnRpZmljaWFsIEFwcmljb3QgUjMwHhcN MjMwMzA5MTIwNzE4WhcNMjMwNjA3MTIwNzE3WjAaMRgwFgYDVQQDEw9tYWlsLmRh Z290aC54eXowggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSkLZZ0MHH fLsNpjyQ4bxMmRmKmsf3aoLoUHExyVbf3n/XkIgqY8tT9Btk10kCmSMcdRPV6pAJ oIwj/8oh2+byyMAjkRm05KorPeH35YE9FGSe2w3/JFSbpCeGQL+GxvgGsLS+QAeb t3XpTOGhC99BZcv6rgVWYhLE78EF/yal3LGcyNXc3ixBADUw2hRFDjSo1nMP8/5F bV+9AjIeMY7gmS1Pmnr7R1ZlGw+kJzAshRvjIvSBVkrbr8qhtF9qbVEYZKEwLb1Y 60ZT4HPD2qUgNvvTEhqW6nXZevjzUIPVsqRb2/1NFrBUxD07pwzR2Z04FAlEcFVg 64eALHpFH8A/AgMBAAGjggJpMIICZTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFM/4 0gMRTgmqxk6SjWR+BFGA4/ulMB8GA1UdIwQYMBaAFN5yekjfMcOmUN+fhSPfVzdL XS5lMF0GCCsGAQUFBwEBBFEwTzAlBggrBgEFBQcwAYYZaHR0cDovL3N0Zy1yMy5v LmxlbmNyLm9yZzAmBggrBgEFBQcwAoYaaHR0cDovL3N0Zy1yMy5pLmxlbmNyLm9y Zy8wLwYDVR0RBCgwJoIPbWFpbC5kYWdvdGgueHl6ghN3d3cubWFpbC5kYWdvdGgu eHl6MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYB BQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBgYKKwYBBAHWeQIE AgSB9wSB9ADyAHcAFuhpwdGV6tfD+Jca4/B2AfeM4badMahSGLaDfzGoFQgAAAGG xnupGgAABAMASDBGAiEAq523mjkW1Y7n0f8sj5Ijxta36NuAHVFbvOhozL8RFTgC IQDw+LNtcpAmfcBIN7del/ZqCa1ZMa0cbOnNIZn0R437JAB3AMGDJAvxpFDHb7sA cmncrDviKkgF1NvgSWbDyKvER7AMAAABhsZ7qSMAAAQDAEgwRgIhAMVQ8QyNtAif IYDqZnVbE72IRPVt4WmKB2jPqSuxtMqCAiEAmz+YtAZ53lWXTbq0fZti2ipcFxDX GgVpFV61kFH1JScwDQYJKoZIhvcNAQELBQADggEBALazW2swSWnglhW0dl118mqU GwKMWNzwoPrt+8HbIxCaabUuwaHM7t74aJYLeF1+Z/wJwtBdJDV/hmd+c64xqFHu G3tvXbHchmeajkN1vSpfaai4Uj4j+BX+a1IsC6MBYvfVrcJaZdrpQiog6NTTo1TW ixVBvMl4LmpPDLAb+HJMWPzFqbBZn+DStr/aKWCrY4UBCHZ2Ney8XDtkwqLy1E8J pzzepzy8rJlKy9BZZMoh0GVh1emgX0USG+FVGcjPiXD/tZqRdok1PZwRR9sKjtN+ SwtYx8CX0DrfaJgLT+LWmxWD5xz7BwE/M97uDTGjzkv4mFawMEyagsieGk0YcHs= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFWzCCA0OgAwIBAgIQTfQrldHumzpMLrM7jRBd1jANBgkqhkiG9w0BAQsFADBm MQswCQYDVQQGEwJVUzEzMDEGA1UEChMqKFNUQUdJTkcpIEludGVybmV0IFNlY3Vy aXR5IFJlc2VhcmNoIEdyb3VwMSIwIAYDVQQDExkoU1RBR0lORykgUHJldGVuZCBQ ZWFyIFgxMB4XDTIwMDkwNDAwMDAwMFoXDTI1MDkxNTE2MDAwMFowWTELMAkGA1UE BhMCVVMxIDAeBgNVBAoTFyhTVEFHSU5HKSBMZXQncyBFbmNyeXB0MSgwJgYDVQQD Ex8oU1RBR0lORykgQXJ0aWZpY2lhbCBBcHJpY290IFIzMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAu6TR8+74b46mOE1FUwBrvxzEYLck3iasmKrcQkb+ gy/z9Jy7QNIAl0B9pVKp4YU76JwxF5DOZZhi7vK7SbCkK6FbHlyU5BiDYIxbbfvO L/jVGqdsSjNaJQTg3C3XrJja/HA4WCFEMVoT2wDZm8ABC1N+IQe7Q6FEqc8NwmTS nmmRQm4TQvr06DP+zgFK/MNubxWWDSbSKKTH5im5j2fZfg+j/tM1bGaczFWw8/lS nukyn5J2L+NJYnclzkXoh9nMFnyPmVbfyDPOc4Y25aTzVoeBKXa/cZ5MM+WddjdL biWvm19f1sYn1aRaAIrkppv7kkn83vcth8XCG39qC2ZvaQIDAQABo4IBEDCCAQww DgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAS BgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBTecnpI3zHDplDfn4Uj31c3S10u ZTAfBgNVHSMEGDAWgBS182Xy/rAKkh/7PH3zRKCsYyXDFDA2BggrBgEFBQcBAQQq MCgwJgYIKwYBBQUHMAKGGmh0dHA6Ly9zdGcteDEuaS5sZW5jci5vcmcvMCsGA1Ud HwQkMCIwIKAeoByGGmh0dHA6Ly9zdGcteDEuYy5sZW5jci5vcmcvMCIGA1UdIAQb MBkwCAYGZ4EMAQIBMA0GCysGAQQBgt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCN DLam9yN0EFxxn/3p+ruWO6n/9goCAM5PT6cC6fkjMs4uas6UGXJjr5j7PoTQf3C1 vuxiIGRJC6qxV7yc6U0X+w0Mj85sHI5DnQVWN5+D1er7mp13JJA0xbAbHa3Rlczn y2Q82XKui8WHuWra0gb2KLpfboYj1Ghgkhr3gau83pC/WQ8HfkwcvSwhIYqTqxoZ Uq8HIf3M82qS9aKOZE0CEmSyR1zZqQxJUT7emOUapkUN9poJ9zGc+FgRZvdro0XB yphWXDaqMYph0DxW/10ig5j4xmmNDjCRmqIKsKoWA52wBTKKXK1na2ty/lW5dhtA xkz5rVZFd4sgS4J0O+zm6d5GRkWsNJ4knotGXl8vtS3X40KXeb3A5+/3p0qaD215 Xq8oSNORfB2oI1kQuyEAJ5xvPTdfwRlyRG3lFYodrRg6poUBD/8fNTXMtzydpRgy zUQZh/18F6B/iW6cbiRN9r2Hkh05Om+q0/6w0DdZe+8YrNpfhSObr/1eVZbKGMIY qKmyZbBNu5ysENIK5MPc14mUeKmFjpN840VR5zunoU52lqpLDua/qIM8idk86xGW xx2ml43DO/Ya/tVZVok0mO0TUjzJIfPqyvr455IsIut4RlCR9Iq0EDTve2/ZwCuG hSjpTUFGSiQrR2JK2Evp+o6AETUkBCO1aw0PpQBPDQ== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFVDCCBDygAwIBAgIRAO1dW8lt+99NPs1qSY3Rs8cwDQYJKoZIhvcNAQELBQAw cTELMAkGA1UEBhMCVVMxMzAxBgNVBAoTKihTVEFHSU5HKSBJbnRlcm5ldCBTZWN1 cml0eSBSZXNlYXJjaCBHcm91cDEtMCsGA1UEAxMkKFNUQUdJTkcpIERvY3RvcmVk IER1cmlhbiBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQw M1owZjELMAkGA1UEBhMCVVMxMzAxBgNVBAoTKihTVEFHSU5HKSBJbnRlcm5ldCBT ZWN1cml0eSBSZXNlYXJjaCBHcm91cDEiMCAGA1UEAxMZKFNUQUdJTkcpIFByZXRl bmQgUGVhciBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALbagEdD Ta1QgGBWSYkyMhscZXENOBaVRTMX1hceJENgsL0Ma49D3MilI4KS38mtkmdF6cPW nL++fgehT0FbRHZgjOEr8UAN4jH6omjrbTD++VZneTsMVaGamQmDdFl5g1gYaigk kmx8OiCO68a4QXg4wSyn6iDipKP8utsE+x1E28SA75HOYqpdrk4HGxuULvlr03wZ GTIf/oRt2/c+dYmDoaJhge+GOrLAEQByO7+8+vzOwpNAPEx6LW+crEEZ7eBXih6V P19sTGy3yfqK5tPtTdXXCOQMKAp+gCj/VByhmIr+0iNDC540gtvV303WpcbwnkkL YC0Ft2cYUyHtkstOfRcRO+K2cZozoSwVPyB8/J9RpcRK3jgnX9lujfwA/pAbP0J2 UPQFxmWFRQnFjaq6rkqbNEBgLy+kFL1NEsRbvFbKrRi5bYy2lNms2NJPZvdNQbT/ 2dBZKmJqxHkxCuOQFjhJQNeO+Njm1Z1iATS/3rts2yZlqXKsxQUzN6vNbD8KnXRM EeOXUYvbV4lqfCf8mS14WEbSiMy87GB5S9ucSV1XUrlTG5UGcMSZOBcEUpisRPEm QWUOTWIoDQ5FOia/GI+Ki523r2ruEmbmG37EBSBXdxIdndqrjy+QVAmCebyDx9eV EGOIpn26bW5LKerumJxa/CFBaKi4bRvmdJRLAgMBAAGjgfEwge4wDgYDVR0PAQH/ BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLXzZfL+sAqSH/s8ffNE oKxjJcMUMB8GA1UdIwQYMBaAFAhX2onHolN5DE/d4JCPdLriJ3NEMDgGCCsGAQUF BwEBBCwwKjAoBggrBgEFBQcwAoYcaHR0cDovL3N0Zy1kc3QzLmkubGVuY3Iub3Jn LzAtBgNVHR8EJjAkMCKgIKAehhxodHRwOi8vc3RnLWRzdDMuYy5sZW5jci5vcmcv MCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQBgt8TAQEBMA0GCSqGSIb3DQEB CwUAA4IBAQB7tR8B0eIQSS6MhP5kuvGth+dN02DsIhr0yJtk2ehIcPIqSxRRmHGl 4u2c3QlvEpeRDp2w7eQdRTlI/WnNhY4JOofpMf2zwABgBWtAu0VooQcZZTpQruig F/z6xYkBk3UHkjeqxzMN3d1EqGusxJoqgdTouZ5X5QTTIee9nQ3LEhWnRSXDx7Y0 ttR1BGfcdqHopO4IBqAhbkKRjF5zj7OD8cG35omywUbZtOJnftiI0nFcRaxbXo0v oDfLD0S6+AC2R3tKpqjkNX6/91hrRFglUakyMcZU/xleqbv6+Lr3YD8PsBTub6lI oZ2lS38fL18Aon458fbc0BPHtenfhKj5 -----END CERTIFICATE----- 2023-03-09 13:07:19,711:DEBUG:acme.client:Storing nonce: 8F05FKLtQOSfhoZE8r61hHbgQTfHZH877HIc-mw9ytngZ-Y 2023-03-09 13:07:19,713:DEBUG:certbot._internal.renewal:Dry run: skipping updating lineage at /etc/letsencrypt/live/mail.dagoth.xyz 2023-03-09 13:07:19,713:DEBUG:certbot._internal.updater:Skipping renewal deployer in dry-run mode. 2023-03-09 13:07:20,761:DEBUG:certbot.display.util:Notifying user: new certificate deployed with reload of nginx server; fullchain is /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem 2023-03-09 13:07:20,761:DEBUG:certbot._internal.updater:Skipping updaters in dry-run mode. 2023-03-09 13:07:20,761:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-09 13:07:20,764:DEBUG:certbot._internal.cli:Var dry_run=True (set by user). 2023-03-09 13:07:20,764:DEBUG:certbot._internal.cli:Var server={'dry_run', 'staging'} (set by user). 2023-03-09 13:07:20,764:DEBUG:certbot._internal.cli:Var dry_run=True (set by user). 2023-03-09 13:07:20,764:DEBUG:certbot._internal.cli:Var server={'dry_run', 'staging'} (set by user). 2023-03-09 13:07:20,764:DEBUG:certbot._internal.cli:Var account={'server'} (set by user). 2023-03-09 13:07:20,771:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 13:07:20,776:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 13:07:20,778:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert5.pem is signed by the certificate's issuer. 2023-03-09 13:07:20,779:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert5.pem is: OCSPCertStatus.GOOD 2023-03-09 13:07:20,780:INFO:certbot._internal.renewal:Cert not due for renewal, but simulating renewal for dry run 2023-03-09 13:07:20,781:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 13:07:21,068:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 13:07:21,068:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 13:07:21,069:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-09 13:07:21,069:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-09 13:07:21,076:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-09 13:07:21,077:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory. 2023-03-09 13:07:21,079:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org:443 2023-03-09 13:07:21,289:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 830 2023-03-09 13:07:21,290:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:21 GMT Content-Type: application/json Content-Length: 830 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "2XrFf1Gig_A": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org/docs/staging-environment/" }, "newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-staging-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-09 13:07:21,292:DEBUG:certbot.display.util:Notifying user: Simulating renewal of an existing certificate for metukim.xyz 2023-03-09 13:07:21,426:DEBUG:acme.client:Requesting fresh nonce 2023-03-09 13:07:21,426:DEBUG:acme.client:Sending HEAD request to https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-09 13:07:21,497:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-09 13:07:21,497:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:21 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 8F05EYVNNEifKCkI98Cao2Gu3gaXfQmwW_lBSPY5p_43nAk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-09 13:07:21,498:DEBUG:acme.client:Storing nonce: 8F05EYVNNEifKCkI98Cao2Gu3gaXfQmwW_lBSPY5p_43nAk 2023-03-09 13:07:21,498:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "metukim.xyz"\n }\n ]\n}' 2023-03-09 13:07:21,500:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICI4RjA1RVlWTk5FaWZLQ2tJOThDYW8yR3UzZ2FYZlFtd1dfbEJTUFk1cF80M25BayIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "2XhpxRtqRvVTjAFz4CH3SOTG71Sthq_5zxJ28hecLvEDlp9Auo9BQBF4693aFH7UMOwX8NveEFqPhoL8pVtfWUGUj939BrN76uh0uqKHwEJuLSHBqzFTVQudrgs4sUGLjvLPnNUBbTK0a4w6s8CtMak8o7X6Uwh2-zQKLkzksBT6Ic-vpJth82rqrLI5aCAgrMjYdwnwBnfQ2Vn8TxO1OwBUkKS1B3h8H6_RN15AuCdHXbIvkh1yKn5L0Oha3fpmfUx8IQwguxpxzb2ijZvp1IC1ZjM1D5g2OCLYjPNO5cilgtSaV8n3IbM88z8FhN2E48VwXGCO1yoynqggOTRnog", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm1ldHVraW0ueHl6IgogICAgfQogIF0KfQ" } 2023-03-09 13:07:21,602:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 347 2023-03-09 13:07:21,603:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 09 Mar 2023 13:07:21 GMT Content-Type: application/json Content-Length: 347 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/92221854/7641470824 Replay-Nonce: 8F056jXD99qi2VmT2o_LiI406_M6Trt5vZHRC5AdJx6aySo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-16T13:07:21Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910834" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7641470824" } 2023-03-09 13:07:21,603:DEBUG:acme.client:Storing nonce: 8F056jXD99qi2VmT2o_LiI406_M6Trt5vZHRC5AdJx6aySo 2023-03-09 13:07:21,603:DEBUG:acme.client:JWS payload: b'' 2023-03-09 13:07:21,605:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910834: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICI4RjA1NmpYRDk5cWkyVm1UMm9fTGlJNDA2X002VHJ0NXZaSFJDNUFkSng2YXlTbyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjU1OTEwODM0In0", "signature": "KSsFZsiE_Djj0b8xaDmENI9Qb0Q1g194FA-d5WD6yPfnqs6r-lT3Zg1jIXhPMYzLNfXd5rBe1ae8PpNZHOWdYqngRRDO3ph2IGD6cT6A6KKBQZqrbi9w5RKmJI9sbW_heOsOEQkCp-zeI0I6Rh986CbIIs99YCPMdQjscfw6weFgy4sa7h5O5YYk-wH9d2FPimZpFSOA3xQQM2ndlEJ8y_58PBt_Pbiwuj2-hDXkCwSEsbqIcdcn30ayJRdoE4v3amMPN1W5bSWYCUCM_iSDGdkeX4AqPUHbvTIP_GuUZdtcjkTr3wUjopLCHR3xWKTS0PocdP_si-y48wwq2PrEHQ", "payload": "" } 2023-03-09 13:07:21,679:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5655910834 HTTP/1.1" 200 813 2023-03-09 13:07:21,680:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:21 GMT Content-Type: application/json Content-Length: 813 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 8F05E_gMhg05nerVOccdAzwILOQxEVfMrW039H5biUfA3GY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "metukim.xyz" }, "status": "pending", "expires": "2023-03-16T13:07:21Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910834/bHtfYw", "token": "Aw1GRyGNAEryl_-76yMAXX_ZbSh1fgWDowcw84lgUgw" }, { "type": "dns-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910834/adcErg", "token": "Aw1GRyGNAEryl_-76yMAXX_ZbSh1fgWDowcw84lgUgw" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910834/n08HSw", "token": "Aw1GRyGNAEryl_-76yMAXX_ZbSh1fgWDowcw84lgUgw" } ] } 2023-03-09 13:07:21,680:DEBUG:acme.client:Storing nonce: 8F05E_gMhg05nerVOccdAzwILOQxEVfMrW039H5biUfA3GY 2023-03-09 13:07:21,680:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-09 13:07:21,681:INFO:certbot._internal.auth_handler:http-01 challenge for metukim.xyz 2023-03-09 13:07:21,698:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-09 13:07:21,699:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-09 13:07:21,699:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-09 13:07:21,699:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-09 13:07:21,700:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-09 13:07:21,700:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-09 13:07:21,700:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-09 13:07:21,700:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-09 13:07:21,700:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-09 13:07:21,701:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-09 13:07:21,701:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-09 13:07:21,701:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-09 13:07:21,701:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-09 13:07:21,701:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-09 13:07:21,702:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-09 13:07:21,702:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-09 13:07:21,702:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-09 13:07:21,702:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-09 13:07:21,703:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-09 13:07:21,703:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-09 13:07:21,703:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-09 13:07:21,704:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-09 13:07:21,704:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-09 13:07:21,704:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-09 13:07:21,704:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-09 13:07:21,704:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-09 13:07:21,705:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-09 13:07:21,705:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-09 13:07:21,705:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-09 13:07:21,705:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-09 13:07:21,705:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-09 13:07:21,706:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-09 13:07:21,706:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-09 13:07:21,706:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-09 13:07:21,706:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-09 13:07:21,707:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-09 13:07:21,708:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server { listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-09 13:07:21,709:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/metukim: server { server_name metukim.xyz ; root /var/www/metukim ; index index.html index.htm index.nginx-debian.html ; location / { try_files $uri $uri/ =404 ; } listen [::]:443 ssl; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/metukim.xyz/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/metukim.xyz/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = metukim.xyz) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name metukim.xyz ; return 404; # managed by Certbot location = /.well-known/acme-challenge/Aw1GRyGNAEryl_-76yMAXX_ZbSh1fgWDowcw84lgUgw{default_type text/plain;return 200 Aw1GRyGNAEryl_-76yMAXX_ZbSh1fgWDowcw84lgUgw.rutHM0HPUvW9biKo3hmSituCng-hbrpi2dBppfbsoM4;} # managed by Certbot } 2023-03-09 13:07:22,757:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-03-09 13:07:22,758:DEBUG:acme.client:JWS payload: b'{}' 2023-03-09 13:07:22,761:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910834/bHtfYw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICI4RjA1RV9nTWhnMDVuZXJWT2NjZEF6d0lMT1F4RVZmTXJXMDM5SDViaVVmQTNHWSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My81NjU1OTEwODM0L2JIdGZZdyJ9", "signature": "2rn5DGqRHX1PgasNFENZXSh_MYwyAGGEbfVUUlKYM_4_iv3Di-h9uIeLWyF8hYcSpjtacEWeThegCXsKZhXybA4XocatnYctgtl98XsdazYXgSv_JJb21pKBZCShBE30aZTQ0ISy0XeoVnJamYKCt0bebyvJ3xVHZ5YZXs0z5Vx92LogpHsUYr_elshgTzzjN0GAHjxlZqrsy8MjkQ8Z_eS7ML-OeD_2P0OveMwDV41G769V-KHrOQqeGsbcHl0xmu1oS4h9crX_KfqsQUDZUfnoYNSWtm3RHvy9y3E2FfoQ7OrUWqQbIZcOI5hhvDeCBznl0yjVMZrXyvtvgAHCkQ", "payload": "e30" } 2023-03-09 13:07:22,837:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/5655910834/bHtfYw HTTP/1.1" 200 193 2023-03-09 13:07:22,838:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:22 GMT Content-Type: application/json Content-Length: 193 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910834/bHtfYw Replay-Nonce: 8F05h_tEcAWm54eJ101-sBtL40VedgK2pL1jWymU6JzgMGE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910834/bHtfYw", "token": "Aw1GRyGNAEryl_-76yMAXX_ZbSh1fgWDowcw84lgUgw" } 2023-03-09 13:07:22,838:DEBUG:acme.client:Storing nonce: 8F05h_tEcAWm54eJ101-sBtL40VedgK2pL1jWymU6JzgMGE 2023-03-09 13:07:23,840:DEBUG:acme.client:JWS payload: b'' 2023-03-09 13:07:23,842:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910834: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICI4RjA1aF90RWNBV201NGVKMTAxLXNCdEw0MFZlZGdLMnBMMWpXeW1VNkp6Z01HRSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjU1OTEwODM0In0", "signature": "yI6ppCfTlj001Hiz93yw5rGKDfLgjW3YA311JdfUBsq9ueneWKp-D-Mle6SCAOV4oy0DhEIw-tBzAbjYFJxvV-wSZZ1NuSKPcVrIAw_K8tnaZjvZV7jQTU4E3W64HvFCFgu2j_enL8csFMS3hnSobpLe9vm8M27d_w8YwBfE8Ky9Lq0G5IiNXb4NDk5AXiYewVTj4xVsfNW3RtQ4TRJOu7y5IVOPyAzH1Oi5QUhOuvdOP5xuKNp-EKyZFviA6ue7Y2ATJbHvCQ9ks0qPfaVhYkWltNjXt3lUV6VXvW_xmR65LNn_2Q0hZS9dffJSUlnh7KR82i1WZx_jEWi3-cd6FQ", "payload": "" } 2023-03-09 13:07:23,915:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5655910834 HTTP/1.1" 200 827 2023-03-09 13:07:23,916:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:23 GMT Content-Type: application/json Content-Length: 827 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: B37ClQJGBq4jMRIRA8nBA2AlS1N5eZspWEYSSY-IGXPmvZc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "metukim.xyz" }, "status": "valid", "expires": "2023-04-08T13:07:23Z", "challenges": [ { "type": "http-01", "status": "valid", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910834/bHtfYw", "token": "Aw1GRyGNAEryl_-76yMAXX_ZbSh1fgWDowcw84lgUgw", "validationRecord": [ { "url": "http://metukim.xyz/.well-known/acme-challenge/Aw1GRyGNAEryl_-76yMAXX_ZbSh1fgWDowcw84lgUgw", "hostname": "metukim.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-09T13:07:22Z" } ] } 2023-03-09 13:07:23,916:DEBUG:acme.client:Storing nonce: B37ClQJGBq4jMRIRA8nBA2AlS1N5eZspWEYSSY-IGXPmvZc 2023-03-09 13:07:23,916:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-09 13:07:23,916:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-09 13:07:25,187:DEBUG:certbot._internal.client:CSR: CSR(file=None, data=b'-----BEGIN CERTIFICATE REQUEST-----\nMIICbjCCAVYCAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKth\nb18R0U8QXz9qW77SbcuTE9tfhV8dn165rCCgogTIWwFTqFBAalvXd+hEhpYjUXbD\nxGFIJR4e029PAb2cGJt/QLiO49bh1PB+K6pLo4euyJNkePnRFV+VSq1vbchSS6bp\nXRp7Dj9EEvYf2L3jr6dkTrSY6YiGw5BEE4m0LEz88bcaop7mqg1Smg093e5TVO60\n8b2PbNz1Tx/6Bh385mj/dkeHgH+5mxnYuVlxS2fJ0R4aTa47DQEA5rHrC0RCuTFY\nwhl55k3aj90sZXSDN2afPR5ByAT0LExHcea16D6Kk+w2ezKyddUEQAn9+IVFhrWt\ncWCLd23cAN4Pgz2FiG0CAwEAAaApMCcGCSqGSIb3DQEJDjEaMBgwFgYDVR0RBA8w\nDYILbWV0dWtpbS54eXowDQYJKoZIhvcNAQELBQADggEBAI/ZWJudbSLruY43ZynS\nHgg2io5zsAPnmNQLc/AroSvHwbcCUYAOAXKsL6Kk0LWBCWoJPFxryVo3n0opV9EE\n7kdnnF5RK/buucG2mn9BdfDjJ2D5iVgHbhHUVGjavyTp6z16XgD+AgVSbg3xOpz3\n0sIRfqQrvfShInAB65mWz+n/smnekDo27EBZYEiiW0FdxK3WFwLmAm/VGkTfhFHT\nz5MGYNN1aONB8TD2pQ6vV8vjw9bP8SkHIoBAhCG86tSPs8HbTMNCihQLabUTAiOM\noAUUCvbeD8+ZYUuoXKIGcyXKSYQWmZ1taaG7a40G3rmTFPtRqOfWRet5JJ2WioEg\nFz4=\n-----END CERTIFICATE REQUEST-----\n', form='pem') 2023-03-09 13:07:25,190:DEBUG:acme.client:JWS payload: b'{\n "csr": "MIICbjCCAVYCAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKthb18R0U8QXz9qW77SbcuTE9tfhV8dn165rCCgogTIWwFTqFBAalvXd-hEhpYjUXbDxGFIJR4e029PAb2cGJt_QLiO49bh1PB-K6pLo4euyJNkePnRFV-VSq1vbchSS6bpXRp7Dj9EEvYf2L3jr6dkTrSY6YiGw5BEE4m0LEz88bcaop7mqg1Smg093e5TVO608b2PbNz1Tx_6Bh385mj_dkeHgH-5mxnYuVlxS2fJ0R4aTa47DQEA5rHrC0RCuTFYwhl55k3aj90sZXSDN2afPR5ByAT0LExHcea16D6Kk-w2ezKyddUEQAn9-IVFhrWtcWCLd23cAN4Pgz2FiG0CAwEAAaApMCcGCSqGSIb3DQEJDjEaMBgwFgYDVR0RBA8wDYILbWV0dWtpbS54eXowDQYJKoZIhvcNAQELBQADggEBAI_ZWJudbSLruY43ZynSHgg2io5zsAPnmNQLc_AroSvHwbcCUYAOAXKsL6Kk0LWBCWoJPFxryVo3n0opV9EE7kdnnF5RK_buucG2mn9BdfDjJ2D5iVgHbhHUVGjavyTp6z16XgD-AgVSbg3xOpz30sIRfqQrvfShInAB65mWz-n_smnekDo27EBZYEiiW0FdxK3WFwLmAm_VGkTfhFHTz5MGYNN1aONB8TD2pQ6vV8vjw9bP8SkHIoBAhCG86tSPs8HbTMNCihQLabUTAiOMoAUUCvbeD8-ZYUuoXKIGcyXKSYQWmZ1taaG7a40G3rmTFPtRqOfWRet5JJ2WioEgFz4"\n}' 2023-03-09 13:07:25,193:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7641470824: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCMzdDbFFKR0JxNGpNUklSQThuQkEyQWxTMU41ZVpzcFdFWVNTWS1JR1hQbXZaYyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9maW5hbGl6ZS85MjIyMTg1NC83NjQxNDcwODI0In0", "signature": "LDfd26heKRpLPej3v64uonN10hZb1AD0R4OqOwvHi0ijpfyQqnO47ibexKVNF1TOUF0VlkfRCK60vIi5I1RDrjjuprVfmXYN5bPOyh3HuAipFCRc_Yhg6_dG33hxsdidzRAb1GXF3Hb1UDzXYFCGhAgeesK2Q3sUtI4xaePtSY8rHTvsH8L3yxkvw-nm_lZQ0fWcwb5duI0MbrW83qmAtW849H-5u7BihCAvAiTBmGSa23QnR3GTUEg9IYBDmFiAkca2PXMsmKrwfJ1K5Zw3cfp9fyqa-O0V3szgxgrNRBqlX2OXHSCHu2kAsFcbL7u9Rl6ILMffs7ageOotLkseMw", "payload": "ewogICJjc3IiOiAiTUlJQ2JqQ0NBVllDQVFJd0FEQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQUt0aGIxOFIwVThRWHo5cVc3N1NiY3VURTl0ZmhWOGRuMTY1ckNDZ29nVElXd0ZUcUZCQWFsdlhkLWhFaHBZalVYYkR4R0ZJSlI0ZTAyOVBBYjJjR0p0X1FMaU80OWJoMVBCLUs2cExvNGV1eUpOa2VQblJGVi1WU3ExdmJjaFNTNmJwWFJwN0RqOUVFdllmMkwzanI2ZGtUclNZNllpR3c1QkVFNG0wTEV6ODhiY2FvcDdtcWcxU21nMDkzZTVUVk82MDhiMlBiTnoxVHhfNkJoMzg1bWpfZGtlSGdILTVteG5ZdVZseFMyZkowUjRhVGE0N0RRRUE1ckhyQzBSQ3VURll3aGw1NWszYWo5MHNaWFNETjJhZlBSNUJ5QVQwTEV4SGNlYTE2RDZLay13MmV6S3lkZFVFUUFuOS1JVkZocld0Y1dDTGQyM2NBTjRQZ3oyRmlHMENBd0VBQWFBcE1DY0dDU3FHU0liM0RRRUpEakVhTUJnd0ZnWURWUjBSQkE4d0RZSUxiV1YwZFd0cGJTNTRlWG93RFFZSktvWklodmNOQVFFTEJRQURnZ0VCQUlfWldKdWRiU0xydVk0M1p5blNIZ2cyaW81enNBUG5tTlFMY19Bcm9Tdkh3YmNDVVlBT0FYS3NMNktrMExXQkNXb0pQRnhyeVZvM24wb3BWOUVFN2tkbm5GNVJLX2J1dWNHMm1uOUJkZkRqSjJENWlWZ0hiaEhVVkdqYXZ5VHA2ejE2WGdELUFnVlNiZzN4T3B6MzBzSVJmcVFydmZTaEluQUI2NW1Xei1uX3NtbmVrRG8yN0VCWllFaWlXMEZkeEszV0Z3TG1BbV9WR2tUZmhGSFR6NU1HWU5OMWFPTkI4VEQycFE2dlY4dmp3OWJQOFNrSElvQkFoQ0c4NnRTUHM4SGJUTU5DaWhRTGFiVVRBaU9Nb0FVVUN2YmVEOC1aWVV1b1hLSUdjeVhLU1lRV21aMXRhYUc3YTQwRzNybVRGUHRScU9mV1JldDVKSjJXaW9FZ0Z6NCIKfQ" } 2023-03-09 13:07:25,520:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/finalize/92221854/7641470824 HTTP/1.1" 200 457 2023-03-09 13:07:25,520:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:25 GMT Content-Type: application/json Content-Length: 457 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/92221854/7641470824 Replay-Nonce: BEB9zRGYsK771_8QHsUM-v8TemQfW2atX1nhmXR7Ugz3GYo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "valid", "expires": "2023-03-16T13:07:21Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910834" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7641470824", "certificate": "https://acme-staging-v02.api.letsencrypt.org/acme/cert/faed4075c943c9e69b2c0f7e14c82fbf43c6" } 2023-03-09 13:07:25,521:DEBUG:acme.client:Storing nonce: BEB9zRGYsK771_8QHsUM-v8TemQfW2atX1nhmXR7Ugz3GYo 2023-03-09 13:07:26,522:DEBUG:acme.client:JWS payload: b'' 2023-03-09 13:07:26,524:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/order/92221854/7641470824: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCRUI5elJHWXNLNzcxXzhRSHNVTS12OFRlbVFmVzJhdFgxbmhtWFI3VWd6M0dZbyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9vcmRlci85MjIyMTg1NC83NjQxNDcwODI0In0", "signature": "17FmKhirTGqDHKrj_c10_Q4onpn4mw-SyhgY4pw1dUxuXOlxDGzJ18YfxLTJHp1KfgB_PJCgw1ahEUtxxHxVeAGRV0Y8hDZi9Uq_4MFvYvquIsbVsKFiQ3MJ_kQHkXcgTjHpDdDlMucxj6o432M37r0tQ3hhKqOBuBHqZU1_n4JUkoCDEHi4AVnPbvL_S9AXnhvadgkveU4JMhecvyDsm470a3_5sQie72GgOUC2NO04fYr-OGMiugHp-_tsThYaj8MH96huvkSfdr0d0atMMSk3JLSbA3i8JUOcL2DRjg2got2HyJasUkz5wVvDm1sPX8ibAOGFeJY7uar07Zu18Q", "payload": "" } 2023-03-09 13:07:26,598:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/order/92221854/7641470824 HTTP/1.1" 200 457 2023-03-09 13:07:26,599:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:26 GMT Content-Type: application/json Content-Length: 457 Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A272uyKt59EeCY3wA-MJe5JzlNBXUqFkoHKKVocnhucw0M0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "valid", "expires": "2023-03-16T13:07:21Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910834" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7641470824", "certificate": "https://acme-staging-v02.api.letsencrypt.org/acme/cert/faed4075c943c9e69b2c0f7e14c82fbf43c6" } 2023-03-09 13:07:26,599:DEBUG:acme.client:Storing nonce: A272uyKt59EeCY3wA-MJe5JzlNBXUqFkoHKKVocnhucw0M0 2023-03-09 13:07:26,599:DEBUG:acme.client:JWS payload: b'' 2023-03-09 13:07:26,601:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/cert/faed4075c943c9e69b2c0f7e14c82fbf43c6: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJBMjcydXlLdDU5RWVDWTN3QS1NSmU1SnpsTkJYVXFGa29IS0tWb2NuaHVjdzBNMCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jZXJ0L2ZhZWQ0MDc1Yzk0M2M5ZTY5YjJjMGY3ZTE0YzgyZmJmNDNjNiJ9", "signature": "liPhvLB3DSnQ36h0dcGNQdHEL0UdoIDr28c8610DbOE6fdV_c3URuO7WiYYFcAt3XKqqadd590yToYq9SRY1hNPe1K3EZ4IGRKPDwLvqEreD8YUNvjRjrAgbeg2q5OIE0E9kH-l83wCUtqYRNGJcoQEGNjrhfCF20eM_NYr6w-2FsZTiFMOu_cVpNQV0BSxO0gcSENu__VKsJX9G73LXsG4TuXMXSniFp6jPTle9W0s-A9uC7Y8AHqlBN2fYIif1JQ1qF7MnJAvqYIFhD23w_FzHCWlfffvilOPtjg_oTKJ7EvPJUyEXnq7_y9walN_dXNKwdi3gUKKVUH1S90RV9g", "payload": "" } 