2021-09-28 11:21:53,504:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-28 11:21:53,504:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-28 11:21:53,504:DEBUG:certbot._internal.main:Arguments: ['--nginx', '-d', 'chat.waspaa.com'] 2021-09-28 11:21:53,505:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-28 11:21:53,513:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-28 11:21:53,515:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2021-09-28 11:21:53,759:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: Installer, Authenticator, Plugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2021-09-28 11:21:53,759:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2021-09-28 11:21:53,759:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-09-28 11:22:30,018:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-09-28 11:22:30,020:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-09-28 11:22:30,732:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-09-28 11:22:30,733:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 11:22:30 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "hrX6RDUOqxk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-09-28 11:22:34,657:DEBUG:acme.client:Requesting fresh nonce 2021-09-28 11:22:34,657:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-09-28 11:22:34,833:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-09-28 11:22:34,834:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 11:22:34 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102j_0K7uf-ypVAYGdylZuJWB47BeeIb59zmHsEIS5qqC8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-09-28 11:22:34,834:DEBUG:acme.client:Storing nonce: 0102j_0K7uf-ypVAYGdylZuJWB47BeeIb59zmHsEIS5qqC8 2021-09-28 11:22:34,834:DEBUG:acme.client:JWS payload: b'{\n "contact": [\n "mailto:manish.kumar@anu.edu.au"\n ],\n "termsOfServiceAgreed": true\n}' 2021-09-28 11:22:34,838:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-acct: { "protected": "eyJhbGciOiAiUlMyNTYiLCAiandrIjogeyJuIjogInZ4MGt0YVZ2MHllclI1TENKcXp4VTU4SWdaenhYRFctaVZ0RnZIYWpMWmN3WHN0U1A0ZnFRR0E3NEJ0YU55OWkydUl1b3AxYUxWS2pNTFFZX3dCRlVXdUJYeWNPT3NQQXFzV1NMLTh1eTcyYmtNNGRRMkIzNFRiRmQxX0tlSlVxek1fWUwwN0tuN05BZUZXQm1GZzZGd2tHWGtZUzRUck1zSFRDaDh6TVEwQmFHM2trcnFQY2tOOTRGM2g1ZV9CSlRyeU93bmZDSnhoUUJjcDc1dDY3cHpESU9ybTgzaDExVzBnTElwOGtnVGJfZE5GbHZDQ2ViVmpEcjNmV1BJVlBUMlhRRDEyakxCMzQ5R1NYbFpvMnR5cVR4MERJcVVpU2F0dVVhbG1RTmVxUUtMRXdISS1rQmNtc05zelBfWTNvSUFsSFcwRnMtenRxRXF5dGtKM0ZpUSIsICJlIjogIkFRQUIiLCAia3R5IjogIlJTQSJ9LCAibm9uY2UiOiAiMDEwMmpfMEs3dWYteXBWQVlHZHlsWnVKV0I0N0JlZUliNTl6bUhzRUlTNXFxQzgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1hY2N0In0", "signature": "orcP6iYRCczLl3TAZ4oY_WM4FUalt4vPfXiq1xLHhERlSyGY6jebW3lwzspVktAi4lbyBtAH0HdHsjck8xykIb-t448uQDGTJHPkwvbxUfQyWo29Q-aMybjKAy9lxCwdN2mFZJkK_7hrAJ2xaEBH1F00l-zHdRCv8giyvdWt0WE7K8_I9iFXLxtFcTabd3oVGNmxLZC5DrCazXJL0J9ZrwK7myMjR6QrXhjLiIbu2RTz8Hgntayo2RJhwd_kzSkvQVv3Jh86fXGPmVx_JXxn2SrDinGX_t9tvJzcXhgEY4HOJrlkD5442qBSYfmh2ZjSgP1Fd0fzkh8iSSwokfdn5Q", "payload": "ewogICJjb250YWN0IjogWwogICAgIm1haWx0bzptYW5pc2gua3VtYXJAYW51LmVkdS5hdSIKICBdLAogICJ0ZXJtc09mU2VydmljZUFncmVlZCI6IHRydWUKfQ" } 2021-09-28 11:22:35,138:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-acct HTTP/1.1" 201 565 2021-09-28 11:22:35,138:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Tue, 28 Sep 2021 11:22:35 GMT Content-Type: application/json Content-Length: 565 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="terms-of-service" Location: https://acme-v02.api.letsencrypt.org/acme/acct/217949130 Replay-Nonce: 0102_9vEjr2Ty2PDSnyIGb_kSHETt-DlFfSIWKhYF17a0sw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "key": { "kty": "RSA", "n": "vx0ktaVv0yerR5LCJqzxU58IgZzxXDW-iVtFvHajLZcwXstSP4fqQGA74BtaNy9i2uIuop1aLVKjMLQY_wBFUWuBXycOOsPAqsWSL-8uy72bkM4dQ2B34TbFd1_KeJUqzM_YL07Kn7NAeFWBmFg6FwkGXkYS4TrMsHTCh8zMQ0BaG3kkrqPckN94F3h5e_BJTryOwnfCJxhQBcp75t67pzDIOrm83h11W0gLIp8kgTb_dNFlvCCebVjDr3fWPIVPT2XQD12jLB349GSXlZo2tyqTx0DIqUiSatuUalmQNeqQKLEwHI-kBcmsNszP_Y3oIAlHW0Fs-ztqEqytkJ3FiQ", "e": "AQAB" }, "contact": [ "mailto:manish.kumar@anu.edu.au" ], "initialIp": "54.253.8.130", "createdAt": "2021-09-28T11:22:35.073745063Z", "status": "valid" } 2021-09-28 11:22:35,138:DEBUG:acme.client:Storing nonce: 0102_9vEjr2Ty2PDSnyIGb_kSHETt-DlFfSIWKhYF17a0sw 2021-09-28 11:22:48,305:DEBUG:certbot._internal.display.obj:Notifying user: Account registered. 2021-09-28 11:22:48,305:DEBUG:certbot._internal.main:Picked account: )>), contact=('mailto:manish.kumar@anu.edu.au',), agreement=None, status='valid', terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/217949130', new_authzr_uri=None, terms_of_service='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'), 3e2d424a5a9c2fa2719bb6350d54ee53, Meta(creation_dt=datetime.datetime(2021, 9, 28, 11, 22, 35, tzinfo=), creation_host='ip-172-31-40-153.ap-southeast-2.compute.internal', register_to_eff=None))> 2021-09-28 11:22:48,306:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for chat.waspaa.com 2021-09-28 11:22:48,374:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0000_key-certbot.pem 2021-09-28 11:22:48,376:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0000_csr-certbot.pem 2021-09-28 11:22:48,377:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "chat.waspaa.com"\n }\n ]\n}' 2021-09-28 11:22:48,379:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJfOXZFanIyVHkyUERTbnlJR2Jfa1NIRVR0LURsRmZTSVdLaFlGMTdhMHN3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "oRx90ikWxChCuU0dywn7Ak63-VOnrKzBRSAXSf-tA2znPRSzBtTUjNZmxevzcrDqqJsHAalvSOwCVJwymJHf3KBjsu7ov_wn1iPrVq4hhQcZ5TLgHgeZN_rUJjJrIT-lnqtMyidRcRyXspKDpy0wSEjuxFq3npVQ2K2nmP8VDVWzz7RNk0eNhzAyIryfgnGwya2O-pXTc_-RWCd3uynyH7tNLzQfGiA3G1kcg7IGj2lIClPRQbuu3RI3L489pT3S_lR1KVyTDgTZt6QEnoimrzhe4CGx7f2fwo7CvlYRx0iwU8doVX_pJShl0IfdtKbCQqqpuY2tUEosYduQhW1MSA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNoYXQud2FzcGFhLmNvbSIKICAgIH0KICBdCn0" } 2021-09-28 11:22:48,701:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 338 2021-09-28 11:22:48,701:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Tue, 28 Sep 2021 11:22:48 GMT Content-Type: application/json Content-Length: 338 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/217949130/27822530370 Replay-Nonce: 0101HNC6G5hzRwa_VA4Nc9kFCsoaha4Xm9UEJn5EuTAR_44 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-10-05T11:22:48Z", "identifiers": [ { "type": "dns", "value": "chat.waspaa.com" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/35089768300" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/217949130/27822530370" } 2021-09-28 11:22:48,701:DEBUG:acme.client:Storing nonce: 0101HNC6G5hzRwa_VA4Nc9kFCsoaha4Xm9UEJn5EuTAR_44 2021-09-28 11:22:48,702:DEBUG:acme.client:JWS payload: b'' 2021-09-28 11:22:48,704:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35089768300: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDFITkM2RzVoelJ3YV9WQTROYzlrRkNzb2FoYTRYbTlVRUpuNUV1VEFSXzQ0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTA4OTc2ODMwMCJ9", "signature": "TTTfp6Eckd96c_qKg5qD12l3Po1v98BWjhqvBgvYHo4pVqHJbRkiIQ43AHToJ2TDJi0vxhSyvbgiNfpTxRZZkXZbP9hyjkRhs3ynLkd8ntRCRlTODmuXdwnVS-aFjlirrRE-Dcs2DhdV4q_kWjUxWyJtE5PgC9opdUg15c7fLwKIgP5fpw305hiMjnBkB70PT96EKGFLCozFSomNzwujwmw4h_nV05Vxo0cE6WBRklpSAg0i9u5N4zQ5g08OW9564gmVlLe9ql25xVybxEz8gZV__TH4IorHnLUty6xDoY9dH4SBQu7tair8Y9cVi9m8eKhhaZA6xyxMdgs3bdHmnQ", "payload": "" } 2021-09-28 11:22:48,908:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35089768300 HTTP/1.1" 200 796 2021-09-28 11:22:48,909:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 11:22:48 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01017MFTCeziomiagBTJZ-UzpgmyfZHNoCZehJaQdcEg7JQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "pending", "expires": "2021-10-05T11:22:48Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35089768300/S48oeA", "token": "sTEPb7rS1cNAbkTCEbEhh49MNPdbe4tHH-VH2S3VnkU" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35089768300/j8_NtQ", "token": "sTEPb7rS1cNAbkTCEbEhh49MNPdbe4tHH-VH2S3VnkU" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35089768300/0zSPAA", "token": "sTEPb7rS1cNAbkTCEbEhh49MNPdbe4tHH-VH2S3VnkU" } ] } 2021-09-28 11:22:48,909:DEBUG:acme.client:Storing nonce: 01017MFTCeziomiagBTJZ-UzpgmyfZHNoCZehJaQdcEg7JQ 2021-09-28 11:22:48,909:INFO:certbot._internal.auth_handler:Performing the following challenges: 2021-09-28 11:22:48,910:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-28 11:22:48,926:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2021-09-28 11:22:48,926:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-09-28 11:22:48,926:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-09-28 11:22:48,927:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/default 2021-09-28 11:22:48,927:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-09-28 11:22:48,927:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-09-28 11:22:48,927:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-09-28 11:22:48,928:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-09-28 11:22:48,928:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-09-28 11:22:48,930:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/default: ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80 ; listen [::]:80 ; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name chat.waspaa.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} location = /.well-known/acme-challenge/sTEPb7rS1cNAbkTCEbEhh49MNPdbe4tHH-VH2S3VnkU{default_type text/plain;return 200 sTEPb7rS1cNAbkTCEbEhh49MNPdbe4tHH-VH2S3VnkU.hM7dzhwApZf7ljiWUXuEkPQbAIYgz8h8LX33rC8U8yY;} # managed by Certbot } 2021-09-28 11:22:49,961:DEBUG:acme.client:JWS payload: b'{}' 2021-09-28 11:22:49,963:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/35089768300/S48oeA: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDE3TUZUQ2V6aW9taWFnQlRKWi1VenBnbXlmWkhOb0NaZWhKYVFkY0VnN0pRIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8zNTA4OTc2ODMwMC9TNDhvZUEifQ", "signature": "DJN_RCcN6vCMz-VevfmZjnrkxv5L0ChvRFeio7AlPIh8zjcUJNEW9opA4VvcteT_T5kvcc0fYw-eVbafhbpg4NCavOPxo1v8slc9HXg6jA8HyWzKp_m18pBBZBtir4RysYpLXiTYxFV1miSYDyIVURVdoSI7WZDNozRQO1G1eJq7glc9QazjDKNcKYpyVzrjlrNQPxgWvBaPd0QvDOCb3zpakKcZzTR7mBUBlW5DJHBCesnhkj1fSANsCzEfxKXH1cnNsbp58KK2oIibnFhkGMJJZLlsIbmySIRDLuQprV62pPSpQ4RjSqtcInb4BkXJOqbD5jUpFDEpndNaiir5xA", "payload": "e30" } 2021-09-28 11:22:50,186:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/35089768300/S48oeA HTTP/1.1" 200 186 2021-09-28 11:22:50,186:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 11:22:50 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/35089768300/S48oeA Replay-Nonce: 0101bt9kV1JTtbffLEbwxTHy2DbZ7cygE7QooeuL9U-JKG4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35089768300/S48oeA", "token": "sTEPb7rS1cNAbkTCEbEhh49MNPdbe4tHH-VH2S3VnkU" } 2021-09-28 11:22:50,186:DEBUG:acme.client:Storing nonce: 0101bt9kV1JTtbffLEbwxTHy2DbZ7cygE7QooeuL9U-JKG4 2021-09-28 11:22:50,187:INFO:certbot._internal.auth_handler:Waiting for verification... 2021-09-28 11:22:51,188:DEBUG:acme.client:JWS payload: b'' 2021-09-28 11:22:51,189:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35089768300: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDFidDlrVjFKVHRiZmZMRWJ3eFRIeTJEYlo3Y3lnRTdRb29ldUw5VS1KS0c0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTA4OTc2ODMwMCJ9", "signature": "W2wHRp1Gojtq61c-ONuJ4FciHN0am9E8U810WBqYYUKifBczQFw_qQeShtQV9yg0DR95p6V4usli-1BPAuDVPDKwI0LrBD69qFANeuZpeXSEwEQSYd93urlB9D4gl-PR47LdWZ0fcTdagcUWjZOa3u349KDAGwO7Dko4SwQkZbWl9xvxvu0H27pHAkN2msadiMIFOBIPZKAWx2YuegyqHtn0DWcmni-dfPLJWq9WPMpoQ0U__4319GsTv397zdwY_LFZB66CmQdd5NlWrxlTfMGKPK-26HiGSkhPXsuSg15cS_8QSlndMC0-gMRRNexZt7PiTXZcFkpx-9-JOuh9Nw", "payload": "" } 2021-09-28 11:22:51,395:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35089768300 HTTP/1.1" 200 1274 2021-09-28 11:22:51,395:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 11:22:51 GMT Content-Type: application/json Content-Length: 1274 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101ju0MUU73KAsxUacQdr0ivj6PCgw2kWyvgU6OzsSG9fg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "invalid", "expires": "2021-10-05T11:22:48Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/sTEPb7rS1cNAbkTCEbEhh49MNPdbe4tHH-VH2S3VnkU [162.241.217.240]: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eNot Found\u003c/h1\u003e\\n\u003cp\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35089768300/S48oeA", "token": "sTEPb7rS1cNAbkTCEbEhh49MNPdbe4tHH-VH2S3VnkU", "validationRecord": [ { "url": "http://chat.waspaa.com/.well-known/acme-challenge/sTEPb7rS1cNAbkTCEbEhh49MNPdbe4tHH-VH2S3VnkU", "hostname": "chat.waspaa.com", "port": "80", "addressesResolved": [ "162.241.217.240" ], "addressUsed": "162.241.217.240" } ], "validated": "2021-09-28T11:22:50Z" } ] } 2021-09-28 11:22:51,395:DEBUG:acme.client:Storing nonce: 0101ju0MUU73KAsxUacQdr0ivj6PCgw2kWyvgU6OzsSG9fg 2021-09-28 11:22:51,396:INFO:certbot._internal.auth_handler:Challenge failed for domain chat.waspaa.com 2021-09-28 11:22:51,396:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-28 11:22:51,396:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems: Domain: chat.waspaa.com Type: unauthorized Detail: Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/sTEPb7rS1cNAbkTCEbEhh49MNPdbe4tHH-VH2S3VnkU [162.241.217.240]: "\n\n404 Not Found\n\n