2023-03-09 13:07:26,676:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/cert/faed4075c943c9e69b2c0f7e14c82fbf43c6 HTTP/1.1" 200 5723 2023-03-09 13:07:26,677:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 13:07:26 GMT Content-Type: application/pem-certificate-chain Content-Length: 5723 Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="alternate" Replay-Nonce: 8F05S77meDt0l773wb2D7gW950fN3P47k_Ua0a2l1BXnzsE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgITAPrtQHXJQ8nmmywPfhTIL79DxjANBgkqhkiG9w0BAQsF ADBZMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXKFNUQUdJTkcpIExldCdzIEVuY3J5 cHQxKDAmBgNVBAMTHyhTVEFHSU5HKSBBcnRpZmljaWFsIEFwcmljb3QgUjMwHhcN MjMwMzA5MTIwNzI1WhcNMjMwNjA3MTIwNzI0WjAWMRQwEgYDVQQDEwttZXR1a2lt Lnh5ejCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKthb18R0U8QXz9q W77SbcuTE9tfhV8dn165rCCgogTIWwFTqFBAalvXd+hEhpYjUXbDxGFIJR4e029P Ab2cGJt/QLiO49bh1PB+K6pLo4euyJNkePnRFV+VSq1vbchSS6bpXRp7Dj9EEvYf 2L3jr6dkTrSY6YiGw5BEE4m0LEz88bcaop7mqg1Smg093e5TVO608b2PbNz1Tx/6 Bh385mj/dkeHgH+5mxnYuVlxS2fJ0R4aTa47DQEA5rHrC0RCuTFYwhl55k3aj90s ZXSDN2afPR5ByAT0LExHcea16D6Kk+w2ezKyddUEQAn9+IVFhrWtcWCLd23cAN4P gz2FiG0CAwEAAaOCAk0wggJJMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUr9th+COS G5Z/WZ5uUQPnQrYiN8AwHwYDVR0jBBgwFoAU3nJ6SN8xw6ZQ35+FI99XN0tdLmUw XQYIKwYBBQUHAQEEUTBPMCUGCCsGAQUFBzABhhlodHRwOi8vc3RnLXIzLm8ubGVu Y3Iub3JnMCYGCCsGAQUFBzAChhpodHRwOi8vc3RnLXIzLmkubGVuY3Iub3JnLzAW BgNVHREEDzANggttZXR1a2ltLnh5ejBMBgNVHSAERTBDMAgGBmeBDAECATA3Bgsr BgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0 Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2AMGDJAvxpFDHb7sAcmncrDvi KkgF1NvgSWbDyKvER7AMAAABhsZ7w+kAAAQDAEcwRQIhAPJ93oXso4Hwd0m7URGT SNUju1w0mZsRlSo/ceY0UEgvAiAK0a8oqTU2U2c/6tuW7SbJtEY3T7cTpbRhFfv1 epAvGQB1ALDMg+Wl+X1rr3wJzChJBIcqx+iLEyxjULfG/SbhbGx3AAABhsZ7w/gA AAQDAEYwRAIgKSx5krK4zx6uyyhJAzhhsmv4B5CwHkZPh8RnnSJrMKICICf12PgX sC6zMb2hPcgeziehBwn7HAiiGiHgMXkvVEl0MA0GCSqGSIb3DQEBCwUAA4IBAQAY yYwxTGca9eKtLxqfXOAq9rtJ4QEF7DwdWNP3wfbAxouWKTVFadwea9ni4+bcZxEn 44Xnu7P8DcGeRT/VjPKrvt0DPzpkQP/GG6UmiJWoROmEUUfqMFkv23+J67RwBn5m o9t9Pz3Gsb/OEo0LGy8l0f+vzGgzEOMdDS2V9bGXhNHLqsnv+zVVtI1lv+OXAlrW HVqOHRkzGrsUvzGzf8q01wyrbdXWR4tJMk+k2B19e4G02ssihEct5gzxJuyqDa1u fpIY5nX1CZQTK8QD6vny2p/WsDINJiS4S9GRorSkmiyrO6jdAfzP+zVIBuAbz+D8 d/MEpc9jTtRmZ3GGbnJH -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFWzCCA0OgAwIBAgIQTfQrldHumzpMLrM7jRBd1jANBgkqhkiG9w0BAQsFADBm MQswCQYDVQQGEwJVUzEzMDEGA1UEChMqKFNUQUdJTkcpIEludGVybmV0IFNlY3Vy aXR5IFJlc2VhcmNoIEdyb3VwMSIwIAYDVQQDExkoU1RBR0lORykgUHJldGVuZCBQ ZWFyIFgxMB4XDTIwMDkwNDAwMDAwMFoXDTI1MDkxNTE2MDAwMFowWTELMAkGA1UE BhMCVVMxIDAeBgNVBAoTFyhTVEFHSU5HKSBMZXQncyBFbmNyeXB0MSgwJgYDVQQD Ex8oU1RBR0lORykgQXJ0aWZpY2lhbCBBcHJpY290IFIzMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAu6TR8+74b46mOE1FUwBrvxzEYLck3iasmKrcQkb+ gy/z9Jy7QNIAl0B9pVKp4YU76JwxF5DOZZhi7vK7SbCkK6FbHlyU5BiDYIxbbfvO L/jVGqdsSjNaJQTg3C3XrJja/HA4WCFEMVoT2wDZm8ABC1N+IQe7Q6FEqc8NwmTS nmmRQm4TQvr06DP+zgFK/MNubxWWDSbSKKTH5im5j2fZfg+j/tM1bGaczFWw8/lS nukyn5J2L+NJYnclzkXoh9nMFnyPmVbfyDPOc4Y25aTzVoeBKXa/cZ5MM+WddjdL biWvm19f1sYn1aRaAIrkppv7kkn83vcth8XCG39qC2ZvaQIDAQABo4IBEDCCAQww DgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAS BgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBTecnpI3zHDplDfn4Uj31c3S10u ZTAfBgNVHSMEGDAWgBS182Xy/rAKkh/7PH3zRKCsYyXDFDA2BggrBgEFBQcBAQQq MCgwJgYIKwYBBQUHMAKGGmh0dHA6Ly9zdGcteDEuaS5sZW5jci5vcmcvMCsGA1Ud HwQkMCIwIKAeoByGGmh0dHA6Ly9zdGcteDEuYy5sZW5jci5vcmcvMCIGA1UdIAQb MBkwCAYGZ4EMAQIBMA0GCysGAQQBgt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCN DLam9yN0EFxxn/3p+ruWO6n/9goCAM5PT6cC6fkjMs4uas6UGXJjr5j7PoTQf3C1 vuxiIGRJC6qxV7yc6U0X+w0Mj85sHI5DnQVWN5+D1er7mp13JJA0xbAbHa3Rlczn y2Q82XKui8WHuWra0gb2KLpfboYj1Ghgkhr3gau83pC/WQ8HfkwcvSwhIYqTqxoZ Uq8HIf3M82qS9aKOZE0CEmSyR1zZqQxJUT7emOUapkUN9poJ9zGc+FgRZvdro0XB yphWXDaqMYph0DxW/10ig5j4xmmNDjCRmqIKsKoWA52wBTKKXK1na2ty/lW5dhtA xkz5rVZFd4sgS4J0O+zm6d5GRkWsNJ4knotGXl8vtS3X40KXeb3A5+/3p0qaD215 Xq8oSNORfB2oI1kQuyEAJ5xvPTdfwRlyRG3lFYodrRg6poUBD/8fNTXMtzydpRgy zUQZh/18F6B/iW6cbiRN9r2Hkh05Om+q0/6w0DdZe+8YrNpfhSObr/1eVZbKGMIY qKmyZbBNu5ysENIK5MPc14mUeKmFjpN840VR5zunoU52lqpLDua/qIM8idk86xGW xx2ml43DO/Ya/tVZVok0mO0TUjzJIfPqyvr455IsIut4RlCR9Iq0EDTve2/ZwCuG hSjpTUFGSiQrR2JK2Evp+o6AETUkBCO1aw0PpQBPDQ== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFVDCCBDygAwIBAgIRAO1dW8lt+99NPs1qSY3Rs8cwDQYJKoZIhvcNAQELBQAw cTELMAkGA1UEBhMCVVMxMzAxBgNVBAoTKihTVEFHSU5HKSBJbnRlcm5ldCBTZWN1 cml0eSBSZXNlYXJjaCBHcm91cDEtMCsGA1UEAxMkKFNUQUdJTkcpIERvY3RvcmVk IER1cmlhbiBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQw M1owZjELMAkGA1UEBhMCVVMxMzAxBgNVBAoTKihTVEFHSU5HKSBJbnRlcm5ldCBT ZWN1cml0eSBSZXNlYXJjaCBHcm91cDEiMCAGA1UEAxMZKFNUQUdJTkcpIFByZXRl bmQgUGVhciBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALbagEdD Ta1QgGBWSYkyMhscZXENOBaVRTMX1hceJENgsL0Ma49D3MilI4KS38mtkmdF6cPW nL++fgehT0FbRHZgjOEr8UAN4jH6omjrbTD++VZneTsMVaGamQmDdFl5g1gYaigk kmx8OiCO68a4QXg4wSyn6iDipKP8utsE+x1E28SA75HOYqpdrk4HGxuULvlr03wZ GTIf/oRt2/c+dYmDoaJhge+GOrLAEQByO7+8+vzOwpNAPEx6LW+crEEZ7eBXih6V P19sTGy3yfqK5tPtTdXXCOQMKAp+gCj/VByhmIr+0iNDC540gtvV303WpcbwnkkL YC0Ft2cYUyHtkstOfRcRO+K2cZozoSwVPyB8/J9RpcRK3jgnX9lujfwA/pAbP0J2 UPQFxmWFRQnFjaq6rkqbNEBgLy+kFL1NEsRbvFbKrRi5bYy2lNms2NJPZvdNQbT/ 2dBZKmJqxHkxCuOQFjhJQNeO+Njm1Z1iATS/3rts2yZlqXKsxQUzN6vNbD8KnXRM EeOXUYvbV4lqfCf8mS14WEbSiMy87GB5S9ucSV1XUrlTG5UGcMSZOBcEUpisRPEm QWUOTWIoDQ5FOia/GI+Ki523r2ruEmbmG37EBSBXdxIdndqrjy+QVAmCebyDx9eV EGOIpn26bW5LKerumJxa/CFBaKi4bRvmdJRLAgMBAAGjgfEwge4wDgYDVR0PAQH/ BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLXzZfL+sAqSH/s8ffNE oKxjJcMUMB8GA1UdIwQYMBaAFAhX2onHolN5DE/d4JCPdLriJ3NEMDgGCCsGAQUF BwEBBCwwKjAoBggrBgEFBQcwAoYcaHR0cDovL3N0Zy1kc3QzLmkubGVuY3Iub3Jn LzAtBgNVHR8EJjAkMCKgIKAehhxodHRwOi8vc3RnLWRzdDMuYy5sZW5jci5vcmcv MCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQBgt8TAQEBMA0GCSqGSIb3DQEB CwUAA4IBAQB7tR8B0eIQSS6MhP5kuvGth+dN02DsIhr0yJtk2ehIcPIqSxRRmHGl 4u2c3QlvEpeRDp2w7eQdRTlI/WnNhY4JOofpMf2zwABgBWtAu0VooQcZZTpQruig F/z6xYkBk3UHkjeqxzMN3d1EqGusxJoqgdTouZ5X5QTTIee9nQ3LEhWnRSXDx7Y0 ttR1BGfcdqHopO4IBqAhbkKRjF5zj7OD8cG35omywUbZtOJnftiI0nFcRaxbXo0v oDfLD0S6+AC2R3tKpqjkNX6/91hrRFglUakyMcZU/xleqbv6+Lr3YD8PsBTub6lI oZ2lS38fL18Aon458fbc0BPHtenfhKj5 -----END CERTIFICATE----- 2023-03-09 13:07:26,677:DEBUG:acme.client:Storing nonce: 8F05S77meDt0l773wb2D7gW950fN3P47k_Ua0a2l1BXnzsE 2023-03-09 13:07:26,678:DEBUG:certbot._internal.renewal:Dry run: skipping updating lineage at /etc/letsencrypt/live/metukim.xyz 2023-03-09 13:07:26,679:DEBUG:certbot._internal.updater:Skipping renewal deployer in dry-run mode. 2023-03-09 13:07:27,733:DEBUG:certbot.display.util:Notifying user: new certificate deployed with reload of nginx server; fullchain is /etc/letsencrypt/live/metukim.xyz/fullchain.pem 2023-03-09 13:07:27,733:DEBUG:certbot._internal.updater:Skipping updaters in dry-run mode. 2023-03-09 13:07:27,733:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 13:07:27,733:DEBUG:certbot.display.util:Notifying user: The following simulated renewals succeeded: 2023-03-09 13:07:27,734:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem (success) /etc/letsencrypt/live/metukim.xyz/fullchain.pem (success) 2023-03-09 13:07:27,734:ERROR:certbot._internal.renewal:The following simulated renewals failed: 2023-03-09 13:07:27,734:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) 2023-03-09 13:07:27,734:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 13:07:27,734:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 1 renew failure(s), 0 parse failure(s) 2023-03-09 13:07:27,736:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s) 2023-03-09 18:38:00,504:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-09 18:38:00,505:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-09 18:38:00,505:DEBUG:certbot._internal.main:Arguments: ['-q'] 2023-03-09 18:38:00,505:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-09 18:38:00,525:DEBUG:certbot._internal.log:Root logging level set at 30 2023-03-09 18:38:00,551:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-09 18:38:00,553:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-09 18:38:00,569:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-09 18:38:00,582:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 18:38:00,640:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 18:38:00,642:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-09 18:38:00,646:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-09 18:38:00,653:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-09 18:38:00,653:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-09 18:38:00,653:INFO:certbot._internal.renewal:Non-interactive renewal: random delay of 229.0332939070193 seconds 2023-03-09 18:41:49,778:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 18:41:50,530:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 18:41:50,546:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-09 18:41:50,546:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-09 18:41:50,547:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-09 18:41:50,575:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-09 18:41:50,587:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-09 18:41:50,603:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-09 18:41:50,741:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-09 18:41:50,743:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 18:41:50 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "ZbFrw7o1Rsw": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-09 18:41:50,758:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-09 18:41:50,851:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0118_key-certbot.pem 2023-03-09 18:41:50,857:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0118_csr-certbot.pem 2023-03-09 18:41:50,859:DEBUG:acme.client:Requesting fresh nonce 2023-03-09 18:41:50,859:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-09 18:41:50,902:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-09 18:41:50,903:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Thu, 09 Mar 2023 18:41:50 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1AADF55du3YZTGE7USrnfDXKMUTsU85ryGm-YwtvIkIRxHo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-09 18:41:50,903:DEBUG:acme.client:Storing nonce: 1AADF55du3YZTGE7USrnfDXKMUTsU85ryGm-YwtvIkIRxHo 2023-03-09 18:41:50,904:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-09 18:41:50,910:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFBQURGNTVkdTNZWlRHRTdVU3JuZkRYS01VVHNVODVyeUdtLVl3dHZJa0lSeEhvIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "oqPhUc0EBtJ1fJ0rrancjNHTYNqp3i4Jbiz_A38BeREKS3NuVugZ2toULfAkxQP54eJR3GD9jddDyACNggYPi8B2_3Nga6Sl_h9ACkUM-AJOFUmQbhhNFszX1kEDkpqZ-KAcQpX9hwFJqKxYFdmDb8Mo-XZYbEhpfxqmrvp6Sskt_UlWf8fQ98osMZ-hoZGnQfzoSreK2reMknsmfK2mimLJDdWD8Etb1M5atuVXYgZ-pRjvNCNwr5C8RXCEi0qn32bDAAACSIAERLZjcoA8asMKge9er4FXmXgG0Zk-9gakrwgGWI8vRl7i9kBXU1l5TKKLfNxiQoD_llwt2xJunQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-09 18:41:51,116:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-09 18:41:51,117:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Thu, 09 Mar 2023 18:41:51 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/169129890437 Replay-Nonce: C878FfNMgRs2gySq8VjECxUf0mYuc5xBOhY_ulS-S0dEFR8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-16T18:41:50Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/209527906757" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/169129890437" } 2023-03-09 18:41:51,117:DEBUG:acme.client:Storing nonce: C878FfNMgRs2gySq8VjECxUf0mYuc5xBOhY_ulS-S0dEFR8 2023-03-09 18:41:51,117:DEBUG:acme.client:JWS payload: b'' 2023-03-09 18:41:51,119:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209527906757: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM4NzhGZk5NZ1JzMmd5U3E4VmpFQ3hVZjBtWXVjNXhCT2hZX3VsUy1TMGRFRlI4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk1Mjc5MDY3NTcifQ", "signature": "VPJX9KR0TBp1pS2TwIdtsILX51TQTzLvIF52hNuZBokkxweBfp5rXl1qQg2e5J9kQ06HXSgY2Mh21SZLdCo5nCZb1kA_j6E1XNss6f2ordVbMs609iaf3guspGPEYmmjLwd05a43mheXq9jIojxyIAtTwYYcwvLW0dInagm99Rczgh9abClNFHAz9lYPFHn7MTeKGkLh_uHqfLELSrafv9FPaXUx8u9NUsuvGDdcoKppJqw4xubPXjE7TlapJuPfHJFX_4QyHEvSyjO6fFYltAm9x_fEz-X7Cv3JlrTLFCEsHDmGOElJkBgKCvbm4G1_BsZMjs1mWSWU5kmDsB5_Lg", "payload": "" } 2023-03-09 18:41:51,166:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209527906757 HTTP/1.1" 404 106 2023-03-09 18:41:51,167:DEBUG:acme.client:Received response: HTTP 404 Server: nginx Date: Thu, 09 Mar 2023 18:41:51 GMT Content-Type: application/problem+json Content-Length: 106 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: C878a6wvoutWzPtV8KJ0c7GSWmCWnEBPhqVB9CfWfofZB-o { "type": "urn:ietf:params:acme:error:malformed", "detail": "No such authorization", "status": 404 } 2023-03-09 18:41:51,169:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: urn:ietf:params:acme:error:malformed :: The request message was malformed :: No such authorization 2023-03-09 18:41:51,179:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 406, in _get_order_and_authorizations orderr = self.acme.new_order(csr_pem) File "/usr/lib/python3/dist-packages/acme/client.py", line 886, in new_order return self.client.new_order(csr_pem) File "/usr/lib/python3/dist-packages/acme/client.py", line 672, in new_order authorizations.append(self._authzr_from_response(self._post_as_get(url), uri=url)) File "/usr/lib/python3/dist-packages/acme/client.py", line 794, in _post_as_get return self._post(*new_args, **kwargs) File "/usr/lib/python3/dist-packages/acme/client.py", line 97, in _post return self.net.post(*args, **kwargs) File "/usr/lib/python3/dist-packages/acme/client.py", line 1201, in post return self._post_once(*args, **kwargs) File "/usr/lib/python3/dist-packages/acme/client.py", line 1214, in _post_once response = self._check_response(response, content_type=content_type) File "/usr/lib/python3/dist-packages/acme/client.py", line 1072, in _check_response raise messages.Error.from_json(jobj) acme.messages.Error: urn:ietf:params:acme:error:malformed :: The request message was malformed :: No such authorization 2023-03-09 18:41:51,181:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-09 18:41:51,204:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 18:41:51,278:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 18:41:51,280:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-09 18:41:51,282:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-09 18:41:51,285:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-09 18:41:51,286:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 18:41:51,286:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-09 18:41:51,287:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-09 18:41:51,295:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-09 18:41:51,350:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-09 18:41:51,352:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert5.pem is signed by the certificate's issuer. 2023-03-09 18:41:51,353:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert5.pem is: OCSPCertStatus.GOOD 2023-03-09 18:41:51,354:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-09 18:41:51,355:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-09 18:41:51,355:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-09 18:41:51,355:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 18:41:51,355:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-09 18:41:51,356:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) /etc/letsencrypt/live/metukim.xyz/fullchain.pem expires on 2023-06-07 (skipped) 2023-03-09 18:41:51,356:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-09 18:41:51,356:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) 2023-03-09 18:41:51,357:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-09 18:41:51,359:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 1 renew failure(s), 0 parse failure(s) 2023-03-09 18:41:51,360:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s) 2023-03-10 02:06:33,467:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-10 02:06:33,468:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-10 02:06:33,468:DEBUG:certbot._internal.main:Arguments: ['-q'] 2023-03-10 02:06:33,468:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-10 02:06:33,490:DEBUG:certbot._internal.log:Root logging level set at 30 2023-03-10 02:06:33,503:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-10 02:06:33,505:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-10 02:06:33,514:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-10 02:06:33,523:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-10 02:06:33,607:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-10 02:06:33,608:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-10 02:06:33,612:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-10 02:06:33,618:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-10 02:06:33,618:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-10 02:06:33,618:INFO:certbot._internal.renewal:Non-interactive renewal: random delay of 333.98750394403754 seconds 2023-03-10 02:12:07,727:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 02:12:08,396:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-10 02:12:08,406:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-10 02:12:08,406:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-10 02:12:08,407:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-10 02:12:08,438:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-10 02:12:08,450:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-10 02:12:08,465:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-10 02:12:08,604:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-10 02:12:08,607:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 02:12:08 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "-5K7c3LZwVE": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-10 02:12:08,616:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-10 02:12:08,674:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0119_key-certbot.pem 2023-03-10 02:12:08,681:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0119_csr-certbot.pem 2023-03-10 02:12:08,682:DEBUG:acme.client:Requesting fresh nonce 2023-03-10 02:12:08,682:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-10 02:12:08,726:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-10 02:12:08,726:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 02:12:08 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1AAD9dh3uIItMN7uERufPtfXI8oEkZIq6eh_SCNP5lhDt-0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-10 02:12:08,727:DEBUG:acme.client:Storing nonce: 1AAD9dh3uIItMN7uERufPtfXI8oEkZIq6eh_SCNP5lhDt-0 2023-03-10 02:12:08,728:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-10 02:12:08,734:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFBQUQ5ZGgzdUlJdE1ON3VFUnVmUHRmWEk4b0VrWklxNmVoX1NDTlA1bGhEdC0wIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "T_fG2jXwj4j6FqsFxc7LuF8PM_utP2QgKTkIK3GR6DUl5IPyG3dULJUdC9rOvnQ5hFsJCer3FayXRzWD85SkuMTNjhmUdiB5bALKJA1aXSAKsMQUgwoFcuDHe8bYOZBHSmZ3tcIyQCEYMXAYb-Oni1KcpcTCA1kX_sPKG8WvM4iAhCyXrQvB1djG3bxY4zFGNdQRiOFOqbnz6ovKoKWglZQLoJXCND_YlA-FCY7-9dzUb0-kNY2vbXlc5GIxTnaZ78ZW_Ib1KLDZ7jo6YdKKM026MvLp5LEtKk1O1gmfD9grH-MFqXPEzKlZOOouXjAnCME5Ygj0XpRN_QVvE07yUA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-10 02:12:08,919:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-10 02:12:08,920:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Fri, 10 Mar 2023 02:12:08 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/169190800407 Replay-Nonce: 1DFArz9rA_GYw8_qcx_YSWA6xvwEGz8W8duk9uGH0PDgSpo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-16T18:41:50Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/209527906757" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/169190800407" } 2023-03-10 02:12:08,920:DEBUG:acme.client:Storing nonce: 1DFArz9rA_GYw8_qcx_YSWA6xvwEGz8W8duk9uGH0PDgSpo 2023-03-10 02:12:08,921:DEBUG:acme.client:JWS payload: b'' 2023-03-10 02:12:08,922:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209527906757: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFERkFyejlyQV9HWXc4X3FjeF9ZU1dBNnh2d0VHejhXOGR1azl1R0gwUERnU3BvIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk1Mjc5MDY3NTcifQ", "signature": "BnQ1ejwRkjdYuliLzkmVEXeYVCnab-2bcYBr7kK14KqzAHEZI1RjhXP2bZiddizUx82ru61ig0Q52pG3dp698YwNKmr7YimY4kAeZvz49JqsDhA3Tx3IqoTASxHOsesHHePKw4oC8tdQluXJw54vsg5ADCh2NeIZw0ydwGiNSSRl9WcgfeSMykS6ylgQ-9MNq78lRzlSZDRHsAxRbIw2eoz31C4kJ80RKTNZ00Vv3kkONfpcq7zy1MYBNRo603psyW0xxs7I3mvZcmEL03W41tUhABxLI-2h9sMTFYF0cYR_qY5YzhNSph3qOvbmWq_mUYRY2RblQ_kOD05KoctE4A", "payload": "" } 2023-03-10 02:12:08,970:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209527906757 HTTP/1.1" 200 794 2023-03-10 02:12:08,971:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 02:12:08 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1AADHRafH-Xnm_uSlQNTe2dMheObJvQ6Vak-Yc8WFc7xDoo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-16T18:41:50Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209527906757/x4fM_g", "token": "Y3WmjbJa36JVa4pzluhrqBYxcXimRW78V0NYc3LZWfw" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209527906757/riJrZA", "token": "Y3WmjbJa36JVa4pzluhrqBYxcXimRW78V0NYc3LZWfw" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209527906757/LXVAVw", "token": "Y3WmjbJa36JVa4pzluhrqBYxcXimRW78V0NYc3LZWfw" } ] } 2023-03-10 02:12:08,971:DEBUG:acme.client:Storing nonce: 1AADHRafH-Xnm_uSlQNTe2dMheObJvQ6Vak-Yc8WFc7xDoo 2023-03-10 02:12:08,972:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-10 02:12:08,973:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-10 02:12:08,993:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-10 02:12:08,995:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-10 02:12:08,997:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-10 02:12:08,997:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-10 02:12:08,997:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-10 02:12:08,997:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-10 02:12:08,998:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-10 02:12:08,998:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-10 02:12:08,998:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-10 02:12:08,998:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-10 02:12:08,998:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-10 02:12:08,999:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-10 02:12:08,999:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-10 02:12:08,999:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-10 02:12:08,999:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-10 02:12:09,000:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-10 02:12:09,000:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-10 02:12:09,000:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-10 02:12:09,000:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-10 02:12:09,001:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-10 02:12:09,001:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-10 02:12:09,001:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-10 02:12:09,001:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-10 02:12:09,002:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-10 02:12:09,002:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-10 02:12:09,002:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-10 02:12:09,002:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-10 02:12:09,002:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-10 02:12:09,003:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-10 02:12:09,003:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-10 02:12:09,003:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-10 02:12:09,003:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-10 02:12:09,004:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-10 02:12:09,004:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-10 02:12:09,004:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-10 02:12:09,005:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-10 02:12:09,007:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/Y3WmjbJa36JVa4pzluhrqBYxcXimRW78V0NYc3LZWfw{default_type text/plain;return 200 Y3WmjbJa36JVa4pzluhrqBYxcXimRW78V0NYc3LZWfw.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-10 02:12:10,056:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-03-10 02:12:10,057:DEBUG:acme.client:JWS payload: b'{}' 2023-03-10 02:12:10,059:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/209527906757/x4fM_g: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFBQURIUmFmSC1Ybm1fdVNsUU5UZTJkTWhlT2JKdlE2VmFrLVljOFdGYzd4RG9vIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yMDk1Mjc5MDY3NTcveDRmTV9nIn0", "signature": "h89RMbOqvvuflD8blxsJrWODdm9k4NNSzMBUm7ttSiqir3tyYdo1NDmK1kLpLnaGYV69R6MobsJj-US-F1H3jY_nipuzrOBudjBFfYvojunhjoC8sDVvlcbqZTd6TUd0v2SyP3MXI0A0BmhUuyeHfJGCA68T8HeY4Vp2z1DPMrPK_A_4jwmWFt8uV0nmJ8xbUevNajzTHUZbrW5H1LZ_4K2kw0DaWczE_ecGnT6v_QJPkx9XW5_vH7_uiGsyjJ8YaiSH0MK1wJjdZ8IpHaI1xrq8SHefRXqXsGFle3QRh4urba0s6S4p6ntnEan4ydTSuRmgKt2vn_kHhxx81ClvXg", "payload": "e30" } 2023-03-10 02:12:10,112:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/209527906757/x4fM_g HTTP/1.1" 200 187 2023-03-10 02:12:10,113:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 02:12:10 GMT Content-Type: application/json Content-Length: 187 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/209527906757/x4fM_g Replay-Nonce: 1AAD4-rloej7VJg4qtz7bB2ltitYiz89_xdTqsUrALSxT_0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209527906757/x4fM_g", "token": "Y3WmjbJa36JVa4pzluhrqBYxcXimRW78V0NYc3LZWfw" } 2023-03-10 02:12:10,113:DEBUG:acme.client:Storing nonce: 1AAD4-rloej7VJg4qtz7bB2ltitYiz89_xdTqsUrALSxT_0 2023-03-10 02:12:11,114:DEBUG:acme.client:JWS payload: b'' 2023-03-10 02:12:11,116:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209527906757: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFBQUQ0LXJsb2VqN1ZKZzRxdHo3YkIybHRpdFlpejg5X3hkVHFzVXJBTFN4VF8wIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk1Mjc5MDY3NTcifQ", "signature": "M_fsqFEJJIFGUjnwHbbfQZTWT68bD5FqAtgXgMqxPkvUuNyxWJuSZhBE1cuZHiPWoI2V-o5GtaEci_EBKOyKSna8nrTh_kck0PvcG0PCIwHeRhlGYuRMwd5iPViwghhcfJ392RbTb_VtHvBR2fG2l9TKmp0O3WKWLLUv0Tcr_9UVkzZ1D6Ig8jpovv6c76XZlYVG33qiDqZpyMsBeNbJAfHzmH0cieOKZin3HgQtSExzwjrzss5fMpc7XtncdbPbq4vVe1eeSjfBGIORF-ySUrzkCqtKhznpJp3PpdhZGS_Bi5krHj_BNAt3_dLwYfvM2rRg1xJLctL4upvYjSqOKQ", "payload": "" } 2023-03-10 02:12:11,166:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209527906757 HTTP/1.1" 200 1484 2023-03-10 02:12:11,167:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 02:12:11 GMT Content-Type: application/json Content-Length: 1484 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 327CHk7kJsRuEVBmvfSw9y3ksTDdp6lLVF_up4sDOlVgjZI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "invalid", "expires": "2023-03-16T18:41:50Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/Y3WmjbJa36JVa4pzluhrqBYxcXimRW78V0NYc3LZWfw: 404", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209527906757/x4fM_g", "token": "Y3WmjbJa36JVa4pzluhrqBYxcXimRW78V0NYc3LZWfw", "validationRecord": [ { "url": "http://dagoth.xyz/.well-known/acme-challenge/Y3WmjbJa36JVa4pzluhrqBYxcXimRW78V0NYc3LZWfw", "hostname": "dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" }, { "url": "https://dagoth.xyz/.well-known/acme-challenge/Y3WmjbJa36JVa4pzluhrqBYxcXimRW78V0NYc3LZWfw", "hostname": "dagoth.xyz", "port": "443", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-10T02:12:10Z" } ] } 2023-03-10 02:12:11,167:DEBUG:acme.client:Storing nonce: 327CHk7kJsRuEVBmvfSw9y3ksTDdp6lLVF_up4sDOlVgjZI 2023-03-10 02:12:11,167:WARNING:certbot._internal.auth_handler:Challenge failed for domain dagoth.xyz 2023-03-10 02:12:11,170:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-10 02:12:11,170:DEBUG:certbot._internal.reporter:Reporting to user: The following errors were reported by the server: Domain: dagoth.xyz Type: unauthorized Detail: 2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/Y3WmjbJa36JVa4pzluhrqBYxcXimRW78V0NYc3LZWfw: 404 To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. 2023-03-10 02:12:11,182:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-10 02:12:11,182:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-10 02:12:11,182:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-10 02:12:12,542:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: Some challenges have failed. 2023-03-10 02:12:12,546:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-10 02:12:12,549:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-10 02:12:12,607:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-10 02:12:12,664:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-10 02:12:12,669:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-10 02:12:12,672:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-10 02:12:12,676:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-10 02:12:12,677:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 02:12:12,678:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-10 02:12:12,678:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-10 02:12:12,684:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-10 02:12:12,749:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-10 02:12:12,750:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert5.pem is signed by the certificate's issuer. 2023-03-10 02:12:12,750:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert5.pem is: OCSPCertStatus.GOOD 2023-03-10 02:12:12,751:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-10 02:12:12,752:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 02:12:12,753:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-10 02:12:12,753:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-10 02:12:12,753:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-10 02:12:12,753:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) /etc/letsencrypt/live/metukim.xyz/fullchain.pem expires on 2023-06-07 (skipped) 2023-03-10 02:12:12,753:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-10 02:12:12,754:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) 2023-03-10 02:12:12,754:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-10 02:12:12,757:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 1 renew failure(s), 0 parse failure(s) 2023-03-10 02:12:12,759:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s) 2023-03-10 10:21:34,445:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-10 10:21:34,446:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-10 10:21:34,446:DEBUG:certbot._internal.main:Arguments: [] 2023-03-10 10:21:34,446:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-10 10:21:34,460:DEBUG:certbot._internal.log:Root logging level set at 20 2023-03-10 10:21:34,475:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-10 10:21:34,478:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-10 10:21:34,489:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-10 10:21:34,498:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-10 10:21:34,574:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-10 10:21:34,576:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-10 10:21:34,580:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-10 10:21:34,586:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-10 10:21:34,586:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-10 10:21:34,586:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 10:21:35,093:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-10 10:21:35,096:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-10 10:21:35,096:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-10 10:21:35,096:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-10 10:21:35,106:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-10 10:21:35,107:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-10 10:21:35,109:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-10 10:21:35,320:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-10 10:21:35,321:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:21:35 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "i5oGPa9BOEo": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-10 10:21:35,323:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-10 10:21:35,438:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0120_key-certbot.pem 2023-03-10 10:21:35,444:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0120_csr-certbot.pem 2023-03-10 10:21:35,445:DEBUG:acme.client:Requesting fresh nonce 2023-03-10 10:21:35,445:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-10 10:21:35,515:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-10 10:21:35,516:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:21:35 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: C400LF66B4QzBcJChknGb9cwymZke2wpU1WnrzfCgixD94c X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-10 10:21:35,516:DEBUG:acme.client:Storing nonce: C400LF66B4QzBcJChknGb9cwymZke2wpU1WnrzfCgixD94c 2023-03-10 10:21:35,516:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-10 10:21:35,519:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM0MDBMRjY2QjRRekJjSkNoa25HYjljd3ltWmtlMndwVTFXbnJ6ZkNnaXhEOTRjIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "FBP1BSW4vTEUhelQBHpB4_7B6FNPiAQDwthZhu0UZerJyLYEgQC3Ao3PZ72HG7gjFGl6SYvGbd5fgd05ltMikeekqrqjvhQRVEFQjBzzrRGrpK6ReKFHNSrj4W8VD9ivbJ6nBfsBOQdDGb9wVmAR6mHSGwnBWpzq68WTyxpZ-97LE3Zsz0hqyQrr4D-a1-K78Iy-KKVM2jrYI747eCHaI9cB21NJQlQ0jZPgU7IIsNF9eIOh41JLRiHswLWGBHc6PsEnCJgoVD17UiZjOcG8CLvgOllqePMTAlDnbMBBQgXZE-XVM707JTHX9eTN5y9DiAy3TfNgVN_KaYx39ziKVg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-10 10:21:35,625:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-10 10:21:35,626:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Fri, 10 Mar 2023 10:21:35 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/169256077497 Replay-Nonce: C400o_egtS3y32-yXBe_FeHc3MM36uxXaWOmGS9nb29Th8k X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-17T10:21:35Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/209703822037" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/169256077497" } 2023-03-10 10:21:35,626:DEBUG:acme.client:Storing nonce: C400o_egtS3y32-yXBe_FeHc3MM36uxXaWOmGS9nb29Th8k 2023-03-10 10:21:35,626:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:21:35,628:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209703822037: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM0MDBvX2VndFMzeTMyLXlYQmVfRmVIYzNNTTM2dXhYYVdPbUdTOW5iMjlUaDhrIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk3MDM4MjIwMzcifQ", "signature": "NNdgYkBTshjXe0oA43huagUdBpVqA1hwNJUrUwACeCDwhkpyheL2-yHOzbjjBHwjNaoVglBcQLEu--gzRXetfN7m0gkR2X6hRZpX8-O9NzVzQ1op5Gq_iyWLsE5iQsNkTBuNiMJwQMayXo01jlR-_scwt6iV55WdFK2CzuswBGnod1FGnYuixoRmWgd6cXtEmAf-Wk9n2IRjBlIiT0zxBpamZIDyJBGGAl4EBTnFV9XJLIhedZe6eGHcg8iQQqjTWFco3de5LirOOC18ExSBVJapFEcboOShOADFyt1rZfWT3pUBChw1NJTLVi9QND5gPzMPU06aeBjRs3zFJrso5g", "payload": "" } 2023-03-10 10:21:35,706:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209703822037 HTTP/1.1" 200 794 2023-03-10 10:21:35,706:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:21:35 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: F9777mMeWnpb93c4Rh2sCEmqW4va_eG-AoVdKhJYZ9fO2ZE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-17T10:21:35Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209703822037/ixr3Ng", "token": "6QUoKGZ_F6uIdTF0AgcgGSoSsy5kp95PpIZJeLoSb74" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209703822037/q09GWg", "token": "6QUoKGZ_F6uIdTF0AgcgGSoSsy5kp95PpIZJeLoSb74" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209703822037/Zo484Q", "token": "6QUoKGZ_F6uIdTF0AgcgGSoSsy5kp95PpIZJeLoSb74" } ] } 2023-03-10 10:21:35,707:DEBUG:acme.client:Storing nonce: F9777mMeWnpb93c4Rh2sCEmqW4va_eG-AoVdKhJYZ9fO2ZE 2023-03-10 10:21:35,707:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-10 10:21:35,708:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-10 10:21:35,728:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-10 10:21:35,729:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-10 10:21:35,730:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-10 10:21:35,731:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-10 10:21:35,731:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-10 10:21:35,731:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-10 10:21:35,731:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-10 10:21:35,732:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-10 10:21:35,732:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-10 10:21:35,732:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-10 10:21:35,732:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-10 10:21:35,733:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-10 10:21:35,733:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-10 10:21:35,733:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-10 10:21:35,733:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-10 10:21:35,733:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-10 10:21:35,734:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-10 10:21:35,734:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-10 10:21:35,734:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-10 10:21:35,735:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-10 10:21:35,735:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-10 10:21:35,735:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-10 10:21:35,735:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-10 10:21:35,735:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-10 10:21:35,736:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-10 10:21:35,736:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-10 10:21:35,736:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-10 10:21:35,736:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-10 10:21:35,737:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-10 10:21:35,737:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-10 10:21:35,737:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-10 10:21:35,737:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-10 10:21:35,738:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-10 10:21:35,738:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-10 10:21:35,738:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-10 10:21:35,738:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-10 10:21:35,740:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/6QUoKGZ_F6uIdTF0AgcgGSoSsy5kp95PpIZJeLoSb74{default_type text/plain;return 200 6QUoKGZ_F6uIdTF0AgcgGSoSsy5kp95PpIZJeLoSb74.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-10 10:21:36,796:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-03-10 10:21:36,800:DEBUG:acme.client:JWS payload: b'{}' 2023-03-10 10:21:36,806:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/209703822037/ixr3Ng: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkY5Nzc3bU1lV25wYjkzYzRSaDJzQ0VtcVc0dmFfZUctQW9WZEtoSllaOWZPMlpFIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yMDk3MDM4MjIwMzcvaXhyM05nIn0", "signature": "Y7L7g3BCCOmbaG-TlRJFsg96wMPNi-nuNLtxPXXg21VQPkPDO-yDVBci_lTQ25BtyssziQHAGyv6eq04yVqC48B1w7Ye-aHhJKhFQZFsHcMfiPLlwgw5J6uDCZovTYwG_hVZIfdTgjibA2VRiMmVMb9pEWQLa7PA-14bBAU-6T3Q-8-lB47osaO8N-aYbWYGxo2g2YA_UML2cCLF4R9shOkLErKIV_XvRbsTzWwWuJte6uX7WGC9BpYSQgKgJCds-Y-xgZKRLGH5okTW8CZOFBfw5dWayiKaGuK6a4BHyPwhAW7W-zE_4fLDLSEDRZFqEwOJn7uNFXpXVHmV6M9BUw", "payload": "e30" } 2023-03-10 10:21:36,888:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/209703822037/ixr3Ng HTTP/1.1" 200 187 2023-03-10 10:21:36,890:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:21:36 GMT Content-Type: application/json Content-Length: 187 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/209703822037/ixr3Ng Replay-Nonce: A5FE93afeshcYqBs_spvqV_FS36sd4PP2FvAJgWps2214yA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209703822037/ixr3Ng", "token": "6QUoKGZ_F6uIdTF0AgcgGSoSsy5kp95PpIZJeLoSb74" } 2023-03-10 10:21:36,890:DEBUG:acme.client:Storing nonce: A5FE93afeshcYqBs_spvqV_FS36sd4PP2FvAJgWps2214yA 2023-03-10 10:21:37,893:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:21:37,895:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209703822037: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkE1RkU5M2FmZXNoY1lxQnNfc3B2cVZfRlMzNnNkNFBQMkZ2QUpnV3BzMjIxNHlBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk3MDM4MjIwMzcifQ", "signature": "MQGEQnt2prm-3fMB1dvtzIy7S7y4FekLHtnzcH5j5xzbtWf4FD6XiN4QETxNuzq8SORWSQo_htwOlpo0_fyLjjxHWnSAbGipeqGS3sV3mnURkGoxrEmBX19hYgSL_878p4TtIDzAm0YGmPQVw3aOTMy6w7uCo5UpJ2TvzmkcTLrbXM0rxeK96z7DstylLajIoxuPnUF3IMUAA__-TbfbnHLeNFoMInvE_Xy2Wx08vWWW5pTjmh5HACaxM-7nIPQ4m2tx3yP7hSjvsuvJz_wzooHsBL35HcUFWN6Ybrp4d1r2TwUzZvPu6i838PUAwUqOdfhBTqv7AF48kxUYeOVPfA", "payload": "" } 2023-03-10 10:21:37,969:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209703822037 HTTP/1.1" 200 1484 2023-03-10 10:21:37,970:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:21:37 GMT Content-Type: application/json Content-Length: 1484 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 853FbpgESUCvPBk8NGQyhp9aCzavfq0cdevkUJMh32OfUy8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "invalid", "expires": "2023-03-17T10:21:35Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/6QUoKGZ_F6uIdTF0AgcgGSoSsy5kp95PpIZJeLoSb74: 404", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209703822037/ixr3Ng", "token": "6QUoKGZ_F6uIdTF0AgcgGSoSsy5kp95PpIZJeLoSb74", "validationRecord": [ { "url": "http://dagoth.xyz/.well-known/acme-challenge/6QUoKGZ_F6uIdTF0AgcgGSoSsy5kp95PpIZJeLoSb74", "hostname": "dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" }, { "url": "https://dagoth.xyz/.well-known/acme-challenge/6QUoKGZ_F6uIdTF0AgcgGSoSsy5kp95PpIZJeLoSb74", "hostname": "dagoth.xyz", "port": "443", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-10T10:21:36Z" } ] } 2023-03-10 10:21:37,970:DEBUG:acme.client:Storing nonce: 853FbpgESUCvPBk8NGQyhp9aCzavfq0cdevkUJMh32OfUy8 2023-03-10 10:21:37,971:WARNING:certbot._internal.auth_handler:Challenge failed for domain dagoth.xyz 2023-03-10 10:21:37,971:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-10 10:21:37,972:DEBUG:certbot._internal.reporter:Reporting to user: The following errors were reported by the server: Domain: dagoth.xyz Type: unauthorized Detail: 2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/6QUoKGZ_F6uIdTF0AgcgGSoSsy5kp95PpIZJeLoSb74: 404 To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. 2023-03-10 10:21:37,974:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-10 10:21:37,974:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-10 10:21:37,974:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-10 10:21:39,267:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: Some challenges have failed. 2023-03-10 10:21:39,273:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-10 10:21:39,274:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-10 10:21:39,296:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-10 10:21:39,354:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-10 10:21:39,357:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-10 10:21:39,359:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-10 10:21:39,361:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-10 10:21:39,362:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 10:21:39,363:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-10 10:21:39,364:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-10 10:21:39,373:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-10 10:21:39,439:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-10 10:21:39,441:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert5.pem is signed by the certificate's issuer. 2023-03-10 10:21:39,442:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert5.pem is: OCSPCertStatus.GOOD 2023-03-10 10:21:39,444:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-10 10:21:39,445:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 10:21:39,445:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-10 10:21:39,446:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-10 10:21:39,446:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-10 10:21:39,447:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) /etc/letsencrypt/live/metukim.xyz/fullchain.pem expires on 2023-06-07 (skipped) 2023-03-10 10:21:39,447:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-10 10:21:39,447:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) 2023-03-10 10:21:39,447:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-10 10:21:39,448:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 1 renew failure(s), 0 parse failure(s) 2023-03-10 10:21:39,449:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s) 2023-03-10 10:22:18,471:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-10 10:22:18,472:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-10 10:22:18,472:DEBUG:certbot._internal.main:Arguments: ['--dry-run'] 2023-03-10 10:22:18,473:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-10 10:22:18,487:DEBUG:certbot._internal.log:Root logging level set at 20 2023-03-10 10:22:18,506:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-10 10:22:18,510:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-10 10:22:18,520:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-10 10:22:18,520:DEBUG:certbot._internal.cli:Var dry_run=True (set by user). 2023-03-10 10:22:18,520:DEBUG:certbot._internal.cli:Var server={'dry_run', 'staging'} (set by user). 2023-03-10 10:22:18,520:DEBUG:certbot._internal.cli:Var dry_run=True (set by user). 2023-03-10 10:22:18,521:DEBUG:certbot._internal.cli:Var server={'dry_run', 'staging'} (set by user). 2023-03-10 10:22:18,521:DEBUG:certbot._internal.cli:Var account={'server'} (set by user). 2023-03-10 10:22:18,531:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-10 10:22:18,602:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-10 10:22:18,605:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-10 10:22:18,612:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-10 10:22:18,624:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-10 10:22:18,624:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-10 10:22:18,625:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 10:22:19,009:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-10 10:22:19,010:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-10 10:22:19,010:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-10 10:22:19,010:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-10 10:22:19,023:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-10 10:22:19,024:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory. 2023-03-10 10:22:19,026:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org:443 2023-03-10 10:22:19,244:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 830 2023-03-10 10:22:19,244:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:19 GMT Content-Type: application/json Content-Length: 830 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "N1pIymtMarU": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org/docs/staging-environment/" }, "newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-staging-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-10 10:22:19,246:DEBUG:certbot.display.util:Notifying user: Simulating renewal of an existing certificate for dagoth.xyz 2023-03-10 10:22:19,621:DEBUG:acme.client:Requesting fresh nonce 2023-03-10 10:22:19,622:DEBUG:acme.client:Sending HEAD request to https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-10 10:22:19,692:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-10 10:22:19,693:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:19 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A272_rM2QLg4h0SP6rzR4bevjel1Ugkb8HqeULvuNDQLwe4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-10 10:22:19,693:DEBUG:acme.client:Storing nonce: A272_rM2QLg4h0SP6rzR4bevjel1Ugkb8HqeULvuNDQLwe4 2023-03-10 10:22:19,693:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-10 10:22:19,695:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJBMjcyX3JNMlFMZzRoMFNQNnJ6UjRiZXZqZWwxVWdrYjhIcWVVTHZ1TkRRTHdlNCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "auKhDFWMuRvMX37GfjX3sILZklMhME8JaH1DpeM1OFkQO3bKtSY-HOWdn4hoeK44Vwcoh7XS9GadWlslwKoDj2zGlvTl2vPei5MTZOWu386sXRp812FKN_MSItX0QtsifoIN3LwuUCJhycQGaymVC6wdfY8K6KVqc3-s_S_Xy88CTPU4OzvLQQymziICWmfPsz_GNzt2AI6DqV3S_2TtGypPvoe-62AmqcBPIL2oZP2kBO7zgC6kzz8OlEqUdMsJ8mFlzFxErDs8eAOIPiCYxlSeMiMWzjljwG4OAmYUBYSgbDD9FJceEfT8-8_ysGAMHXyuKuZxOlGqGuyqfTaTYg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-10 10:22:19,807:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 346 2023-03-10 10:22:19,808:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Fri, 10 Mar 2023 10:22:19 GMT Content-Type: application/json Content-Length: 346 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/92221854/7657738814 Replay-Nonce: 8F05lA1osZtXVBqdNAbR1BZ9_0gksQkPdD4Hg4nVH18juDA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-17T10:22:19Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5667014164" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7657738814" } 2023-03-10 10:22:19,808:DEBUG:acme.client:Storing nonce: 8F05lA1osZtXVBqdNAbR1BZ9_0gksQkPdD4Hg4nVH18juDA 2023-03-10 10:22:19,808:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:22:19,810:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5667014164: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICI4RjA1bEExb3NadFhWQnFkTkFiUjFCWjlfMGdrc1FrUGRENEhnNG5WSDE4anVEQSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjY3MDE0MTY0In0", "signature": "WRATWSFQnA4eE1btyISeb5rI4tj1fYUtSqM6vEDBs4ApBAI3JVsUWT-rGUl5m1stMDhLR4QBOkFbBHn_Q4OPJ2_4MbA9b-VeUuSKXQN2cmcrIOQpzFqLjaEdwOXqW9ySB8f7lNcLgXhjAUWtPiJm1rtarKYdcxWOIoO8sT-GWSjWVHe-58KxYOBAlB7CQAGLS8Grd2I5xajxlgI4d9OKMwo7lavUCVAH5GCtl_WU614jaP1ZxqlgHOG03qZgu7MGP-ulnEQY-QZaysWL2jH3Z1hVSQ82bwb9j_Qjsem2qScnBITynJGWvdOcVk1-yNnw4YqXeB7h6i15awVXBpadVw", "payload": "" } 2023-03-10 10:22:19,885:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5667014164 HTTP/1.1" 200 812 2023-03-10 10:22:19,886:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:19 GMT Content-Type: application/json Content-Length: 812 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A272ZNlpC8Qiepe4dpfbMZh627eQnX-zW0qtX8xWSwaxGCI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-17T10:22:19Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014164/0DtbQQ", "token": "KUfY6SuO7OqOHfNL91BgNXEBoY5tQJBNlRLEgN93tCU" }, { "type": "dns-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014164/wbae3A", "token": "KUfY6SuO7OqOHfNL91BgNXEBoY5tQJBNlRLEgN93tCU" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014164/q0w7tw", "token": "KUfY6SuO7OqOHfNL91BgNXEBoY5tQJBNlRLEgN93tCU" } ] } 2023-03-10 10:22:19,886:DEBUG:acme.client:Storing nonce: A272ZNlpC8Qiepe4dpfbMZh627eQnX-zW0qtX8xWSwaxGCI 