Not Found

\n sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1285, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 454, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 384, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 434, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-09-28 11:22:52,488:ERROR:certbot._internal.log:Some challenges have failed. 2021-09-28 11:28:10,661:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-28 11:28:10,661:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-28 11:28:10,661:DEBUG:certbot._internal.main:Arguments: ['--nginx', '-d', 'chat.waspaa.com'] 2021-09-28 11:28:10,661:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-28 11:28:10,670:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-28 11:28:10,671:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2021-09-28 11:28:10,772:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: Installer, Authenticator, Plugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2021-09-28 11:28:10,772:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2021-09-28 11:28:10,773:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-09-28 11:28:10,776:DEBUG:certbot._internal.main:Picked account: ), creation_host='ip-172-31-40-153.ap-southeast-2.compute.internal', register_to_eff=None))> 2021-09-28 11:28:10,777:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-09-28 11:28:10,779:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-09-28 11:28:11,488:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-09-28 11:28:11,489:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 11:28:11 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "4GZtnqamD_g": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-09-28 11:28:11,489:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for chat.waspaa.com 2021-09-28 11:28:11,665:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0001_key-certbot.pem 2021-09-28 11:28:11,667:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0001_csr-certbot.pem 2021-09-28 11:28:11,668:DEBUG:acme.client:Requesting fresh nonce 2021-09-28 11:28:11,668:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-09-28 11:28:11,844:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-09-28 11:28:11,845:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 11:28:11 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101bVdeRT9Xkof8gwEP2amBf10jfh4Y7xmVG6MwMfR3Eog X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-09-28 11:28:11,845:DEBUG:acme.client:Storing nonce: 0101bVdeRT9Xkof8gwEP2amBf10jfh4Y7xmVG6MwMfR3Eog 2021-09-28 11:28:11,845:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "chat.waspaa.com"\n }\n ]\n}' 2021-09-28 11:28:11,847:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDFiVmRlUlQ5WGtvZjhnd0VQMmFtQmYxMGpmaDRZN3htVkc2TXdNZlIzRW9nIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "BViPQDg7d-q9zpTsel0r2m4NdRtdS_1A9iiv4dqswLa6gnY5MmL7gTQfliE-uDPSiCW6lCNYv7zkPwtQmukIrdiLCfFFfDvs9sd8-CQHVfQlYksuFkKtdQy1abSJKhFxOEr0IqHUhCq2c7jOaom50HlIvnFwEXeBkkCRXkbwKyOQErwliN0FBUtePIRgNgrdunCWI581MYucKKmn6A8-9u00yp7skau512gr66ksuoT44fPfuhc_kmycwLS9T5BXKa84BnklxCTc1XZVillD5GUdio6ULyLt6sud6Vfm80dle9Cefd1CqrvsXwGO9gE8QHHC94_g7-01Oaz0AaKlgA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNoYXQud2FzcGFhLmNvbSIKICAgIH0KICBdCn0" } 2021-09-28 11:28:12,219:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 338 2021-09-28 11:28:12,219:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Tue, 28 Sep 2021 11:28:12 GMT Content-Type: application/json Content-Length: 338 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/217949130/27823400120 Replay-Nonce: 0102k_7uBBTKSHyWMvqXvktXbFaCFiv_XuhvoM6t9TGtqRY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-10-05T11:28:12Z", "identifiers": [ { "type": "dns", "value": "chat.waspaa.com" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/35090798750" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/217949130/27823400120" } 2021-09-28 11:28:12,219:DEBUG:acme.client:Storing nonce: 0102k_7uBBTKSHyWMvqXvktXbFaCFiv_XuhvoM6t9TGtqRY 2021-09-28 11:28:12,220:DEBUG:acme.client:JWS payload: b'' 2021-09-28 11:28:12,221:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35090798750: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJrXzd1QkJUS1NIeVdNdnFYdmt0WGJGYUNGaXZfWHVodm9NNnQ5VEd0cVJZIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTA5MDc5ODc1MCJ9", "signature": "TJ_IxhARirNK1BLpchg05rGbAmwEqCZi28wmCn_xkT-c6FxPfDHjf3XpfvPc6k4-HiV2DR_ds2udVm9h_I6yGUxBHrM8R2WbMgSDMRqj-sWyJv0ksMqs_Y3vcnlarDSGVJs_dAjWdIZd_DYUFwFGPjxJEcRW4gtMsQmyRmejinRGZxqvfSy_41Ovckq4qf3JKhl5sRl4IHqNq3Xwh_sX_zBbN9eYDjYi9jm800dS9MEcE1mxGvyfeEDWWG7w6ypcMkIhYga67O7oZjOeTgfsIMabdAN8O7ZV1pbtzhStpW3bzokM7pFjtVV-ERXbbUpZNDo7LB5DrDqD8cVu_fUWWw", "payload": "" } 2021-09-28 11:28:12,425:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35090798750 HTTP/1.1" 200 796 2021-09-28 11:28:12,426:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 11:28:12 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102TeZBjf-dRfmylcnWI91UbRx3Ph6AOBMpAM6C7cCqdU0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "pending", "expires": "2021-10-05T11:28:12Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35090798750/s0rdPQ", "token": "7lS0DJtwGNRBcCU615lUZIDWarBCu53YiewStgvcg9o" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35090798750/8-0fEw", "token": "7lS0DJtwGNRBcCU615lUZIDWarBCu53YiewStgvcg9o" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35090798750/gV1gTQ", "token": "7lS0DJtwGNRBcCU615lUZIDWarBCu53YiewStgvcg9o" } ] } 2021-09-28 11:28:12,426:DEBUG:acme.client:Storing nonce: 0102TeZBjf-dRfmylcnWI91UbRx3Ph6AOBMpAM6C7cCqdU0 2021-09-28 11:28:12,427:INFO:certbot._internal.auth_handler:Performing the following challenges: 2021-09-28 11:28:12,427:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-28 11:28:12,443:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2021-09-28 11:28:12,443:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-09-28 11:28:12,443:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-09-28 11:28:12,444:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-09-28 11:28:12,444:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/default 2021-09-28 11:28:12,444:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-09-28 11:28:12,444:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-09-28 11:28:12,444:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-09-28 11:28:12,445:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-09-28 11:28:12,446:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/default: ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80 ; listen [::]:80 ; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name chat.waspaa.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} location = /.well-known/acme-challenge/7lS0DJtwGNRBcCU615lUZIDWarBCu53YiewStgvcg9o{default_type text/plain;return 200 7lS0DJtwGNRBcCU615lUZIDWarBCu53YiewStgvcg9o.hM7dzhwApZf7ljiWUXuEkPQbAIYgz8h8LX33rC8U8yY;} # managed by Certbot } 2021-09-28 11:28:13,465:DEBUG:acme.client:JWS payload: b'{}' 2021-09-28 11:28:13,467:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/35090798750/s0rdPQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJUZVpCamYtZFJmbXlsY25XSTkxVWJSeDNQaDZBT0JNcEFNNkM3Y0NxZFUwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8zNTA5MDc5ODc1MC9zMHJkUFEifQ", "signature": "lOlSeRpD0bC0hjKDxKw_ium23IoqfyDmUAynzsMrzCXNve9LA81XdlIGQvqdX8bvguVLonMQRRPjdMGCsHsCepVmGE5pdS4so3WtksUjKyT9JRtIeAr9NGWkuL6YCeKDQTS8e60wiNnzT1iNOVELB-eXf8bWkTSb0v-XrALhQtkIsKwufivqgzVnv4fxYu4F4ZBgAxeEABix_a25-4ch9WL4wmpyuk3VNS0MiACu2dYZqsKyswC4ktiIC-y8xR2_UR974Ip696Ycp-hnCnQ5cfivTP3PIE0y9RpvPun9KqcXAmQ6IfwL8kuhDRpF335XhQ71sRGllKGGRmiyNGyO_g", "payload": "e30" } 2021-09-28 11:28:13,688:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/35090798750/s0rdPQ HTTP/1.1" 200 186 2021-09-28 11:28:13,688:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 11:28:13 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/35090798750/s0rdPQ Replay-Nonce: 0101GCeSHVhCtVb0Ex7182mL4zd-FJ3J8H08J8VqlZa3fvw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35090798750/s0rdPQ", "token": "7lS0DJtwGNRBcCU615lUZIDWarBCu53YiewStgvcg9o" } 2021-09-28 11:28:13,688:DEBUG:acme.client:Storing nonce: 0101GCeSHVhCtVb0Ex7182mL4zd-FJ3J8H08J8VqlZa3fvw 2021-09-28 11:28:13,689:INFO:certbot._internal.auth_handler:Waiting for verification... 2021-09-28 11:28:14,690:DEBUG:acme.client:JWS payload: b'' 2021-09-28 11:28:14,692:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35090798750: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDFHQ2VTSFZoQ3RWYjBFeDcxODJtTDR6ZC1GSjNKOEgwOEo4VnFsWmEzZnZ3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTA5MDc5ODc1MCJ9", "signature": "a33lOEjNZ2UUXYtyYSsMsP8ODvjODf1PwGUN5B1C_EIjKe0kVbO0j5LI9FvCVym83FkxyWrLUyIOhh40kaFvSnesxfPL6Jg2a3MKXeeAWLF0T5DLIIcDpsidY4y54rPnK6zyhcESirGwvjVGVmYeHbU_-U4KE44OUw2JvniwKk1ddLsStmH_RnMwwqy1AfyU63b6iBSN-35ttpKHZBpixNd5ULkTb0DbxoYjMrqkmVdCB833ovR8MkPAWw9e3V5eOJdQV_B44GVl_n6LmW3z3GC38ma6GjIRHnnjNse8_zJAKH6w-e7Oe3xUMmQYDZiaFUoqskYBbPd7iMsJVNFF1g", "payload": "" } 2021-09-28 11:28:14,900:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35090798750 HTTP/1.1" 200 1274 2021-09-28 11:28:14,901:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 11:28:14 GMT Content-Type: application/json Content-Length: 1274 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101t24MYMgQKF0yVISqnvzMNl9IO7Vs2aUlOfZrQVGb2ww X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "invalid", "expires": "2021-10-05T11:28:12Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/7lS0DJtwGNRBcCU615lUZIDWarBCu53YiewStgvcg9o [162.241.217.240]: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eNot Found\u003c/h1\u003e\\n\u003cp\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35090798750/s0rdPQ", "token": "7lS0DJtwGNRBcCU615lUZIDWarBCu53YiewStgvcg9o", "validationRecord": [ { "url": "http://chat.waspaa.com/.well-known/acme-challenge/7lS0DJtwGNRBcCU615lUZIDWarBCu53YiewStgvcg9o", "hostname": "chat.waspaa.com", "port": "80", "addressesResolved": [ "162.241.217.240" ], "addressUsed": "162.241.217.240" } ], "validated": "2021-09-28T11:28:13Z" } ] } 2021-09-28 11:28:14,901:DEBUG:acme.client:Storing nonce: 0101t24MYMgQKF0yVISqnvzMNl9IO7Vs2aUlOfZrQVGb2ww 2021-09-28 11:28:14,901:INFO:certbot._internal.auth_handler:Challenge failed for domain chat.waspaa.com 2021-09-28 11:28:14,901:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-28 11:28:14,902:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems: Domain: chat.waspaa.com Type: unauthorized Detail: Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/7lS0DJtwGNRBcCU615lUZIDWarBCu53YiewStgvcg9o [162.241.217.240]: "\n\n404 Not Found\n\n

Not Found

\n sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1285, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 454, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 384, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 434, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-09-28 11:28:16,009:ERROR:certbot._internal.log:Some challenges have failed. 2021-09-28 11:31:07,112:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-28 11:31:07,112:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-28 11:31:07,112:DEBUG:certbot._internal.main:Arguments: ['--nginx', '-d', 'chat.waspaa.com'] 2021-09-28 11:31:07,113:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-28 11:31:07,121:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-28 11:31:07,122:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2021-09-28 11:31:07,221:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: Installer, Authenticator, Plugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2021-09-28 11:31:07,222:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2021-09-28 11:31:07,222:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-09-28 11:31:07,225:DEBUG:certbot._internal.main:Picked account: ), creation_host='ip-172-31-40-153.ap-southeast-2.compute.internal', register_to_eff=None))> 2021-09-28 11:31:07,226:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-09-28 11:31:07,228:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-09-28 11:31:07,930:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-09-28 11:31:07,931:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 11:31:07 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "_dp9Rw5tFHE": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-09-28 11:31:07,931:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for chat.waspaa.com 2021-09-28 11:31:07,965:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0002_key-certbot.pem 2021-09-28 11:31:07,967:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0002_csr-certbot.pem 2021-09-28 11:31:07,968:DEBUG:acme.client:Requesting fresh nonce 2021-09-28 11:31:07,968:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-09-28 11:31:08,145:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-09-28 11:31:08,146:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 11:31:08 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001OBIk3YoTeDsvQd3fS7BzlS4eHOxhaIEf6BDyODS0OWs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-09-28 11:31:08,146:DEBUG:acme.client:Storing nonce: 0001OBIk3YoTeDsvQd3fS7BzlS4eHOxhaIEf6BDyODS0OWs 2021-09-28 11:31:08,146:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "chat.waspaa.com"\n }\n ]\n}' 2021-09-28 11:31:08,148:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDFPQklrM1lvVGVEc3ZRZDNmUzdCemxTNGVIT3hoYUlFZjZCRHlPRFMwT1dzIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "aIcFsdtw5DHKNoP8xeqeP48hO2NK-nhbOroxwBVpxiwjt14kLFTp_IHdM2DlF6urlU3w0BRpX-8YFXQKX31HI1mHJMORBjCXZ4U1aAODELFIzyJj1cGVxUoLRzaDAmpXaPCosfFrp_njMamG-KtqalkwaDmnvBvHweC4hv7d5R2R8EKRbli_WNT0A3g6GJN9pYsbO9NpgPG6n0ik-4F-XKJKlNi_oMJBTNLgYkrMmZvTQb9id6lFb2qdqsKT54GyQEFVqI5gHY547snLzTRNQezzteitEnP83fTENVeLPb7JVtXpE6MLCK1mck4OJs6E1GifNnHe8wl99Vz31j6a0w", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNoYXQud2FzcGFhLmNvbSIKICAgIH0KICBdCn0" } 2021-09-28 11:31:08,359:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 338 2021-09-28 11:31:08,360:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Tue, 28 Sep 2021 11:31:08 GMT Content-Type: application/json Content-Length: 338 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/217949130/27823905020 Replay-Nonce: 0001eQcK8JmuOAXVnrnfT2GW6mX5bdNh4tEWHsXQDu4OBlk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-10-05T11:31:08Z", "identifiers": [ { "type": "dns", "value": "chat.waspaa.com" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/35091406390" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/217949130/27823905020" } 2021-09-28 11:31:08,360:DEBUG:acme.client:Storing nonce: 0001eQcK8JmuOAXVnrnfT2GW6mX5bdNh4tEWHsXQDu4OBlk 2021-09-28 11:31:08,360:DEBUG:acme.client:JWS payload: b'' 2021-09-28 11:31:08,361:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35091406390: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDFlUWNLOEptdU9BWFZucm5mVDJHVzZtWDViZE5oNHRFV0hzWFFEdTRPQmxrIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTA5MTQwNjM5MCJ9", "signature": "haSOlyE2lXeHQB3RwFU2bzQeNhhAbDSZ7A3VsLQEtTUEgejdTe962j_App613VeCNif_8mNErLy6F5nT4Ap1PGDFKNUbB53wCmYmLdfjvhe7xuQl92oXG10IT2aINdVdKFAqMW12kLBExMrfQhjgt9CxK0zRIkskEqAdZMaihLXeLU62ISQHbuqSOKJlL4IskO0zhRAitu-fHflROHzNPn423JzcQsVKUx4f_YFbRtFcg8-BrLTqgRXGWK9PLCgAIwGcGpGnaWU6scU7HsG_sWX-VRbn5WvsEZF7oGtI9FVYrbgAloJKE1b-eTmQB1I0W0FWtvBGjUMRHPVm5XhY6A", "payload": "" } 2021-09-28 11:31:08,543:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35091406390 HTTP/1.1" 200 796 2021-09-28 11:31:08,543:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 11:31:08 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001JSxkwTSPjmwWABR2bN9JzvCFB2yPVVn7nZIOIIxTRf8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "pending", "expires": "2021-10-05T11:31:08Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35091406390/UAs18Q", "token": "ckr18Ap6XshSjIMFLDThMLq7Hn3Xza0rzbslLLRDmqE" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35091406390/EZMjvw", "token": "ckr18Ap6XshSjIMFLDThMLq7Hn3Xza0rzbslLLRDmqE" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35091406390/OENRzw", "token": "ckr18Ap6XshSjIMFLDThMLq7Hn3Xza0rzbslLLRDmqE" } ] } 2021-09-28 11:31:08,543:DEBUG:acme.client:Storing nonce: 0001JSxkwTSPjmwWABR2bN9JzvCFB2yPVVn7nZIOIIxTRf8 2021-09-28 11:31:08,544:INFO:certbot._internal.auth_handler:Performing the following challenges: 2021-09-28 11:31:08,544:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-28 11:31:08,560:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2021-09-28 11:31:08,560:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-09-28 11:31:08,561:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-09-28 11:31:08,561:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-09-28 11:31:08,561:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-09-28 11:31:08,561:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/default 2021-09-28 11:31:08,562:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-09-28 11:31:08,562:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-09-28 11:31:08,563:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-09-28 11:31:08,564:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/default: ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80 ; listen [::]:80 ; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name chat.waspaa.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} location = /.well-known/acme-challenge/ckr18Ap6XshSjIMFLDThMLq7Hn3Xza0rzbslLLRDmqE{default_type text/plain;return 200 ckr18Ap6XshSjIMFLDThMLq7Hn3Xza0rzbslLLRDmqE.hM7dzhwApZf7ljiWUXuEkPQbAIYgz8h8LX33rC8U8yY;} # managed by Certbot } 2021-09-28 11:31:09,582:DEBUG:acme.client:JWS payload: b'{}' 2021-09-28 11:31:09,584:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/35091406390/UAs18Q: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDFKU3hrd1RTUGptd1dBQlIyYk45Snp2Q0ZCMnlQVlZuN25aSU9JSXhUUmY4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8zNTA5MTQwNjM5MC9VQXMxOFEifQ", "signature": "fBjvEy302dg-gsziADmKjFJnOvBTLghqqMtjvSmn_NMWM0GG16hJlbkz_jxJkbyQZjRZqv2mQHqpxMCRgabVzD6wZTknBfyg4LHQa5D9XG-bA27XpBcWIcb_LJZNdbLA8GrK6oWdeFBVpqa_zrfgeW2O0zMP569NpH0FjQqs_OHpi0LMSDtMwzgrZapp9xyqeaXQuHCL4aPPwpcEmbX9JuSkbLbiRBhNlxTAZZ0EPFv9h_PNZBXgtcP-7icRCI7GGOFZ8dihcycyi_FcPuwAECH7ReeQmKjuAW8xDetMVxDa9nY697Iof_nmxwDSbMpFM4FeQCS-bJ73trye37HE6A", "payload": "e30" } 2021-09-28 11:31:09,770:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/35091406390/UAs18Q HTTP/1.1" 200 186 2021-09-28 11:31:09,771:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 11:31:09 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/35091406390/UAs18Q Replay-Nonce: 0002MEbbBcp1i_9CweRGFtU0VorVf_YuJGh-emMYpqj0Dhg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35091406390/UAs18Q", "token": "ckr18Ap6XshSjIMFLDThMLq7Hn3Xza0rzbslLLRDmqE" } 2021-09-28 11:31:09,771:DEBUG:acme.client:Storing nonce: 0002MEbbBcp1i_9CweRGFtU0VorVf_YuJGh-emMYpqj0Dhg 2021-09-28 11:31:09,771:INFO:certbot._internal.auth_handler:Waiting for verification... 2021-09-28 11:31:10,772:DEBUG:acme.client:JWS payload: b'' 2021-09-28 11:31:10,774:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35091406390: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDJNRWJiQmNwMWlfOUN3ZVJHRnRVMFZvclZmX1l1SkdoLWVtTVlwcWowRGhnIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTA5MTQwNjM5MCJ9", "signature": "ILGMOy65N1cCJ6U5Q5PHYIbI0c8GpJ4uZGxO1MvG76YYA5Q2Un3UH2Z4TZyQod_781SvfMQQ0qH2JeExt0Nh5nGc0YK0U2ajpDJXgLix-z0isF_RIQoKzpchVTXQebLo5VVVH7fFImJbdiY7ex1mFb6CHnRgVoZV0Smq5MtFXo62ck5nLiNvG-IOor_lS2xhKopIgLXHKedWC8bjHomlBxbJg5okdqBQkSIVvZqpZaL5lBQlsuYwTwpeTcWe5MPp6W9fjW6EUIWBJ8XZdNI-buNpOPmAFlfgSUBYwd1Mj-8KaKie6pOKaTtSKV02vjioPryEuezZwRM63m4kH0l8eQ", "payload": "" } 2021-09-28 11:31:10,963:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35091406390 HTTP/1.1" 200 1274 2021-09-28 11:31:10,963:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 11:31:10 GMT Content-Type: application/json Content-Length: 1274 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002BWucglVbPR0q1ZEgW2seIVzpPVsKTR0uvv56QUEG8NU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "invalid", "expires": "2021-10-05T11:31:08Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/ckr18Ap6XshSjIMFLDThMLq7Hn3Xza0rzbslLLRDmqE [162.241.217.240]: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eNot Found\u003c/h1\u003e\\n\u003cp\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35091406390/UAs18Q", "token": "ckr18Ap6XshSjIMFLDThMLq7Hn3Xza0rzbslLLRDmqE", "validationRecord": [ { "url": "http://chat.waspaa.com/.well-known/acme-challenge/ckr18Ap6XshSjIMFLDThMLq7Hn3Xza0rzbslLLRDmqE", "hostname": "chat.waspaa.com", "port": "80", "addressesResolved": [ "162.241.217.240" ], "addressUsed": "162.241.217.240" } ], "validated": "2021-09-28T11:31:09Z" } ] } 2021-09-28 11:31:10,964:DEBUG:acme.client:Storing nonce: 0002BWucglVbPR0q1ZEgW2seIVzpPVsKTR0uvv56QUEG8NU 2021-09-28 11:31:10,964:INFO:certbot._internal.auth_handler:Challenge failed for domain chat.waspaa.com 2021-09-28 11:31:10,964:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-28 11:31:10,964:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems: Domain: chat.waspaa.com Type: unauthorized Detail: Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/ckr18Ap6XshSjIMFLDThMLq7Hn3Xza0rzbslLLRDmqE [162.241.217.240]: "\n\n404 Not Found\n\n

Not Found

\n sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1285, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 454, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 384, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 434, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-09-28 11:31:12,063:ERROR:certbot._internal.log:Some challenges have failed. 2021-09-28 13:03:37,675:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-28 13:03:37,676:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-28 13:03:37,676:DEBUG:certbot._internal.main:Arguments: ['--nginx', '-d', 'chat.waspaa.com'] 2021-09-28 13:03:37,676:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-28 13:03:37,694:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-28 13:03:37,697:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2021-09-28 13:03:37,940:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: Installer, Authenticator, Plugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2021-09-28 13:03:37,940:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2021-09-28 13:03:37,941:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-09-28 13:03:37,951:DEBUG:certbot._internal.main:Picked account: ), creation_host='ip-172-31-40-153.ap-southeast-2.compute.internal', register_to_eff=None))> 2021-09-28 13:03:37,952:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-09-28 13:03:37,957:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-09-28 13:03:38,674:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-09-28 13:03:38,675:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 13:03:38 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "Pz4Fvj3S0-Q": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-09-28 13:03:38,678:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for chat.waspaa.com 2021-09-28 13:03:38,755:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0003_key-certbot.pem 2021-09-28 13:03:38,758:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0003_csr-certbot.pem 2021-09-28 13:03:38,758:DEBUG:acme.client:Requesting fresh nonce 2021-09-28 13:03:38,758:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-09-28 13:03:38,934:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-09-28 13:03:38,935:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 13:03:38 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101xGp5KZyBQQKN3aPCSaS5SX5s8woiWgryfbToZPYBlc8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-09-28 13:03:38,935:DEBUG:acme.client:Storing nonce: 0101xGp5KZyBQQKN3aPCSaS5SX5s8woiWgryfbToZPYBlc8 2021-09-28 13:03:38,935:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "chat.waspaa.com"\n }\n ]\n}' 2021-09-28 13:03:38,937:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDF4R3A1S1p5QlFRS04zYVBDU2FTNVNYNXM4d29pV2dyeWZiVG9aUFlCbGM4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "soUqHBm-H-5b8-9lWltkixx0v2kygJNcME0kcBb6gq1MMN960aLeGdUqUTr93iHeMTh3wjtCK5ILWk1zDFBW55TvLoI7NYZBIVOS8vnlDuyHrlfD9cEK4yiNxPZ2fv0bTt7v6aFnXPo3qPHXEagIQwLNTXHIjpxZ765FQw1m5q-VipaEF0P9Z-TL2Mfa_SDRZO2ym90-3hIVJF-JdaUl_IjTDkAyeb3uny4oY-aw4Dx3BGxJi7x7Hzicl0pFKvOEOG6JNrLGLe40GRVoYXTwV-80gPUhpmPrmoKqijbgOt5OFCLwHu1d15CEOJMIP0d7C3qFzBwnqYDfYe4GziUQHA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNoYXQud2FzcGFhLmNvbSIKICAgIH0KICBdCn0" } 2021-09-28 13:03:39,274:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 338 2021-09-28 13:03:39,275:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Tue, 28 Sep 2021 13:03:39 GMT Content-Type: application/json Content-Length: 338 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/217949130/27839124890 Replay-Nonce: 0102oQpI7DyzAlH7XG0rRjO1ULBsSH2k2VBF3W9dEh5wHnM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-10-05T13:03:39Z", "identifiers": [ { "type": "dns", "value": "chat.waspaa.com" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/35109646060" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/217949130/27839124890" } 2021-09-28 13:03:39,275:DEBUG:acme.client:Storing nonce: 0102oQpI7DyzAlH7XG0rRjO1ULBsSH2k2VBF3W9dEh5wHnM 2021-09-28 13:03:39,275:DEBUG:acme.client:JWS payload: b'' 2021-09-28 13:03:39,277:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35109646060: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJvUXBJN0R5ekFsSDdYRzByUmpPMVVMQnNTSDJrMlZCRjNXOWRFaDV3SG5NIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTEwOTY0NjA2MCJ9", "signature": "P2phizBOZAWrbvxVn6pP1PAJPUkBaal5n8l4YDsXb6OpoqRUMmIjbxOlSDuY1V3FoF9O1zM0ytv05H6eByDI1FQJyBPBAC0BjqJ3DcA-fI7oqsn3QJ0rScacUV6g1Ppx8ZK4-mQNsxQz4jLrfqbxAcbMky5gkMKam7iVkwA-z5J74LukMG2qp-xSrNs-kF5CGkoHpmrfQvfosAy8htac2OThk2ML9FMMP9xp93mUQtnpllcACWXg2xMVioNzOHvk782TQO9IPSQlFoyeEIoKDwJAIvK1PryP3x8FHI-9P3m49wpVF6TtK1umoaotEs8du-dx8whLjyX3dJwhtR-6SA", "payload": "" } 2021-09-28 13:03:39,488:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35109646060 HTTP/1.1" 200 796 2021-09-28 13:03:39,488:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 13:03:39 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102qFbR21ZBXzr9Rl94TPuqAZsBtm3CHU5MP692HI0-C0M X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "pending", "expires": "2021-10-05T13:03:39Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35109646060/M06UpQ", "token": "ciJ2JhiK3qu3ipF4QJx0dePaDiQYljTPpHYmFzQrvJM" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35109646060/K_K_8w", "token": "ciJ2JhiK3qu3ipF4QJx0dePaDiQYljTPpHYmFzQrvJM" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35109646060/u8vvEg", "token": "ciJ2JhiK3qu3ipF4QJx0dePaDiQYljTPpHYmFzQrvJM" } ] } 2021-09-28 13:03:39,488:DEBUG:acme.client:Storing nonce: 0102qFbR21ZBXzr9Rl94TPuqAZsBtm3CHU5MP692HI0-C0M 2021-09-28 13:03:39,489:INFO:certbot._internal.auth_handler:Performing the following challenges: 2021-09-28 13:03:39,489:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-28 13:03:39,504:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2021-09-28 13:03:39,505:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-09-28 13:03:39,505:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-09-28 13:03:39,505:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/default 2021-09-28 13:03:39,505:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-09-28 13:03:39,506:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-09-28 13:03:39,506:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-09-28 13:03:39,506:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-09-28 13:03:39,507:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-09-28 13:03:39,508:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/default: ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80 ; listen [::]:80 ; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name chat.waspaa.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} location = /.well-known/acme-challenge/ciJ2JhiK3qu3ipF4QJx0dePaDiQYljTPpHYmFzQrvJM{default_type text/plain;return 200 ciJ2JhiK3qu3ipF4QJx0dePaDiQYljTPpHYmFzQrvJM.hM7dzhwApZf7ljiWUXuEkPQbAIYgz8h8LX33rC8U8yY;} # managed by Certbot } 2021-09-28 13:03:40,528:DEBUG:acme.client:JWS payload: b'{}' 2021-09-28 13:03:40,530:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/35109646060/M06UpQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJxRmJSMjFaQlh6cjlSbDk0VFB1cUFac0J0bTNDSFU1TVA2OTJISTAtQzBNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8zNTEwOTY0NjA2MC9NMDZVcFEifQ", "signature": "Vc3z5euAs-WwkUrs9lsdG_x4RBsXQSOVndcMl8bIx-EoCIWHmtIKX3XDfEFkkasMROzrmMR4bxmvF_6RDzPpWirckYX83ZfSTEK-25DyvPv_QlfeMCterXnJg0Wk_lJBMeHoVpB-yzVacKxC0cKyloaWBIMGKez7ArQKz1oXZarj9lIHUv5LkJ6JjuHFgaFthTF-JSnYFAus2xBOsr8DrTA-LCGgOmj0k59pkbSRLDK8rTGrOTqa3hQOQRCW1a4CVpJaFelehCRJg1l6OVkjcGJDuXlM1Sk4HKCJNM9hsO8KaSJwqvTl41cUWyH5V5LXyungLFVFA70aEa0h2NH-Kw", "payload": "e30" } 2021-09-28 13:03:40,750:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/35109646060/M06UpQ HTTP/1.1" 200 186 2021-09-28 13:03:40,751:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 13:03:40 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/35109646060/M06UpQ Replay-Nonce: 0102JfXRmOG4LMelOjbgCAt-29YDCF3toclOwYxDveVphHo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35109646060/M06UpQ", "token": "ciJ2JhiK3qu3ipF4QJx0dePaDiQYljTPpHYmFzQrvJM" } 2021-09-28 13:03:40,751:DEBUG:acme.client:Storing nonce: 0102JfXRmOG4LMelOjbgCAt-29YDCF3toclOwYxDveVphHo 2021-09-28 13:03:40,751:INFO:certbot._internal.auth_handler:Waiting for verification... 2021-09-28 13:03:41,752:DEBUG:acme.client:JWS payload: b'' 2021-09-28 13:03:41,754:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35109646060: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJKZlhSbU9HNExNZWxPamJnQ0F0LTI5WURDRjN0b2NsT3dZeER2ZVZwaEhvIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTEwOTY0NjA2MCJ9", "signature": "Eq7Lx8bWNQkCyXVCmRKdRR6f3wkyVG9RsJDUypYuGQIBLX3aTlwf9KzVp4OEPLEdE2rGcZvhTPrnDRI4_vkmgrL5W1rrceVj_5k5TbXI_BUf-r-QTv3Lgc1WrMW0lS6qMnzEUVR-STiv-DGPBzERxXpFncPkVnE1UIf3VGM7-BJmtLg9_L6yphQnkYm_ieqb0qngbf2umY-Zw7lTlT6fZ3T3pwli0p7gf7xWBAeyMXICA75ATqrSLniNu9-RvWW-oiSj0bnPc2Nar46T3rdtsPr01zGS3ZDEh6qUmuDMDpsN71xoI5DGe20wsJMGUybEGO4pxvXGR5J4_jTj315Aww", "payload": "" } 2021-09-28 13:03:41,976:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35109646060 HTTP/1.1" 200 1274 2021-09-28 13:03:41,976:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 13:03:41 GMT Content-Type: application/json Content-Length: 1274 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101t9C7BG1CEZzi9naHqybeaaU28_aQmCLzOBQ64Srin2U X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "invalid", "expires": "2021-10-05T13:03:39Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/ciJ2JhiK3qu3ipF4QJx0dePaDiQYljTPpHYmFzQrvJM [162.241.217.240]: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eNot Found\u003c/h1\u003e\\n\u003cp\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35109646060/M06UpQ", "token": "ciJ2JhiK3qu3ipF4QJx0dePaDiQYljTPpHYmFzQrvJM", "validationRecord": [ { "url": "http://chat.waspaa.com/.well-known/acme-challenge/ciJ2JhiK3qu3ipF4QJx0dePaDiQYljTPpHYmFzQrvJM", "hostname": "chat.waspaa.com", "port": "80", "addressesResolved": [ "162.241.217.240" ], "addressUsed": "162.241.217.240" } ], "validated": "2021-09-28T13:03:40Z" } ] } 2021-09-28 13:03:41,976:DEBUG:acme.client:Storing nonce: 0101t9C7BG1CEZzi9naHqybeaaU28_aQmCLzOBQ64Srin2U 2021-09-28 13:03:41,977:INFO:certbot._internal.auth_handler:Challenge failed for domain chat.waspaa.com 2021-09-28 13:03:41,977:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-28 13:03:41,977:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems: Domain: chat.waspaa.com Type: unauthorized Detail: Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/ciJ2JhiK3qu3ipF4QJx0dePaDiQYljTPpHYmFzQrvJM [162.241.217.240]: "\n\n404 Not Found\n\n