2023-03-10 10:22:19,887:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-10 10:22:19,887:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-10 10:22:19,908:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-10 10:22:19,909:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-10 10:22:19,910:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-10 10:22:19,910:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-10 10:22:19,910:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-10 10:22:19,911:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-10 10:22:19,911:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-10 10:22:19,911:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-10 10:22:19,911:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-10 10:22:19,911:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-10 10:22:19,912:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-10 10:22:19,912:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-10 10:22:19,912:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-10 10:22:19,912:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-10 10:22:19,912:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-10 10:22:19,913:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-10 10:22:19,913:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-10 10:22:19,913:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-10 10:22:19,913:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-10 10:22:19,913:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-10 10:22:19,914:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-10 10:22:19,914:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-10 10:22:19,914:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-10 10:22:19,915:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-10 10:22:19,915:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-10 10:22:19,915:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-10 10:22:19,916:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-10 10:22:19,916:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-10 10:22:19,916:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-10 10:22:19,916:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-10 10:22:19,917:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-10 10:22:19,917:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-10 10:22:19,917:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-10 10:22:19,917:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-10 10:22:19,918:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-10 10:22:19,918:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-10 10:22:19,919:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/KUfY6SuO7OqOHfNL91BgNXEBoY5tQJBNlRLEgN93tCU{default_type text/plain;return 200 KUfY6SuO7OqOHfNL91BgNXEBoY5tQJBNlRLEgN93tCU.rutHM0HPUvW9biKo3hmSituCng-hbrpi2dBppfbsoM4;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-10 10:22:20,973:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-03-10 10:22:20,975:DEBUG:acme.client:JWS payload: b'{}' 2023-03-10 10:22:20,977:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014164/0DtbQQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJBMjcyWk5scEM4UWllcGU0ZHBmYk1aaDYyN2VRblgtelcwcXRYOHhXU3dheEdDSSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My81NjY3MDE0MTY0LzBEdGJRUSJ9", "signature": "xczw4-oKc4894e8cx1Kv54sCegK7f4Jq10ri3ok9ufnFxsoBQecOs2VUnb7PDWjvcqTRs4qR9p4ZeonUlklfL9bpuet0AzWcIj-azghhQILpGtTny1o4yTCeqyYbVLTqcFQWVrO1C-Z_JXUWbyFbM7llklhhVFonBcmPValBfpBhMet1gUCeshJhGE-enubCHLuB3MJee1-OXR1CCHzbsJGADRBmhX6T6vSOhNlK1XSsqDlOpuuzNcNt9EK7HFvdavzcQVgMyZnzY0wE67y20RfdziHUgZLB4ZL4vpuV_RYUvQgANqbg9bjT0rDpLOUx518e5O93XDFp7LTaW8I_gA", "payload": "e30" } 2023-03-10 10:22:21,055:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/5667014164/0DtbQQ HTTP/1.1" 200 193 2023-03-10 10:22:21,056:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:21 GMT Content-Type: application/json Content-Length: 193 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014164/0DtbQQ Replay-Nonce: A272S6nx4sNhxCnprmgz9KdL1i7JJhOdZOIkSlOLqKsfUAQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014164/0DtbQQ", "token": "KUfY6SuO7OqOHfNL91BgNXEBoY5tQJBNlRLEgN93tCU" } 2023-03-10 10:22:21,056:DEBUG:acme.client:Storing nonce: A272S6nx4sNhxCnprmgz9KdL1i7JJhOdZOIkSlOLqKsfUAQ 2023-03-10 10:22:22,057:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:22:22,059:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5667014164: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJBMjcyUzZueDRzTmh4Q25wcm1nejlLZEwxaTdKSmhPZFpPSWtTbE9McUtzZlVBUSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjY3MDE0MTY0In0", "signature": "vK7uUD-t3Mn9TszeEG8QM9_ymydPdCe8AUYu-EFIdgAzUJj1az-HnZhkyXY-xc-dUmoz99C5FI6sRvkarcI6wc_o2UjDMC5AGCm4kAFjj6mPAvPriYk45cRrs-qcU3yGSh1mA_LYtnlSRUCYOquEOE0gdIkRXSzPNPBIH_Vk1mQFOZf3PJ-kIRQn1PEqGpZgj8idCjZS1Fyb21nsHLVDFebTTS6hfmUYsQOsQf_0XPO5FouDN1tqikmCH7dsMBL6_geav4PA90_sscfQnLFUys4yi7gqhazFP4SzEHeic16H-Kgd0LJ-w5hJBRRVd88TsHPfWH37z2N6foVwBTf82g", "payload": "" } 2023-03-10 10:22:22,171:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5667014164 HTTP/1.1" 200 1490 2023-03-10 10:22:22,172:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:22 GMT Content-Type: application/json Content-Length: 1490 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: BEB9YVVJ0X5NOef8skJh8wSc-lM6XfHUEn_Oq5WsHQSuOu8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "invalid", "expires": "2023-03-17T10:22:19Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/KUfY6SuO7OqOHfNL91BgNXEBoY5tQJBNlRLEgN93tCU: 404", "status": 403 }, "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014164/0DtbQQ", "token": "KUfY6SuO7OqOHfNL91BgNXEBoY5tQJBNlRLEgN93tCU", "validationRecord": [ { "url": "http://dagoth.xyz/.well-known/acme-challenge/KUfY6SuO7OqOHfNL91BgNXEBoY5tQJBNlRLEgN93tCU", "hostname": "dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" }, { "url": "https://dagoth.xyz/.well-known/acme-challenge/KUfY6SuO7OqOHfNL91BgNXEBoY5tQJBNlRLEgN93tCU", "hostname": "dagoth.xyz", "port": "443", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-10T10:22:21Z" } ] } 2023-03-10 10:22:22,173:DEBUG:acme.client:Storing nonce: BEB9YVVJ0X5NOef8skJh8wSc-lM6XfHUEn_Oq5WsHQSuOu8 2023-03-10 10:22:22,175:WARNING:certbot._internal.auth_handler:Challenge failed for domain dagoth.xyz 2023-03-10 10:22:22,176:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-10 10:22:22,177:DEBUG:certbot._internal.reporter:Reporting to user: The following errors were reported by the server: Domain: dagoth.xyz Type: unauthorized Detail: 2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/KUfY6SuO7OqOHfNL91BgNXEBoY5tQJBNlRLEgN93tCU: 404 To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. 2023-03-10 10:22:22,180:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-10 10:22:22,180:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-10 10:22:22,180:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-10 10:22:23,464:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: Some challenges have failed. 2023-03-10 10:22:23,470:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-10 10:22:23,480:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-10 10:22:23,484:DEBUG:certbot._internal.cli:Var dry_run=True (set by user). 2023-03-10 10:22:23,485:DEBUG:certbot._internal.cli:Var server={'dry_run', 'staging'} (set by user). 2023-03-10 10:22:23,485:DEBUG:certbot._internal.cli:Var dry_run=True (set by user). 2023-03-10 10:22:23,485:DEBUG:certbot._internal.cli:Var server={'dry_run', 'staging'} (set by user). 2023-03-10 10:22:23,485:DEBUG:certbot._internal.cli:Var account={'server'} (set by user). 2023-03-10 10:22:23,499:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-10 10:22:23,508:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-10 10:22:23,510:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-10 10:22:23,511:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-10 10:22:23,513:INFO:certbot._internal.renewal:Cert not due for renewal, but simulating renewal for dry run 2023-03-10 10:22:23,513:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 10:22:23,818:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-10 10:22:23,819:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-10 10:22:23,819:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-10 10:22:23,819:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-10 10:22:23,827:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-10 10:22:23,828:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory. 2023-03-10 10:22:23,829:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org:443 2023-03-10 10:22:24,041:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 830 2023-03-10 10:22:24,042:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:23 GMT Content-Type: application/json Content-Length: 830 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "FCYjUgfNEq0": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org/docs/staging-environment/" }, "newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-staging-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-10 10:22:24,043:DEBUG:certbot.display.util:Notifying user: Simulating renewal of an existing certificate for mail.dagoth.xyz and www.mail.dagoth.xyz 2023-03-10 10:22:24,208:DEBUG:acme.client:Requesting fresh nonce 2023-03-10 10:22:24,209:DEBUG:acme.client:Sending HEAD request to https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-10 10:22:24,279:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-10 10:22:24,280:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:24 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: BEB9Nke7ckadNON3nyyCzWPEzwbi7psWyuh8MAU7VFiT0m8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-10 10:22:24,280:DEBUG:acme.client:Storing nonce: BEB9Nke7ckadNON3nyyCzWPEzwbi7psWyuh8MAU7VFiT0m8 2023-03-10 10:22:24,281:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "mail.dagoth.xyz"\n },\n {\n "type": "dns",\n "value": "www.mail.dagoth.xyz"\n }\n ]\n}' 2023-03-10 10:22:24,283:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCRUI5TmtlN2NrYWROT04zbnl5Q3pXUEV6d2JpN3BzV3l1aDhNQVU3VkZpVDBtOCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "gSMaAr07seSnyURmyGg-auL_rbw0_f3eh5rn1dSpr199Zh7tmBStlKbwVJLIoQHm6UlGq6rV2dP2peDzDXdz39QWpgI663p4ipDXuFO7TMM7i8vaKTVNUmuFLjcMOVzqEf3O7n1T8kNPvmyVrkYuOCBjfYdUe6gR7E_msLsq8JfJ0TaBqBV8MyJ-luYKWIT4aSVR22JVaNo674NhHsHd2bTpW9hM15fOh5VLYtVDc7s6fT8NDg2lehicxx0PiW7inlH6y2Ys8z2P104px8XkkWH_eFkngivpd7aLjIXUnGBK-2QEi_Pm12bkZr1xHufyk_79gMIBgyyE8UygGkgOyQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm1haWwuZGFnb3RoLnh5eiIKICAgIH0sCiAgICB7CiAgICAgICJ0eXBlIjogImRucyIsCiAgICAgICJ2YWx1ZSI6ICJ3d3cubWFpbC5kYWdvdGgueHl6IgogICAgfQogIF0KfQ" } 2023-03-10 10:22:24,384:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 497 2023-03-10 10:22:24,385:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Fri, 10 Mar 2023 10:22:24 GMT Content-Type: application/json Content-Length: 497 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/92221854/7657739834 Replay-Nonce: BEB98nQApwpgZ_3A3Lw6Xmyq5mOeFTgKeAlM5K6XltYKUR0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "ready", "expires": "2023-03-17T10:22:24Z", "identifiers": [ { "type": "dns", "value": "mail.dagoth.xyz" }, { "type": "dns", "value": "www.mail.dagoth.xyz" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910044", "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910054" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7657739834" } 2023-03-10 10:22:24,385:DEBUG:acme.client:Storing nonce: BEB98nQApwpgZ_3A3Lw6Xmyq5mOeFTgKeAlM5K6XltYKUR0 2023-03-10 10:22:24,385:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:22:24,387:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910044: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCRUI5OG5RQXB3cGdaXzNBM0x3NlhteXE1bU9lRlRnS2VBbE01SzZYbHRZS1VSMCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjU1OTEwMDQ0In0", "signature": "rEGZigLlHVoSNATw_64Rh74xA791K5PDk5YZ0KbxdY1uWBtLLMluVPtbmvZhiCFYWEi9i65Zh65vdpD-kqiRQhwl0V9V1pL3Vv6ZhPgHosN2qQxO8GZpzZSJP-34Zzx-AKp6NH6BH4bBNMq22Zv09QGX9-kHwsXSPZmTc_l24Zm3UGQuC65OfbgbVzfRVOaRFylr3YXBkICiAsfMCZ--ipHsiA6-CZMIoi6d5zjmJR9zvFQsYjOKKHpmBtLgRmezppgwsg5QlJBi2YJNK5PYCEjmip2s0xtgNwZHUJ399L5Xf0vKpNJijOWyaaSJVR6l0U5Wl4KhsaevQ1qUxlyy7A", "payload": "" } 2023-03-10 10:22:24,465:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5655910044 HTTP/1.1" 200 839 2023-03-10 10:22:24,465:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:24 GMT Content-Type: application/json Content-Length: 839 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: B37C-zrIfGZrh9m1rtPyeMDpEFvrYlp1aFm82zGgiDd2wxI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "mail.dagoth.xyz" }, "status": "valid", "expires": "2023-04-08T13:07:15Z", "challenges": [ { "type": "http-01", "status": "valid", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910044/-7Vdhw", "token": "BUyjLkLORkM49UaDS8U1u3cHuq73UaRsletJlu3wGAg", "validationRecord": [ { "url": "http://mail.dagoth.xyz/.well-known/acme-challenge/BUyjLkLORkM49UaDS8U1u3cHuq73UaRsletJlu3wGAg", "hostname": "mail.dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-09T13:07:15Z" } ] } 2023-03-10 10:22:24,466:DEBUG:acme.client:Storing nonce: B37C-zrIfGZrh9m1rtPyeMDpEFvrYlp1aFm82zGgiDd2wxI 2023-03-10 10:22:24,466:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:22:24,469:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910054: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCMzdDLXpySWZHWnJoOW0xcnRQeWVNRHBFRnZyWWxwMWFGbTgyekdnaURkMnd4SSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjU1OTEwMDU0In0", "signature": "L329DF4gLEWycNDB0cWG_QDErouGJ5u_V6ZSHuSFGL1KY9eUc3TgF5yT31kZLk16_Zlvw8wQP3RnN-C0xdPlh3fjglglp2afTluoyrE_k9p4wSp2p30aT-PJNgu36NKQA11Fnv6miQccOulXzo6GXsdj_150ah2QiQGRBQEcwWKzQ5Nulc_SjHdtF3p-34CNlaCIfUxysRy_zE3wSvRdKUSx8pzFHhHPTZbRZj0G1a83cMlm_ZwxdL_-nQ7f5rBJrHMe_8aOc6f5a7kkoz7sx1QyjuPZZAbLCPv97SWFwxG0C3DPXTnixLHSwJ_TaD-TitsdOWA5JRDJWeCgUUAUIg", "payload": "" } 2023-03-10 10:22:24,542:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5655910054 HTTP/1.1" 200 851 2023-03-10 10:22:24,542:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:24 GMT Content-Type: application/json Content-Length: 851 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: B37C7kWwEIjDtA8OAF7usXMdVhn_vhXHHvtbwuiB7RYdFJc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.mail.dagoth.xyz" }, "status": "valid", "expires": "2023-04-08T13:07:16Z", "challenges": [ { "type": "http-01", "status": "valid", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910054/R8JlCg", "token": "hHndj9vR3KUKB_hzcKu5XWTuAfwFktoV4UZqL_r1Uoo", "validationRecord": [ { "url": "http://www.mail.dagoth.xyz/.well-known/acme-challenge/hHndj9vR3KUKB_hzcKu5XWTuAfwFktoV4UZqL_r1Uoo", "hostname": "www.mail.dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-09T13:07:15Z" } ] } 2023-03-10 10:22:24,542:DEBUG:acme.client:Storing nonce: B37C7kWwEIjDtA8OAF7usXMdVhn_vhXHHvtbwuiB7RYdFJc 2023-03-10 10:22:24,543:DEBUG:acme.client:JWS payload: b'{\n "status": "deactivated"\n}' 2023-03-10 10:22:24,545:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910044: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCMzdDN2tXd0VJakR0QThPQUY3dXNYTWRWaG5fdmhYSEh2dGJ3dWlCN1JZZEZKYyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjU1OTEwMDQ0In0", "signature": "MIvYRgZOguTlNUaSr1VEs5kqts8pmkiPge1NEZ6dzcwnQ8hKkue7LeIh-Kyo0oPC8UxSF2ichL0H1NlpGrOAodOB00ak3XWpcOp8122lvtCVB8jcQe3jeljuPolJ11mSFQu_qW-kD7B7AUhKiol6RlQR82hwD9vyWumQFs_SRCaBxm8Yh2maENdib62mdqfXX66tb555dvJELg8COy-Szz1Nhp9Ex47oEj4vmZ1j8ZTsHTl5nc-9BwyCi53jeFuxQvJq586uos0XbQeyrUzkFUYHdZEeEQ1v94tZEWGJGwC-IRowB82pTy662G0yN8jxvBiNVii8qMXhkoW8-YKb7w", "payload": "ewogICJzdGF0dXMiOiAiZGVhY3RpdmF0ZWQiCn0" } 2023-03-10 10:22:24,621:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5655910044 HTTP/1.1" 200 845 2023-03-10 10:22:24,622:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:24 GMT Content-Type: application/json Content-Length: 845 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 8F05thfgObrwaPoRVX9O8synLJgA0Gy2v0Bq21zx1waJ3d0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "mail.dagoth.xyz" }, "status": "deactivated", "expires": "2023-04-08T13:07:15Z", "challenges": [ { "type": "http-01", "status": "valid", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910044/-7Vdhw", "token": "BUyjLkLORkM49UaDS8U1u3cHuq73UaRsletJlu3wGAg", "validationRecord": [ { "url": "http://mail.dagoth.xyz/.well-known/acme-challenge/BUyjLkLORkM49UaDS8U1u3cHuq73UaRsletJlu3wGAg", "hostname": "mail.dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-09T13:07:15Z" } ] } 2023-03-10 10:22:24,622:DEBUG:acme.client:Storing nonce: 8F05thfgObrwaPoRVX9O8synLJgA0Gy2v0Bq21zx1waJ3d0 2023-03-10 10:22:24,623:DEBUG:acme.client:JWS payload: b'{\n "status": "deactivated"\n}' 2023-03-10 10:22:24,624:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910054: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICI4RjA1dGhmZ09icndhUG9SVlg5TzhzeW5MSmdBMEd5MnYwQnEyMXp4MXdhSjNkMCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjU1OTEwMDU0In0", "signature": "I1AWTh4qoc4GOPaHzJ34ACj-MOSu71OQgLhv0zWuWXLQHK4kzwWI4uchTKFH4pzMGN5jc-CQtXhr3WwvQa5gAqunamFipPjG5NKiYC7jRYq8ywFcx66IKaSt6_88XzUs6ojG5gojTpxvEWFz54adU1u_-0pam2WoCW2S9fG1NsdCM4FlCqzlbWBJn-0Idy6ePQV4dwbyd6dszGN3jkTPeOxYFRf6Agjjklo_qm2evn-z-r0Vo4cBcMktlLVHLSCK6_zAbhYbWVWRmjN0byjPqjYsFOzVKRvtoa8V2Wk7JVWjM2eP8KhhgeySg85zY9PB088xqf-ExtCFSf3Lho8anA", "payload": "ewogICJzdGF0dXMiOiAiZGVhY3RpdmF0ZWQiCn0" } 2023-03-10 10:22:24,699:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5655910054 HTTP/1.1" 200 857 2023-03-10 10:22:24,700:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:24 GMT Content-Type: application/json Content-Length: 857 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 8F05J1ai6fqgAxUx-watjCeQXMvMIUedzc2bAs3dm_c3UQk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.mail.dagoth.xyz" }, "status": "deactivated", "expires": "2023-04-08T13:07:16Z", "challenges": [ { "type": "http-01", "status": "valid", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910054/R8JlCg", "token": "hHndj9vR3KUKB_hzcKu5XWTuAfwFktoV4UZqL_r1Uoo", "validationRecord": [ { "url": "http://www.mail.dagoth.xyz/.well-known/acme-challenge/hHndj9vR3KUKB_hzcKu5XWTuAfwFktoV4UZqL_r1Uoo", "hostname": "www.mail.dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-09T13:07:15Z" } ] } 2023-03-10 10:22:24,700:DEBUG:acme.client:Storing nonce: 8F05J1ai6fqgAxUx-watjCeQXMvMIUedzc2bAs3dm_c3UQk 2023-03-10 10:22:24,701:DEBUG:certbot._internal.client:Recreating order after authz deactivations 2023-03-10 10:22:24,702:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "mail.dagoth.xyz"\n },\n {\n "type": "dns",\n "value": "www.mail.dagoth.xyz"\n }\n ]\n}' 2023-03-10 10:22:24,704:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICI4RjA1SjFhaTZmcWdBeFV4LXdhdGpDZVFYTXZNSVVlZHpjMmJBczNkbV9jM1VRayIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "OypuiXMcR_kLSE3Yz0Z8x7jjt0w6yHTEqMrhdboqx1gy2DOYr-G5Kcn1Ha5V8Sk6ti_WqIsVmVYe8B0zFWbANKpKiqUtTOINVrT4lupBVUcQchVnZJjiDYTKMiIku7OgFoXIPKca02ZQ6GJG2LeEPevI4iO_UlSiI4tDrSI9Das8p721Mxqd1n0hr3EUmT0jvgJ8IQe6WwauQ8fnZd2lmkzjAHbZQFPBPzGO6nlg_bMxK1CoiZUQj3xZl7k-gn3iIBdD3s1aXBWdue8TUPxHbDCRfjS3W8lXfvuVKbSwsiarzw70SjX_yGToPouiiFuhf1W7xkbHJ13-ZCGn3ExQNQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm1haWwuZGFnb3RoLnh5eiIKICAgIH0sCiAgICB7CiAgICAgICJ0eXBlIjogImRucyIsCiAgICAgICJ2YWx1ZSI6ICJ3d3cubWFpbC5kYWdvdGgueHl6IgogICAgfQogIF0KfQ" } 2023-03-10 10:22:24,810:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 499 2023-03-10 10:22:24,811:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Fri, 10 Mar 2023 10:22:24 GMT Content-Type: application/json Content-Length: 499 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/92221854/7657739944 Replay-Nonce: B37CZ1_nAsePnbrtaBOY2J90gHIFU4TEEfryoPDWB1Z9ma8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-17T10:22:24Z", "identifiers": [ { "type": "dns", "value": "mail.dagoth.xyz" }, { "type": "dns", "value": "www.mail.dagoth.xyz" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5667014944", "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5667014954" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7657739944" } 2023-03-10 10:22:24,811:DEBUG:acme.client:Storing nonce: B37CZ1_nAsePnbrtaBOY2J90gHIFU4TEEfryoPDWB1Z9ma8 2023-03-10 10:22:24,811:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:22:24,813:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5667014944: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCMzdDWjFfbkFzZVBuYnJ0YUJPWTJKOTBnSElGVTRURUVmcnlvUERXQjFaOW1hOCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjY3MDE0OTQ0In0", "signature": "AXop8-JVg_Upo6m6d6gKzFbA9KND4QuzBSI8zeusWEpLcWh4TDegLGdjd0AvpB9rjSYmc0P7vF9ZaMTrRyVuhwb4rANE8P7c5g2AP0EfYgtomxgwn4wn0DENIVnIirfOij5oNApVvTVE1L4RmuzhNcx-JYz4M8ro9Fc-EFRefp3SvcR8DGG6DNdCYCgn4vi1toVJD62vGcQhFZyagMiO0AARi6mYQkB0xKpP0jXb9NNWVAN4LWPoF7w9zngeSFceOE2IlsqPvKnuPzwI704rh6mdfU_nN4UDj8u5Eti690FUCn34KGvDFdt9iJ_dsh9ONaaP0Qa2RZhbKhZuTc85og", "payload": "" } 2023-03-10 10:22:24,887:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5667014944 HTTP/1.1" 200 817 2023-03-10 10:22:24,887:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:24 GMT Content-Type: application/json Content-Length: 817 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A272hoBYSJIo2hGuIU2J4QyVapTi0yKaqeRjEiuQJNpLMkE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "mail.dagoth.xyz" }, "status": "pending", "expires": "2023-03-17T10:22:24Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014944/IOuO_w", "token": "FYGLIfDSp8O8s_NnfZ5X0IW51NhXIrOVX5xvlxHgYU0" }, { "type": "dns-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014944/A02Lcw", "token": "FYGLIfDSp8O8s_NnfZ5X0IW51NhXIrOVX5xvlxHgYU0" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014944/rP7auA", "token": "FYGLIfDSp8O8s_NnfZ5X0IW51NhXIrOVX5xvlxHgYU0" } ] } 2023-03-10 10:22:24,887:DEBUG:acme.client:Storing nonce: A272hoBYSJIo2hGuIU2J4QyVapTi0yKaqeRjEiuQJNpLMkE 2023-03-10 10:22:24,888:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:22:24,890:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5667014954: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJBMjcyaG9CWVNKSW8yaEd1SVUySjRReVZhcFRpMHlLYXFlUmpFaXVRSk5wTE1rRSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjY3MDE0OTU0In0", "signature": "i-AKAnpJHVYicknBpw1Byn7AtUn3ffvMEkNNNuwIouyKEyszrNDA4xtJBPGlvntVs5kF7Qn27UDtteFkYKuEta42zzomCqF7sUoMdpGOKBRDTQBvMjx1WWqQU_JG_Q_Ep5eDK2jQiZt5CsaYXlwwRHn-wOwLr7qJRofniILgTBDi035LfZwaZ4jOdfpPlhVpKsLdm9jrFBlvEG58nQ5hdspzhcYEQkZnVv_MbIhZpIC4_I4aycNgLmURQSbTTN2yZS7W7jfgthoslLME5Df6_zTjwngmgRRLKjXxYFZorgFhE_o4gQ_lCKHSHxo56KmG1P8BZpxbPhJC0GiKM9e8-Q", "payload": "" } 2023-03-10 10:22:24,961:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5667014954 HTTP/1.1" 200 821 2023-03-10 10:22:24,962:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:24 GMT Content-Type: application/json Content-Length: 821 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A2720kr7HYG5H1Qrvpt9AoiH8rqbWsS-2O0bh4-xJq8l8z4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.mail.dagoth.xyz" }, "status": "pending", "expires": "2023-03-17T10:22:24Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014954/NBIrVw", "token": "A8I8by10FpgpLVqSOkhP22Kie5D1-kdqatDyAi5cOk8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014954/YZ6OlQ", "token": "A8I8by10FpgpLVqSOkhP22Kie5D1-kdqatDyAi5cOk8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014954/pKvbVw", "token": "A8I8by10FpgpLVqSOkhP22Kie5D1-kdqatDyAi5cOk8" } ] } 2023-03-10 10:22:24,962:DEBUG:acme.client:Storing nonce: A2720kr7HYG5H1Qrvpt9AoiH8rqbWsS-2O0bh4-xJq8l8z4 2023-03-10 10:22:24,963:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-10 10:22:24,963:INFO:certbot._internal.auth_handler:http-01 challenge for mail.dagoth.xyz 2023-03-10 10:22:24,964:INFO:certbot._internal.auth_handler:http-01 challenge for www.mail.dagoth.xyz 2023-03-10 10:22:25,009:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-10 10:22:25,011:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-10 10:22:25,011:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-10 10:22:25,011:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-10 10:22:25,012:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-10 10:22:25,012:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-10 10:22:25,012:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-10 10:22:25,013:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-10 10:22:25,013:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-10 10:22:25,013:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-10 10:22:25,013:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-10 10:22:25,014:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-10 10:22:25,014:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-10 10:22:25,014:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-10 10:22:25,014:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-10 10:22:25,015:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-10 10:22:25,015:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-10 10:22:25,015:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-10 10:22:25,015:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-10 10:22:25,016:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-10 10:22:25,016:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-10 10:22:25,016:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-10 10:22:25,016:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-10 10:22:25,017:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-10 