Not Found

\n sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1285, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 454, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 384, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 434, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-09-28 13:03:43,078:ERROR:certbot._internal.log:Some challenges have failed. 2021-09-28 13:44:08,803:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-28 13:44:08,804:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-28 13:44:08,804:DEBUG:certbot._internal.main:Arguments: ['--nginx', '-d', 'chat.waspaa.com'] 2021-09-28 13:44:08,804:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-28 13:44:08,822:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-28 13:44:08,826:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2021-09-28 13:44:09,034:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: Installer, Authenticator, Plugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2021-09-28 13:44:09,035:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2021-09-28 13:44:09,035:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-09-28 13:44:09,046:DEBUG:certbot._internal.main:Picked account: ), creation_host='ip-172-31-40-153.ap-southeast-2.compute.internal', register_to_eff=None))> 2021-09-28 13:44:09,047:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-09-28 13:44:09,051:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-09-28 13:44:09,809:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-09-28 13:44:09,810:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 13:44:09 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "rbFo7ikqvVo": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-09-28 13:44:09,813:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for chat.waspaa.com 2021-09-28 13:44:09,827:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0004_key-certbot.pem 2021-09-28 13:44:09,830:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0004_csr-certbot.pem 2021-09-28 13:44:09,831:DEBUG:acme.client:Requesting fresh nonce 2021-09-28 13:44:09,831:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-09-28 13:44:10,018:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-09-28 13:44:10,018:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 13:44:09 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01020CKDaleKzV7fBH7CQvvRLZXIaKhqduX8esqfYKdcvH0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-09-28 13:44:10,018:DEBUG:acme.client:Storing nonce: 01020CKDaleKzV7fBH7CQvvRLZXIaKhqduX8esqfYKdcvH0 2021-09-28 13:44:10,018:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "chat.waspaa.com"\n }\n ]\n}' 2021-09-28 13:44:10,020:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDIwQ0tEYWxlS3pWN2ZCSDdDUXZ2UkxaWElhS2hxZHVYOGVzcWZZS2RjdkgwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "L1cb4GRVNF7FpSFWOYeSg-ePbkHzUNIJgNyPUazNby8Qe9Q7TjYxPG5Wh2vJqXG-gqfADYeKxmZ-RUT-2Mz7lYYmoRQhX03wZ_mIIbwkWWXJGk16lrpYhGlG9YoyvjshnRn8TmR9fuGE_udFBNurH5Bwi5bXKJqUif_naH2Y2_qIRSX3pBTSVmyHQeGdI79Uyd-UzCUbdejaEZlUTJu8uJVjJYqgHjVM14XXb8EldrxpbE1bA1_IIIXI-2V178yuUcd5kp8z4mrKl768kMNgTJaOE28vaDwLakWz2Pq-hUFZtvGScYqIWuQgP6ecpUjq0IMtcPZrCuC0hgtAXW0C7w", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNoYXQud2FzcGFhLmNvbSIKICAgIH0KICBdCn0" } 2021-09-28 13:44:10,806:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 338 2021-09-28 13:44:10,807:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Tue, 28 Sep 2021 13:44:10 GMT Content-Type: application/json Content-Length: 338 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/217949130/27845668110 Replay-Nonce: 0101hR2vBhnlg6nAXnoy0VDr3nT0P4wKch4eDp8I0iG2fIc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-10-05T13:44:10Z", "identifiers": [ { "type": "dns", "value": "chat.waspaa.com" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/35117517400" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/217949130/27845668110" } 2021-09-28 13:44:10,807:DEBUG:acme.client:Storing nonce: 0101hR2vBhnlg6nAXnoy0VDr3nT0P4wKch4eDp8I0iG2fIc 2021-09-28 13:44:10,807:DEBUG:acme.client:JWS payload: b'' 2021-09-28 13:44:10,809:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35117517400: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDFoUjJ2QmhubGc2bkFYbm95MFZEcjNuVDBQNHdLY2g0ZURwOEkwaUcyZkljIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTExNzUxNzQwMCJ9", "signature": "qvX6OnF0LgJNaBiPop8NJFqiNr698pkZ1lGlEASbt6bUzj52gB5Q83SJf-Q5T5ndTd0SH4cJKejD38ZvYjW56FCnGNqSPlXWpJjmrZ9W6efZIaZhBX_jT0Fg0c9Fr93Qgc6pVOZt3_x71rpi7IjSkXXR3onJn_MXrHWSimv1G8nCezQVWn1kjVkFHw1TkTRlwCJD07pjUciLzFhnXCfDGzP5tMzn-7FUOEExAr4Tgq9y5x3UchgjBbIG71-5QXN-w9ZRa_wKBzoVod_LTJCJ60MEWOOX4FtrA7l-Y-vS09NLhZZV1E2z2pAW9sf0i91GSsG6-ZwKMJQUqde3VSQNUQ", "payload": "" } 2021-09-28 13:44:11,119:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35117517400 HTTP/1.1" 200 796 2021-09-28 13:44:11,120:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 13:44:11 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102QYanXoJsXsgflilUc6jyZ6mHrz4KOCKkq6J67lsw8yY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "pending", "expires": "2021-10-05T13:44:10Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35117517400/zc5Reg", "token": "WopKbw2UIFNbK7iqKTgoEzUB1Q9LJJZIDniYtwbY7LM" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35117517400/T__irQ", "token": "WopKbw2UIFNbK7iqKTgoEzUB1Q9LJJZIDniYtwbY7LM" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35117517400/aVELkA", "token": "WopKbw2UIFNbK7iqKTgoEzUB1Q9LJJZIDniYtwbY7LM" } ] } 2021-09-28 13:44:11,120:DEBUG:acme.client:Storing nonce: 0102QYanXoJsXsgflilUc6jyZ6mHrz4KOCKkq6J67lsw8yY 2021-09-28 13:44:11,120:INFO:certbot._internal.auth_handler:Performing the following challenges: 2021-09-28 13:44:11,120:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-28 13:44:11,136:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2021-09-28 13:44:11,137:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-09-28 13:44:11,137:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/default 2021-09-28 13:44:11,138:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-09-28 13:44:11,138:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-09-28 13:44:11,138:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-09-28 13:44:11,138:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-09-28 13:44:11,139:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-09-28 13:44:11,139:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-09-28 13:44:11,141:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/default: ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80 ; listen [::]:80 ; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name chat.waspaa.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} location = /.well-known/acme-challenge/WopKbw2UIFNbK7iqKTgoEzUB1Q9LJJZIDniYtwbY7LM{default_type text/plain;return 200 WopKbw2UIFNbK7iqKTgoEzUB1Q9LJJZIDniYtwbY7LM.hM7dzhwApZf7ljiWUXuEkPQbAIYgz8h8LX33rC8U8yY;} # managed by Certbot } 2021-09-28 13:44:11,209:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [error] invalid PID number "" in "/run/nginx.pid" 2021-09-28 13:44:12,227:DEBUG:acme.client:JWS payload: b'{}' 2021-09-28 13:44:12,230:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/35117517400/zc5Reg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJRWWFuWG9Kc1hzZ2ZsaWxVYzZqeVo2bUhyejRLT0NLa3E2SjY3bHN3OHlZIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8zNTExNzUxNzQwMC96YzVSZWcifQ", "signature": "Ch2usqvAiftmTyF6i0tGMdKYtJTrCWgtlXVaFTOgvv2PHed3qurijwnUIjv9mCBqklDoEWciEwnYt5Ifo1VlAyQaWJS7AmffcstpL7BVWDwJqwtrJHtOG0-GM02tIDulcEv1YMjPV0ZH5ENUax_I-aCaY0g45EK7IBWXcyJtYR9wN6XN6esOvO0vwLz8N11HXZ94_Ol2oTJ8QznlrcQtlWdpDVECMKzkDkBxJwKZCzTlgwPih6kZK-9eaYcL8JE0-RRlO2Vv8bSaoXeUAbSf6L2p623fmhZJvHZkR_sSpNccL4e5LjU6HX9hbRaoFwljXAxz2RWITzbUtb6o7n6n5w", "payload": "e30" } 2021-09-28 13:44:12,595:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/35117517400/zc5Reg HTTP/1.1" 200 186 2021-09-28 13:44:12,596:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 13:44:12 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/35117517400/zc5Reg Replay-Nonce: 0101nlrz9tcsoIYqMQoDI7wP1C0Fw7PbevBV_bVXy2xyN8Y X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35117517400/zc5Reg", "token": "WopKbw2UIFNbK7iqKTgoEzUB1Q9LJJZIDniYtwbY7LM" } 2021-09-28 13:44:12,596:DEBUG:acme.client:Storing nonce: 0101nlrz9tcsoIYqMQoDI7wP1C0Fw7PbevBV_bVXy2xyN8Y 2021-09-28 13:44:12,597:INFO:certbot._internal.auth_handler:Waiting for verification... 2021-09-28 13:44:13,598:DEBUG:acme.client:JWS payload: b'' 2021-09-28 13:44:13,599:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35117517400: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDFubHJ6OXRjc29JWXFNUW9ESTd3UDFDMEZ3N1BiZXZCVl9iVlh5Mnh5TjhZIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTExNzUxNzQwMCJ9", "signature": "JIOJ6F71YfmsA45vtsoU_0b8gi6ujIuPq-JHa4o-BPoxyJryrLDMGfu78s5D-uKFGP_fFvCMNsiiTt6KfWVF-xjdjfEEZvNe2hDjN6QoEtAimJ839_hFQHGrvoakHb_7vGYr1BVGrm6A0GcMN6_OQCzLdCaRcjFTdx_xM-3kam7dm_AEGRm32j5Ge_tY8ujflz8DjpG-oa8HfjwSBiikCOlQEemCL0UU2esnb_JkmFUNZfSVcB_gp7M6Ef86TVPWHtEmNIFXr9EWFBtRbsyYQs6ik9YsVtr5r-wvDLNeqRCDWJNtgT4amYM2YmfqteRqEl7XmYKZBSHipDoBsKPOvQ", "payload": "" } 2021-09-28 13:44:13,902:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35117517400 HTTP/1.1" 200 1274 2021-09-28 13:44:13,903:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Tue, 28 Sep 2021 13:44:13 GMT Content-Type: application/json Content-Length: 1274 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101uJU10SBK9t7GnT6ZvVstWLUp--DSR5ldY-S-2pv6uMk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "invalid", "expires": "2021-10-05T13:44:10Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/WopKbw2UIFNbK7iqKTgoEzUB1Q9LJJZIDniYtwbY7LM [162.241.217.240]: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eNot Found\u003c/h1\u003e\\n\u003cp\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35117517400/zc5Reg", "token": "WopKbw2UIFNbK7iqKTgoEzUB1Q9LJJZIDniYtwbY7LM", "validationRecord": [ { "url": "http://chat.waspaa.com/.well-known/acme-challenge/WopKbw2UIFNbK7iqKTgoEzUB1Q9LJJZIDniYtwbY7LM", "hostname": "chat.waspaa.com", "port": "80", "addressesResolved": [ "162.241.217.240" ], "addressUsed": "162.241.217.240" } ], "validated": "2021-09-28T13:44:12Z" } ] } 2021-09-28 13:44:13,903:DEBUG:acme.client:Storing nonce: 0101uJU10SBK9t7GnT6ZvVstWLUp--DSR5ldY-S-2pv6uMk 2021-09-28 13:44:13,903:INFO:certbot._internal.auth_handler:Challenge failed for domain chat.waspaa.com 2021-09-28 13:44:13,903:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-28 13:44:13,903:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems: Domain: chat.waspaa.com Type: unauthorized Detail: Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/WopKbw2UIFNbK7iqKTgoEzUB1Q9LJJZIDniYtwbY7LM [162.241.217.240]: "\n\n404 Not Found\n\n