10:22:25,017:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-10 10:22:25,017:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-10 10:22:25,018:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-10 10:22:25,018:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-10 10:22:25,018:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-10 10:22:25,018:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-10 10:22:25,019:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-10 10:22:25,019:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-10 10:22:25,019:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-10 10:22:25,019:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-10 10:22:25,020:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-10 10:22:25,020:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-10 10:22:25,021:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server { listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-10 10:22:25,023:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/mail: server { root /var/www/mail; index index.html index.htm index.nginx-debian.html; server_name mail.dagoth.xyz www.mail.dagoth.xyz; location / { try_files $uri $uri/ =404; } listen [::]:443 ssl; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/mail.dagoth.xyz/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = www.mail.dagoth.xyz) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = mail.dagoth.xyz) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name mail.dagoth.xyz www.mail.dagoth.xyz; return 404; # managed by Certbot location = /.well-known/acme-challenge/FYGLIfDSp8O8s_NnfZ5X0IW51NhXIrOVX5xvlxHgYU0{default_type text/plain;return 200 FYGLIfDSp8O8s_NnfZ5X0IW51NhXIrOVX5xvlxHgYU0.rutHM0HPUvW9biKo3hmSituCng-hbrpi2dBppfbsoM4;} # managed by Certbot location = /.well-known/acme-challenge/A8I8by10FpgpLVqSOkhP22Kie5D1-kdqatDyAi5cOk8{default_type text/plain;return 200 A8I8by10FpgpLVqSOkhP22Kie5D1-kdqatDyAi5cOk8.rutHM0HPUvW9biKo3hmSituCng-hbrpi2dBppfbsoM4;} # managed by Certbot } 2023-03-10 10:22:26,079:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-03-10 10:22:26,080:DEBUG:acme.client:JWS payload: b'{}' 2023-03-10 10:22:26,082:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014944/IOuO_w: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJBMjcyMGtyN0hZRzVIMVFydnB0OUFvaUg4cnFiV3NTLTJPMGJoNC14SnE4bDh6NCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My81NjY3MDE0OTQ0L0lPdU9fdyJ9", "signature": "FfxYpBp_6o6QKvN8U9C-t-49ZTzpVj1eNLFkAe-GzGHuFm-wzMGZ8cwdnqs6DxbVuVNvd8xjU_U6vuP8dBtq8_oiTc13Emc3u5Fy0EXdhIMLbdyjsSQOPboRPOdVu6SB-2pfl04AJUWJprui3qud0mGh8KQ736JiYFOw3yCSLyGzEEm_w2Yv9CMGr0QrcplbHI52R8F-8fZDBhQDUdi1RXmxcd284QhX9mjcbehceisKLWJ73yoJf9VP3pjnnhgDlP0LBMrB3jpJCUos9_dxSHoI5j4kLVH_z0JWHrkTwh7_ICBD7y95x5mJPqNJJlMW06xqd_2IViMtJUbOJ54okA", "payload": "e30" } 2023-03-10 10:22:26,159:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/5667014944/IOuO_w HTTP/1.1" 200 193 2023-03-10 10:22:26,160:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:26 GMT Content-Type: application/json Content-Length: 193 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014944/IOuO_w Replay-Nonce: B37Cn3BDnfcXIC-lVlj6O8yFn2-IFHUgr1LndjDRvJFXgKw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014944/IOuO_w", "token": "FYGLIfDSp8O8s_NnfZ5X0IW51NhXIrOVX5xvlxHgYU0" } 2023-03-10 10:22:26,160:DEBUG:acme.client:Storing nonce: B37Cn3BDnfcXIC-lVlj6O8yFn2-IFHUgr1LndjDRvJFXgKw 2023-03-10 10:22:26,161:DEBUG:acme.client:JWS payload: b'{}' 2023-03-10 10:22:26,162:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014954/NBIrVw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCMzdDbjNCRG5mY1hJQy1sVmxqNk84eUZuMi1JRkhVZ3IxTG5kakRSdkpGWGdLdyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My81NjY3MDE0OTU0L05CSXJWdyJ9", "signature": "eSI4NHSTKZgvet27FvsrUmW2ZIrUQvnz5lItxTZ1AvyLkrDlw6tLgdlhoJcaHLp8WwQPf2QsOYZB5nCLSbywjlWIvq__zsjOzMF38R-ZTHDu7nlKAYS9Cs_64mmNwUgsJfn6Og4bJ_1VxJM1ftB_vYfLEQd61uxkIn-G-GUbzl9DuOqRbbOnUmC6egODiHMTGVEUOVL879gGEAzKzJ6ZBdA941FHYwKwuJSXUNjRto_GDS6jIEzgTLrgSQVPiVZBPuH4PsDWCupvD7RvWuImrml2oYuid438Zmr31lQ4fnROyhl6HxghGF79zLND0P6inHyd39pK72lkDuwNCDgXlQ", "payload": "e30" } 2023-03-10 10:22:26,236:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/5667014954/NBIrVw HTTP/1.1" 200 193 2023-03-10 10:22:26,237:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:26 GMT Content-Type: application/json Content-Length: 193 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014954/NBIrVw Replay-Nonce: B37CX8msjd9FPDSArxf78ASkA6Q-D9DAYvlfK89g6W9EDXs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014954/NBIrVw", "token": "A8I8by10FpgpLVqSOkhP22Kie5D1-kdqatDyAi5cOk8" } 2023-03-10 10:22:26,237:DEBUG:acme.client:Storing nonce: B37CX8msjd9FPDSArxf78ASkA6Q-D9DAYvlfK89g6W9EDXs 2023-03-10 10:22:27,239:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:22:27,241:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5667014944: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCMzdDWDhtc2pkOUZQRFNBcnhmNzhBU2tBNlEtRDlEQVl2bGZLODlnNlc5RURYcyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjY3MDE0OTQ0In0", "signature": "CH9-ArxUNsAEFnqMJDcniU6Tbc8JvuMSfMoBES8aJkMgYGo0bRP5YdSHGv6FQ-rjy38pcYh8q6RgZuyzXmnkFCW5MaTqyXWNFfdbkhWaq2HXTs37HiMHNvrhRDjcgHeXCITOFCw1Gx63qtgmW30YPxKV33KCJn1SAZRRuobYEPdDcq14in4rdC_CoqlQJYOklPUEQqj2kVWBvrjwjpQeMM4Pj3vLzAYaRAM6PuWQ-VKGjoKFf5YLfr0KI3JVVD_xjDsdaAhqr_qK_aAIQAkiC97C3GBiYuqA72GOOFifD_1YH5mOIYtasB2NXf7wU8tL2zT7aomoHKIehNsMq5KS7Q", "payload": "" } 2023-03-10 10:22:27,315:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5667014944 HTTP/1.1" 200 839 2023-03-10 10:22:27,315:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:27 GMT Content-Type: application/json Content-Length: 839 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A272hD76q0Byc3p0yRPf7gY41BjHXdNLuEYCgaso-wyITCY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "mail.dagoth.xyz" }, "status": "valid", "expires": "2023-04-09T10:22:26Z", "challenges": [ { "type": "http-01", "status": "valid", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014944/IOuO_w", "token": "FYGLIfDSp8O8s_NnfZ5X0IW51NhXIrOVX5xvlxHgYU0", "validationRecord": [ { "url": "http://mail.dagoth.xyz/.well-known/acme-challenge/FYGLIfDSp8O8s_NnfZ5X0IW51NhXIrOVX5xvlxHgYU0", "hostname": "mail.dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-10T10:22:26Z" } ] } 2023-03-10 10:22:27,316:DEBUG:acme.client:Storing nonce: A272hD76q0Byc3p0yRPf7gY41BjHXdNLuEYCgaso-wyITCY 2023-03-10 10:22:27,316:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:22:27,318:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5667014954: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJBMjcyaEQ3NnEwQnljM3AweVJQZjdnWTQxQmpIWGROTHVFWUNnYXNvLXd5SVRDWSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjY3MDE0OTU0In0", "signature": "V-F0WcfyoeOzLSxp618CJqZl3ZHsFVxnuGfXMRTyB73QtezUEAm3TzqmLYUGAZyK168XyXs1wxqMeJXi020MUGX_NSM5qlPi8HawBJ3F_T3Y_aCIroxZ_zEqldQhHH0_XdexHpWt1Lu575CAkQaygCoienf0XgofTPUOqGwidPWZ0sN2znK3ryi1MAtEJzYK4U4eBJzFrXcHJbAqRjMQrLiF3RyDRMkA4Y12CRQQwavrXJPwDlcFXTS0cCMVbE1CxCAQGnkCIod_X4oT9QkGCgU9q_gqIZluftinfDsWZmANa1iPxqCALLnAq4fLjrm6qvDtWAgdyYLYWLxbm3MoFg", "payload": "" } 2023-03-10 10:22:27,391:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5667014954 HTTP/1.1" 200 851 2023-03-10 10:22:27,392:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:27 GMT Content-Type: application/json Content-Length: 851 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: BEB9R1kF9TyJDg0k0lOJaFQ8DnJ3yA1ysfGXyZ62TtZSyXU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.mail.dagoth.xyz" }, "status": "valid", "expires": "2023-04-09T10:22:26Z", "challenges": [ { "type": "http-01", "status": "valid", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667014954/NBIrVw", "token": "A8I8by10FpgpLVqSOkhP22Kie5D1-kdqatDyAi5cOk8", "validationRecord": [ { "url": "http://www.mail.dagoth.xyz/.well-known/acme-challenge/A8I8by10FpgpLVqSOkhP22Kie5D1-kdqatDyAi5cOk8", "hostname": "www.mail.dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-10T10:22:26Z" } ] } 2023-03-10 10:22:27,392:DEBUG:acme.client:Storing nonce: BEB9R1kF9TyJDg0k0lOJaFQ8DnJ3yA1ysfGXyZ62TtZSyXU 2023-03-10 10:22:27,393:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-10 10:22:27,393:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-10 10:22:28,711:DEBUG:certbot._internal.client:CSR: CSR(file=None, data=b'-----BEGIN CERTIFICATE REQUEST-----\nMIIChzCCAW8CAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALW3\nXbWCkIKOlQYosAoNnQAOqe85hgGyVK7xkmFF/+guyfOlYqadVkc0tLA9lbM1JR9T\nN6MfmbLu/cK3uKqVw6QBTh5tN2YF/qbwiGMG0NfowJPoi+r2ovCuD4WOtV4ch+It\nQaHHBSADw940gdV0ZC42gpRhENN+WXQwSV/8vlSVMw27WLjOZJGS1wQpxlBb0iie\n9VtsW9afRWbZH1YZwcfqKLimm0C+s76NhQ7KTtduCeNQU6Q1vpOEBXwQq8qjxknc\naftsyMb9zYkhRAuS7/PqYBS+4+rILgYncPGmclBB5kfmKHzwKftZ+ItmviroeQna\nG5OMZlDzo2YHOeizqrMCAwEAAaBCMEAGCSqGSIb3DQEJDjEzMDEwLwYDVR0RBCgw\nJoIPbWFpbC5kYWdvdGgueHl6ghN3d3cubWFpbC5kYWdvdGgueHl6MA0GCSqGSIb3\nDQEBCwUAA4IBAQBN6eafvbIIdVMR8QYYwmW4mySuXtUUwY3EGthK4LhW9mICxVXa\nkZ+1SZE4KSPOpGDIoalJjvWJsl42cQRNbrWd3vtYGdVpkf0YCrSWda3QiexVQLWr\nEPeT6vuEhvDRc0DVZAcWvpxGNEgJFA3VPiVbxcmHiVpnO0R+t0kSnTDZ1YUn5i4y\nvrNz8vPOc4RxUxFNFqecgYs6eZWoD2XRcf3cyOgoC7N2V80DJbKcyjuctKpu2RtN\nEUiQqzZn4XMl2IuE7FPg8YSKys0XjVfkn6dlqPPoBDSXBmDIrssTAUVULH94Lf4O\nHqk7VljlUS8nGLhJarFFIYXt1C6WmvIeA35c\n-----END CERTIFICATE REQUEST-----\n', form='pem') 2023-03-10 10:22:28,715:DEBUG:acme.client:JWS payload: b'{\n "csr": "MIIChzCCAW8CAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALW3XbWCkIKOlQYosAoNnQAOqe85hgGyVK7xkmFF_-guyfOlYqadVkc0tLA9lbM1JR9TN6MfmbLu_cK3uKqVw6QBTh5tN2YF_qbwiGMG0NfowJPoi-r2ovCuD4WOtV4ch-ItQaHHBSADw940gdV0ZC42gpRhENN-WXQwSV_8vlSVMw27WLjOZJGS1wQpxlBb0iie9VtsW9afRWbZH1YZwcfqKLimm0C-s76NhQ7KTtduCeNQU6Q1vpOEBXwQq8qjxkncaftsyMb9zYkhRAuS7_PqYBS-4-rILgYncPGmclBB5kfmKHzwKftZ-ItmviroeQnaG5OMZlDzo2YHOeizqrMCAwEAAaBCMEAGCSqGSIb3DQEJDjEzMDEwLwYDVR0RBCgwJoIPbWFpbC5kYWdvdGgueHl6ghN3d3cubWFpbC5kYWdvdGgueHl6MA0GCSqGSIb3DQEBCwUAA4IBAQBN6eafvbIIdVMR8QYYwmW4mySuXtUUwY3EGthK4LhW9mICxVXakZ-1SZE4KSPOpGDIoalJjvWJsl42cQRNbrWd3vtYGdVpkf0YCrSWda3QiexVQLWrEPeT6vuEhvDRc0DVZAcWvpxGNEgJFA3VPiVbxcmHiVpnO0R-t0kSnTDZ1YUn5i4yvrNz8vPOc4RxUxFNFqecgYs6eZWoD2XRcf3cyOgoC7N2V80DJbKcyjuctKpu2RtNEUiQqzZn4XMl2IuE7FPg8YSKys0XjVfkn6dlqPPoBDSXBmDIrssTAUVULH94Lf4OHqk7VljlUS8nGLhJarFFIYXt1C6WmvIeA35c"\n}' 2023-03-10 10:22:28,718:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7657739944: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCRUI5UjFrRjlUeUpEZzBrMGxPSmFGUThEbkozeUExeXNmR1h5WjYyVHRaU3lYVSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9maW5hbGl6ZS85MjIyMTg1NC83NjU3NzM5OTQ0In0", "signature": "tqZ3_JqnWIXb4qJh8T04pbZ2xDHSP9f-RUqoFyOfzaNMXvN3OZNgT8SvOeohwQiEkGDmpa-0lnasxO-X1MEyG30EBA3P1Bc6R7pm05ovqY58S0qO6Vkd-owr1Ns-Q6nNnykJb6BiTS_zeVWSmjCChBQMKYg5gK4peXzff18EJvHcbHwAUL74qJU7lWvTlSbtKcwWuibAOnsbTKiOhLqiqqSd8QG-r3JSx17r7R9RNHlqr8ZmcUB-za3avw7BEXuqTwrNzNBz__2a5jnjEtXzffe2C7PMF5RF7F6tjy06MwfGZeYGptVO5uJPLQA-FeFOzvYTXszOl3nCFxpDaABDmA", "payload": "ewogICJjc3IiOiAiTUlJQ2h6Q0NBVzhDQVFJd0FEQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQUxXM1hiV0NrSUtPbFFZb3NBb05uUUFPcWU4NWhnR3lWSzd4a21GRl8tZ3V5Zk9sWXFhZFZrYzB0TEE5bGJNMUpSOVRONk1mbWJMdV9jSzN1S3FWdzZRQlRoNXROMllGX3Fid2lHTUcwTmZvd0pQb2ktcjJvdkN1RDRXT3RWNGNoLUl0UWFISEJTQUR3OTQwZ2RWMFpDNDJncFJoRU5OLVdYUXdTVl84dmxTVk13MjdXTGpPWkpHUzF3UXB4bEJiMGlpZTlWdHNXOWFmUldiWkgxWVp3Y2ZxS0xpbW0wQy1zNzZOaFE3S1R0ZHVDZU5RVTZRMXZwT0VCWHdRcThxanhrbmNhZnRzeU1iOXpZa2hSQXVTN19QcVlCUy00LXJJTGdZbmNQR21jbEJCNWtmbUtIendLZnRaLUl0bXZpcm9lUW5hRzVPTVpsRHpvMllIT2VpenFyTUNBd0VBQWFCQ01FQUdDU3FHU0liM0RRRUpEakV6TURFd0x3WURWUjBSQkNnd0pvSVBiV0ZwYkM1a1lXZHZkR2d1ZUhsNmdoTjNkM2N1YldGcGJDNWtZV2R2ZEdndWVIbDZNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUJONmVhZnZiSUlkVk1SOFFZWXdtVzRteVN1WHRVVXdZM0VHdGhLNExoVzltSUN4Vlhha1otMVNaRTRLU1BPcEdESW9hbEpqdldKc2w0MmNRUk5icldkM3Z0WUdkVnBrZjBZQ3JTV2RhM1FpZXhWUUxXckVQZVQ2dnVFaHZEUmMwRFZaQWNXdnB4R05FZ0pGQTNWUGlWYnhjbUhpVnBuTzBSLXQwa1NuVERaMVlVbjVpNHl2ck56OHZQT2M0UnhVeEZORnFlY2dZczZlWldvRDJYUmNmM2N5T2dvQzdOMlY4MERKYktjeWp1Y3RLcHUyUnRORVVpUXF6Wm40WE1sMkl1RTdGUGc4WVNLeXMwWGpWZmtuNmRscVBQb0JEU1hCbURJcnNzVEFVVlVMSDk0TGY0T0hxazdWbGpsVVM4bkdMaEphckZGSVlYdDFDNldtdkllQTM1YyIKfQ" } 2023-03-10 10:22:28,924:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/finalize/92221854/7657739944 HTTP/1.1" 200 609 2023-03-10 10:22:28,925:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:28 GMT Content-Type: application/json Content-Length: 609 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/92221854/7657739944 Replay-Nonce: 8F05n2u2NcGeVGmcw8eTgxtflUVfT_G0hh9Itgw3MHO0V3c X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "valid", "expires": "2023-03-17T10:22:24Z", "identifiers": [ { "type": "dns", "value": "mail.dagoth.xyz" }, { "type": "dns", "value": "www.mail.dagoth.xyz" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5667014944", "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5667014954" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7657739944", "certificate": "https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa9976f65e5fca95e472e71f14cd4581fa1c" } 2023-03-10 10:22:28,925:DEBUG:acme.client:Storing nonce: 8F05n2u2NcGeVGmcw8eTgxtflUVfT_G0hh9Itgw3MHO0V3c 2023-03-10 10:22:29,926:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:22:29,928:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/order/92221854/7657739944: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICI4RjA1bjJ1Mk5jR2VWR21jdzhlVGd4dGZsVVZmVF9HMGhoOUl0Z3czTUhPMFYzYyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9vcmRlci85MjIyMTg1NC83NjU3NzM5OTQ0In0", "signature": "RM1YObiP_1ZtlorzQ3d7qxxaKtwniORnXrc6wpI2FebuXw1aiNhmqHquS4aU9fjG0b22tC2qxH0QuTw8cfTmKT7lvDW7umHT6MwGQaZbi_Au5CWR6SjH0KOZqnK9CK37pjRO6MmYH5vJmdZexQG0MhGZ13-y0VRNY-i3NNp76agC2LQ_k8_z4UIBKWvVd_P79a9qHavbMw_dEtvARMPsrLIRwqKS08fYGV68o5y43DPvHktyDk4pHPXfns1nBpF8lIaZ25dc9t0l9xKBVbCebXT29Sbb_hJQwby9PylkiqbkjNkHnbv2-mmwMwLPrZeIdneDTJTZND_eI3aB6GJxcA", "payload": "" } 2023-03-10 10:22:30,004:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/order/92221854/7657739944 HTTP/1.1" 200 609 2023-03-10 10:22:30,005:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:29 GMT Content-Type: application/json Content-Length: 609 Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: B37CrG6s94_xtlvTLdJe6RW58F7KRZa8uPqIhH_fxr8kfds X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "valid", "expires": "2023-03-17T10:22:24Z", "identifiers": [ { "type": "dns", "value": "mail.dagoth.xyz" }, { "type": "dns", "value": "www.mail.dagoth.xyz" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5667014944", "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5667014954" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7657739944", "certificate": "https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa9976f65e5fca95e472e71f14cd4581fa1c" } 2023-03-10 10:22:30,005:DEBUG:acme.client:Storing nonce: B37CrG6s94_xtlvTLdJe6RW58F7KRZa8uPqIhH_fxr8kfds 2023-03-10 10:22:30,005:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:22:30,007:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa9976f65e5fca95e472e71f14cd4581fa1c: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCMzdDckc2czk0X3h0bHZUTGRKZTZSVzU4RjdLUlphOHVQcUloSF9meHI4a2ZkcyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jZXJ0L2ZhOTk3NmY2NWU1ZmNhOTVlNDcyZTcxZjE0Y2Q0NTgxZmExYyJ9", "signature": "CwqkfS4f_APR8QupFtm_Flrbjvd4bOKYDug6-8lkJd8ddajCFlV6mzKqvOY9dwllhPldEzs0LnK2RziGfzEVc1flkQJZogrGc9wBFAoQ43CDEiixJ5itecDHZjxlmgapYa50dSkBlT2W2yXUG9pZEOWO92pGmlRxrpo2fiJ_wffmMP9ErYvwWjBGXJgthNDWY1mVGa-hw5pDzD0PrdgTtA7_KVf_jN-Wo37_q7HbaHs_p77eBG-60bKX8TLVTb-d4pEHIL0iiyEVHFz4xSIXjq1wBLdFYBQkkXrrbnqOUnD_-OOM4JXDEsKA-4tgw8T2pZX8AkrjF_FG87M5u2EWiQ", "payload": "" } 2023-03-10 10:22:30,081:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/cert/fa9976f65e5fca95e472e71f14cd4581fa1c HTTP/1.1" 200 5767 2023-03-10 10:22:30,082:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:30 GMT Content-Type: application/pem-certificate-chain Content-Length: 5767 Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="alternate" Replay-Nonce: A272ug3B4Ut4T2BiMU11J3xJhJVt1kZx6XjaGhumIasNl4U X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 -----BEGIN CERTIFICATE----- MIIFajCCBFKgAwIBAgITAPqZdvZeX8qV5HLnHxTNRYH6HDANBgkqhkiG9w0BAQsF ADBZMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXKFNUQUdJTkcpIExldCdzIEVuY3J5 cHQxKDAmBgNVBAMTHyhTVEFHSU5HKSBBcnRpZmljaWFsIEFwcmljb3QgUjMwHhcN MjMwMzEwMDkyMjI4WhcNMjMwNjA4MDkyMjI3WjAaMRgwFgYDVQQDEw9tYWlsLmRh Z290aC54eXowggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1t121gpCC jpUGKLAKDZ0ADqnvOYYBslSu8ZJhRf/oLsnzpWKmnVZHNLSwPZWzNSUfUzejH5my 7v3Ct7iqlcOkAU4ebTdmBf6m8IhjBtDX6MCT6Ivq9qLwrg+FjrVeHIfiLUGhxwUg A8PeNIHVdGQuNoKUYRDTfll0MElf/L5UlTMNu1i4zmSRktcEKcZQW9IonvVbbFvW n0Vm2R9WGcHH6ii4pptAvrO+jYUOyk7XbgnjUFOkNb6ThAV8EKvKo8ZJ3Gn7bMjG /c2JIUQLku/z6mAUvuPqyC4GJ3DxpnJQQeZH5ih88Cn7WfiLZr4q6HkJ2huTjGZQ 86NmBznos6qzAgMBAAGjggJoMIICZDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFLau wsPa0JTWOBpBoxLyb4MTIUflMB8GA1UdIwQYMBaAFN5yekjfMcOmUN+fhSPfVzdL XS5lMF0GCCsGAQUFBwEBBFEwTzAlBggrBgEFBQcwAYYZaHR0cDovL3N0Zy1yMy5v LmxlbmNyLm9yZzAmBggrBgEFBQcwAoYaaHR0cDovL3N0Zy1yMy5pLmxlbmNyLm9y Zy8wLwYDVR0RBCgwJoIPbWFpbC5kYWdvdGgueHl6ghN3d3cubWFpbC5kYWdvdGgu eHl6MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYB BQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBQYKKwYBBAHWeQIE AgSB9gSB8wDxAHYAKHYaGJAn++880NYaAY12sFBXKcenQRvMvfYE9F1CYVMAAAGG ywsd0AAABAMARzBFAiEAlkRSD7OObrU7dCz1MWyTjarm094hO4EJP7R2ZEN0cewC IFjDFSoKqgGBa4z0GXrTvwCgFPudmw64YSXYSMdN2jxZAHcAwYMkC/GkUMdvuwBy adysO+IqSAXU2+BJZsPIq8RHsAwAAAGGywsd0AAABAMASDBGAiEA/K2CtRZd3VSy c/m7e9Wcm4o8UdfLKKeOTbSvBxdBke8CIQCvpFIgotJTMjJjq9r0XxSOK6emEOEF DuQVVtOyhywgDjANBgkqhkiG9w0BAQsFAAOCAQEAg+kc6PuE32xoMfqamdEWIWbS P70TcDGYDogHSgN4AUBpkQ0+ukDnlMzeyXZqHKR8CA0RD/OdGjQH0O7SoeyXjXe+ i7NgGhTbUMX70Cj55PeU4y4+Ccejn41bB5F5/LqhI6XKC/i2xxDWuWrJLo2m5zOR ZndjRS8IWS4z+u2BR2w+IpaPfrL/A3/ylsq5g0Dzedbh284RWyYV3X7UIBGFNTuy lYdWtW6wnk/EWw3kyhxqIwWFF0jQVjmhQKnTxactagaXP4gqbM3ZKZBWI54vPLJT vx3SxvsoOAU63gbUymKJJrwr1Ngg9uJj82dYoJM6ADigBaRaXrwFKQVrA2ZIfQ== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFWzCCA0OgAwIBAgIQTfQrldHumzpMLrM7jRBd1jANBgkqhkiG9w0BAQsFADBm MQswCQYDVQQGEwJVUzEzMDEGA1UEChMqKFNUQUdJTkcpIEludGVybmV0IFNlY3Vy aXR5IFJlc2VhcmNoIEdyb3VwMSIwIAYDVQQDExkoU1RBR0lORykgUHJldGVuZCBQ ZWFyIFgxMB4XDTIwMDkwNDAwMDAwMFoXDTI1MDkxNTE2MDAwMFowWTELMAkGA1UE BhMCVVMxIDAeBgNVBAoTFyhTVEFHSU5HKSBMZXQncyBFbmNyeXB0MSgwJgYDVQQD Ex8oU1RBR0lORykgQXJ0aWZpY2lhbCBBcHJpY290IFIzMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAu6TR8+74b46mOE1FUwBrvxzEYLck3iasmKrcQkb+ gy/z9Jy7QNIAl0B9pVKp4YU76JwxF5DOZZhi7vK7SbCkK6FbHlyU5BiDYIxbbfvO L/jVGqdsSjNaJQTg3C3XrJja/HA4WCFEMVoT2wDZm8ABC1N+IQe7Q6FEqc8NwmTS nmmRQm4TQvr06DP+zgFK/MNubxWWDSbSKKTH5im5j2fZfg+j/tM1bGaczFWw8/lS nukyn5J2L+NJYnclzkXoh9nMFnyPmVbfyDPOc4Y25aTzVoeBKXa/cZ5MM+WddjdL biWvm19f1sYn1aRaAIrkppv7kkn83vcth8XCG39qC2ZvaQIDAQABo4IBEDCCAQww DgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAS BgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBTecnpI3zHDplDfn4Uj31c3S10u ZTAfBgNVHSMEGDAWgBS182Xy/rAKkh/7PH3zRKCsYyXDFDA2BggrBgEFBQcBAQQq MCgwJgYIKwYBBQUHMAKGGmh0dHA6Ly9zdGcteDEuaS5sZW5jci5vcmcvMCsGA1Ud HwQkMCIwIKAeoByGGmh0dHA6Ly9zdGcteDEuYy5sZW5jci5vcmcvMCIGA1UdIAQb MBkwCAYGZ4EMAQIBMA0GCysGAQQBgt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCN DLam9yN0EFxxn/3p+ruWO6n/9goCAM5PT6cC6fkjMs4uas6UGXJjr5j7PoTQf3C1 vuxiIGRJC6qxV7yc6U0X+w0Mj85sHI5DnQVWN5+D1er7mp13JJA0xbAbHa3Rlczn y2Q82XKui8WHuWra0gb2KLpfboYj1Ghgkhr3gau83pC/WQ8HfkwcvSwhIYqTqxoZ Uq8HIf3M82qS9aKOZE0CEmSyR1zZqQxJUT7emOUapkUN9poJ9zGc+FgRZvdro0XB yphWXDaqMYph0DxW/10ig5j4xmmNDjCRmqIKsKoWA52wBTKKXK1na2ty/lW5dhtA xkz5rVZFd4sgS4J0O+zm6d5GRkWsNJ4knotGXl8vtS3X40KXeb3A5+/3p0qaD215 Xq8oSNORfB2oI1kQuyEAJ5xvPTdfwRlyRG3lFYodrRg6poUBD/8fNTXMtzydpRgy zUQZh/18F6B/iW6cbiRN9r2Hkh05Om+q0/6w0DdZe+8YrNpfhSObr/1eVZbKGMIY qKmyZbBNu5ysENIK5MPc14mUeKmFjpN840VR5zunoU52lqpLDua/qIM8idk86xGW xx2ml43DO/Ya/tVZVok0mO0TUjzJIfPqyvr455IsIut4RlCR9Iq0EDTve2/ZwCuG hSjpTUFGSiQrR2JK2Evp+o6AETUkBCO1aw0PpQBPDQ== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFVDCCBDygAwIBAgIRAO1dW8lt+99NPs1qSY3Rs8cwDQYJKoZIhvcNAQELBQAw cTELMAkGA1UEBhMCVVMxMzAxBgNVBAoTKihTVEFHSU5HKSBJbnRlcm5ldCBTZWN1 cml0eSBSZXNlYXJjaCBHcm91cDEtMCsGA1UEAxMkKFNUQUdJTkcpIERvY3RvcmVk IER1cmlhbiBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQw M1owZjELMAkGA1UEBhMCVVMxMzAxBgNVBAoTKihTVEFHSU5HKSBJbnRlcm5ldCBT ZWN1cml0eSBSZXNlYXJjaCBHcm91cDEiMCAGA1UEAxMZKFNUQUdJTkcpIFByZXRl bmQgUGVhciBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALbagEdD Ta1QgGBWSYkyMhscZXENOBaVRTMX1hceJENgsL0Ma49D3MilI4KS38mtkmdF6cPW nL++fgehT0FbRHZgjOEr8UAN4jH6omjrbTD++VZneTsMVaGamQmDdFl5g1gYaigk kmx8OiCO68a4QXg4wSyn6iDipKP8utsE+x1E28SA75HOYqpdrk4HGxuULvlr03wZ GTIf/oRt2/c+dYmDoaJhge+GOrLAEQByO7+8+vzOwpNAPEx6LW+crEEZ7eBXih6V P19sTGy3yfqK5tPtTdXXCOQMKAp+gCj/VByhmIr+0iNDC540gtvV303WpcbwnkkL YC0Ft2cYUyHtkstOfRcRO+K2cZozoSwVPyB8/J9RpcRK3jgnX9lujfwA/pAbP0J2 UPQFxmWFRQnFjaq6rkqbNEBgLy+kFL1NEsRbvFbKrRi5bYy2lNms2NJPZvdNQbT/ 2dBZKmJqxHkxCuOQFjhJQNeO+Njm1Z1iATS/3rts2yZlqXKsxQUzN6vNbD8KnXRM EeOXUYvbV4lqfCf8mS14WEbSiMy87GB5S9ucSV1XUrlTG5UGcMSZOBcEUpisRPEm QWUOTWIoDQ5FOia/GI+Ki523r2ruEmbmG37EBSBXdxIdndqrjy+QVAmCebyDx9eV EGOIpn26bW5LKerumJxa/CFBaKi4bRvmdJRLAgMBAAGjgfEwge4wDgYDVR0PAQH/ BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLXzZfL+sAqSH/s8ffNE oKxjJcMUMB8GA1UdIwQYMBaAFAhX2onHolN5DE/d4JCPdLriJ3NEMDgGCCsGAQUF BwEBBCwwKjAoBggrBgEFBQcwAoYcaHR0cDovL3N0Zy1kc3QzLmkubGVuY3Iub3Jn LzAtBgNVHR8EJjAkMCKgIKAehhxodHRwOi8vc3RnLWRzdDMuYy5sZW5jci5vcmcv MCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQBgt8TAQEBMA0GCSqGSIb3DQEB CwUAA4IBAQB7tR8B0eIQSS6MhP5kuvGth+dN02DsIhr0yJtk2ehIcPIqSxRRmHGl 4u2c3QlvEpeRDp2w7eQdRTlI/WnNhY4JOofpMf2zwABgBWtAu0VooQcZZTpQruig F/z6xYkBk3UHkjeqxzMN3d1EqGusxJoqgdTouZ5X5QTTIee9nQ3LEhWnRSXDx7Y0 ttR1BGfcdqHopO4IBqAhbkKRjF5zj7OD8cG35omywUbZtOJnftiI0nFcRaxbXo0v oDfLD0S6+AC2R3tKpqjkNX6/91hrRFglUakyMcZU/xleqbv6+Lr3YD8PsBTub6lI oZ2lS38fL18Aon458fbc0BPHtenfhKj5 -----END CERTIFICATE----- 2023-03-10 10:22:30,082:DEBUG:acme.client:Storing nonce: A272ug3B4Ut4T2BiMU11J3xJhJVt1kZx6XjaGhumIasNl4U 2023-03-10 10:22:30,084:DEBUG:certbot._internal.renewal:Dry run: skipping updating lineage at /etc/letsencrypt/live/mail.dagoth.xyz 2023-03-10 10:22:30,085:DEBUG:certbot._internal.updater:Skipping renewal deployer in dry-run mode. 2023-03-10 10:22:31,141:DEBUG:certbot.display.util:Notifying user: new certificate deployed with reload of nginx server; fullchain is /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem 2023-03-10 10:22:31,142:DEBUG:certbot._internal.updater:Skipping updaters in dry-run mode. 2023-03-10 10:22:31,143:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-10 10:22:31,145:DEBUG:certbot._internal.cli:Var dry_run=True (set by user). 2023-03-10 10:22:31,145:DEBUG:certbot._internal.cli:Var server={'dry_run', 'staging'} (set by user). 2023-03-10 10:22:31,145:DEBUG:certbot._internal.cli:Var dry_run=True (set by user). 2023-03-10 10:22:31,145:DEBUG:certbot._internal.cli:Var server={'dry_run', 'staging'} (set by user). 2023-03-10 10:22:31,146:DEBUG:certbot._internal.cli:Var account={'server'} (set by user). 2023-03-10 10:22:31,153:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-10 10:22:31,160:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-10 10:22:31,161:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert5.pem is signed by the certificate's issuer. 2023-03-10 10:22:31,162:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert5.pem is: OCSPCertStatus.GOOD 2023-03-10 10:22:31,164:INFO:certbot._internal.renewal:Cert not due for renewal, but simulating renewal for dry run 2023-03-10 10:22:31,164:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 10:22:31,465:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-10 10:22:31,466:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-10 10:22:31,467:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-10 10:22:31,467:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-10 10:22:31,476:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-10 10:22:31,477:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory. 2023-03-10 10:22:31,479:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org:443 2023-03-10 10:22:31,692:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 830 2023-03-10 10:22:31,693:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:31 GMT Content-Type: application/json Content-Length: 830 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "aK9pu5jiScU": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org/docs/staging-environment/" }, "newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-staging-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-10 10:22:31,695:DEBUG:certbot.display.util:Notifying user: Simulating renewal of an existing certificate for metukim.xyz 2023-03-10 10:22:31,885:DEBUG:acme.client:Requesting fresh nonce 2023-03-10 10:22:31,886:DEBUG:acme.client:Sending HEAD request to https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-10 10:22:31,956:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-10 10:22:31,957:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:31 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 8F05MMQ4N6pNoGnMoVNLMhRkBl2PIg6dUVP_2FyI40Lvg5Y X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-10 10:22:31,957:DEBUG:acme.client:Storing nonce: 8F05MMQ4N6pNoGnMoVNLMhRkBl2PIg6dUVP_2FyI40Lvg5Y 2023-03-10 10:22:31,958:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "metukim.xyz"\n }\n ]\n}' 2023-03-10 10:22:31,960:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICI4RjA1TU1RNE42cE5vR25Nb1ZOTE1oUmtCbDJQSWc2ZFVWUF8yRnlJNDBMdmc1WSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "XvlRhsFhIJPbzvgBk9EmdGeiWazpTCglP6gvAFUJXmfZJYrUt3rmcJpG-z7FHHfhBrAn_Ptb08rtIFVKwLSSL6j9c7Z-wnDvmIs8QADzMYDJANUBP5R1TVFFYlyvHQCUQqAvsIlztG9jU9irM8bOFPi_QfGb6Zg0F2lyF3MjUPl2aSDn1YYrXjh2Oy8RKP8_G_sMrhESeXCrvmgWkcEKkrNjefpp5u8hMxGxjqk5tJ9x8ha9X62MI6SCmoRhJ7iDdRWhKbQHqoZyyqqPbfuYl7dOnB6YINmHraDCuXXJ7ve1PQViCbTtFWCJk0tdbe3ycadcphAhIB0R6CYzXj60Mw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm1ldHVraW0ueHl6IgogICAgfQogIF0KfQ" } 2023-03-10 10:22:32,092:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 345 2023-03-10 10:22:32,093:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Fri, 10 Mar 2023 10:22:32 GMT Content-Type: application/json Content-Length: 345 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/92221854/7657741324 Replay-Nonce: 8F05vzdbIepdYYZ6b5jWzkTG2aOo3P5AVVvudoinI4jlX48 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "ready", "expires": "2023-03-17T10:22:32Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910834" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7657741324" } 2023-03-10 10:22:32,093:DEBUG:acme.client:Storing nonce: 8F05vzdbIepdYYZ6b5jWzkTG2aOo3P5AVVvudoinI4jlX48 2023-03-10 10:22:32,093:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:22:32,095:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910834: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICI4RjA1dnpkYkllcGRZWVo2YjVqV3prVEcyYU9vM1A1QVZWdnVkb2luSTRqbFg0OCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjU1OTEwODM0In0", "signature": "IhNBW4pYAPfMziso_LLclJLTtrtkJJG7agz0G31YepZ_ifBSDA5trp_Jd1iFXmrzF_LmaWo3_BIgEn7CvGe22cwZhsz9dYtMM5PFnrR8o-gDB4Sav0C0Jub5EdAJ-rvMxN0lwsFvGWsWTNDJFuIzFfdmrpstjNgFWkxvRAPq3IUFC167PqzPdncVT2YFjiozb-8nWAIttX-oqJN-1LxATnf0tw_jdCTBO4xZan-FNTSNkDIMeK6sy85Ko1RWArMVm8yANWco8kaha5uP8IIWy6WTMUBwY74RKD8g5hQUUZ0DZzWTdIuwoisquq3nHjhVqUnpG6QF7KsKypfsRyWwDg", "payload": "" } 2023-03-10 10:22:32,169:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5655910834 HTTP/1.1" 200 827 2023-03-10 10:22:32,169:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:32 GMT Content-Type: application/json Content-Length: 827 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: BEB94mCx3hEUhSVoHufEQiaF4iZEpIc6vjQ42y47e93oAI8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "metukim.xyz" }, "status": "valid", "expires": "2023-04-08T13:07:23Z", "challenges": [ { "type": "http-01", "status": "valid", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910834/bHtfYw", "token": "Aw1GRyGNAEryl_-76yMAXX_ZbSh1fgWDowcw84lgUgw", "validationRecord": [ { "url": "http://metukim.xyz/.well-known/acme-challenge/Aw1GRyGNAEryl_-76yMAXX_ZbSh1fgWDowcw84lgUgw", "hostname": "metukim.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-09T13:07:22Z" } ] } 2023-03-10 10:22:32,170:DEBUG:acme.client:Storing nonce: BEB94mCx3hEUhSVoHufEQiaF4iZEpIc6vjQ42y47e93oAI8 2023-03-10 10:22:32,170:DEBUG:acme.client:JWS payload: b'{\n "status": "deactivated"\n}' 2023-03-10 10:22:32,172:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5655910834: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCRUI5NG1DeDNoRVVoU1ZvSHVmRVFpYUY0aVpFcEljNnZqUTQyeTQ3ZTkzb0FJOCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjU1OTEwODM0In0", "signature": "SbWtY3Y1Kf_ENb7r0v1noQIXdDrnRmHGwQJGNe3B_fK-_IPE50G4oiKvdYI-djRnss9F8sfebfx2EbzfYzDMjf7NcjNYZlfSEuavAimG1THUuGIggF0Dswrp-SqYt7NZpF3XZQci-G-nfNqgIndC936QK0J07kpQqpmPe5j0edGPytdu7ZRiDEy_GHexbP_yW5sjCfGeU23-uSIB6qfvwjCmSCt6smB-AEd1UXzl1GQ1sbPnBsSc-hcGVJwFq47p_gh0hEYOQPH1K29Y6cr7TgVHRcKYvB3caRmWdbADLiGIeuvQ72klpiWkpnmzl-78bqKbg6rcYKR1x1WoVsT9yA", "payload": "ewogICJzdGF0dXMiOiAiZGVhY3RpdmF0ZWQiCn0" } 2023-03-10 10:22:32,249:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5655910834 HTTP/1.1" 200 833 2023-03-10 10:22:32,250:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:32 GMT Content-Type: application/json Content-Length: 833 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: B37CURGOsJSooA0pVFOGYYpuXKKXiuqeNAb2EcC3geOXQIE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "metukim.xyz" }, "status": "deactivated", "expires": "2023-04-08T13:07:23Z", "challenges": [ { "type": "http-01", "status": "valid", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5655910834/bHtfYw", "token": "Aw1GRyGNAEryl_-76yMAXX_ZbSh1fgWDowcw84lgUgw", "validationRecord": [ { "url": "http://metukim.xyz/.well-known/acme-challenge/Aw1GRyGNAEryl_-76yMAXX_ZbSh1fgWDowcw84lgUgw", "hostname": "metukim.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-09T13:07:22Z" } ] } 2023-03-10 10:22:32,250:DEBUG:acme.client:Storing nonce: B37CURGOsJSooA0pVFOGYYpuXKKXiuqeNAb2EcC3geOXQIE 2023-03-10 10:22:32,251:DEBUG:certbot._internal.client:Recreating order after authz deactivations 2023-03-10 10:22:32,251:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "metukim.xyz"\n }\n ]\n}' 2023-03-10 10:22:32,254:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCMzdDVVJHT3NKU29vQTBwVkZPR1lZcHVYS0tYaXVxZU5BYjJFY0MzZ2VPWFFJRSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "cjmf3nCMeiyueloPZ53HZX33NScs3i7MIpmkOgwPXWA0Ikt1eBMgR-8AbSmVO5JUny-bn1t9gZqZ02G3N2CjHHVZatUN2NaiNIX2dL7vnd-Wt33u5cKQ5KS4ZF0ZFtE_mBGq3Ea2EgtF5xh0YVAtZVmFYRfV8NCuIPvpxGMa6q8g-GsMNM9QHzR5BKfAQj_PJ8bIxzSb37AUSP4zNLouVEINZQGE2Ga-tPjSV8CHYGNM0E3WB1A738IcEy30ZbzT2Osm23KQ0ykt5E2uC3_zib41iqMc7PQUiUH5A-wuhV_DXEDKMwJklUt6y-Mqm6PGPrA16S9Y2nkTIdDM1FtS7w", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm1ldHVraW0ueHl6IgogICAgfQogIF0KfQ" } 2023-03-10 10:22:32,354:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 347 2023-03-10 10:22:32,355:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Fri, 10 Mar 2023 10:22:32 GMT Content-Type: application/json Content-Length: 347 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/92221854/7657741374 Replay-Nonce: BEB9yMFH2lXkDHP4zCLcM7RyXFUgs8iM-_NtQeoaoM2XwUU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-17T10:22:32Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5667015964" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7657741374" } 2023-03-10 10:22:32,355:DEBUG:acme.client:Storing nonce: BEB9yMFH2lXkDHP4zCLcM7RyXFUgs8iM-_NtQeoaoM2XwUU 2023-03-10 10:22:32,356:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:22:32,361:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5667015964: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJCRUI5eU1GSDJsWGtESFA0ekNMY003UnlYRlVnczhpTS1fTnRRZW9hb00yWHdVVSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjY3MDE1OTY0In0", "signature": "z8ZSO2VurJAfeW8FvRKh-8QKgkESYokPq_V668XE4wRAVU8sTaMMUEdRkyg1LiNlJtAFzfDibQ_uHssdNxZ3tLpinqFgl6lVdWk1er1PJm9KQdDGmIeJUOqZVLf-lhYAsi42DzXLOZlPgHRZZhj6Xx4w6mzge8bqzVNny4ixo7_Z2vVcbmftHUwMLqxEGb8_iYnXPeS7fd7qseEYw2c8Jbho6gMnTX1Wwx8hCUlpemXIqDeH25W-4rp5TLCgSoCu1SAyqedp4pxJc_-A-scFUl2P4JOfldTUJbXEw7lNTsviYhDjBH4UHThyuk0Ow7f5QsXWqEBMU9eOwT2dt21iYg", "payload": "" } 2023-03-10 10:22:32,436:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5667015964 HTTP/1.1" 200 813 2023-03-10 10:22:32,437:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:32 GMT Content-Type: application/json Content-Length: 813 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 8F05HRYhwrhh-wTnAg77jO9SB45uzCKPhi9mzBik99_mOeE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "metukim.xyz" }, "status": "pending", "expires": "2023-03-17T10:22:32Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667015964/-p5EWg", "token": "8sQJ6cf5RHFt0Tdfxauv5segGds-xa9sotE0PCKpfHc" }, { "type": "dns-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667015964/3fWOrQ", "token": "8sQJ6cf5RHFt0Tdfxauv5segGds-xa9sotE0PCKpfHc" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667015964/ImfuzQ", "token": "8sQJ6cf5RHFt0Tdfxauv5segGds-xa9sotE0PCKpfHc" } ] } 2023-03-10 10:22:32,438:DEBUG:acme.client:Storing nonce: 8F05HRYhwrhh-wTnAg77jO9SB45uzCKPhi9mzBik99_mOeE 2023-03-10 10:22:32,438:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-10 10:22:32,439:INFO:certbot._internal.auth_handler:http-01 challenge for metukim.xyz 2023-03-10 10:22:32,470:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-10 10:22:32,471:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-10 10:22:32,472:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-10 10:22:32,472:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-10 10:22:32,472:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-10 10:22:32,473:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-10 10:22:32,473:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-10 10:22:32,473:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-10 10:22:32,474:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-10 10:22:32,474:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-10 10:22:32,475:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-10 10:22:32,475:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-10 10:22:32,475:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-10 10:22:32,476:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-10 10:22:32,476:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-10 10:22:32,476:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-10 10:22:32,477:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-10 10:22:32,477:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-10 10:22:32,477:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-10 10:22:32,478:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-10 10:22:32,478:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-10 10:22:32,479:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-10 10:22:32,479:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-10 10:22:32,480:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-10 10:22:32,480:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-10 10:22:32,480:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-10 10:22:32,481:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-10 10:22:32,481:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-10 10:22:32,482:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-10 10:22:32,482:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-10 10:22:32,482:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-10 10:22:32,483:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-10 10:22:32,483:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-10 10:22:32,484:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-10 10:22:32,484:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-10 10:22:32,484:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-10 10:22:32,486:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server { listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-10 10:22:32,488:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/metukim: server { server_name metukim.xyz ; root /var/www/metukim ; index index.html index.htm index.nginx-debian.html ; location / { try_files $uri $uri/ =404 ; } listen [::]:443 ssl; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/metukim.xyz/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/metukim.xyz/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot if ($host = metukim.xyz) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80 ; server_name metukim.xyz ; return 404; # managed by Certbot location = /.well-known/acme-challenge/8sQJ6cf5RHFt0Tdfxauv5segGds-xa9sotE0PCKpfHc{default_type text/plain;return 200 8sQJ6cf5RHFt0Tdfxauv5segGds-xa9sotE0PCKpfHc.rutHM0HPUvW9biKo3hmSituCng-hbrpi2dBppfbsoM4;} # managed by Certbot } 2023-03-10 10:22:33,553:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-03-10 10:22:33,554:DEBUG:acme.client:JWS payload: b'{}' 2023-03-10 10:22:33,556:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667015964/-p5EWg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICI4RjA1SFJZaHdyaGgtd1RuQWc3N2pPOVNCNDV1ekNLUGhpOW16QmlrOTlfbU9lRSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My81NjY3MDE1OTY0Ly1wNUVXZyJ9", "signature": "1m-uGYlny96XCZTHoTR1nA9fs4gYQlc2MsUkFcKqEto-i1G28EnHFv64uIfCuntz4bHi60fQo6WHpWtDCePrGe6EyT7OpfeUTVn2ThSTlUZWcfYVoxqUrFsCIj-2_2HBuR6kw0PkJXbaYg8yR_lljyypoSAU4vFjPY6vO222ePJhjpG9xQVwWSaBWQok_9G723ycFCyPQAJFds6pAPbSFbdKQLX3Wnc0GTFNfv8YUOLZUQu3MuT31hC4_8IGi_raC2UmB0RH4ioKPPP_alqxlVA55aORbwmM_EE7r3ptKvgwmT5TXTJdaH_9Uj2SHqmXo_sBsE8Ywp60QQ5a8h0kTw", "payload": "e30" } 2023-03-10 10:22:33,631:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/5667015964/-p5EWg HTTP/1.1" 200 193 2023-03-10 10:22:33,632:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:33 GMT Content-Type: application/json Content-Length: 193 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667015964/-p5EWg Replay-Nonce: 8F05bN-ax3CHdfwX1RYWIBpddT8JkjwQYRPd4aa-hhJV5WY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667015964/-p5EWg", "token": "8sQJ6cf5RHFt0Tdfxauv5segGds-xa9sotE0PCKpfHc" } 2023-03-10 10:22:33,632:DEBUG:acme.client:Storing nonce: 8F05bN-ax3CHdfwX1RYWIBpddT8JkjwQYRPd4aa-hhJV5WY 2023-03-10 10:22:34,634:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:22:34,636:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5667015964: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICI4RjA1Yk4tYXgzQ0hkZndYMVJZV0lCcGRkVDhKa2p3UVlSUGQ0YWEtaGhKVjVXWSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My81NjY3MDE1OTY0In0", "signature": "aWMtDrsr4NetbIifLG9N6OnzY7XJP8cksZZhZwCpKqlrilRUQ-aWVLAizeM0Pc-kIf_Ur7tBAmbUrgPsbaohasrd-ua4DHEJvT6ctC1ARoS9Pf1xJAy0PRBBl8eSXhYPc2JGBAuiHSOxSu2H5fTLWBrJHmZ2vAdlUV-fPTGT1QVdCNnmW_Ul9kDat_DlX4h9oV5CXGr69dP78LrtPIPCHRIKXzH9lovQFiPAc2DiT0URurt4_WHkOWZnCmRKF35gw9yM2TEoLkQOTrl40nlzF_ltn_Cje0RFwsxixMJw9Pe-QjbhQ0fYZ6vEx2KD86JtQ_CgaFIKKs8q0-EF-_SjnA", "payload": "" } 2023-03-10 10:22:34,710:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/5667015964 HTTP/1.1" 200 827 2023-03-10 10:22:34,711:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:34 GMT Content-Type: application/json Content-Length: 827 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 8F05L2_ZO_NL9S_MGZTXnBPVj1MhB6rAoRb2gPeZXGVBn3w X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "metukim.xyz" }, "status": "valid", "expires": "2023-04-09T10:22:33Z", "challenges": [ { "type": "http-01", "status": "valid", "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/5667015964/-p5EWg", "token": "8sQJ6cf5RHFt0Tdfxauv5segGds-xa9sotE0PCKpfHc", "validationRecord": [ { "url": "http://metukim.xyz/.well-known/acme-challenge/8sQJ6cf5RHFt0Tdfxauv5segGds-xa9sotE0PCKpfHc", "hostname": "metukim.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-10T10:22:33Z" } ] } 2023-03-10 10:22:34,711:DEBUG:acme.client:Storing nonce: 8F05L2_ZO_NL9S_MGZTXnBPVj1MhB6rAoRb2gPeZXGVBn3w 2023-03-10 10:22:34,711:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-10 10:22:34,711:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-10 10:22:35,993:DEBUG:certbot._internal.client:CSR: CSR(file=None, data=b'-----BEGIN CERTIFICATE REQUEST-----\nMIICbjCCAVYCAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIg\nkBS8/GRuxoZeAb+YjYW0YCxCVml8OWuMsQYN+ciw6EUaNJRfZ9wXVMMUgityjt3l\nPsAPd6Z3aAt7DTRuV4A8lD63KOmVhC0bZ6tQpHCtZz6JOdYzTY4H4JhicSYB7NEO\nSeR3a3CSLbCytMrsgUTkhmz9dJz8WqZEL0/o9e8iiZVkcLakIs8YpCXQyB5S1J0v\nWL9Z70aVf/pSLSxfsywx00PynSgX/7rN/Q1h78w9ib5rX3Y5t0j5qdOWlm7keM1F\nT9D1ZZpziwtW2Iqs8bI38G96vbhGsv3h2WauSnE9NlQjRE1SQMLB+bijf+dcLW++\ncaNLIJdVGvA2vn0ZQN0CAwEAAaApMCcGCSqGSIb3DQEJDjEaMBgwFgYDVR0RBA8w\nDYILbWV0dWtpbS54eXowDQYJKoZIhvcNAQELBQADggEBAE/cfIhH2Gs31iq1kPNa\nP88OM4gfIjicbVb0L9muHon7YlxFYZmoXzyUHmk9+H0EBL6fERHAXIqR4kuFKSeX\nU4XGSrU+zYq7nEKvPhtxiUFTV8jq+4trvYl5RY6IAKtpeerHMDaZPkYxtgITclR+\nI637wEXXhfEB6DUWl7mDw9QmJlleK/xUcWhgJ2ioHZTRHWeqTWipV1Uhm4pv99lX\nsKkaseWCO4FU9O5LwzRqeEWLEnbEw9gnE+em4A28v0P0JXgG7UIy7XAdL0HikRmy\nrA0y+cBvBxONPvMv/UEYQ0uxhVtiYMH2W92cKV+KujKqI4bsUOR5dMKF/+07vff6\n2vQ=\n-----END CERTIFICATE REQUEST-----\n', form='pem') 2023-03-10 10:22:35,994:DEBUG:acme.client:JWS payload: b'{\n "csr": "MIICbjCCAVYCAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIgkBS8_GRuxoZeAb-YjYW0YCxCVml8OWuMsQYN-ciw6EUaNJRfZ9wXVMMUgityjt3lPsAPd6Z3aAt7DTRuV4A8lD63KOmVhC0bZ6tQpHCtZz6JOdYzTY4H4JhicSYB7NEOSeR3a3CSLbCytMrsgUTkhmz9dJz8WqZEL0_o9e8iiZVkcLakIs8YpCXQyB5S1J0vWL9Z70aVf_pSLSxfsywx00PynSgX_7rN_Q1h78w9ib5rX3Y5t0j5qdOWlm7keM1FT9D1ZZpziwtW2Iqs8bI38G96vbhGsv3h2WauSnE9NlQjRE1SQMLB-bijf-dcLW--caNLIJdVGvA2vn0ZQN0CAwEAAaApMCcGCSqGSIb3DQEJDjEaMBgwFgYDVR0RBA8wDYILbWV0dWtpbS54eXowDQYJKoZIhvcNAQELBQADggEBAE_cfIhH2Gs31iq1kPNaP88OM4gfIjicbVb0L9muHon7YlxFYZmoXzyUHmk9-H0EBL6fERHAXIqR4kuFKSeXU4XGSrU-zYq7nEKvPhtxiUFTV8jq-4trvYl5RY6IAKtpeerHMDaZPkYxtgITclR-I637wEXXhfEB6DUWl7mDw9QmJlleK_xUcWhgJ2ioHZTRHWeqTWipV1Uhm4pv99lXsKkaseWCO4FU9O5LwzRqeEWLEnbEw9gnE-em4A28v0P0JXgG7UIy7XAdL0HikRmyrA0y-cBvBxONPvMv_UEYQ0uxhVtiYMH2W92cKV-KujKqI4bsUOR5dMKF_-07vff62vQ"\n}' 2023-03-10 10:22:35,997:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7657741374: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICI4RjA1TDJfWk9fTkw5U19NR1pUWG5CUFZqMU1oQjZyQW9SYjJnUGVaWEdWQm4zdyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9maW5hbGl6ZS85MjIyMTg1NC83NjU3NzQxMzc0In0", "signature": "lOfUyiBvGrjY2-MfcwLKOKK5cmYTZK15zr83tvcC7FMBd1tmZZiam-ynAS9xIEqfKxAHpcTS8quPpgdHs71oR7YfX-lQ-65RpV6eGHUbfi_J35ySaSt7espPImnb9GvTml4Qpmwkcc9rHJJtzERyFNRo5tHREmN0mWuEN4aRyLLIZ2gz-ZYqZhOzW4WpewhoRFKE0EeyoDVle6tKK3lt_wI-F5DKDjw_oRDO7S12a_u_0KTTyPIYIaeEwabt2MIeCOCt9CX12cj_CkoqdVfMorDAqa8RHM7f5STQiqwh1-ozdORkRJdYT2_smuzEIzCbB8OCZN3TcCVJXNRPxY5tug", "payload": "ewogICJjc3IiOiAiTUlJQ2JqQ0NBVllDQVFJd0FEQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQU1JZ2tCUzhfR1J1eG9aZUFiLVlqWVcwWUN4Q1ZtbDhPV3VNc1FZTi1jaXc2RVVhTkpSZlo5d1hWTU1VZ2l0eWp0M2xQc0FQZDZaM2FBdDdEVFJ1VjRBOGxENjNLT21WaEMwYlo2dFFwSEN0Wno2Sk9kWXpUWTRINEpoaWNTWUI3TkVPU2VSM2EzQ1NMYkN5dE1yc2dVVGtobXo5ZEp6OFdxWkVMMF9vOWU4aWlaVmtjTGFrSXM4WXBDWFF5QjVTMUowdldMOVo3MGFWZl9wU0xTeGZzeXd4MDBQeW5TZ1hfN3JOX1ExaDc4dzlpYjVyWDNZNXQwajVxZE9XbG03a2VNMUZUOUQxWlpweml3dFcySXFzOGJJMzhHOTZ2YmhHc3YzaDJXYXVTbkU5TmxRalJFMVNRTUxCLWJpamYtZGNMVy0tY2FOTElKZFZHdkEydm4wWlFOMENBd0VBQWFBcE1DY0dDU3FHU0liM0RRRUpEakVhTUJnd0ZnWURWUjBSQkE4d0RZSUxiV1YwZFd0cGJTNTRlWG93RFFZSktvWklodmNOQVFFTEJRQURnZ0VCQUVfY2ZJaEgyR3MzMWlxMWtQTmFQODhPTTRnZklqaWNiVmIwTDltdUhvbjdZbHhGWVptb1h6eVVIbWs5LUgwRUJMNmZFUkhBWElxUjRrdUZLU2VYVTRYR1NyVS16WXE3bkVLdlBodHhpVUZUVjhqcS00dHJ2WWw1Ulk2SUFLdHBlZXJITURhWlBrWXh0Z0lUY2xSLUk2Mzd3RVhYaGZFQjZEVVdsN21EdzlRbUpsbGVLX3hVY1doZ0oyaW9IWlRSSFdlcVRXaXBWMVVobTRwdjk5bFhzS2thc2VXQ080RlU5TzVMd3pScWVFV0xFbmJFdzlnbkUtZW00QTI4djBQMEpYZ0c3VUl5N1hBZEwwSGlrUm15ckEweS1jQnZCeE9OUHZNdl9VRVlRMHV4aFZ0aVlNSDJXOTJjS1YtS3VqS3FJNGJzVU9SNWRNS0ZfLTA3dmZmNjJ2USIKfQ" } 2023-03-10 10:22:36,826:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/finalize/92221854/7657741374 HTTP/1.1" 200 457 2023-03-10 10:22:36,827:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:36 GMT Content-Type: application/json Content-Length: 457 Connection: keep-alive Boulder-Requester: 92221854 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/92221854/7657741374 Replay-Nonce: 8F05bB_dVy1nwKjHWbv42ffeY_VwyM8gO_MakRN1SvQBEKE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "valid", "expires": "2023-03-17T10:22:32Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5667015964" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7657741374", "certificate": "https://acme-staging-v02.api.letsencrypt.org/acme/cert/fada4c629372672ca8414bf9f6b5a8119f9e" } 2023-03-10 10:22:36,828:DEBUG:acme.client:Storing nonce: 8F05bB_dVy1nwKjHWbv42ffeY_VwyM8gO_MakRN1SvQBEKE 2023-03-10 10:22:37,829:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:22:37,831:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/order/92221854/7657741374: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICI4RjA1YkJfZFZ5MW53S2pIV2J2NDJmZmVZX1Z3eU04Z09fTWFrUk4xU3ZRQkVLRSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9vcmRlci85MjIyMTg1NC83NjU3NzQxMzc0In0", "signature": "HaN9jlJePgThKpKOklk1WxrlopPLUlozja4wftyyWD5O5xnyyYvQs2bbZrpjfxcvhwv1kXko0iHRq_ZIJaZC89KNyzMLuW8lUb0aPH-LXRG4YPZIGeDFjFoSsw3UrdrY1S509IkxZ6lSSV63kaxYtE7YtHlZhk9dKy4uenOTxzN_Zg3Tj1inwnTEeU1XnQo_VXlvoNWBXfwE0yxYG0z-zIhu8Mwzv7r8B0y5HzJ7PIfbY48lznOxMtpDGJU_RAhJiPipFbXz19mDTxtIa4joAnekU4HTiKjBD28Yi8g0H8EebbdZiijJboPQsLilyra_xHrQe7GXwHShGIrD3jbLnw", "payload": "" } 2023-03-10 10:22:37,907:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/order/92221854/7657741374 HTTP/1.1" 200 457 2023-03-10 10:22:37,908:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:37 GMT Content-Type: application/json Content-Length: 457 Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A2721hEWyqg33QxiGc9lVE1jAHS2vlsleAhk9lju0Gb-J-8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "valid", "expires": "2023-03-17T10:22:32Z", "identifiers": [ { "type": "dns", "value": "metukim.xyz" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/5667015964" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/92221854/7657741374", "certificate": "https://acme-staging-v02.api.letsencrypt.org/acme/cert/fada4c629372672ca8414bf9f6b5a8119f9e" } 2023-03-10 10:22:37,908:DEBUG:acme.client:Storing nonce: A2721hEWyqg33QxiGc9lVE1jAHS2vlsleAhk9lju0Gb-J-8 2023-03-10 10:22:37,909:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:22:37,910:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/cert/fada4c629372672ca8414bf9f6b5a8119f9e: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC85MjIyMTg1NCIsICJub25jZSI6ICJBMjcyMWhFV3lxZzMzUXhpR2M5bFZFMWpBSFMydmxzbGVBaGs5bGp1MEdiLUotOCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jZXJ0L2ZhZGE0YzYyOTM3MjY3MmNhODQxNGJmOWY2YjVhODExOWY5ZSJ9", "signature": "IU6OJEhC52XZmq5Y2z2lB702mtPbhP_ld159zl6p1IVexyEAmeSU7o_tYeaPHidI6i-g0Ikbd0U_lCGiNPAkloIzvLBhGp6hpgg1lmCke8lv832KgBdhIk2KdZxFUZtfMPNO3MAEO_pUQfOmxj0I3OnYzrmq24UzEqSo0MqRvxuewBQUAcumObULZKkEUOkXmPEG3gSLYl9XukiQUJT5Vz8AfPtUGxy6m9547fFm-OCQ19iGciDewE2e0DvQ6W_03qwRVngRx6gLd0MAzNaRMhJvmCC1uOUx0YJbQefxh09fYUJgX0NA68KgMuJK9VlrBQjJs6U1FxXP-I8RGPzkgQ", "payload": "" } 2023-03-10 10:22:37,985:DEBUG:urllib3.connectionpool:https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/cert/fada4c629372672ca8414bf9f6b5a8119f9e HTTP/1.1" 200 5723 2023-03-10 10:22:37,986:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:22:37 GMT Content-Type: application/pem-certificate-chain Content-Length: 5723 Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="alternate" Replay-Nonce: 8F05eDn3fIrxgAdInG3qaXlBxo8PZX7B-hCleGlbGmfX4JQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgITAPraTGKTcmcsqEFL+fa1qBGfnjANBgkqhkiG9w0BAQsF ADBZMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXKFNUQUdJTkcpIExldCdzIEVuY3J5 cHQxKDAmBgNVBAMTHyhTVEFHSU5HKSBBcnRpZmljaWFsIEFwcmljb3QgUjMwHhcN MjMwMzEwMDkyMjM2WhcNMjMwNjA4MDkyMjM1WjAWMRQwEgYDVQQDEwttZXR1a2lt Lnh5ejCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIgkBS8/GRuxoZe Ab+YjYW0YCxCVml8OWuMsQYN+ciw6EUaNJRfZ9wXVMMUgityjt3lPsAPd6Z3aAt7 DTRuV4A8lD63KOmVhC0bZ6tQpHCtZz6JOdYzTY4H4JhicSYB7NEOSeR3a3CSLbCy tMrsgUTkhmz9dJz8WqZEL0/o9e8iiZVkcLakIs8YpCXQyB5S1J0vWL9Z70aVf/pS LSxfsywx00PynSgX/7rN/Q1h78w9ib5rX3Y5t0j5qdOWlm7keM1FT9D1ZZpziwtW 2Iqs8bI38G96vbhGsv3h2WauSnE9NlQjRE1SQMLB+bijf+dcLW++caNLIJdVGvA2 vn0ZQN0CAwEAAaOCAk0wggJJMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUtkqZe0/X wRI3zMV2DeuI5l9i2QkwHwYDVR0jBBgwFoAU3nJ6SN8xw6ZQ35+FI99XN0tdLmUw XQYIKwYBBQUHAQEEUTBPMCUGCCsGAQUFBzABhhlodHRwOi8vc3RnLXIzLm8ubGVu Y3Iub3JnMCYGCCsGAQUFBzAChhpodHRwOi8vc3RnLXIzLmkubGVuY3Iub3JnLzAW BgNVHREEDzANggttZXR1a2ltLnh5ejBMBgNVHSAERTBDMAgGBmeBDAECATA3Bgsr BgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0 Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2AMGDJAvxpFDHb7sAcmncrDvi KkgF1NvgSWbDyKvER7AMAAABhssLOjwAAAQDAEcwRQIgTgC+ABkRVDYtO8wcaHiC TWSpcyZ+KLesvP9HGTDcdLUCIQDZxE9fO3CJ/xbxcMZG09Z7zVg2tR+OAqsIiMID JsChGAB1ALDMg+Wl+X1rr3wJzChJBIcqx+iLEyxjULfG/SbhbGx3AAABhssLPCcA AAQDAEYwRAIgC6K48JP0F6bXBjtS1XXGJ4UqqdXJ8Yy08Y3ik776GFACIGMWce4r sEi5UrjiEtjT+0Mbag7a7a9MrhhJkLUurnz4MA0GCSqGSIb3DQEBCwUAA4IBAQB7 JjfqsvzENowuc0Of4xP2KPlQqvsZY8tIpwtyWuq7I9ye1QVeEDSXwT5wvON4RtLJ iQBRo/jgSlG0EyjHslAVo68WhTTnUWbRM19sEOtqgxaxC5s8lm7TWAfx+iyTvDcm ADbgEF43jFv0JGtKv7ByPK6up47sbLGNCJLDQtEMiyjJnMu4es1uCvnOnvZbk2Vd sxqR5QPNu4nY+oj1tm24CKryHaTLV1bgpsuWif/AU9nN7K1YH+IUAa8APy7bcknD 4O0V5rFTY/SYiy+5/HmlGi1syxAc86BijZHw0uUKKTr2BHjmd2LOdCUtYP22Wkxg nPxPzlySjxR6sIiLXWb5 -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFWzCCA0OgAwIBAgIQTfQrldHumzpMLrM7jRBd1jANBgkqhkiG9w0BAQsFADBm MQswCQYDVQQGEwJVUzEzMDEGA1UEChMqKFNUQUdJTkcpIEludGVybmV0IFNlY3Vy aXR5IFJlc2VhcmNoIEdyb3VwMSIwIAYDVQQDExkoU1RBR0lORykgUHJldGVuZCBQ ZWFyIFgxMB4XDTIwMDkwNDAwMDAwMFoXDTI1MDkxNTE2MDAwMFowWTELMAkGA1UE BhMCVVMxIDAeBgNVBAoTFyhTVEFHSU5HKSBMZXQncyBFbmNyeXB0MSgwJgYDVQQD Ex8oU1RBR0lORykgQXJ0aWZpY2lhbCBBcHJpY290IFIzMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEAu6TR8+74b46mOE1FUwBrvxzEYLck3iasmKrcQkb+ gy/z9Jy7QNIAl0B9pVKp4YU76JwxF5DOZZhi7vK7SbCkK6FbHlyU5BiDYIxbbfvO L/jVGqdsSjNaJQTg3C3XrJja/HA4WCFEMVoT2wDZm8ABC1N+IQe7Q6FEqc8NwmTS nmmRQm4TQvr06DP+zgFK/MNubxWWDSbSKKTH5im5j2fZfg+j/tM1bGaczFWw8/lS nukyn5J2L+NJYnclzkXoh9nMFnyPmVbfyDPOc4Y25aTzVoeBKXa/cZ5MM+WddjdL biWvm19f1sYn1aRaAIrkppv7kkn83vcth8XCG39qC2ZvaQIDAQABo4IBEDCCAQww DgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAS BgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBTecnpI3zHDplDfn4Uj31c3S10u ZTAfBgNVHSMEGDAWgBS182Xy/rAKkh/7PH3zRKCsYyXDFDA2BggrBgEFBQcBAQQq MCgwJgYIKwYBBQUHMAKGGmh0dHA6Ly9zdGcteDEuaS5sZW5jci5vcmcvMCsGA1Ud HwQkMCIwIKAeoByGGmh0dHA6Ly9zdGcteDEuYy5sZW5jci5vcmcvMCIGA1UdIAQb MBkwCAYGZ4EMAQIBMA0GCysGAQQBgt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCN DLam9yN0EFxxn/3p+ruWO6n/9goCAM5PT6cC6fkjMs4uas6UGXJjr5j7PoTQf3C1 vuxiIGRJC6qxV7yc6U0X+w0Mj85sHI5DnQVWN5+D1er7mp13JJA0xbAbHa3Rlczn y2Q82XKui8WHuWra0gb2KLpfboYj1Ghgkhr3gau83pC/WQ8HfkwcvSwhIYqTqxoZ Uq8HIf3M82qS9aKOZE0CEmSyR1zZqQxJUT7emOUapkUN9poJ9zGc+FgRZvdro0XB yphWXDaqMYph0DxW/10ig5j4xmmNDjCRmqIKsKoWA52wBTKKXK1na2ty/lW5dhtA xkz5rVZFd4sgS4J0O+zm6d5GRkWsNJ4knotGXl8vtS3X40KXeb3A5+/3p0qaD215 