Not Found

\n sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1285, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 454, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 384, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 434, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-09-28 13:44:15,007:ERROR:certbot._internal.log:Some challenges have failed. 2021-09-29 05:44:25,572:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-29 05:44:25,573:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-29 05:44:25,573:DEBUG:certbot._internal.main:Arguments: ['--nginx', '--webroot', '-w', '/var/www/html', '-d', 'chat.waspaa.com'] 2021-09-29 05:44:25,573:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-29 05:44:25,593:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-29 05:44:42,215:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-29 05:44:42,215:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-29 05:44:42,215:DEBUG:certbot._internal.main:Arguments: ['--nginx', '-w', '/var/www/html', '-d', 'chat.waspaa.com'] 2021-09-29 05:44:42,215:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-29 05:44:42,225:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-29 05:44:42,227:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2021-09-29 05:44:42,491:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: Installer, Authenticator, Plugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2021-09-29 05:44:42,492:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2021-09-29 05:44:42,492:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-09-29 05:44:42,502:DEBUG:certbot._internal.main:Picked account: ), creation_host='ip-172-31-40-153.ap-southeast-2.compute.internal', register_to_eff=None))> 2021-09-29 05:44:42,503:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-09-29 05:44:42,506:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-09-29 05:44:43,219:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-09-29 05:44:43,220:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 05:44:43 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "C7oj9DjH_Xk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-09-29 05:44:43,221:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for chat.waspaa.com 2021-09-29 05:44:43,320:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0005_key-certbot.pem 2021-09-29 05:44:43,323:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0005_csr-certbot.pem 2021-09-29 05:44:43,324:DEBUG:acme.client:Requesting fresh nonce 2021-09-29 05:44:43,324:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-09-29 05:44:43,499:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-09-29 05:44:43,500:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 05:44:43 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102znxjMRJkxfq9vSpq4XUwLztLriTEXSW4YTWaV599VEg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-09-29 05:44:43,500:DEBUG:acme.client:Storing nonce: 0102znxjMRJkxfq9vSpq4XUwLztLriTEXSW4YTWaV599VEg 2021-09-29 05:44:43,500:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "chat.waspaa.com"\n }\n ]\n}' 2021-09-29 05:44:43,502:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJ6bnhqTVJKa3hmcTl2U3BxNFhVd0x6dExyaVRFWFNXNFlUV2FWNTk5VkVnIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "hymuJtO3c1SE5MxSu79mFRqGOk68nte0NKhlDDvhFROwT-gl-5v_8e_8ibbB73oTa63YCMdGgXsw2m7Dm6WSBWqFUCIV8W8--uzqZQcMG582OysGkDK-8PWKthormTzVZky3xvMaDSXn6Wj-16sYmA1Gc_qL0Tu2zsIi7XzhIjGHdHBNsSKbb1VNOhJXPpirsffvuLTgukIaoCkxgkbjKfreAq5BENy3SKrmTvmm7-kXo6Efoqj6egHKjX5q19rN6OzcTT181qt43-p2tntClGmj_6NQV8hrOEZlXvchayPD--1a2j48HaIGCLvZYki6Xv7A956NMqsY1sCjwaqTfQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNoYXQud2FzcGFhLmNvbSIKICAgIH0KICBdCn0" } 2021-09-29 05:44:43,823:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 338 2021-09-29 05:44:43,823:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 29 Sep 2021 05:44:43 GMT Content-Type: application/json Content-Length: 338 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/217949130/28010932260 Replay-Nonce: 0101_zYRRYCm6Y9Xd8hyqCPV6ge2z1xdO2nF3WaEn7kfdSM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-10-06T05:44:43Z", "identifiers": [ { "type": "dns", "value": "chat.waspaa.com" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/35318851740" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/217949130/28010932260" } 2021-09-29 05:44:43,823:DEBUG:acme.client:Storing nonce: 0101_zYRRYCm6Y9Xd8hyqCPV6ge2z1xdO2nF3WaEn7kfdSM 2021-09-29 05:44:43,824:DEBUG:acme.client:JWS payload: b'' 2021-09-29 05:44:43,825:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35318851740: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDFfellSUllDbTZZOVhkOGh5cUNQVjZnZTJ6MXhkTzJuRjNXYUVuN2tmZFNNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTMxODg1MTc0MCJ9", "signature": "lqLDrmxXhcwVl6wNv4fcHYDbEGb5LpQI2egGfUJSBeD3PLGnOaZ5XKAGDtyApOAeok4Xhee2MbZT6IkskDephrSJX_jzNoY3zvE-RAN4Y7Giz77P27NBmkI5BjWGCQSSb7a5686nBTJsHSo-Dew3h1hqqoZ46JJOQv8gP7cSrQ6Kng1UtriAJYTPICMf3P8j0xwsrE0YtP3HgcpjG373zkDqjqKMlbrqNqt_TAAiDSVDKf0pz1PV9VX3tq2P3C_KC1W_shfvlGdPYbGOz9X1azBGmNdfMHgmUvji596QUdpnzLSc49W1Sb1dtFeeLZRKXJsjfOwQ0FmUbYRf8WPKzQ", "payload": "" } 2021-09-29 05:44:44,029:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35318851740 HTTP/1.1" 200 796 2021-09-29 05:44:44,030:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 05:44:43 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01019w0cTJ-wKzsRS7roPF1iOw0CZGDrRxfhLQA154SK-EE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "pending", "expires": "2021-10-06T05:44:43Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35318851740/lL0M4Q", "token": "ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35318851740/2KSvmA", "token": "ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35318851740/lXXJ2A", "token": "ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc" } ] } 2021-09-29 05:44:44,030:DEBUG:acme.client:Storing nonce: 01019w0cTJ-wKzsRS7roPF1iOw0CZGDrRxfhLQA154SK-EE 2021-09-29 05:44:44,030:INFO:certbot._internal.auth_handler:Performing the following challenges: 2021-09-29 05:44:44,030:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-29 05:44:44,046:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2021-09-29 05:44:44,046:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-09-29 05:44:44,046:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-09-29 05:44:44,047:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-09-29 05:44:44,047:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-09-29 05:44:44,047:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-09-29 05:44:44,047:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/default 2021-09-29 05:44:44,047:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-09-29 05:44:44,048:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-09-29 05:44:44,049:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/default: ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80 ; listen [::]:80 ; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name chat.waspaa.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} location = /.well-known/acme-challenge/ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc{default_type text/plain;return 200 ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc.hM7dzhwApZf7ljiWUXuEkPQbAIYgz8h8LX33rC8U8yY;} # managed by Certbot } 2021-09-29 05:44:44,069:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [error] invalid PID number "" in "/run/nginx.pid" 2021-09-29 05:44:46,590:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/local/lib/python3.8/dist-packages/certbot_nginx/_internal/configurator.py", line 1179, in perform self.restart() File "/usr/local/lib/python3.8/dist-packages/certbot_nginx/_internal/configurator.py", line 967, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/local/lib/python3.8/dist-packages/certbot_nginx/_internal/configurator.py", line 1254, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] still could not bind() 2021-09-29 05:44:46,590:DEBUG:certbot._internal.error_handler:Calling registered functions 2021-09-29 05:44:46,590:INFO:certbot._internal.auth_handler:Cleaning up challenges 2021-09-29 05:44:46,675:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [error] invalid PID number "" in "/run/nginx.pid" 2021-09-29 05:44:49,197:ERROR:certbot._internal.error_handler:Encountered exception during recovery: certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] still could not bind() 2021-09-29 05:44:49,201:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/local/bin/certbot", line 8, in sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1285, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 454, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 384, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 434, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/local/lib/python3.8/dist-packages/certbot_nginx/_internal/configurator.py", line 1179, in perform self.restart() File "/usr/local/lib/python3.8/dist-packages/certbot_nginx/_internal/configurator.py", line 967, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/local/lib/python3.8/dist-packages/certbot_nginx/_internal/configurator.py", line 1254, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] still could not bind() 2021-09-29 05:44:49,221:ERROR:certbot._internal.log:nginx restart failed: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] still could not bind() 2021-09-29 05:45:14,952:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-29 05:45:14,952:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-29 05:45:14,952:DEBUG:certbot._internal.main:Arguments: ['--nginx', '-w', '/var/www/html', '-d', 'chat.waspaa.com'] 2021-09-29 05:45:14,953:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-29 05:45:14,970:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-29 05:45:14,973:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2021-09-29 05:45:15,271:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: Installer, Authenticator, Plugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2021-09-29 05:45:15,271:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2021-09-29 05:45:15,271:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-09-29 05:45:15,309:DEBUG:certbot._internal.main:Picked account: ), creation_host='ip-172-31-40-153.ap-southeast-2.compute.internal', register_to_eff=None))> 2021-09-29 05:45:15,310:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-09-29 05:45:15,325:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-09-29 05:45:16,126:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-09-29 05:45:16,127:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 05:45:16 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "nXtmVOH-cqI": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-09-29 05:45:16,136:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for chat.waspaa.com 2021-09-29 05:45:16,406:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0006_key-certbot.pem 2021-09-29 05:45:16,413:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0006_csr-certbot.pem 2021-09-29 05:45:16,414:DEBUG:acme.client:Requesting fresh nonce 2021-09-29 05:45:16,414:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-09-29 05:45:16,606:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-09-29 05:45:16,606:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 05:45:16 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002nPjCZamJd62MXQxcdn_Q2tQHCvCIernJCz3zVjKDG0E X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-09-29 05:45:16,607:DEBUG:acme.client:Storing nonce: 0002nPjCZamJd62MXQxcdn_Q2tQHCvCIernJCz3zVjKDG0E 2021-09-29 05:45:16,607:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "chat.waspaa.com"\n }\n ]\n}' 2021-09-29 05:45:16,618:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDJuUGpDWmFtSmQ2Mk1YUXhjZG5fUTJ0UUhDdkNJZXJuSkN6M3pWaktERzBFIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "VDXrSW9f_EN-FUkIEWjERqnaufjUXBJb39LCwWYoDalz4ieReDQA0266fEjL79KsXvS4LHGxCekxUZNtLznDqZq8CeskCwezR5RGFfF02jtl-e0K-4IVlI-lmYAcJYWdQBpFSBMTj-qgppfmKLaFkVwWvwRUlt5vEGLAUDom4qgS1UH7kUpur3qR3O0q7AXuLJXxi1ouU4gBfDXxeo0zluHMkJm6cBHwqW8OTB8haAC3WHUHUs1SR4qSoeoeO9DwARSExkA1p4ATHwSzGInnJlo1waek64aVApFTBDkPP7RgaZYXd4I-yLfO8E7cTCWmd539jzTOG3qgJH2SVLTjTg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNoYXQud2FzcGFhLmNvbSIKICAgIH0KICBdCn0" } 2021-09-29 05:45:16,823:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 338 2021-09-29 05:45:16,824:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 29 Sep 2021 05:45:16 GMT Content-Type: application/json Content-Length: 338 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/217949130/28011054600 Replay-Nonce: 0002pQYqieYsiwYcemVSsMSkC_40qEWTPmO-BGXzGFF6E0A X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-10-06T05:44:43Z", "identifiers": [ { "type": "dns", "value": "chat.waspaa.com" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/35318851740" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/217949130/28011054600" } 2021-09-29 05:45:16,824:DEBUG:acme.client:Storing nonce: 0002pQYqieYsiwYcemVSsMSkC_40qEWTPmO-BGXzGFF6E0A 2021-09-29 05:45:16,824:DEBUG:acme.client:JWS payload: b'' 2021-09-29 05:45:16,825:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35318851740: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDJwUVlxaWVZc2l3WWNlbVZTc01Ta0NfNDBxRVdUUG1PLUJHWHpHRkY2RTBBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTMxODg1MTc0MCJ9", "signature": "GrrRXtxLCdxpZPT-QAwPqLxOka3U4i3irXIxRn32w8PjgzuENRLZMNSzb0nJTDvcHdHtv92877EbGWJ9qhZPbuA93XML92sn1ZPaFpceTYHDTde39i2oerq1AXgUMxQC24af6qd-BSrwDKgsI_5nN2yOPgy2TKdTP4BXsCl2mRpYg-Dt6NkPWL7FhNPE1aHNhk9b04EN-KTGfFXu25g1JaAU4qHSzPsBW0Zh1AVZ1SiUIY83tzkSZh7WBkdTLtd9OS7hMYj63wMhZfQ52gSix23GAzDfm_VW28XFfM1l2PHwxa9F6bwJyoTtKD0jN9sUT1muJTMsmZG9A3eL4AQL1w", "payload": "" } 2021-09-29 05:45:17,092:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35318851740 HTTP/1.1" 200 796 2021-09-29 05:45:17,092:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 05:45:17 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001Gw_spM1uJGDjgzHfbMpxVwgE210NhvBf-iMR-6yZrEA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "pending", "expires": "2021-10-06T05:44:43Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35318851740/lL0M4Q", "token": "ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35318851740/2KSvmA", "token": "ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35318851740/lXXJ2A", "token": "ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc" } ] } 2021-09-29 05:45:17,093:DEBUG:acme.client:Storing nonce: 0001Gw_spM1uJGDjgzHfbMpxVwgE210NhvBf-iMR-6yZrEA 2021-09-29 05:45:17,093:INFO:certbot._internal.auth_handler:Performing the following challenges: 2021-09-29 05:45:17,093:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-29 05:45:17,109:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2021-09-29 05:45:17,110:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-09-29 05:45:17,114:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-09-29 05:45:17,115:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-09-29 05:45:17,116:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-09-29 05:45:17,118:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-09-29 05:45:17,118:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/default 2021-09-29 05:45:17,119:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-09-29 05:45:17,120:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-09-29 05:45:17,122:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/default: ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80 ; listen [::]:80 ; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name chat.waspaa.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} location = /.well-known/acme-challenge/ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc{default_type text/plain;return 200 ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc.hM7dzhwApZf7ljiWUXuEkPQbAIYgz8h8LX33rC8U8yY;} # managed by Certbot } 2021-09-29 05:45:17,205:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [error] invalid PID number "" in "/run/nginx.pid" 2021-09-29 05:45:19,736:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/local/lib/python3.8/dist-packages/certbot_nginx/_internal/configurator.py", line 1179, in perform self.restart() File "/usr/local/lib/python3.8/dist-packages/certbot_nginx/_internal/configurator.py", line 967, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/local/lib/python3.8/dist-packages/certbot_nginx/_internal/configurator.py", line 1254, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] still could not bind() 2021-09-29 05:45:19,736:DEBUG:certbot._internal.error_handler:Calling registered functions 2021-09-29 05:45:19,736:INFO:certbot._internal.auth_handler:Cleaning up challenges 2021-09-29 05:45:19,852:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [error] invalid PID number "" in "/run/nginx.pid" 2021-09-29 05:45:22,365:ERROR:certbot._internal.error_handler:Encountered exception during recovery: certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] still could not bind() 2021-09-29 05:45:22,367:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/local/bin/certbot", line 8, in sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1285, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 454, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 384, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 434, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations resps = self.auth.perform(achalls) File "/usr/local/lib/python3.8/dist-packages/certbot_nginx/_internal/configurator.py", line 1179, in perform self.restart() File "/usr/local/lib/python3.8/dist-packages/certbot_nginx/_internal/configurator.py", line 967, in restart nginx_restart(self.conf('ctl'), self.nginx_conf, self.conf('sleep-seconds')) File "/usr/local/lib/python3.8/dist-packages/certbot_nginx/_internal/configurator.py", line 1254, in nginx_restart raise errors.MisconfigurationError( certbot.errors.MisconfigurationError: nginx restart failed: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] still could not bind() 2021-09-29 05:45:22,371:ERROR:certbot._internal.log:nginx restart failed: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) nginx: [emerg] still could not bind() 2021-09-29 05:51:42,869:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-29 05:51:42,870:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-29 05:51:42,870:DEBUG:certbot._internal.main:Arguments: ['--nginx', '-w', '/var/www/html', '-d', 'chat.waspaa.com'] 2021-09-29 05:51:42,870:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-29 05:51:42,887:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-29 05:51:42,890:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2021-09-29 05:51:43,116:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: Installer, Authenticator, Plugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2021-09-29 05:51:43,116:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2021-09-29 05:51:43,117:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-09-29 05:51:43,127:DEBUG:certbot._internal.main:Picked account: ), creation_host='ip-172-31-40-153.ap-southeast-2.compute.internal', register_to_eff=None))> 2021-09-29 05:51:43,127:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-09-29 05:51:43,132:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-09-29 05:51:43,850:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-09-29 05:51:43,851:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 05:51:43 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "i8rh9Ff7-YA": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-09-29 05:51:43,853:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for chat.waspaa.com 2021-09-29 05:51:43,929:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0007_key-certbot.pem 2021-09-29 05:51:43,931:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0007_csr-certbot.pem 2021-09-29 05:51:43,932:DEBUG:acme.client:Requesting fresh nonce 2021-09-29 05:51:43,932:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-09-29 05:51:44,111:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-09-29 05:51:44,116:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 05:51:44 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00023rHmsgtV8RaQR7Wu-ld4IWcsVAQ0QH2s0MVCzg60Upk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-09-29 05:51:44,116:DEBUG:acme.client:Storing nonce: 00023rHmsgtV8RaQR7Wu-ld4IWcsVAQ0QH2s0MVCzg60Upk 2021-09-29 05:51:44,116:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "chat.waspaa.com"\n }\n ]\n}' 2021-09-29 05:51:44,118:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDIzckhtc2d0VjhSYVFSN1d1LWxkNElXY3NWQVEwUUgyczBNVkN6ZzYwVXBrIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "THBqdStViP8kpWpLxENDs1zEkc0o2dqORm2Ffg1OMXd5Lx5yfW5fFpFeZJfPLtRDOVizCNibif9Oxh9HOgeV0Bx8Z7z2RTDBxDXZhTXVsVfbNHpB7KEKw9u77EOEDYeQYAccIdk1Y6krt1wDMfQn04MB27FBilLYBlDB2lfufoL_1-JKPcwBbaUlzAGCl4iG_aXxykDFeqdqzj6U9OL0RzEKIMOrOrBnDcUpGNTFIKSz0WInIzQlOyFvnEKz-3UKFihV1DiMnVVceHGQaVXJSTmflIRMSRdg9TcV_Yc9dokco5HuPbfN-gSG8BarvFmSAVloPq8tnVlpxQ4KPfYlWg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNoYXQud2FzcGFhLmNvbSIKICAgIH0KICBdCn0" } 2021-09-29 05:51:44,323:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 338 2021-09-29 05:51:44,324:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 29 Sep 2021 05:51:44 GMT Content-Type: application/json Content-Length: 338 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/217949130/28012103610 Replay-Nonce: 0002szAJkKSOVDdkfgXCGfLiMg1m2HKHr4kbR2yjByISbK8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-10-06T05:44:43Z", "identifiers": [ { "type": "dns", "value": "chat.waspaa.com" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/35318851740" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/217949130/28012103610" } 2021-09-29 05:51:44,324:DEBUG:acme.client:Storing nonce: 0002szAJkKSOVDdkfgXCGfLiMg1m2HKHr4kbR2yjByISbK8 2021-09-29 05:51:44,324:DEBUG:acme.client:JWS payload: b'' 2021-09-29 05:51:44,326:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35318851740: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDJzekFKa0tTT1ZEZGtmZ1hDR2ZMaU1nMW0ySEtIcjRrYlIyeWpCeUlTYks4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTMxODg1MTc0MCJ9", "signature": "YJT-Tm21ZVrIHzxlSAh9Jw4C6s2lDT8RaXJKvF1rQ3zddQS6Ni7AMu_goeRGNZ--9tjaVF7AUjuBw-UTbZsCz-R3i0UXd2rtcmu-3n94g1dAtFO-oyelbZV-zPDURTNfeEaHBaRt13uvcvjvY1mQoEs-D2oEOsXXeaghSZzGS4oAqJw68NiW6R-3a4Obrwq6SwFZRWG_T8VZZV3s0WjmsFX3acD5Bf9Iwyr_HqMx6yeEpVt6KD2lOZzx27w_ZcwCmylHQ_uZWyERLa5jDreClQ6zP_bEeEDFbB7k8hfb4JWpHTvI82NtPq5UeU3tHStZFC0g1bDuqqXV_eEjwJ-qbg", "payload": "" } 2021-09-29 05:51:44,505:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35318851740 HTTP/1.1" 200 796 2021-09-29 05:51:44,506:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 05:51:44 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001G_d_0kwSjvhPEurZAiADCJFCxVyABkmlW3KwrC-hd2M X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "pending", "expires": "2021-10-06T05:44:43Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35318851740/lL0M4Q", "token": "ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35318851740/2KSvmA", "token": "ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35318851740/lXXJ2A", "token": "ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc" } ] } 2021-09-29 05:51:44,506:DEBUG:acme.client:Storing nonce: 0001G_d_0kwSjvhPEurZAiADCJFCxVyABkmlW3KwrC-hd2M 2021-09-29 05:51:44,506:INFO:certbot._internal.auth_handler:Performing the following challenges: 2021-09-29 05:51:44,507:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-29 05:51:44,522:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2021-09-29 05:51:44,523:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-09-29 05:51:44,523:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-09-29 05:51:44,523:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-09-29 05:51:44,523:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-09-29 05:51:44,523:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/default 2021-09-29 05:51:44,524:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-09-29 05:51:44,524:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-09-29 05:51:44,525:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-09-29 05:51:44,526:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/default: ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name _; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80 ; listen [::]:80 ; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name chat.waspaa.com; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} location = /.well-known/acme-challenge/ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc{default_type text/plain;return 200 ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc.hM7dzhwApZf7ljiWUXuEkPQbAIYgz8h8LX33rC8U8yY;} # managed by Certbot } 2021-09-29 05:51:44,554:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [error] invalid PID number "" in "/run/nginx.pid" 2021-09-29 05:51:45,572:DEBUG:acme.client:JWS payload: b'{}' 2021-09-29 05:51:45,574:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/35318851740/lL0M4Q: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDFHX2RfMGt3U2p2aFBFdXJaQWlBRENKRkN4VnlBQmttbFczS3dyQy1oZDJNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8zNTMxODg1MTc0MC9sTDBNNFEifQ", "signature": "JS8yMZV5Fz4IyWYlGxM9KleAc-brcgSN2NvKW-qlT_-Xp38ofZVc80VohdKrEpDv0VOJhltMh7ql_tjgUXQgsYDknVTh-KVym_VawuBCrxuaOpyAN8lcm6yYcn8SyEgChHgD7OGLiPyG8vAwMLD5X5TYtLPDZV8vZLRZoA0t9Wgoqak-c5roavLDu4Tt2YbVXj_fy3FbCCJ8I7_8WX7tEK7QiOQYI-TbtlV8R7zJNNf7S8l08tYsyDUcb8N6U_mU7da6jGASJZOu2LQcAp90uZJPEx7T5_cmnTN8nPSQx53txaeEpnlgpImz6sOj_qWZ6yyN-9-9QbDVzgfSTEqw-A", "payload": "e30" } 2021-09-29 05:51:45,758:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/35318851740/lL0M4Q HTTP/1.1" 200 186 2021-09-29 05:51:45,758:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 05:51:45 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/35318851740/lL0M4Q Replay-Nonce: 0002DHaH5q4qLbBVwKQ7fQDVou4VFTy52_CK7UtCM3WaQZ8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35318851740/lL0M4Q", "token": "ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc" } 2021-09-29 05:51:45,758:DEBUG:acme.client:Storing nonce: 0002DHaH5q4qLbBVwKQ7fQDVou4VFTy52_CK7UtCM3WaQZ8 2021-09-29 05:51:45,759:INFO:certbot._internal.auth_handler:Waiting for verification... 2021-09-29 05:51:46,760:DEBUG:acme.client:JWS payload: b'' 2021-09-29 05:51:46,762:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35318851740: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDJESGFINXE0cUxiQlZ3S1E3ZlFEVm91NFZGVHk1Ml9DSzdVdENNM1dhUVo4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTMxODg1MTc0MCJ9", "signature": "J9_oqdD2UiCNwPACG2T7Xvy8pqk5ShmdLlctykbZG3DuFpL9zJUXMDOfpFmuxiT-o-ujlS_NLL-l2QwCZRzHh20K8soMm7ziGbjR4UIPjphJ7bFsHLov63kGf54qjF54pAjiNKc5r08VREfH08Teqv-AGaYRyOmLRRI12Glbun8Bc-MihTNODwUesqR7Dr-m5DMPyme4yjQIwvxAHuH6b2OHei1P1O9o9E1UDoPF3aP6nGFyqrwuAyyy4aQmBnUHPBjXZbbm5mpQmm3rQUN9VB68xoR5sKsI4avpNYJ4Uv-mDaUxOHeCdML1z1b5wJZKzeort6h3cv3ezhVDxanGRQ", "payload": "" } 2021-09-29 05:51:46,946:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35318851740 HTTP/1.1" 200 1274 2021-09-29 05:51:46,946:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 05:51:46 GMT Content-Type: application/json Content-Length: 1274 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001uqx-TMDtuC8D8XxCw6de3waH4ToimTGYzOh1u8nSXq4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "invalid", "expires": "2021-10-06T05:44:43Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc [162.241.217.240]: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eNot Found\u003c/h1\u003e\\n\u003cp\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35318851740/lL0M4Q", "token": "ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc", "validationRecord": [ { "url": "http://chat.waspaa.com/.well-known/acme-challenge/ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc", "hostname": "chat.waspaa.com", "port": "80", "addressesResolved": [ "162.241.217.240" ], "addressUsed": "162.241.217.240" } ], "validated": "2021-09-29T05:51:45Z" } ] } 2021-09-29 05:51:46,946:DEBUG:acme.client:Storing nonce: 0001uqx-TMDtuC8D8XxCw6de3waH4ToimTGYzOh1u8nSXq4 2021-09-29 05:51:46,947:INFO:certbot._internal.auth_handler:Challenge failed for domain chat.waspaa.com 2021-09-29 05:51:46,947:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-29 05:51:46,947:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems: Domain: chat.waspaa.com Type: unauthorized Detail: Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/ZlOxlT1tInWNaOTgjx_vcdveHAA2pBK1Hyf-vBnxoMc [162.241.217.240]: "\n\n404 Not Found\n\n

Not Found

\n sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1285, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 454, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 384, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 434, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-09-29 05:51:48,093:ERROR:certbot._internal.log:Some challenges have failed. 2021-09-29 06:04:03,181:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-29 06:04:03,182:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-29 06:04:03,182:DEBUG:certbot._internal.main:Arguments: ['--nginx', '-w', '/var/www/html', '-d', 'chat.waspaa.com'] 2021-09-29 06:04:03,182:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-29 06:04:03,197:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-29 06:04:03,201:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2021-09-29 06:04:03,340:ERROR:certbot.util:Error while running nginx -c /etc/nginx/nginx.conf -t. nginx: [emerg] "server" directive is not allowed here in /etc/nginx/nginx.conf:12 nginx: configuration file /etc/nginx/nginx.conf test failed 2021-09-29 06:04:03,341:DEBUG:certbot._internal.plugins.disco:Misconfigured PluginEntryPoint#nginx: Error while running nginx -c /etc/nginx/nginx.conf -t. nginx: [emerg] "server" directive is not allowed here in /etc/nginx/nginx.conf:12 nginx: configuration file /etc/nginx/nginx.conf test failed Traceback (most recent call last): File "/usr/local/lib/python3.8/dist-packages/certbot_nginx/_internal/configurator.py", line 976, in config_test util.run_script([self.conf('ctl'), "-c", self.nginx_conf, "-t"]) File "/usr/local/lib/python3.8/dist-packages/certbot/util.py", line 116, in run_script raise errors.SubprocessError(msg) certbot.errors.SubprocessError: Error while running nginx -c /etc/nginx/nginx.conf -t. nginx: [emerg] "server" directive is not allowed here in /etc/nginx/nginx.conf:12 nginx: configuration file /etc/nginx/nginx.conf test failed During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/plugins/disco.py", line 151, in prepare self._initialized.prepare() File "/usr/local/lib/python3.8/dist-packages/certbot_nginx/_internal/configurator.py", line 191, in prepare self.config_test() File "/usr/local/lib/python3.8/dist-packages/certbot_nginx/_internal/configurator.py", line 978, in config_test raise errors.MisconfigurationError(str(err)) certbot.errors.MisconfigurationError: Error while running nginx -c /etc/nginx/nginx.conf -t. nginx: [emerg] "server" directive is not allowed here in /etc/nginx/nginx.conf:12 nginx: configuration file /etc/nginx/nginx.conf test failed 2021-09-29 06:04:03,347:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: Installer, Authenticator, Plugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: Error while running nginx -c /etc/nginx/nginx.conf -t. nginx: [emerg] "server" directive is not allowed here in /etc/nginx/nginx.conf:12 nginx: configuration file /etc/nginx/nginx.conf test failed 2021-09-29 06:04:03,348:DEBUG:certbot._internal.plugins.selection:Selected authenticator None and installer None 2021-09-29 06:19:40,344:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-29 06:19:40,344:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-29 06:19:40,344:DEBUG:certbot._internal.main:Arguments: ['--nginx', '-w', '/var/www/html', '-d', 'chat.waspaa.com'] 2021-09-29 06:19:40,345:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-29 06:19:40,363:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-29 06:19:40,366:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2021-09-29 06:19:40,534:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: Installer, Authenticator, Plugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2021-09-29 06:19:40,535:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2021-09-29 06:19:40,535:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-09-29 06:19:40,552:DEBUG:certbot._internal.main:Picked account: ), creation_host='ip-172-31-40-153.ap-southeast-2.compute.internal', register_to_eff=None))> 2021-09-29 06:19:40,552:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-09-29 06:19:40,557:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-09-29 06:19:41,304:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-09-29 06:19:41,305:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:19:41 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "MUygOtapQPQ": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-09-29 06:19:41,306:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for chat.waspaa.com 2021-09-29 06:19:41,349:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0008_key-certbot.pem 2021-09-29 06:19:41,352:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0008_csr-certbot.pem 2021-09-29 06:19:41,353:DEBUG:acme.client:Requesting fresh nonce 2021-09-29 06:19:41,353:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-09-29 06:19:41,530:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-09-29 06:19:41,530:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:19:41 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101-gQQnAhMuZTRXc238tIQwO1QrHNT1Bp5O6XZnE86PLI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-09-29 06:19:41,531:DEBUG:acme.client:Storing nonce: 0101-gQQnAhMuZTRXc238tIQwO1QrHNT1Bp5O6XZnE86PLI 2021-09-29 06:19:41,531:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "chat.waspaa.com"\n }\n ]\n}' 2021-09-29 06:19:41,533:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDEtZ1FRbkFoTXVaVFJYYzIzOHRJUXdPMVFySE5UMUJwNU82WFpuRTg2UExJIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "ls7tNXNpinyW5kwJFXT2J2A_zFNlQFDmyLx7ui5paTNXxj39k4NADQSAdWaqLOzrEEOFFlWiuOGln5_3OyBiLHS1qTq9B5pR6XI7yd_v5LUeVZZIPz9y7rq6MTdSztAl0HHByox1Zh9AxaVpWdStFyH1RxphNp-kY7E2FDY9-DAUOdABnq31S65JXhKzQzpeEfJjCGyd71d8xm37_de0QwYgM1RK-YgftcKxTdP9fc-o6fo1U-UPrBrPCZkuV-W_xrd_6YDXbFglQf90qzx-mc1lv2seTf5tNu3IZmEU4_-nZyHexRDlQ4EI35843gW68PnsvUzmtBCYzWo_1-evXQ", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNoYXQud2FzcGFhLmNvbSIKICAgIH0KICBdCn0" } 2021-09-29 06:19:41,857:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 338 2021-09-29 06:19:41,858:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 29 Sep 2021 06:19:41 GMT Content-Type: application/json Content-Length: 338 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/217949130/28016839400 Replay-Nonce: 0102p7I9cWUUA0PoDVQK2bQcLtYQsrDbfP0YQON7t2s69G8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-10-06T06:19:41Z", "identifiers": [ { "type": "dns", "value": "chat.waspaa.com" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/35325994110" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/217949130/28016839400" } 2021-09-29 06:19:41,858:DEBUG:acme.client:Storing nonce: 0102p7I9cWUUA0PoDVQK2bQcLtYQsrDbfP0YQON7t2s69G8 2021-09-29 06:19:41,858:DEBUG:acme.client:JWS payload: b'' 2021-09-29 06:19:41,860:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35325994110: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJwN0k5Y1dVVUEwUG9EVlFLMmJRY0x0WVFzckRiZlAwWVFPTjd0MnM2OUc4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTMyNTk5NDExMCJ9", "signature": "Vpw63GCgSqjQ1V84rp-orrHwwPIZ9ZjwiVgpTEiv5vBZzx2n9wFfy4s6blI_nNQe-jK5jiYySc-5VHltc2wLt180q0Pkd2oI9CFnFU6m69C2l8SEuXCKsMRZa05WtNYoZZH9fHJVHGn0WYccMmvBe4qqACpo7T4mSPX0u7Salz9VSEw4JKNNxr9ITSSP-yvPSIxmtxazuzGYYdN7tik8flSKJhIO3qhf5sHWVMxBz8RmBDgc-WeNnHoeuYv2Bb6oN__Jjcu-xu4f9-jZpnAJ-Tki1jwjdUMK1yfKBz1CXYcD7A-yKgK-0DQgYPUjWaRun0wMhNut2aRjl4FUur7Buw", "payload": "" } 2021-09-29 06:19:42,067:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35325994110 HTTP/1.1" 200 796 2021-09-29 06:19:42,067:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:19:42 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101_NdLgonCgd2lNlcvKKlEiXxDarHTUDMjdVKFLwKVLeU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "pending", "expires": "2021-10-06T06:19:41Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35325994110/k0YG4Q", "token": "QL8PaKs2OokB6U0dLYJiGricBc6_cvghT8d6UpXHdj4" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35325994110/5aPsPg", "token": "QL8PaKs2OokB6U0dLYJiGricBc6_cvghT8d6UpXHdj4" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35325994110/d0oScw", "token": "QL8PaKs2OokB6U0dLYJiGricBc6_cvghT8d6UpXHdj4" } ] } 2021-09-29 06:19:42,068:DEBUG:acme.client:Storing nonce: 0101_NdLgonCgd2lNlcvKKlEiXxDarHTUDMjdVKFLwKVLeU 2021-09-29 06:19:42,068:INFO:certbot._internal.auth_handler:Performing the following challenges: 2021-09-29 06:19:42,068:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-29 06:19:42,077:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2021-09-29 06:19:42,078:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-09-29 06:19:42,078:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-09-29 06:19:42,078:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-09-29 06:19:42,079:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-09-29 06:19:42,079:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-09-29 06:19:42,079:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/default 2021-09-29 06:19:42,079:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-09-29 06:19:42,080:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-09-29 06:19:42,081:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/default: ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name chat.waspaa.com; location ^~ /.well-known { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. #try_files $uri $uri/ =404; root /usr/share/nginx/html; } location / { return 418; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} location = /.well-known/acme-challenge/QL8PaKs2OokB6U0dLYJiGricBc6_cvghT8d6UpXHdj4{default_type text/plain;return 200 QL8PaKs2OokB6U0dLYJiGricBc6_cvghT8d6UpXHdj4.hM7dzhwApZf7ljiWUXuEkPQbAIYgz8h8LX33rC8U8yY;} # managed by Certbot } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} 2021-09-29 06:19:43,099:DEBUG:acme.client:JWS payload: b'{}' 2021-09-29 06:19:43,101:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/35325994110/k0YG4Q: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDFfTmRMZ29uQ2dkMmxObGN2S0tsRWlYeERhckhUVURNamRWS0ZMd0tWTGVVIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8zNTMyNTk5NDExMC9rMFlHNFEifQ", "signature": "GbsLninES9CQLYeS-7NEQYb-BcL1r-GM9faBtn8-33RSK8yyDmnXOwpbUMcuSdXI_3NZwgaDanVyVf7IXuNF4r8CBwk3Ob_POU0ct-slIC3Vwq493oo8rETgJMFgp78YYiBoeufJzeir2sgl3hFrfHqq-ch_oE9TGLQItm1uqUDb4HmU86hlK1gZX4RojY6mYzUi5XHAg164wMTPi3XXhcl3OJQGvMCWYLn86eh2qEyTLpZcCkXMUv7OLkU2sI3jH6AYgbyNb932olVI3_kWDqq-Gj5ouHXfKSl85Qtuh2dAYVb2n4cJ9AXYPxj3W_ydiX9R-6zw0vaU-W-0H9Ld6A", "payload": "e30" } 2021-09-29 06:19:43,326:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/35325994110/k0YG4Q HTTP/1.1" 200 186 2021-09-29 06:19:43,327:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:19:43 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/35325994110/k0YG4Q Replay-Nonce: 01019epPTGJIiPGVbQB-OVE3HEBeG2OqpV7jY6kSxr8jexM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35325994110/k0YG4Q", "token": "QL8PaKs2OokB6U0dLYJiGricBc6_cvghT8d6UpXHdj4" } 2021-09-29 06:19:43,327:DEBUG:acme.client:Storing nonce: 01019epPTGJIiPGVbQB-OVE3HEBeG2OqpV7jY6kSxr8jexM 2021-09-29 06:19:43,328:INFO:certbot._internal.auth_handler:Waiting for verification... 2021-09-29 06:19:44,329:DEBUG:acme.client:JWS payload: b'' 2021-09-29 06:19:44,331:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35325994110: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDE5ZXBQVEdKSWlQR1ZiUUItT1ZFM0hFQmVHMk9xcFY3alk2a1N4cjhqZXhNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTMyNTk5NDExMCJ9", "signature": "e8yF60cOdIT26ACICjWIl76w8z8FbUySrR5z90gCxikvNHF6Cyg0-kNPHORkarDnmw-N21kqJpkEx1-BxI7_mQqn60k_ty1pW8gSd2h-GHq9V2dQ4YeIbgny4liAwmJrpNSPeBSbqQHPw11vcMEj5Lay5mcuKykSyStShy4mdz-4_r5FVc7ekYABa45i-PqpyhwGhthURD3Xs3kOsIB24_n2DXEjcmCbcpMSkEudD4eKybyqoR_NYxwePcL8DRLXUTsO0IFuMcoRn8N-DNNnnN0d9oJyt7GmMuef1z8ADlxxWXooDmc0P2goqEXvhEh_toEupUNXa-Ee-GtxZDvd9w", "payload": "" } 2021-09-29 06:19:44,536:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35325994110 HTTP/1.1" 200 1274 2021-09-29 06:19:44,537:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:19:44 GMT Content-Type: application/json Content-Length: 1274 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102_lg-97M_2Bs9pFSZGtEcmbGB26nEzw_glgUF6U-IpFo X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "invalid", "expires": "2021-10-06T06:19:41Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/QL8PaKs2OokB6U0dLYJiGricBc6_cvghT8d6UpXHdj4 [162.241.217.240]: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eNot Found\u003c/h1\u003e\\n\u003cp\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35325994110/k0YG4Q", "token": "QL8PaKs2OokB6U0dLYJiGricBc6_cvghT8d6UpXHdj4", "validationRecord": [ { "url": "http://chat.waspaa.com/.well-known/acme-challenge/QL8PaKs2OokB6U0dLYJiGricBc6_cvghT8d6UpXHdj4", "hostname": "chat.waspaa.com", "port": "80", "addressesResolved": [ "162.241.217.240" ], "addressUsed": "162.241.217.240" } ], "validated": "2021-09-29T06:19:43Z" } ] } 2021-09-29 06:19:44,537:DEBUG:acme.client:Storing nonce: 0102_lg-97M_2Bs9pFSZGtEcmbGB26nEzw_glgUF6U-IpFo 2021-09-29 06:19:44,537:INFO:certbot._internal.auth_handler:Challenge failed for domain chat.waspaa.com 2021-09-29 06:19:44,538:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-29 06:19:44,538:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems: Domain: chat.waspaa.com Type: unauthorized Detail: Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/QL8PaKs2OokB6U0dLYJiGricBc6_cvghT8d6UpXHdj4 [162.241.217.240]: "\n\n404 Not Found\n\n

Not Found

\n sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1285, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 454, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 384, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 434, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-09-29 06:19:45,639:ERROR:certbot._internal.log:Some challenges have failed. 2021-09-29 06:25:57,027:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-29 06:25:57,027:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-29 06:25:57,027:DEBUG:certbot._internal.main:Arguments: ['--nginx', '--nginx-sleep-seconds', '20', '-w', '/var/www/html', '-d', 'chat.waspaa.com'] 2021-09-29 06:25:57,027:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-29 06:25:57,043:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-29 06:25:57,044:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2021-09-29 06:25:57,312:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: Installer, Authenticator, Plugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2021-09-29 06:25:57,313:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2021-09-29 06:25:57,313:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-09-29 06:25:57,324:DEBUG:certbot._internal.main:Picked account: ), creation_host='ip-172-31-40-153.ap-southeast-2.compute.internal', register_to_eff=None))> 2021-09-29 06:25:57,325:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-09-29 06:25:57,327:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-09-29 06:25:58,048:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-09-29 06:25:58,048:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:25:58 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "ol9K8pDh7SU": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-09-29 06:25:58,049:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for chat.waspaa.com 2021-09-29 06:25:58,169:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0009_key-certbot.pem 2021-09-29 06:25:58,171:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0009_csr-certbot.pem 2021-09-29 06:25:58,172:DEBUG:acme.client:Requesting fresh nonce 2021-09-29 06:25:58,173:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-09-29 06:25:58,349:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-09-29 06:25:58,350:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:25:58 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102HsKNQkEfedUY8HwP9V9hCXTSXBkxTQoNyIQtmWF8AGk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-09-29 06:25:58,350:DEBUG:acme.client:Storing nonce: 0102HsKNQkEfedUY8HwP9V9hCXTSXBkxTQoNyIQtmWF8AGk 2021-09-29 06:25:58,350:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "chat.waspaa.com"\n }\n ]\n}' 2021-09-29 06:25:58,352:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJIc0tOUWtFZmVkVVk4SHdQOVY5aENYVFNYQmt4VFFvTnlJUXRtV0Y4QUdrIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "YLunXt4Edcmrcut0AVneMWsZeW4FpLuE27Dn8Z1jsRwbNsmCFFOhaZs4LJP2FgVaI2t5Gn6NwocRZT5joRbL7-TfDJ85kC469-gndrLwpgZvjab6V7Eu1DUw0JXt2554qLhQ0GY9sjRuhfEpjLLtFghX7mzF1hN_nYXx9uvJvPkOQidIyBOVFR7Dcv19FGBvweSuhW_apG5lCEF0ohFOD4Z1oqENDUeuUoOgyPG2SmVIXaW7155a5VLRJ4SyyGc4ar5Pwh2pKIL-PGrNtMc90JOSvqP6NDK7SuGFgprBGL90W0lyNlBk3A4tN23MAD-dy7Kpao0Udr-Lfh20LsMxog", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNoYXQud2FzcGFhLmNvbSIKICAgIH0KICBdCn0" } 2021-09-29 06:25:58,686:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 338 2021-09-29 06:25:58,686:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 29 Sep 2021 06:25:58 GMT Content-Type: application/json Content-Length: 338 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/217949130/28017932470 Replay-Nonce: 0102cdh7OzDvG0rwQ-BKJnx7FGXf_XdEecG2zIIsVDgOyJw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-10-06T06:25:58Z", "identifiers": [ { "type": "dns", "value": "chat.waspaa.com" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/35327289390" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/217949130/28017932470" } 2021-09-29 06:25:58,686:DEBUG:acme.client:Storing nonce: 0102cdh7OzDvG0rwQ-BKJnx7FGXf_XdEecG2zIIsVDgOyJw 2021-09-29 06:25:58,687:DEBUG:acme.client:JWS payload: b'' 2021-09-29 06:25:58,688:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35327289390: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJjZGg3T3pEdkcwcndRLUJLSm54N0ZHWGZfWGRFZWNHMnpJSXNWRGdPeUp3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTMyNzI4OTM5MCJ9", "signature": "HXxmwDGIA_UI_u591Q8-hSYfNM2LcHrHbZcgY_vkzpWIBQ87qoNMhzk_1fOjhvsmgOFJcSL4kO9xY7fFsYDonjZQgCEn9DvkONog_0gR427dzFf1eJWVxGyEHlfTBv1O8-ldx7qHHlUt0D9HSHyITyQgeCWCLhHEcdgTDi2uEut2siJ0XnwmQ81W7Hnl4yJiOiVFjxxtYiIz826sf0kOJ_vpnHCnqAFZsKMlsRWjppzS67XGZfA7EEgrCQfzSMT4ZXdNWjyO78ZCaebuc8QDu_iX5iD7_uUwWBRSBZXSTIQhfMlqnyf1I5TkYllQ_LymUiKT5fI5fc2R-8hwllLTyg", "payload": "" } 2021-09-29 06:25:58,893:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35327289390 HTTP/1.1" 200 796 2021-09-29 06:25:58,894:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:25:58 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102l9iWTUYvEa_JaoZ0cuLHO5FfSAyWiOQmaStE5wrGqSU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "pending", "expires": "2021-10-06T06:25:58Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35327289390/pkcoig", "token": "8A-yR-XqldnfvTdkpWxku-mZiuu_KsSFqiZb-Ut7Y-8" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35327289390/JzUnQQ", "token": "8A-yR-XqldnfvTdkpWxku-mZiuu_KsSFqiZb-Ut7Y-8" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35327289390/RRDvFw", "token": "8A-yR-XqldnfvTdkpWxku-mZiuu_KsSFqiZb-Ut7Y-8" } ] } 2021-09-29 06:25:58,894:DEBUG:acme.client:Storing nonce: 0102l9iWTUYvEa_JaoZ0cuLHO5FfSAyWiOQmaStE5wrGqSU 2021-09-29 06:25:58,894:INFO:certbot._internal.auth_handler:Performing the following challenges: 2021-09-29 06:25:58,895:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-29 06:25:58,904:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2021-09-29 06:25:58,904:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-09-29 06:25:58,905:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-09-29 06:25:58,906:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/default 2021-09-29 06:25:58,906:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-09-29 06:25:58,906:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-09-29 06:25:58,906:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-09-29 06:25:58,906:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-09-29 06:25:58,907:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-09-29 06:25:58,909:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/default: ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name chat.waspaa.com; location ^~ /.well-known { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. #try_files $uri $uri/ =404; root /usr/share/nginx/html; } location / { return 418; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} location = /.well-known/acme-challenge/8A-yR-XqldnfvTdkpWxku-mZiuu_KsSFqiZb-Ut7Y-8{default_type text/plain;return 200 8A-yR-XqldnfvTdkpWxku-mZiuu_KsSFqiZb-Ut7Y-8.hM7dzhwApZf7ljiWUXuEkPQbAIYgz8h8LX33rC8U8yY;} # managed by Certbot } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} 2021-09-29 06:26:18,932:DEBUG:acme.client:JWS payload: b'{}' 2021-09-29 06:26:18,934:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/35327289390/pkcoig: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJsOWlXVFVZdkVhX0phb1owY3VMSE81RmZTQXlXaU9RbWFTdEU1d3JHcVNVIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8zNTMyNzI4OTM5MC9wa2NvaWcifQ", "signature": "LMflsC0Ws4A5vZKTB3Jy7pzH1ReI7zZsiTEDoZ6k1Hni4fKz9o9a7cn-AgPg8ruymeUzmpVGgC-bHmpNdQ06NI5WCpELhpsnUIrkBLRB9-QKvz0f-qqsHfXbQ6vPlEZLSlnUiuDw6GL67vdIkszkMYPNODDBwbPqrMsGPd2qlzinE3ej3LlOOUuI5ccOMrq-KP1DRPFw2SxIdLL5U1dOCz0xxdnxMIErQlb_UkDChSLXcnrWYnoKBWUh6Yt3CYhem0ulmlWTLeKWd4rpmF7vMxAQvyX7JY_-9CXUsiOjTsz4ztugTN3yMJs3o1dBlJRD3JgLuY0aZbgXLHAIBVriAg", "payload": "e30" } 2021-09-29 06:26:19,155:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/35327289390/pkcoig HTTP/1.1" 200 186 2021-09-29 06:26:19,156:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:26:19 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/35327289390/pkcoig Replay-Nonce: 01022uZ8u-cSj7Ry-toqeTkxMG41jUZNqSE7XeGzmx7Dme0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35327289390/pkcoig", "token": "8A-yR-XqldnfvTdkpWxku-mZiuu_KsSFqiZb-Ut7Y-8" } 2021-09-29 06:26:19,156:DEBUG:acme.client:Storing nonce: 01022uZ8u-cSj7Ry-toqeTkxMG41jUZNqSE7XeGzmx7Dme0 2021-09-29 06:26:19,156:INFO:certbot._internal.auth_handler:Waiting for verification... 2021-09-29 06:26:20,157:DEBUG:acme.client:JWS payload: b'' 2021-09-29 06:26:20,159:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35327289390: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDIydVo4dS1jU2o3UnktdG9xZVRreE1HNDFqVVpOcVNFN1hlR3pteDdEbWUwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTMyNzI4OTM5MCJ9", "signature": "kcoeNjRXypzQv2wL_Qdlvx54wvUowpcFRPXrDY5tYSyt9VBFZm1WJZ2um6uizy8OeGaxTq2eVw6Z-kICS0RdcHllBUaAHibYD1oQc6tWExK6uKXn-FkMKi89g7F17sH9RKP3KTrQRAn99HOlWpeOulV8EuxwMZCPENenFDLH1qFOCKC_foQh_WUEjEeWUb_KEXFDYMG3HmClsgKgsff108sBXLNkLgUEzYRBT_nnWlvUAvlcQmkGUZ--UvcKYJ7XJDF7QVq0gZzV5YWJ8U9c4TZ-ic792N6mpiKQFXv_Ug4SUiKtdQGZfukDms47LhvIYAElym6GtwFzRvF9Hn1qVQ", "payload": "" } 2021-09-29 06:26:20,365:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35327289390 HTTP/1.1" 200 1274 2021-09-29 06:26:20,366:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:26:20 GMT Content-Type: application/json Content-Length: 1274 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102m99bHuLvwocXBeEd5wufKHoVdDNvcWsPf0injfG7NJ4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "invalid", "expires": "2021-10-06T06:25:58Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/8A-yR-XqldnfvTdkpWxku-mZiuu_KsSFqiZb-Ut7Y-8 [162.241.217.240]: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eNot Found\u003c/h1\u003e\\n\u003cp\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35327289390/pkcoig", "token": "8A-yR-XqldnfvTdkpWxku-mZiuu_KsSFqiZb-Ut7Y-8", "validationRecord": [ { "url": "http://chat.waspaa.com/.well-known/acme-challenge/8A-yR-XqldnfvTdkpWxku-mZiuu_KsSFqiZb-Ut7Y-8", "hostname": "chat.waspaa.com", "port": "80", "addressesResolved": [ "162.241.217.240" ], "addressUsed": "162.241.217.240" } ], "validated": "2021-09-29T06:26:19Z" } ] } 2021-09-29 06:26:20,366:DEBUG:acme.client:Storing nonce: 0102m99bHuLvwocXBeEd5wufKHoVdDNvcWsPf0injfG7NJ4 2021-09-29 06:26:20,366:INFO:certbot._internal.auth_handler:Challenge failed for domain chat.waspaa.com 2021-09-29 06:26:20,366:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-29 06:26:20,367:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems: Domain: chat.waspaa.com Type: unauthorized Detail: Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/8A-yR-XqldnfvTdkpWxku-mZiuu_KsSFqiZb-Ut7Y-8 [162.241.217.240]: "\n\n404 Not Found\n\n