Xq8oSNORfB2oI1kQuyEAJ5xvPTdfwRlyRG3lFYodrRg6poUBD/8fNTXMtzydpRgy zUQZh/18F6B/iW6cbiRN9r2Hkh05Om+q0/6w0DdZe+8YrNpfhSObr/1eVZbKGMIY qKmyZbBNu5ysENIK5MPc14mUeKmFjpN840VR5zunoU52lqpLDua/qIM8idk86xGW xx2ml43DO/Ya/tVZVok0mO0TUjzJIfPqyvr455IsIut4RlCR9Iq0EDTve2/ZwCuG hSjpTUFGSiQrR2JK2Evp+o6AETUkBCO1aw0PpQBPDQ== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFVDCCBDygAwIBAgIRAO1dW8lt+99NPs1qSY3Rs8cwDQYJKoZIhvcNAQELBQAw cTELMAkGA1UEBhMCVVMxMzAxBgNVBAoTKihTVEFHSU5HKSBJbnRlcm5ldCBTZWN1 cml0eSBSZXNlYXJjaCBHcm91cDEtMCsGA1UEAxMkKFNUQUdJTkcpIERvY3RvcmVk IER1cmlhbiBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQw M1owZjELMAkGA1UEBhMCVVMxMzAxBgNVBAoTKihTVEFHSU5HKSBJbnRlcm5ldCBT ZWN1cml0eSBSZXNlYXJjaCBHcm91cDEiMCAGA1UEAxMZKFNUQUdJTkcpIFByZXRl bmQgUGVhciBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALbagEdD Ta1QgGBWSYkyMhscZXENOBaVRTMX1hceJENgsL0Ma49D3MilI4KS38mtkmdF6cPW nL++fgehT0FbRHZgjOEr8UAN4jH6omjrbTD++VZneTsMVaGamQmDdFl5g1gYaigk kmx8OiCO68a4QXg4wSyn6iDipKP8utsE+x1E28SA75HOYqpdrk4HGxuULvlr03wZ GTIf/oRt2/c+dYmDoaJhge+GOrLAEQByO7+8+vzOwpNAPEx6LW+crEEZ7eBXih6V P19sTGy3yfqK5tPtTdXXCOQMKAp+gCj/VByhmIr+0iNDC540gtvV303WpcbwnkkL YC0Ft2cYUyHtkstOfRcRO+K2cZozoSwVPyB8/J9RpcRK3jgnX9lujfwA/pAbP0J2 UPQFxmWFRQnFjaq6rkqbNEBgLy+kFL1NEsRbvFbKrRi5bYy2lNms2NJPZvdNQbT/ 2dBZKmJqxHkxCuOQFjhJQNeO+Njm1Z1iATS/3rts2yZlqXKsxQUzN6vNbD8KnXRM EeOXUYvbV4lqfCf8mS14WEbSiMy87GB5S9ucSV1XUrlTG5UGcMSZOBcEUpisRPEm QWUOTWIoDQ5FOia/GI+Ki523r2ruEmbmG37EBSBXdxIdndqrjy+QVAmCebyDx9eV EGOIpn26bW5LKerumJxa/CFBaKi4bRvmdJRLAgMBAAGjgfEwge4wDgYDVR0PAQH/ BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLXzZfL+sAqSH/s8ffNE oKxjJcMUMB8GA1UdIwQYMBaAFAhX2onHolN5DE/d4JCPdLriJ3NEMDgGCCsGAQUF BwEBBCwwKjAoBggrBgEFBQcwAoYcaHR0cDovL3N0Zy1kc3QzLmkubGVuY3Iub3Jn LzAtBgNVHR8EJjAkMCKgIKAehhxodHRwOi8vc3RnLWRzdDMuYy5sZW5jci5vcmcv MCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQBgt8TAQEBMA0GCSqGSIb3DQEB CwUAA4IBAQB7tR8B0eIQSS6MhP5kuvGth+dN02DsIhr0yJtk2ehIcPIqSxRRmHGl 4u2c3QlvEpeRDp2w7eQdRTlI/WnNhY4JOofpMf2zwABgBWtAu0VooQcZZTpQruig F/z6xYkBk3UHkjeqxzMN3d1EqGusxJoqgdTouZ5X5QTTIee9nQ3LEhWnRSXDx7Y0 ttR1BGfcdqHopO4IBqAhbkKRjF5zj7OD8cG35omywUbZtOJnftiI0nFcRaxbXo0v oDfLD0S6+AC2R3tKpqjkNX6/91hrRFglUakyMcZU/xleqbv6+Lr3YD8PsBTub6lI oZ2lS38fL18Aon458fbc0BPHtenfhKj5 -----END CERTIFICATE----- 2023-03-10 10:22:37,986:DEBUG:acme.client:Storing nonce: 8F05eDn3fIrxgAdInG3qaXlBxo8PZX7B-hCleGlbGmfX4JQ 2023-03-10 10:22:37,987:DEBUG:certbot._internal.renewal:Dry run: skipping updating lineage at /etc/letsencrypt/live/metukim.xyz 2023-03-10 10:22:37,988:DEBUG:certbot._internal.updater:Skipping renewal deployer in dry-run mode. 2023-03-10 10:22:39,037:DEBUG:certbot.display.util:Notifying user: new certificate deployed with reload of nginx server; fullchain is /etc/letsencrypt/live/metukim.xyz/fullchain.pem 2023-03-10 10:22:39,037:DEBUG:certbot._internal.updater:Skipping updaters in dry-run mode. 2023-03-10 10:22:39,037:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-10 10:22:39,038:DEBUG:certbot.display.util:Notifying user: The following simulated renewals succeeded: 2023-03-10 10:22:39,038:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem (success) /etc/letsencrypt/live/metukim.xyz/fullchain.pem (success) 2023-03-10 10:22:39,038:ERROR:certbot._internal.renewal:The following simulated renewals failed: 2023-03-10 10:22:39,038:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) 2023-03-10 10:22:39,038:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-10 10:22:39,038:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 1 renew failure(s), 0 parse failure(s) 2023-03-10 10:22:39,040:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s) 2023-03-10 10:41:06,851:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-10 10:41:06,852:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-10 10:41:06,852:DEBUG:certbot._internal.main:Arguments: [] 2023-03-10 10:41:06,852:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-10 10:41:06,866:DEBUG:certbot._internal.log:Root logging level set at 20 2023-03-10 10:41:06,883:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-10 10:41:06,885:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-10 10:41:06,895:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-10 10:41:06,904:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-10 10:41:06,913:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-10 10:41:06,915:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-10 10:41:06,919:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-10 10:41:06,925:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-10 10:41:06,925:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-10 10:41:06,926:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 10:41:07,447:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-10 10:41:07,449:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-10 10:41:07,449:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-10 10:41:07,450:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-10 10:41:07,462:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-10 10:41:07,463:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-10 10:41:07,466:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-10 10:41:07,601:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-10 10:41:07,602:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:41:07 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "H5lySPNTPtM": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-10 10:41:07,604:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-10 10:41:07,626:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0121_key-certbot.pem 2023-03-10 10:41:07,634:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0121_csr-certbot.pem 2023-03-10 10:41:07,635:DEBUG:acme.client:Requesting fresh nonce 2023-03-10 10:41:07,635:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-10 10:41:07,679:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-10 10:41:07,679:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:41:07 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: C878dL6iw2oYQ2p0u4gixkCqDEgRC6-sJbBimbl93yblI6w X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-10 10:41:07,680:DEBUG:acme.client:Storing nonce: C878dL6iw2oYQ2p0u4gixkCqDEgRC6-sJbBimbl93yblI6w 2023-03-10 10:41:07,680:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-10 10:41:07,682:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM4NzhkTDZpdzJvWVEycDB1NGdpeGtDcURFZ1JDNi1zSmJCaW1ibDkzeWJsSTZ3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "GhpV10zGGXiRaeiWhFGevl-smWVahJnMoYaIfKjIvjkjSrHfEKD7wNXxEEHeIImoANJXISwIKQuGlDPdx-FVKDCgwjCWcgBan8yu21J2W5gy1fkJKXUMXzPsx2lRDMnAYhx38whNIzhKTsIC50pbMhdVy415UGjmFqYRas-BJfe-_uVrS_P-hvTNENoeiS6KgkZAbq8_XFBSaP5EKWAuuYNH3IlU4FlCEolNeoQM-xU2_qyzdDXP05MaCS3IKi3qtKbd2l5rWReiLeoOHcjnKB1snlPjAzhpRWxZffo2qg7nbzifA7iw1BNhpwkGU5IqRBs4dW-xw5qLEdfpMTO2AA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-10 10:41:07,864:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-10 10:41:07,864:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Fri, 10 Mar 2023 10:41:07 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/169258504537 Replay-Nonce: 327C69SJILPD4XWV3oGaCsvZ4diGVlCH6uuFm7ZG47eXs7c X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-17T10:41:07Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/209707180947" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/169258504537" } 2023-03-10 10:41:07,864:DEBUG:acme.client:Storing nonce: 327C69SJILPD4XWV3oGaCsvZ4diGVlCH6uuFm7ZG47eXs7c 2023-03-10 10:41:07,865:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:41:07,866:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209707180947: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjMyN0M2OVNKSUxQRDRYV1Yzb0dhQ3N2WjRkaUdWbENINnV1Rm03Wkc0N2VYczdjIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk3MDcxODA5NDcifQ", "signature": "HP5Yzj5av8S8Qsr8-ASersPJ2erbrzUXWdyogkbRLKqGyDZvV-mE2295rhofOQ8dORJHh2MK6E4MeSHXWlcOpeBasWManDo3MXc9oN253Bu-LwLZNAofVeD3UkjFZDimGSJOTOnbbXbabKV7XA2eZk-6l27hUGwnbETQ0DZarIP5KvG-W56BqY5ZIHVjRifOSNAIcg84qRqjKBq2y_2nQLoEQAe20-HNumXyqM3ztyHPv4NUyzfVR-PGuI_laoqLUMUNTPm4BBeUEGDwG02ugvjGid6A5ZVbhUVrX6Sau9OwHgOUnix16_O2sp_T0FTbufVJz0HRa0xbPfo3cp8P1g", "payload": "" } 2023-03-10 10:41:07,912:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209707180947 HTTP/1.1" 200 794 2023-03-10 10:41:07,913:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:41:07 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: C878XR1Qq9RcAOx15uiVuIahW1Vi4Mzi7fjoehSEU0dfQPc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-17T10:41:07Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209707180947/EA-57g", "token": "vMT5UnPQSXFN2aoUNzAy2kx2zQewp4POv_LfUM0917I" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209707180947/CljKHA", "token": "vMT5UnPQSXFN2aoUNzAy2kx2zQewp4POv_LfUM0917I" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209707180947/fMwpWQ", "token": "vMT5UnPQSXFN2aoUNzAy2kx2zQewp4POv_LfUM0917I" } ] } 2023-03-10 10:41:07,913:DEBUG:acme.client:Storing nonce: C878XR1Qq9RcAOx15uiVuIahW1Vi4Mzi7fjoehSEU0dfQPc 2023-03-10 10:41:07,914:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-10 10:41:07,914:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-10 10:41:07,933:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-10 10:41:07,934:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-10 10:41:07,935:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-10 10:41:07,936:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-10 10:41:07,936:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-10 10:41:07,936:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-10 10:41:07,936:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-10 10:41:07,936:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-10 10:41:07,937:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-10 10:41:07,937:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-10 10:41:07,937:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-10 10:41:07,937:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-10 10:41:07,938:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-10 10:41:07,938:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-10 10:41:07,938:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-10 10:41:07,938:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-10 10:41:07,939:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-10 10:41:07,939:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-10 10:41:07,939:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-10 10:41:07,939:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-10 10:41:07,940:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-10 10:41:07,940:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-10 10:41:07,940:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-10 10:41:07,941:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-10 10:41:07,941:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-10 10:41:07,941:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-10 10:41:07,942:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-10 10:41:07,942:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-10 10:41:07,942:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-10 10:41:07,942:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-10 10:41:07,943:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-10 10:41:07,943:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-10 10:41:07,943:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-10 10:41:07,943:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-10 10:41:07,944:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-10 10:41:07,944:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-10 10:41:07,946:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/vMT5UnPQSXFN2aoUNzAy2kx2zQewp4POv_LfUM0917I{default_type text/plain;return 200 vMT5UnPQSXFN2aoUNzAy2kx2zQewp4POv_LfUM0917I.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-10 10:41:09,002:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-03-10 10:41:09,003:DEBUG:acme.client:JWS payload: b'{}' 2023-03-10 10:41:09,005:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/209707180947/EA-57g: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM4NzhYUjFRcTlSY0FPeDE1dWlWdUlhaFcxVmk0TXppN2Zqb2VoU0VVMGRmUVBjIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yMDk3MDcxODA5NDcvRUEtNTdnIn0", "signature": "oWHo0BShuItvXP9bFVeJTMaddkJMkRtrDvez_rLXkrEqBnYd8xqAXQ2X4bmsWE1ZOKAubfHhcWgmc7pVz34j1Tu653bDsjO4pWslk6L0R61XxLoi4YM3tQDBJiRWZfPK-GHmthuErids5wJ1fvheKPrJnXb2IXCl1kxh5eZFVa8fcXLWbb455E9IhvTVCsYBGyNnx9Oouqbei77hgSVnSH8o9DqyCGalzSByJXuJEkE5OinODRiealj9cB8gcrpmKMIfiq18pvyttvzBhcIp-kDQoFcZRDzkbmZVhyLXbahPaJeJ2QNei2953k5kEo5c1vvhJ_a-HGHxpgbNKwidRA", "payload": "e30" } 2023-03-10 10:41:09,065:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/209707180947/EA-57g HTTP/1.1" 200 187 2023-03-10 10:41:09,066:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:41:09 GMT Content-Type: application/json Content-Length: 187 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/209707180947/EA-57g Replay-Nonce: 327C1VIp86XBi1qFAYk7AZy3nvHVu0jQeE7JDMrgKN67zqA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209707180947/EA-57g", "token": "vMT5UnPQSXFN2aoUNzAy2kx2zQewp4POv_LfUM0917I" } 2023-03-10 10:41:09,066:DEBUG:acme.client:Storing nonce: 327C1VIp86XBi1qFAYk7AZy3nvHVu0jQeE7JDMrgKN67zqA 2023-03-10 10:41:10,068:DEBUG:acme.client:JWS payload: b'' 2023-03-10 10:41:10,071:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209707180947: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjMyN0MxVklwODZYQmkxcUZBWWs3QVp5M252SFZ1MGpRZUU3SkRNcmdLTjY3enFBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk3MDcxODA5NDcifQ", "signature": "Ipmm0kLR-WJ6OeH6B9cItICSWjPi3bJJxOT8wT75OKJK8xJLEDjNvrS1jtSJZykttSr2HtjhSRnsh5Uq8QNAVXWAACuLwebbOABB69e6NrVZLcn1SIFR_CEV9RJt8wyDuxMuqZG5X52r2msJJ3YNoiC-2U4enPJZ4i-HOaoh_z3HZm0ji_iK7nolZnOMpOSBWl4iPnSW_x3S3OA-RQSNgELibBo2YHMh3XAXhcimWls-8apWGgYWttXiwLpG-9Y-c1lxFeXUewpltmDbpaoCNn5t5zU_3QsWSgtFDgZQ57rYAfODMhP5LDnQ-FWWDyQ6gEi-hBtJ5o6_4ZA9RNqfVw", "payload": "" } 2023-03-10 10:41:10,116:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209707180947 HTTP/1.1" 200 1484 2023-03-10 10:41:10,117:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 10:41:10 GMT Content-Type: application/json Content-Length: 1484 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1DFATSY-7JpEUp6clOBmEozafFPF5D_Bn5bF-QtFujSUg90 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "invalid", "expires": "2023-03-17T10:41:07Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/vMT5UnPQSXFN2aoUNzAy2kx2zQewp4POv_LfUM0917I: 404", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209707180947/EA-57g", "token": "vMT5UnPQSXFN2aoUNzAy2kx2zQewp4POv_LfUM0917I", "validationRecord": [ { "url": "http://dagoth.xyz/.well-known/acme-challenge/vMT5UnPQSXFN2aoUNzAy2kx2zQewp4POv_LfUM0917I", "hostname": "dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" }, { "url": "https://dagoth.xyz/.well-known/acme-challenge/vMT5UnPQSXFN2aoUNzAy2kx2zQewp4POv_LfUM0917I", "hostname": "dagoth.xyz", "port": "443", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-10T10:41:09Z" } ] } 2023-03-10 10:41:10,117:DEBUG:acme.client:Storing nonce: 1DFATSY-7JpEUp6clOBmEozafFPF5D_Bn5bF-QtFujSUg90 2023-03-10 10:41:10,118:WARNING:certbot._internal.auth_handler:Challenge failed for domain dagoth.xyz 2023-03-10 10:41:10,118:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-10 10:41:10,119:DEBUG:certbot._internal.reporter:Reporting to user: The following errors were reported by the server: Domain: dagoth.xyz Type: unauthorized Detail: 2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/vMT5UnPQSXFN2aoUNzAy2kx2zQewp4POv_LfUM0917I: 404 To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. 2023-03-10 10:41:10,121:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-10 10:41:10,121:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-10 10:41:10,121:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-10 10:41:11,449:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: Some challenges have failed. 2023-03-10 10:41:11,454:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-10 10:41:11,454:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-10 10:41:11,466:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-10 10:41:11,473:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-10 10:41:11,474:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-10 10:41:11,475:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-10 10:41:11,476:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-10 10:41:11,477:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 10:41:11,478:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-10 10:41:11,478:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-10 10:41:11,487:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-10 10:41:11,553:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-10 10:41:11,554:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert5.pem is signed by the certificate's issuer. 2023-03-10 10:41:11,555:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert5.pem is: OCSPCertStatus.GOOD 2023-03-10 10:41:11,556:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-10 10:41:11,558:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 10:41:11,558:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-10 10:41:11,559:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-10 10:41:11,559:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-10 10:41:11,559:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) /etc/letsencrypt/live/metukim.xyz/fullchain.pem expires on 2023-06-07 (skipped) 2023-03-10 10:41:11,560:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-10 10:41:11,560:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) 2023-03-10 10:41:11,560:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-10 10:41:11,561:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 1 renew failure(s), 0 parse failure(s) 2023-03-10 10:41:11,562:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s) 2023-03-10 11:13:12,578:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-10 11:13:12,579:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-10 11:13:12,579:DEBUG:certbot._internal.main:Arguments: ['--nginx'] 2023-03-10 11:13:12,579:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-10 11:13:12,626:DEBUG:certbot._internal.log:Root logging level set at 20 2023-03-10 11:13:12,626:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-10 11:13:12,629:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-10 11:13:12,647:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 11:13:12,647:DEBUG:certbot._internal.cli:Var authenticator=nginx (set by user). 2023-03-10 11:13:12,647:DEBUG:certbot._internal.cli:Var installer=nginx (set by user). 2023-03-10 11:13:12,662:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-10 11:13:12,673:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-10 11:13:12,675:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-10 11:13:12,679:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-10 11:13:12,685:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-10 11:13:12,685:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-10 11:13:12,686:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 11:13:13,240:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-10 11:13:13,242:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-10 11:13:13,243:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-10 11:13:13,243:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-10 11:13:13,252:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-10 11:13:13,253:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-10 11:13:13,255:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-10 11:13:13,385:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-10 11:13:13,386:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 11:13:13 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "zj_iwo_1Qf0": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2023-03-10 11:13:13,388:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-10 11:13:13,545:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0122_key-certbot.pem 2023-03-10 11:13:13,552:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0122_csr-certbot.pem 2023-03-10 11:13:13,553:DEBUG:acme.client:Requesting fresh nonce 2023-03-10 11:13:13,553:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-10 11:13:13,597:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-10 11:13:13,598:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 11:13:13 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1DFAcQv2wLQx1Dhx-DN9AVTqSIO7bg2LK8yUKCVGfKsSDKM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-10 11:13:13,598:DEBUG:acme.client:Storing nonce: 1DFAcQv2wLQx1Dhx-DN9AVTqSIO7bg2LK8yUKCVGfKsSDKM 2023-03-10 11:13:13,599:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-10 11:13:13,601:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFERkFjUXYyd0xReDFEaHgtRE45QVZUcVNJTzdiZzJMSzh5VUtDVkdmS3NTREtNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "UnJNdtKZ5cBRIpaKDTfuulLUi6re1w4oAp_pU9V7G9tWLGdfrDTJJUbV3sXhtvMZR85shGGdfSuoNuTvjw5pP2jz_A7R7vSgCACXxcVx61LOB2UP2EWBGj_HSibhWULDKtLmXksGi7GIUZtAJOCcDCJORZvfPJM0_pLVHjqbuoOTbHPdCqBzNkIVhsMG9uPwrub3AEBlSNrkXKwJd0X52t21mwXWNzT-_e6DW7sxaoeBSfaiFmouu0TMkg0etZJ0hHdYT1h-3r5hm2udpTubitLZVwjtMKXfZ25tKADSVtfuC4qAz5KBv2oYYFSWx63i4R3dOFRVsKJSVcsT-VEsdw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-10 11:13:13,784:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-10 11:13:13,785:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Fri, 10 Mar 2023 11:13:13 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/169262571067 Replay-Nonce: C878SwPRpG_IbkIgoNI0t2jSKufj2rnipcEpyoKmNwSXA6E X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-17T11:13:13Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/209712869957" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/169262571067" } 2023-03-10 11:13:13,785:DEBUG:acme.client:Storing nonce: C878SwPRpG_IbkIgoNI0t2jSKufj2rnipcEpyoKmNwSXA6E 2023-03-10 11:13:13,785:DEBUG:acme.client:JWS payload: b'' 2023-03-10 11:13:13,788:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209712869957: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM4NzhTd1BScEdfSWJrSWdvTkkwdDJqU0t1Zmoycm5pcGNFcHlvS21Od1NYQTZFIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk3MTI4Njk5NTcifQ", "signature": "aQkIdvZEHMKHsyhiP9w9-2xDHddQYq74WWPqzBzjyKggQpWqtNzhIStBqaWXbp8QE4YOZrpywUYHxW5aVy7VHJBr6od0mmuyKVvz75zp4sRikERhrGXjw8Sn3ZS-IWoenWYcm-SYzN2Mq6p6rxHbUxL6ZVn1mKeY3i7kXctaeU0oo_FEb2QWpJPFEy74Y5LpkR0aJCzYLwBDoFwlkDt3FfdpkZbq7LNCcreGP19oQcrS9f3DLZ0PUJywIkSaAgTwcgn9zaAJ5LX219vkFOQLLmhkLDb7tg-uLAj_poStgKeRmCLDcygU6z8IdSWRmGNIZUBEFoF-G7j1i2CArJU9fw", "payload": "" } 2023-03-10 11:13:13,833:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209712869957 HTTP/1.1" 200 794 2023-03-10 11:13:13,834:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 11:13:13 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1AADXKlWkN0TCwIAmPoIwySQ5f7vtxY7w3sjU_jZX9cC49w X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-17T11:13:13Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209712869957/veYnqw", "token": "5aQ3hAl1iqYNhoO9-qXCbwVXDGRVrNhzwbiEh75n5n4" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209712869957/0PW74w", "token": "5aQ3hAl1iqYNhoO9-qXCbwVXDGRVrNhzwbiEh75n5n4" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209712869957/HzdMTw", "token": "5aQ3hAl1iqYNhoO9-qXCbwVXDGRVrNhzwbiEh75n5n4" } ] } 2023-03-10 11:13:13,834:DEBUG:acme.client:Storing nonce: 1AADXKlWkN0TCwIAmPoIwySQ5f7vtxY7w3sjU_jZX9cC49w 2023-03-10 11:13:13,835:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-10 11:13:13,836:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-10 11:13:13,866:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-10 11:13:13,867:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-10 11:13:13,868:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-10 11:13:13,869:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-10 11:13:13,869:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-10 11:13:13,869:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-10 11:13:13,869:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-10 11:13:13,870:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-10 11:13:13,870:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-10 11:13:13,870:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-10 11:13:13,871:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-10 11:13:13,871:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-10 11:13:13,871:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-10 11:13:13,872:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-10 11:13:13,872:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-10 11:13:13,872:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-10 11:13:13,873:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-10 11:13:13,873:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-10 11:13:13,873:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-10 11:13:13,874:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-10 11:13:13,874:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-10 11:13:13,874:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-10 11:13:13,874:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-10 11:13:13,875:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-10 11:13:13,875:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-10 11:13:13,875:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-10 11:13:13,876:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-10 11:13:13,876:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-10 11:13:13,876:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-10 11:13:13,877:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-10 11:13:13,877:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-10 11:13:13,877:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-10 11:13:13,877:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-10 11:13:13,878:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-10 11:13:13,878:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-10 11:13:13,878:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-10 11:13:13,881:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/5aQ3hAl1iqYNhoO9-qXCbwVXDGRVrNhzwbiEh75n5n4{default_type text/plain;return 200 5aQ3hAl1iqYNhoO9-qXCbwVXDGRVrNhzwbiEh75n5n4.