Not Found

\n sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1285, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 454, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 384, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 434, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-09-29 06:26:40,494:ERROR:certbot._internal.log:Some challenges have failed. 2021-09-29 06:29:25,438:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-29 06:29:25,439:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-29 06:29:25,439:DEBUG:certbot._internal.main:Arguments: ['--nginx', '--nginx-sleep-seconds', '20', '-w', '/var/www/html', '-d', 'chat.waspaa.com'] 2021-09-29 06:29:25,439:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-29 06:29:25,450:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-29 06:29:25,451:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2021-09-29 06:29:25,620:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: Installer, Authenticator, Plugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2021-09-29 06:29:25,620:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2021-09-29 06:29:25,621:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-09-29 06:29:25,627:DEBUG:certbot._internal.main:Picked account: ), creation_host='ip-172-31-40-153.ap-southeast-2.compute.internal', register_to_eff=None))> 2021-09-29 06:29:25,628:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-09-29 06:29:25,630:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-09-29 06:29:26,340:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-09-29 06:29:26,340:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:29:26 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "guRimgrFU9E": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-09-29 06:29:26,341:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for chat.waspaa.com 2021-09-29 06:29:26,469:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0010_key-certbot.pem 2021-09-29 06:29:26,471:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0010_csr-certbot.pem 2021-09-29 06:29:26,472:DEBUG:acme.client:Requesting fresh nonce 2021-09-29 06:29:26,472:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-09-29 06:29:26,647:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-09-29 06:29:26,647:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:29:26 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001pnZztwW8fVk2wHgXrPZ7NJ5hHNtKAdrIICQaYiop7vY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-09-29 06:29:26,647:DEBUG:acme.client:Storing nonce: 0001pnZztwW8fVk2wHgXrPZ7NJ5hHNtKAdrIICQaYiop7vY 2021-09-29 06:29:26,648:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "chat.waspaa.com"\n }\n ]\n}' 2021-09-29 06:29:26,650:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDFwblp6dHdXOGZWazJ3SGdYclBaN05KNWhITnRLQWRySUlDUWFZaW9wN3ZZIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "VN2_Rl1531_L_llgqIHEjR1sX2kSIaRnc_gqYtBKQLMjYnM1FfQ62L_R4qilAEVCaRpSXi1gSdN3siJ06oTsndNSVnk_V4LbiI8i9In6wmjqFGAYzlNMV9gdP7rOPyZ6tp6zr2ScqrccJHde_rcAHJne4m7EbTmhr_IlllAwm5mELWYyomsA2nYAMZLd1S7-N5MlxYFxL5BcKwwSKgyVyql4GjZoKHVIFMMwrA_iLFp82Hxm8H1dvNvb-BEZmtovNfpC128tK__DmEROuaqCWDTS31PmAcJbrZ2CbITyw0SfY1B0XhV2CkUbcYWJbloiOnkkoFk3-AiLABsStBwErg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNoYXQud2FzcGFhLmNvbSIKICAgIH0KICBdCn0" } 2021-09-29 06:29:26,862:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 338 2021-09-29 06:29:26,863:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 29 Sep 2021 06:29:26 GMT Content-Type: application/json Content-Length: 338 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/217949130/28018540020 Replay-Nonce: 0001J7v0L2ye1NafPoQgoQ0NYcNS5cTjFIZYr94Ooalx1SY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-10-06T06:29:26Z", "identifiers": [ { "type": "dns", "value": "chat.waspaa.com" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/35328024600" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/217949130/28018540020" } 2021-09-29 06:29:26,863:DEBUG:acme.client:Storing nonce: 0001J7v0L2ye1NafPoQgoQ0NYcNS5cTjFIZYr94Ooalx1SY 2021-09-29 06:29:26,863:DEBUG:acme.client:JWS payload: b'' 2021-09-29 06:29:26,864:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35328024600: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDFKN3YwTDJ5ZTFOYWZQb1Fnb1EwTlljTlM1Y1RqRklaWXI5NE9vYWx4MVNZIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTMyODAyNDYwMCJ9", "signature": "SO0dPS_PVYNNZKQGAdcLNle7IoE6ZOw3EPYU-t2HxEyejuaudxkkpaq9eDE1dIUx6HtU3PwRxRTY3uyMdJNmkeN9eptNxIUr_7GCoTqmcA7MJwgPkw8iFyar6Yd1fXB-8ZOG2HrLZycYgOdvNoNqqFi2HSPLRblPPZuDIiLiAZ__ENFPGsfLsrbRu1Il-hvYy9XUz4DVojOb7r962X_Lan1ivAmIMvf5_ZNjaSUFLTbH_QM0jQGAiNScxIQ2x006slsatV5V1xvw02o_fJENexflqr-5FyDjQY7227YTD-0rqvY-vtWe4iW2mwnTbqWITPj3qhG8UcPZFR0VG5_4-A", "payload": "" } 2021-09-29 06:29:27,047:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35328024600 HTTP/1.1" 200 796 2021-09-29 06:29:27,048:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:29:26 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002v-5zA4KdjFff-4xFjKyiyxMAz6CnjMfEZO5xZSmrCc4 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "pending", "expires": "2021-10-06T06:29:26Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35328024600/QIMvAg", "token": "r1J8vMSSVF6rJYLq73QX6_ur0SEJMBWNotPenhBo2ZE" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35328024600/bzpSlw", "token": "r1J8vMSSVF6rJYLq73QX6_ur0SEJMBWNotPenhBo2ZE" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35328024600/wljWSg", "token": "r1J8vMSSVF6rJYLq73QX6_ur0SEJMBWNotPenhBo2ZE" } ] } 2021-09-29 06:29:27,048:DEBUG:acme.client:Storing nonce: 0002v-5zA4KdjFff-4xFjKyiyxMAz6CnjMfEZO5xZSmrCc4 2021-09-29 06:29:27,049:INFO:certbot._internal.auth_handler:Performing the following challenges: 2021-09-29 06:29:27,049:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-29 06:29:27,058:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2021-09-29 06:29:27,058:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-09-29 06:29:27,059:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-09-29 06:29:27,059:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/default 2021-09-29 06:29:27,059:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-09-29 06:29:27,059:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-09-29 06:29:27,060:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-09-29 06:29:27,060:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-09-29 06:29:27,061:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-09-29 06:29:27,061:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/default: ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name chat.waspaa.com; location ^~ /.well-known { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. #try_files $uri $uri/ =404; root /usr/share/nginx/html; } location / { return 418; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} location = /.well-known/acme-challenge/r1J8vMSSVF6rJYLq73QX6_ur0SEJMBWNotPenhBo2ZE{default_type text/plain;return 200 r1J8vMSSVF6rJYLq73QX6_ur0SEJMBWNotPenhBo2ZE.hM7dzhwApZf7ljiWUXuEkPQbAIYgz8h8LX33rC8U8yY;} # managed by Certbot } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} 2021-09-29 06:29:47,097:DEBUG:acme.client:JWS payload: b'{}' 2021-09-29 06:29:47,099:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/35328024600/QIMvAg: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDJ2LTV6QTRLZGpGZmYtNHhGakt5aXl4TUF6NkNuak1mRVpPNXhaU21yQ2M0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8zNTMyODAyNDYwMC9RSU12QWcifQ", "signature": "hcO6occgwvpsoWX7EOe_NFkTrNHOojJbHVKfvgG7nREfrcPYiJpISXgN8RNDgstK79Re5b1k5VyKwd4Y5qsnr2VNEmJ0vjIb5fblVmrRUo_t7AKOUdCp8DZGLao_lf-j3dxvoOiJIR0BNxIvQYLyHP3cemYCkRuLTW9cUKWKhXk24vUVSjMA-uueIfRBRLm6wZPgn8bgstA9EkcNSFCIUr67MD2MbTuxc1D-Jv5Bpm53ihYULqObHr3hBko5U4KW5dcMrlHx1onWWKS7XHGIGSzqez-JBF9UZbE3_KkqqOmLpec5-tXzEUWKBM092G9MlJkLEfKh9CC2WeTS_7AfCw", "payload": "e30" } 2021-09-29 06:29:47,291:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/35328024600/QIMvAg HTTP/1.1" 200 186 2021-09-29 06:29:47,292:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:29:47 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/35328024600/QIMvAg Replay-Nonce: 0001a77cteO7jK8jNqbcQRpA_bNcFnnp1D8HTonRpHaTFsY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35328024600/QIMvAg", "token": "r1J8vMSSVF6rJYLq73QX6_ur0SEJMBWNotPenhBo2ZE" } 2021-09-29 06:29:47,292:DEBUG:acme.client:Storing nonce: 0001a77cteO7jK8jNqbcQRpA_bNcFnnp1D8HTonRpHaTFsY 2021-09-29 06:29:47,292:INFO:certbot._internal.auth_handler:Waiting for verification... 2021-09-29 06:29:48,293:DEBUG:acme.client:JWS payload: b'' 2021-09-29 06:29:48,295:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35328024600: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDFhNzdjdGVPN2pLOGpOcWJjUVJwQV9iTmNGbm5wMUQ4SFRvblJwSGFURnNZIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTMyODAyNDYwMCJ9", "signature": "Hn1fjiDSgYFQJpgoimGFV6nTH7P6Cq5CcILmU_Luj1EInmGYekc6Jh65UEjm91QpWQf0HYEFxY2NjOld2MTHESY5WfpessKzcAQxSZA2Hnq6iodQYY2U5BZ-sOfdFgckYCk2MCf0NcIE6TxCBFClRzGPVoyXMLxfRYUHcg_pm1bTedDkgStc6vm96a-kDA_Vem3qiNdgA5CzHkTZtQ5uUerFwXs89Fui3P3ALBWJEbjH9fxoCpiO548NBCmbOQUA8X7zVr6IOQyxAXwJv3MxTYLWbzw41YjNdmgNlan83L3LINtNUFoss3rKKdSZmNrOze3bpfCFz4ihM8YZnEB5Gw", "payload": "" } 2021-09-29 06:29:48,478:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35328024600 HTTP/1.1" 200 1274 2021-09-29 06:29:48,478:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:29:48 GMT Content-Type: application/json Content-Length: 1274 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001rfVusRpBB0Y6JTqwldSHIMvnj2wG-UaQb9ksiEe3z-c X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "invalid", "expires": "2021-10-06T06:29:26Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/r1J8vMSSVF6rJYLq73QX6_ur0SEJMBWNotPenhBo2ZE [162.241.217.240]: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eNot Found\u003c/h1\u003e\\n\u003cp\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35328024600/QIMvAg", "token": "r1J8vMSSVF6rJYLq73QX6_ur0SEJMBWNotPenhBo2ZE", "validationRecord": [ { "url": "http://chat.waspaa.com/.well-known/acme-challenge/r1J8vMSSVF6rJYLq73QX6_ur0SEJMBWNotPenhBo2ZE", "hostname": "chat.waspaa.com", "port": "80", "addressesResolved": [ "162.241.217.240" ], "addressUsed": "162.241.217.240" } ], "validated": "2021-09-29T06:29:47Z" } ] } 2021-09-29 06:29:48,478:DEBUG:acme.client:Storing nonce: 0001rfVusRpBB0Y6JTqwldSHIMvnj2wG-UaQb9ksiEe3z-c 2021-09-29 06:29:48,479:INFO:certbot._internal.auth_handler:Challenge failed for domain chat.waspaa.com 2021-09-29 06:29:48,479:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-29 06:29:48,479:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems: Domain: chat.waspaa.com Type: unauthorized Detail: Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/r1J8vMSSVF6rJYLq73QX6_ur0SEJMBWNotPenhBo2ZE [162.241.217.240]: "\n\n404 Not Found\n\n