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-10 11:13:14,953:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-03-10 11:13:14,955:DEBUG:acme.client:JWS payload: b'{}' 2023-03-10 11:13:14,958:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/209712869957/veYnqw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFBQURYS2xXa04wVEN3SUFtUG9Jd3lTUTVmN3Z0eFk3dzNzalVfalpYOWNDNDl3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yMDk3MTI4Njk5NTcvdmVZbnF3In0", "signature": "f8N2s2V8tTbyXupOVmRW9-z_W8oFzsph7zeU31AfUZ3iCwgjEOwciBo3-xbD34IPPvfrBw5KSb7T9cqJ20Myg3ctbToEcfA_YCoj9hFGyHFnTryfQqo0Eqj9eFvtWyVfcPIpOCCJyoqCvAF6VNc5aMW06Ui1kVpmmEyhVkm2rPoAHNz5QuYvEedOuhvnnKGE63Cdjv34xf41KeOj1jj6KJSHWtbB8Q_DO_QFx7upYZ59Ko1zxkUoVbEnoJpZ1Nb_me8chPIcJJ3OhqGpYPVJSsj1OuBYH6ho0OybosoNnlZ-psMRp3tGqyT-gUXJ3UmMR5G4QQre_2TVAseDgMTdGQ", "payload": "e30" } 2023-03-10 11:13:15,006:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/209712869957/veYnqw HTTP/1.1" 200 187 2023-03-10 11:13:15,007:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 11:13:14 GMT Content-Type: application/json Content-Length: 187 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/209712869957/veYnqw Replay-Nonce: 1DFA8FN_KJL2efF36s704G1AEbCOKsxwH2NvA-qCqrxRmQM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209712869957/veYnqw", "token": "5aQ3hAl1iqYNhoO9-qXCbwVXDGRVrNhzwbiEh75n5n4" } 2023-03-10 11:13:15,007:DEBUG:acme.client:Storing nonce: 1DFA8FN_KJL2efF36s704G1AEbCOKsxwH2NvA-qCqrxRmQM 2023-03-10 11:13:16,010:DEBUG:acme.client:JWS payload: b'' 2023-03-10 11:13:16,014:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209712869957: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIjFERkE4Rk5fS0pMMmVmRjM2czcwNEcxQUViQ09Lc3h3SDJOdkEtcUNxcnhSbVFNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk3MTI4Njk5NTcifQ", "signature": "mSZ0tbPxuIviTWxTnpY4J8N8xNLXjs6-FKiGAF00F0ggXwEV4xSQF50rxWyEwDXicu2ZHqc82H11uHxOsDOMFxQiCbXJ1G3MSfu_OMQBghIpzcuR2HrsFAobrAF9GpKfhzRO3CYUduuScTdyDAItJadVaCsm5S-iLbwOGkLTuu5061wXnIrHUYbZMuNnrloUUxg29glenc3RA-CkEZNa6X76lQTt7pQ3dRbuI6kH5n6609ePLKufJuVuzLlvpa6KhQU3WekASVQd1xTcTy_OdQa2GWwXyS4KY4y6-e4CWoy3EilNtlPKHTmGdIgTs72uqrVonJnn65CXaLbg2vR8TA", "payload": "" } 2023-03-10 11:13:16,063:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209712869957 HTTP/1.1" 200 1484 2023-03-10 11:13:16,064:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 11:13:16 GMT Content-Type: application/json Content-Length: 1484 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 1AADnfxF76wqbfg8kDHWxhNqJiDZmMtlfN-MoM8Xut--O2s X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "invalid", "expires": "2023-03-17T11:13:13Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/5aQ3hAl1iqYNhoO9-qXCbwVXDGRVrNhzwbiEh75n5n4: 404", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209712869957/veYnqw", "token": "5aQ3hAl1iqYNhoO9-qXCbwVXDGRVrNhzwbiEh75n5n4", "validationRecord": [ { "url": "http://dagoth.xyz/.well-known/acme-challenge/5aQ3hAl1iqYNhoO9-qXCbwVXDGRVrNhzwbiEh75n5n4", "hostname": "dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" }, { "url": "https://dagoth.xyz/.well-known/acme-challenge/5aQ3hAl1iqYNhoO9-qXCbwVXDGRVrNhzwbiEh75n5n4", "hostname": "dagoth.xyz", "port": "443", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-10T11:13:14Z" } ] } 2023-03-10 11:13:16,064:DEBUG:acme.client:Storing nonce: 1AADnfxF76wqbfg8kDHWxhNqJiDZmMtlfN-MoM8Xut--O2s 2023-03-10 11:13:16,065:WARNING:certbot._internal.auth_handler:Challenge failed for domain dagoth.xyz 2023-03-10 11:13:16,065:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-10 11:13:16,066:DEBUG:certbot._internal.reporter:Reporting to user: The following errors were reported by the server: Domain: dagoth.xyz Type: unauthorized Detail: 2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/5aQ3hAl1iqYNhoO9-qXCbwVXDGRVrNhzwbiEh75n5n4: 404 To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. 2023-03-10 11:13:16,068:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-10 11:13:16,068:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-10 11:13:16,068:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-10 11:13:17,372:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: Some challenges have failed. 2023-03-10 11:13:17,378:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-10 11:13:17,378:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-10 11:13:17,381:DEBUG:certbot._internal.cli:Var authenticator=nginx (set by user). 2023-03-10 11:13:17,382:DEBUG:certbot._internal.cli:Var installer=nginx (set by user). 2023-03-10 11:13:17,391:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-10 11:13:17,399:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-10 11:13:17,401:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-10 11:13:17,402:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-10 11:13:17,404:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-10 11:13:17,405:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 11:13:17,406:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-10 11:13:17,406:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-10 11:13:17,408:DEBUG:certbot._internal.cli:Var authenticator=nginx (set by user). 2023-03-10 11:13:17,408:DEBUG:certbot._internal.cli:Var installer=nginx (set by user). 2023-03-10 11:13:17,414:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-10 11:13:17,420:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-10 11:13:17,422:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert5.pem is signed by the certificate's issuer. 2023-03-10 11:13:17,422:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert5.pem is: OCSPCertStatus.GOOD 2023-03-10 11:13:17,424:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-10 11:13:17,425:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 11:13:17,425:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-10 11:13:17,425:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-10 11:13:17,426:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-10 11:13:17,426:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) /etc/letsencrypt/live/metukim.xyz/fullchain.pem expires on 2023-06-07 (skipped) 2023-03-10 11:13:17,427:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-10 11:13:17,427:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) 2023-03-10 11:13:17,427:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-10 11:13:17,428:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 1 renew failure(s), 0 parse failure(s) 2023-03-10 11:13:17,429:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s) 2023-03-10 12:33:24,361:DEBUG:certbot._internal.main:certbot version: 1.12.0 2023-03-10 12:33:24,361:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-03-10 12:33:24,361:DEBUG:certbot._internal.main:Arguments: ['-q'] 2023-03-10 12:33:24,363:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-03-10 12:33:24,518:DEBUG:certbot._internal.log:Root logging level set at 30 2023-03-10 12:33:24,519:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2023-03-10 12:33:24,520:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/dagoth.xyz.conf 2023-03-10 12:33:24,545:DEBUG:certbot._internal.plugins.selection:Requested authenticator and installer 2023-03-10 12:33:24,568:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-10 12:33:24,575:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-10 12:33:24,577:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is signed by the certificate's issuer. 2023-03-10 12:33:24,581:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/dagoth.xyz/cert6.pem is: OCSPCertStatus.GOOD 2023-03-10 12:33:24,588:DEBUG:certbot._internal.storage:Should renew, less than 30 days before certificate expiry 2023-03-14 18:32:48 UTC. 2023-03-10 12:33:24,588:INFO:certbot._internal.renewal:Cert is due for renewal, auto-renewing... 2023-03-10 12:33:24,588:INFO:certbot._internal.renewal:Non-interactive renewal: random delay of 87.86367962147862 seconds 2023-03-10 12:34:52,519:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 12:34:53,075:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-10 12:34:53,077:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2023-03-10 12:34:53,077:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2023-03-10 12:34:53,078:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2023-03-10 12:34:53,102:DEBUG:certbot._internal.main:Picked account: ), creation_host='vultr.guest', register_to_eff=None))> 2023-03-10 12:34:53,105:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2023-03-10 12:34:53,108:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2023-03-10 12:34:53,347:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756 2023-03-10 12:34:53,348:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 12:34:53 GMT Content-Type: application/json Content-Length: 756 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "je73KT1D8II": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-03-10 12:34:53,351:DEBUG:certbot.display.util:Notifying user: Renewing an existing certificate for dagoth.xyz 2023-03-10 12:34:53,434:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0123_key-certbot.pem 2023-03-10 12:34:53,439:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0123_csr-certbot.pem 2023-03-10 12:34:53,440:DEBUG:acme.client:Requesting fresh nonce 2023-03-10 12:34:53,440:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-03-10 12:34:53,511:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-03-10 12:34:53,512:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 12:34:53 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A5FEMiOlUgKjgs2cXpIKGoewPDZ_98a7uU6vYKmyzP8WsSg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2023-03-10 12:34:53,512:DEBUG:acme.client:Storing nonce: A5FEMiOlUgKjgs2cXpIKGoewPDZ_98a7uU6vYKmyzP8WsSg 2023-03-10 12:34:53,513:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "dagoth.xyz"\n }\n ]\n}' 2023-03-10 12:34:53,515:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkE1RkVNaU9sVWdLamdzMmNYcElLR29ld1BEWl85OGE3dVU2dllLbXl6UDhXc1NnIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "xZwlBW5xM-E_cyEKYtDiTchmbwZzZ5YN89EvK--M4CgZzGLPxbJ9Hrjf5HjQru8BzpxpF1Dllg788idyFtRfHSlbuQwZI8nfWl1TBtahk8eD57YAGJMawZq_3WJYj3--zHaWTAIhvqWuNWWqTHF0rpAzu_jSlF3DIuB9q3JojzszDMllA8TMTH6PfskwIkLhDu37lBdDq18tHaJ4vcM5WdLhqQFtafH3xwkw6Vz2dP9teEhVEz2BQ8pz-D81c1MFZhPwrVkDuh2YQlO6cu1KKRpP5kIUPrRiNmVwJcR25YC2530dDg-IDKR-zPbPO3Vzmx5B0UKecESFmCo2Kb-dhQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImRhZ290aC54eXoiCiAgICB9CiAgXQp9" } 2023-03-10 12:34:53,636:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 335 2023-03-10 12:34:53,637:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Fri, 10 Mar 2023 12:34:53 GMT Content-Type: application/json Content-Length: 335 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/495006370/169272843247 Replay-Nonce: A5FEXen-yBgcfZsC0iVGBKHfMmv1FS9AK4ykUs5J7jRH5FY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2023-03-17T12:34:53Z", "identifiers": [ { "type": "dns", "value": "dagoth.xyz" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/209727129277" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/495006370/169272843247" } 2023-03-10 12:34:53,637:DEBUG:acme.client:Storing nonce: A5FEXen-yBgcfZsC0iVGBKHfMmv1FS9AK4ykUs5J7jRH5FY 2023-03-10 12:34:53,638:DEBUG:acme.client:JWS payload: b'' 2023-03-10 12:34:53,639:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209727129277: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkE1RkVYZW4teUJnY2Zac0MwaVZHQktIZk1tdjFGUzlBSzR5a1VzNUo3alJINUZZIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk3MjcxMjkyNzcifQ", "signature": "T7nawuEA6vBcbX3uxEOacwspZ-K99ktw-r1Pgh-Oj4nj2GjpjEX0F1sjmg4MMwjudTZCDPU_nOY2i0GNFZs9_c-oNdgrUE5yY4EtpH5f0CD9ZajC0ofb31O8ZZ9GBoijfCJVE88kKzQVVRyWN57q95MvJbDS8UqllNuXfdSks_3GOMyGza7tYLmo_QxNOtDelaNBV6_DDbtUGPFQwgvwokUyDtFpDxyS8CV2P05h2mnsExqlz1x3Cp48J5BVAqIk0mVxeiOq-PsTPbQUm-jA5OPLeUo8-_CAFhbWU5ggVpLg0eBAs4HWniEkifOHUdo9aySMwNgAZJLe2vNWI72qhA", "payload": "" } 2023-03-10 12:34:53,714:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209727129277 HTTP/1.1" 200 794 2023-03-10 12:34:53,715:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 12:34:53 GMT Content-Type: application/json Content-Length: 794 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: A5FEIazPMwOICNEkGb-z9p3YqPsOhR1O4R6oOtYqbnGR8qQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "pending", "expires": "2023-03-17T12:34:53Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209727129277/9VdZkg", "token": "reHkfAcvQY6J6wx7abV1UQH-0Hwu9avzYuSmE0orf7E" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209727129277/QfBWoQ", "token": "reHkfAcvQY6J6wx7abV1UQH-0Hwu9avzYuSmE0orf7E" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209727129277/xSqVtg", "token": "reHkfAcvQY6J6wx7abV1UQH-0Hwu9avzYuSmE0orf7E" } ] } 2023-03-10 12:34:53,715:DEBUG:acme.client:Storing nonce: A5FEIazPMwOICNEkGb-z9p3YqPsOhR1O4R6oOtYqbnGR8qQ 2023-03-10 12:34:53,716:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-03-10 12:34:53,716:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-10 12:34:53,737:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2023-03-10 12:34:53,738:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf 2023-03-10 12:34:53,740:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/dagothtor 2023-03-10 12:34:53,740:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mail 2023-03-10 12:34:53,740:DEBUG:certbot.reverter:Creating backup of /etc/letsencrypt/options-ssl-nginx.conf 2023-03-10 12:34:53,740:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip2.conf 2023-03-10 12:34:53,741:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/ssowat.conf 2023-03-10 12:34:53,741:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-perl.conf 2023-03-10 12:34:53,741:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf.inc 2023-03-10 12:34:53,742:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf 2023-03-10 12:34:53,742:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-fancyindex.conf 2023-03-10 12:34:53,742:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf 2023-03-10 12:34:53,742:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip2.conf 2023-03-10 12:34:53,743:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/70-mod-stream-geoip.conf 2023-03-10 12:34:53,743:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf 2023-03-10 12:34:53,743:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/global.conf 2023-03-10 12:34:53,744:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2023-03-10 12:34:53,744:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/metukim 2023-03-10 12:34:53,744:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2023-03-10 12:34:53,744:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2023-03-10 12:34:53,745:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/mywebsite 2023-03-10 12:34:53,745:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-lua.conf 2023-03-10 12:34:53,745:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf 2023-03-10 12:34:53,745:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-cache-purge.conf 2023-03-10 12:34:53,746:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/security.conf.inc 2023-03-10 12:34:53,746:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-nchan.conf 2023-03-10 12:34:53,747:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2023-03-10 12:34:53,747:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_api.conf.inc 2023-03-10 12:34:53,747:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/10-mod-http-ndk.conf 2023-03-10 12:34:53,747:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf 2023-03-10 12:34:53,748:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-headers-more-filter.conf 2023-03-10 12:34:53,748:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2023-03-10 12:34:53,748:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/default.d/redirect_to_admin.conf 2023-03-10 12:34:53,749:DEBUG:certbot.reverter:Creating backup of /etc/nginx/conf.d/yunohost_admin.conf 2023-03-10 12:34:53,749:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-uploadprogress.conf 2023-03-10 12:34:53,749:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2023-03-10 12:34:53,751:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80; server_name dagoth.xyz; root /var/www/dagoth.xyz; types { application/pgp-keys asc; } # other directives go here location = /.well-known/acme-challenge/reHkfAcvQY6J6wx7abV1UQH-0Hwu9avzYuSmE0orf7E{default_type text/plain;return 200 reHkfAcvQY6J6wx7abV1UQH-0Hwu9avzYuSmE0orf7E.IbeKnKd86qgJLqm-QuAdB8ByY1srZ2d5zLmzG0YviYc;} # managed by Certbot } server { listen 443 ssl; server_name dagoth.xyz; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; root /var/www/dagoth.xyz; # other directives go here } } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2023-03-10 12:34:54,807:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-03-10 12:34:54,808:DEBUG:acme.client:JWS payload: b'{}' 2023-03-10 12:34:54,810:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/209727129277/9VdZkg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkE1RkVJYXpQTXdPSUNORWtHYi16OXAzWXFQc09oUjFPNFI2b090WXFibkdSOHFRIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yMDk3MjcxMjkyNzcvOVZkWmtnIn0", "signature": "jS9PxotUS4Ditr0TctWfKf9VXbk5k8YUh0ZsOm6tZY1aoeh11qcxqUAKIeUyH7fvj5WChRXr0bxOhnt2IM3YhkfAhufINnjcQwVEzcd3dPBMt2TRV3BuTFfeWw7BZaF1saVLC3trGSRRM5PBS1TicGsODejnkL5_PIzDxTnzWzcdwVyuYR9EJkzDrSoWB12T6-ORXSP7aSXLwdzIRHxZCWCmHXcBmM3p_K5m5S9AlJqNiAiex7CbIIFmtVI0XFvzTD78NjBeBbTLJTp5-_0cEPBp4Dquw2TXDHBN7sF_hxCFtFz3WCSx6DZ8N3553Jp7AKw3YJpGOKJe9zYjSabLbg", "payload": "e30" } 2023-03-10 12:34:54,886:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/209727129277/9VdZkg HTTP/1.1" 200 187 2023-03-10 12:34:54,887:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 12:34:54 GMT Content-Type: application/json Content-Length: 187 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/209727129277/9VdZkg Replay-Nonce: C400uQ7odX68WloBTUBmSDtm4Xo4vtTyJALGqjwUJakUbIQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209727129277/9VdZkg", "token": "reHkfAcvQY6J6wx7abV1UQH-0Hwu9avzYuSmE0orf7E" } 2023-03-10 12:34:54,887:DEBUG:acme.client:Storing nonce: C400uQ7odX68WloBTUBmSDtm4Xo4vtTyJALGqjwUJakUbIQ 2023-03-10 12:34:55,889:DEBUG:acme.client:JWS payload: b'' 2023-03-10 12:34:55,891:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/209727129277: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNDk1MDA2MzcwIiwgIm5vbmNlIjogIkM0MDB1UTdvZFg2OFdsb0JUVUJtU0R0bTRYbzR2dFR5SkFMR3Fqd1VKYWtVYklRIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDk3MjcxMjkyNzcifQ", "signature": "XnzJx6_YtYVFw07-EYSdGHhnq9xhtVwvfAxlFnaye-G_9uBk82tDj3ULVXk_PEEl-lrH6a9JYlpZ9zDLzaW78L_ooPKzJFT7x9bs7DQ_hdPEXiji_n2_jPBMXmf3brWOElgZhSbaQXC15YX-juRKm3FIXtkIcApyVlhRxpW33GuIyX3JmqwHuwDJxVkZA9qTKYhx4Tat3RiZw3xJSufMmg-fUdFG4kDBkC1uO67A3wqDRKrh6w_xLwIkf0Sjy5Nu3g7l6wHXfFFZp91Mhb9vWQbkVdlHMSYIr5vWEm3U9mp2H_3nBqLdqXclqtiTJED72lJanjJzqKzvUrOj0dIRyg", "payload": "" } 2023-03-10 12:34:55,965:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/209727129277 HTTP/1.1" 200 1484 2023-03-10 12:34:55,966:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Fri, 10 Mar 2023 12:34:55 GMT Content-Type: application/json Content-Length: 1484 Connection: keep-alive Boulder-Requester: 495006370 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: F977gIBj7_Cz9iQN4qI6wgcfQR16vNXPUsFoRF4RyNhZ0y0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "dagoth.xyz" }, "status": "invalid", "expires": "2023-03-17T12:34:53Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/reHkfAcvQY6J6wx7abV1UQH-0Hwu9avzYuSmE0orf7E: 404", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/209727129277/9VdZkg", "token": "reHkfAcvQY6J6wx7abV1UQH-0Hwu9avzYuSmE0orf7E", "validationRecord": [ { "url": "http://dagoth.xyz/.well-known/acme-challenge/reHkfAcvQY6J6wx7abV1UQH-0Hwu9avzYuSmE0orf7E", "hostname": "dagoth.xyz", "port": "80", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" }, { "url": "https://dagoth.xyz/.well-known/acme-challenge/reHkfAcvQY6J6wx7abV1UQH-0Hwu9avzYuSmE0orf7E", "hostname": "dagoth.xyz", "port": "443", "addressesResolved": [ "45.77.107.166", "2001:19f0:5:5eac:5400:3ff:fef1:f13c" ], "addressUsed": "2001:19f0:5:5eac:5400:3ff:fef1:f13c" } ], "validated": "2023-03-10T12:34:54Z" } ] } 2023-03-10 12:34:55,966:DEBUG:acme.client:Storing nonce: F977gIBj7_Cz9iQN4qI6wgcfQR16vNXPUsFoRF4RyNhZ0y0 2023-03-10 12:34:55,967:WARNING:certbot._internal.auth_handler:Challenge failed for domain dagoth.xyz 2023-03-10 12:34:55,968:INFO:certbot._internal.auth_handler:http-01 challenge for dagoth.xyz 2023-03-10 12:34:55,969:DEBUG:certbot._internal.reporter:Reporting to user: The following errors were reported by the server: Domain: dagoth.xyz Type: unauthorized Detail: 2001:19f0:5:5eac:5400:3ff:fef1:f13c: Invalid response from https://dagoth.xyz/.well-known/acme-challenge/reHkfAcvQY6J6wx7abV1UQH-0Hwu9avzYuSmE0orf7E: 404 To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. 2023-03-10 12:34:55,971:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-10 12:34:55,971:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-03-10 12:34:55,972:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-03-10 12:34:57,263:ERROR:certbot._internal.renewal:Failed to renew certificate dagoth.xyz with error: Some challenges have failed. 2023-03-10 12:34:57,270:DEBUG:certbot._internal.renewal:Traceback was: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 485, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1234, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 123, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 345, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 421, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2023-03-10 12:34:57,271:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/mail.dagoth.xyz.conf 2023-03-10 12:34:57,283:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-10 12:34:57,289:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-10 12:34:57,291:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is signed by the certificate's issuer. 2023-03-10 12:34:57,292:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/mail.dagoth.xyz/cert2.pem is: OCSPCertStatus.GOOD 2023-03-10 12:34:57,294:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-10 12:34:57,294:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 12:34:57,295:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-10 12:34:57,296:DEBUG:certbot.display.util:Notifying user: Processing /etc/letsencrypt/renewal/metukim.xyz.conf 2023-03-10 12:34:57,302:DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): r3.o.lencr.org:80 2023-03-10 12:34:57,307:DEBUG:urllib3.connectionpool:http://r3.o.lencr.org:80 "POST / HTTP/1.1" 200 503 2023-03-10 12:34:57,308:DEBUG:certbot.ocsp:OCSP response for certificate /etc/letsencrypt/archive/metukim.xyz/cert5.pem is signed by the certificate's issuer. 2023-03-10 12:34:57,309:DEBUG:certbot.ocsp:OCSP certificate status for /etc/letsencrypt/archive/metukim.xyz/cert5.pem is: OCSPCertStatus.GOOD 2023-03-10 12:34:57,310:INFO:certbot._internal.renewal:Cert not yet due for renewal 2023-03-10 12:34:57,311:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2023-03-10 12:34:57,311:DEBUG:certbot._internal.plugins.selection:Selecting plugin: * nginx Description: Nginx Web Server plugin Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: 2023-03-10 12:34:57,311:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-10 12:34:57,312:DEBUG:certbot.display.util:Notifying user: The following certificates are not due for renewal yet: 2023-03-10 12:34:57,312:DEBUG:certbot.display.util:Notifying user: /etc/letsencrypt/live/mail.dagoth.xyz/fullchain.pem expires on 2023-04-17 (skipped) /etc/letsencrypt/live/metukim.xyz/fullchain.pem expires on 2023-06-07 (skipped) 2023-03-10 12:34:57,312:ERROR:certbot._internal.renewal:All renewals failed. The following certificates could not be renewed: 2023-03-10 12:34:57,312:ERROR:certbot._internal.renewal: /etc/letsencrypt/live/dagoth.xyz/fullchain.pem (failure) 2023-03-10 12:34:57,313:DEBUG:certbot.display.util:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 2023-03-10 12:34:57,313:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')()) File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1413, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1317, in renew renewal.handle_renewal_request(config) File "/usr/lib/python3/dist-packages/certbot/_internal/renewal.py", line 510, in handle_renewal_request raise errors.Error("{0} renew failure(s), {1} parse failure(s)".format( certbot.errors.Error: 1 renew failure(s), 0 parse failure(s) 2023-03-10 12:34:57,315:ERROR:certbot._internal.log:1 renew failure(s), 0 parse failure(s)