Not Found

\n sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1285, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 454, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 384, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 434, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-09-29 06:30:08,604:ERROR:certbot._internal.log:Some challenges have failed. 2021-09-29 06:33:40,321:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-29 06:33:40,322:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-29 06:33:40,322:DEBUG:certbot._internal.main:Arguments: ['--webroot', '-w', '/var/www/html', '-d', 'chat.waspaa.com'] 2021-09-29 06:33:40,322:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-29 06:33:40,334:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-29 06:33:40,337:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None 2021-09-29 06:33:40,337:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/local/bin/certbot", line 8, in sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1268, in run installer, authenticator = plug_sel.choose_configurator_plugins(config, plugins, "run") File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/plugins/selection.py", line 201, in choose_configurator_plugins raise errors.MissingCommandlineFlag(msg) certbot.errors.MissingCommandlineFlag: With the webroot plugin, you probably want to use the "certonly" command, eg: certbot certonly --webroot (Alternatively, add a --installer flag. See https://eff.org/letsencrypt-plugins and "--help plugins" for more information.) 2021-09-29 06:33:40,339:ERROR:certbot._internal.log:With the webroot plugin, you probably want to use the "certonly" command, eg: certbot certonly --webroot (Alternatively, add a --installer flag. See https://eff.org/letsencrypt-plugins and "--help plugins" for more information.) 2021-09-29 06:34:09,600:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-29 06:34:09,600:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-29 06:34:09,600:DEBUG:certbot._internal.main:Arguments: ['-a', 'webroot', '-i', 'nginx', '-w', '/var/www/html', '-d', 'chat.waspaa.com'] 2021-09-29 06:34:09,600:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-29 06:34:09,609:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-29 06:34:09,612:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer nginx 2021-09-29 06:34:09,713:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: Installer, Authenticator, Plugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2021-09-29 06:34:09,716:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * webroot Description: Place files in webroot directory Interfaces: Authenticator, Plugin Entry point: webroot = certbot._internal.plugins.webroot:Authenticator Initialized: Prep: True 2021-09-29 06:34:09,717:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2021-09-29 06:34:09,717:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator webroot, Installer nginx 2021-09-29 06:34:09,721:DEBUG:certbot._internal.main:Picked account: ), creation_host='ip-172-31-40-153.ap-southeast-2.compute.internal', register_to_eff=None))> 2021-09-29 06:34:09,722:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-09-29 06:34:09,723:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-09-29 06:34:10,439:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-09-29 06:34:10,439:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:34:10 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "epSJTxXXcqQ": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-09-29 06:34:10,440:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for chat.waspaa.com 2021-09-29 06:34:10,649:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0011_key-certbot.pem 2021-09-29 06:34:10,651:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0011_csr-certbot.pem 2021-09-29 06:34:10,652:DEBUG:acme.client:Requesting fresh nonce 2021-09-29 06:34:10,652:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-09-29 06:34:10,829:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-09-29 06:34:10,829:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:34:10 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101H7aHESS7j36fg5c6sSM00Vxg-woifEQcsF1OMzX_mWs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-09-29 06:34:10,830:DEBUG:acme.client:Storing nonce: 0101H7aHESS7j36fg5c6sSM00Vxg-woifEQcsF1OMzX_mWs 2021-09-29 06:34:10,830:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "chat.waspaa.com"\n }\n ]\n}' 2021-09-29 06:34:10,832:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDFIN2FIRVNTN2ozNmZnNWM2c1NNMDBWeGctd29pZkVRY3NGMU9NelhfbVdzIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "jq05AppCxXUSzrc88NV7jYO-PZ2r1gQcymkjPJKR10syHj6rLZHKYOdp-AKiY06yjf6FwtbefltE521puS8NHPloKAfNBEtWJzTKa_MUfwiHqB7IPmmQDwcn0rAAwSzvNf2kOurjcW4t6X-efao2Jg3usw6wVyBfVvj956LC36-seFhfQ7AESSOQQdIM6SAosZckWCVAWtM42_pspqQ_oI6No00-1AQq-3RvO2Acy6l04XSIFuCZQRmYRTewLV0dWZ4vy044sdQHuqywOx1xdSz3B1hLtD-yz9l_KuCMG3F0dNev5JR0EfZOT7iCj4VHLBuFtA2VIhNIUx29vYiZxg", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNoYXQud2FzcGFhLmNvbSIKICAgIH0KICBdCn0" } 2021-09-29 06:34:11,174:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 338 2021-09-29 06:34:11,175:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 29 Sep 2021 06:34:11 GMT Content-Type: application/json Content-Length: 338 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/217949130/28019402810 Replay-Nonce: 0102Lbk2Bbb8l3YXv4D4Um-DtcHzVZH3b8NLCBw1kFYhtFw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-10-06T06:34:11Z", "identifiers": [ { "type": "dns", "value": "chat.waspaa.com" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/35329094750" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/217949130/28019402810" } 2021-09-29 06:34:11,175:DEBUG:acme.client:Storing nonce: 0102Lbk2Bbb8l3YXv4D4Um-DtcHzVZH3b8NLCBw1kFYhtFw 2021-09-29 06:34:11,175:DEBUG:acme.client:JWS payload: b'' 2021-09-29 06:34:11,176:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35329094750: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJMYmsyQmJiOGwzWVh2NEQ0VW0tRHRjSHpWWkgzYjhOTENCdzFrRllodEZ3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTMyOTA5NDc1MCJ9", "signature": "XblMdVfC_YxQwl2fAQV1sk2zHJO3H3RYBwFydxcKHhmvhZdyNKNwRpPLy86uFpTA0mqUWReLsAosryR_JcHGwV8bpeFbgeZcc2PZ2t6A7AixhrGRArerst_szJbj4ukgSuHoBIhrG8QZH9D1SCFmTUt54V25x8u4dPFmxF3-bLTkw9IVCE4Q98YfdCI1vLRfv_foAemCH_fP6KAKS7kyKRyasX-dSTrSix1Tb3xymMiYJnvDtM8KV58_gYQOYogDcmTONHVuDT0btWcLm_Hr5JVBa2htsuk7iih8x51kOigHcdjl6RA0bnJqHJksLcehvCGH0B3-1fb6QAy4PDhDCg", "payload": "" } 2021-09-29 06:34:11,381:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35329094750 HTTP/1.1" 200 796 2021-09-29 06:34:11,382:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:34:11 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102zev0Z12UmaeACqD9AyHis03uxlxxaSMMg3-STsYZZ60 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "pending", "expires": "2021-10-06T06:34:11Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35329094750/rtdXVQ", "token": "hzlD9ito8JyWDKU1fud-yFBaxpZTfTc2TQ8_sXmQeZ4" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35329094750/Glz0jw", "token": "hzlD9ito8JyWDKU1fud-yFBaxpZTfTc2TQ8_sXmQeZ4" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35329094750/ElMvlg", "token": "hzlD9ito8JyWDKU1fud-yFBaxpZTfTc2TQ8_sXmQeZ4" } ] } 2021-09-29 06:34:11,382:DEBUG:acme.client:Storing nonce: 0102zev0Z12UmaeACqD9AyHis03uxlxxaSMMg3-STsYZZ60 2021-09-29 06:34:11,382:INFO:certbot._internal.auth_handler:Performing the following challenges: 2021-09-29 06:34:11,383:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-29 06:34:11,383:INFO:certbot._internal.plugins.webroot:Using the webroot path /var/www/html for all unmatched domains. 2021-09-29 06:34:11,383:DEBUG:certbot._internal.plugins.webroot:Creating root challenges validation dir at /var/www/html/.well-known/acme-challenge 2021-09-29 06:34:11,386:DEBUG:certbot._internal.plugins.webroot:Attempting to save validation to /var/www/html/.well-known/acme-challenge/hzlD9ito8JyWDKU1fud-yFBaxpZTfTc2TQ8_sXmQeZ4 2021-09-29 06:34:11,387:DEBUG:acme.client:JWS payload: b'{}' 2021-09-29 06:34:11,388:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/35329094750/rtdXVQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJ6ZXYwWjEyVW1hZUFDcUQ5QXlIaXMwM3V4bHh4YVNNTWczLVNUc1laWjYwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8zNTMyOTA5NDc1MC9ydGRYVlEifQ", "signature": "UjxHfxRVMSdvnR-s9t0NxsA-qfyCyhBsQy4pRxtKKrzsE5BrPCQQEyu_g_yAReFl2V1P9WH4IBlHbtWph_LQQvzl-r1PMhSN7Uc5Ov-dLaIPXo18XdPGY-IcFetvyy0v6yq6wf-T1Dg6Eiimt4mLLRiR0CbnioCosAuhfIEres1-Co96aR5ldgZX0xIAgAU4nIHbP0PejWojQrgGgxGLGLJmgnZ1XE38-QZ6zWT6DDjxtfp6f_jWOZagNBYyNCdlL8sGSFxlm66wIm3LsVTdJYFy3UgUZOafXfKtrVhD61ybwGwva-T2649_Dav2Ie8Bz5Ls21NeoMecY9XZHZ0cfA", "payload": "e30" } 2021-09-29 06:34:11,622:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/35329094750/rtdXVQ HTTP/1.1" 200 186 2021-09-29 06:34:11,622:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:34:11 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/35329094750/rtdXVQ Replay-Nonce: 0101eeBmX14wO6HueTB_iNujtQWXOFp6SUMV7Dlwyx4yjKM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35329094750/rtdXVQ", "token": "hzlD9ito8JyWDKU1fud-yFBaxpZTfTc2TQ8_sXmQeZ4" } 2021-09-29 06:34:11,622:DEBUG:acme.client:Storing nonce: 0101eeBmX14wO6HueTB_iNujtQWXOFp6SUMV7Dlwyx4yjKM 2021-09-29 06:34:11,623:INFO:certbot._internal.auth_handler:Waiting for verification... 2021-09-29 06:34:12,624:DEBUG:acme.client:JWS payload: b'' 2021-09-29 06:34:12,626:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35329094750: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDFlZUJtWDE0d082SHVlVEJfaU51anRRV1hPRnA2U1VNVjdEbHd5eDR5aktNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTMyOTA5NDc1MCJ9", "signature": "Buj3hrBlJaKeVLSTtHW1XJdV1f8fuDRDla3gGmVUY79tT68rd0usw_WmvUA0L0oWtlvk2T1eoEoY_MLLJnLIURJRRtrOgCNe4wkK_qtGA4Q08wiejzG9jn5ooYcxdRGSXLf88BGoxBHXA2_64zWerLwm6KCO7ybGyUlo3KRUUp8orkfzoPeFXjkJvNFiP4UtPcjaHTWsa8I5hWCt3CzGtOuJTcmWSHyU-6gtyfum5f8PyRU9EaADVMa3TDhTL-q24H11p_Uq-3VguEOLu1zFOVmZxIoGsN5Yw5mg9no1nVZjeiO5z9cLLd7skpXfudKiMWwLSP5pYeIjG6dSubrrhA", "payload": "" } 2021-09-29 06:34:12,832:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35329094750 HTTP/1.1" 200 1274 2021-09-29 06:34:12,833:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:34:12 GMT Content-Type: application/json Content-Length: 1274 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102iGJ6YV-5VUvXhQbySzSXvP89DVirBXxuRHnlZ3kfeI8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "invalid", "expires": "2021-10-06T06:34:11Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/hzlD9ito8JyWDKU1fud-yFBaxpZTfTc2TQ8_sXmQeZ4 [162.241.217.240]: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eNot Found\u003c/h1\u003e\\n\u003cp\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35329094750/rtdXVQ", "token": "hzlD9ito8JyWDKU1fud-yFBaxpZTfTc2TQ8_sXmQeZ4", "validationRecord": [ { "url": "http://chat.waspaa.com/.well-known/acme-challenge/hzlD9ito8JyWDKU1fud-yFBaxpZTfTc2TQ8_sXmQeZ4", "hostname": "chat.waspaa.com", "port": "80", "addressesResolved": [ "162.241.217.240" ], "addressUsed": "162.241.217.240" } ], "validated": "2021-09-29T06:34:11Z" } ] } 2021-09-29 06:34:12,833:DEBUG:acme.client:Storing nonce: 0102iGJ6YV-5VUvXhQbySzSXvP89DVirBXxuRHnlZ3kfeI8 2021-09-29 06:34:12,833:INFO:certbot._internal.auth_handler:Challenge failed for domain chat.waspaa.com 2021-09-29 06:34:12,833:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-29 06:34:12,833:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems: Domain: chat.waspaa.com Type: unauthorized Detail: Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/hzlD9ito8JyWDKU1fud-yFBaxpZTfTc2TQ8_sXmQeZ4 [162.241.217.240]: "\n\n404 Not Found\n\n

Not Found

\n sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1285, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 454, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 384, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 434, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-09-29 06:34:12,837:ERROR:certbot._internal.log:Some challenges have failed. 2021-09-29 06:37:16,308:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-29 06:37:16,308:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-29 06:37:16,308:DEBUG:certbot._internal.main:Arguments: ['--standalone', '--agree-tos', '--preferred-challenges', 'http', '-d', 'chat.waspaa.com'] 2021-09-29 06:37:16,309:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-29 06:37:16,327:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-29 06:37:16,330:DEBUG:certbot._internal.plugins.selection:Requested authenticator standalone and installer None 2021-09-29 06:37:16,332:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: Authenticator, Plugin Entry point: standalone = certbot._internal.plugins.standalone:Authenticator Initialized: Prep: True 2021-09-29 06:37:16,334:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer None 2021-09-29 06:37:16,334:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator standalone, Installer None 2021-09-29 06:37:16,347:DEBUG:certbot._internal.main:Picked account: ), creation_host='ip-172-31-40-153.ap-southeast-2.compute.internal', register_to_eff=None))> 2021-09-29 06:37:16,348:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-09-29 06:37:16,351:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-09-29 06:37:17,071:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-09-29 06:37:17,071:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:37:17 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "r3fGqV844vY": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-09-29 06:37:17,073:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for chat.waspaa.com 2021-09-29 06:37:17,160:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0012_key-certbot.pem 2021-09-29 06:37:17,163:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0012_csr-certbot.pem 2021-09-29 06:37:17,164:DEBUG:acme.client:Requesting fresh nonce 2021-09-29 06:37:17,164:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-09-29 06:37:17,341:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-09-29 06:37:17,341:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:37:17 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002YvnYERd3TK8l0FXN69-oJt_gD8MD16c-Sf3EEBdebB8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-09-29 06:37:17,342:DEBUG:acme.client:Storing nonce: 0002YvnYERd3TK8l0FXN69-oJt_gD8MD16c-Sf3EEBdebB8 2021-09-29 06:37:17,342:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "chat.waspaa.com"\n }\n ]\n}' 2021-09-29 06:37:17,343:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDJZdm5ZRVJkM1RLOGwwRlhONjktb0p0X2dEOE1EMTZjLVNmM0VFQmRlYkI4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "BhserYYex74MI4ObK6GV-JJtUdR4fJM1EgzL0lbdA3nzOcaD1WWmlK6N6vGG7gQWFlTcP0bOGw_W1uELs1tsTFVAObEXc-D2z3BngpUh1s9_HNbVc0f0JDN97XUcV88_gA7G3NcYSxUyEoUcQl8oFMNCxclyTHCn282OrZ5-Uv9d2-SBaLPz-JA-yTH8kmR6Gdr1LRZm5pvi2Z6g1B1FjXVVYAUz0YQHx32H9Y4XJ3Jre00vNnW84TpeQ7MCq7260ih4UIPfIHpHx4i6-CwBq-C0vysYkI4pqaN3U6elE0yxssbpE-kUQ4IVkhFQJwfEK2pxrwY4-yC_ReXS8LL81Q", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNoYXQud2FzcGFhLmNvbSIKICAgIH0KICBdCn0" } 2021-09-29 06:37:17,587:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 429 201 2021-09-29 06:37:17,587:DEBUG:acme.client:Received response: HTTP 429 Server: nginx Date: Wed, 29 Sep 2021 06:37:17 GMT Content-Type: application/problem+json Content-Length: 201 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001YyFAkOW1pcaKGV_nxpze91kZWo1J4e7019eaY84TSk4 { "type": "urn:ietf:params:acme:error:rateLimited", "detail": "Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/", "status": 429 } 2021-09-29 06:37:17,588:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/local/bin/certbot", line 8, in sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1432, in certonly lineage = _get_and_save_cert(le_client, config, domains, certname, lineage) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 454, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 384, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 416, in _get_order_and_authorizations orderr = self.acme.new_order(csr_pem) File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 899, in new_order return cast(ClientV2, self.client).new_order(csr_pem) File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 671, in new_order response = self._post(self.directory['newOrder'], order) File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 92, in _post return self.net.post(*args, **kwargs) File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 1227, in post return self._post_once(*args, **kwargs) File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 1240, in _post_once response = self._check_response(response, content_type=content_type) File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 1087, in _check_response raise messages.Error.from_json(jobj) acme.messages.Error: urn:ietf:params:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/ 2021-09-29 06:37:17,597:ERROR:certbot._internal.log:An unexpected error occurred: 2021-09-29 06:37:17,597:ERROR:certbot._internal.log:There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/ 2021-09-29 06:38:33,797:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-29 06:38:33,797:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-29 06:38:33,797:DEBUG:certbot._internal.main:Arguments: ['--nginx', '--agree-tos', '--preferred-challenges', 'http', '-d', 'chat.waspaa.com'] 2021-09-29 06:38:33,797:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-29 06:38:33,806:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-29 06:38:33,807:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2021-09-29 06:38:34,061:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: Installer, Authenticator, Plugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2021-09-29 06:38:34,062:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2021-09-29 06:38:34,062:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-09-29 06:38:34,065:DEBUG:certbot._internal.main:Picked account: ), creation_host='ip-172-31-40-153.ap-southeast-2.compute.internal', register_to_eff=None))> 2021-09-29 06:38:34,066:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-09-29 06:38:34,068:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-09-29 06:38:34,773:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-09-29 06:38:34,774:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:38:34 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert", "u0Mu9aGphu0": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2021-09-29 06:38:34,774:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for chat.waspaa.com 2021-09-29 06:38:34,892:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0013_key-certbot.pem 2021-09-29 06:38:34,894:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0013_csr-certbot.pem 2021-09-29 06:38:34,895:DEBUG:acme.client:Requesting fresh nonce 2021-09-29 06:38:34,895:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-09-29 06:38:35,072:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-09-29 06:38:35,072:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:38:35 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001ppBzeQDC58sG1vJ7KMbDt5ZdLpEYGK5vc5QMWYIa6qk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-09-29 06:38:35,073:DEBUG:acme.client:Storing nonce: 0001ppBzeQDC58sG1vJ7KMbDt5ZdLpEYGK5vc5QMWYIa6qk 2021-09-29 06:38:35,073:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "chat.waspaa.com"\n }\n ]\n}' 2021-09-29 06:38:35,075:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDFwcEJ6ZVFEQzU4c0cxdko3S01iRHQ1WmRMcEVZR0s1dmM1UU1XWUlhNnFrIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "XmtQzAWjkspAZ6k4OVxPdCrILPhTsagL1EGzvfZUns4-FVnJPH_VMm0qFdZRwg7IWre2uo2Bgyh5sUownkvYvmPVcmKKBRsuP12Ef0WHXt_l5n1CVAHZmRldEinezAQTT1yrVr2la-Ybyx9Gy3HgX-I5mu0kHL6yMmPXp0eflD9AZrVb5-IMb09XJaUp4XH23rwdQKeIiqccNwNDL6ifrb2nv_NfBvTTDeBOTt3EELRTrHWRYiliRBkJFnP1aW_vJsylwj4fdSlp7F2hCCHGfV4AHO6_CsLj_ESKG8H8O6sqlYSKZ07VPvGkpx2LS3ZQ4By-JeIR44MyJ7dINDmkiw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNoYXQud2FzcGFhLmNvbSIKICAgIH0KICBdCn0" } 2021-09-29 06:38:35,275:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 429 201 2021-09-29 06:38:35,275:DEBUG:acme.client:Received response: HTTP 429 Server: nginx Date: Wed, 29 Sep 2021 06:38:35 GMT Content-Type: application/problem+json Content-Length: 201 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001Tl4xL7Tc1Z6KGCTM4H_ZZireD9_tTdCvtlJV4eA3QVY { "type": "urn:ietf:params:acme:error:rateLimited", "detail": "Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/", "status": 429 } 2021-09-29 06:38:35,276:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/local/bin/certbot", line 8, in sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1285, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 454, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 384, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 416, in _get_order_and_authorizations orderr = self.acme.new_order(csr_pem) File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 899, in new_order return cast(ClientV2, self.client).new_order(csr_pem) File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 671, in new_order response = self._post(self.directory['newOrder'], order) File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 92, in _post return self.net.post(*args, **kwargs) File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 1227, in post return self._post_once(*args, **kwargs) File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 1240, in _post_once response = self._check_response(response, content_type=content_type) File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 1087, in _check_response raise messages.Error.from_json(jobj) acme.messages.Error: urn:ietf:params:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/ 2021-09-29 06:38:35,277:ERROR:certbot._internal.log:An unexpected error occurred: 2021-09-29 06:38:35,277:ERROR:certbot._internal.log:There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/ 2021-09-29 06:38:50,834:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-29 06:38:50,835:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-29 06:38:50,835:DEBUG:certbot._internal.main:Arguments: ['--standalone', '--agree-tos', '--preferred-challenges', 'http', '-d', 'chat.waspaa.com'] 2021-09-29 06:38:50,835:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-29 06:38:50,844:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-29 06:38:50,845:DEBUG:certbot._internal.plugins.selection:Requested authenticator standalone and installer None 2021-09-29 06:38:50,847:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: Authenticator, Plugin Entry point: standalone = certbot._internal.plugins.standalone:Authenticator Initialized: Prep: True 2021-09-29 06:38:50,848:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer None 2021-09-29 06:38:50,848:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator standalone, Installer None 2021-09-29 06:38:50,851:DEBUG:certbot._internal.main:Picked account: ), creation_host='ip-172-31-40-153.ap-southeast-2.compute.internal', register_to_eff=None))> 2021-09-29 06:38:50,852:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-09-29 06:38:50,853:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-09-29 06:38:51,562:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-09-29 06:38:51,563:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:38:51 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "raH4AZkDmNk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-09-29 06:38:51,564:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for chat.waspaa.com 2021-09-29 06:38:51,733:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0014_key-certbot.pem 2021-09-29 06:38:51,735:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0014_csr-certbot.pem 2021-09-29 06:38:51,736:DEBUG:acme.client:Requesting fresh nonce 2021-09-29 06:38:51,736:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-09-29 06:38:51,913:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-09-29 06:38:51,913:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 06:38:51 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101i71WMezF9rllgPl_CbUNIBE-xuGboge9L9CpZKGnXqw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-09-29 06:38:51,913:DEBUG:acme.client:Storing nonce: 0101i71WMezF9rllgPl_CbUNIBE-xuGboge9L9CpZKGnXqw 2021-09-29 06:38:51,914:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "chat.waspaa.com"\n }\n ]\n}' 2021-09-29 06:38:51,915:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDFpNzFXTWV6RjlybGxnUGxfQ2JVTklCRS14dUdib2dlOUw5Q3BaS0duWHF3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "pn6Drn6E5XmZTWbSn8F0ikgeyIJtrr-cgrw4zp6rDa9R8GRvG9duuT38Mbc3bPO473ONBWpVy3YlM_BDCZU0LGG-aBLU92wKqJwtSZntLdnCZ5kXOGPsuUzVi3I0m4ywPhRaQ64HAeV2_RsV0fbSE42CDoasF5QFQCihjM1rLZsg5t6H0Hq6M9tQoS4yen3Zzwrbo1Wn2DG7hcz4crhtV4tvfUpNlm5hfamda8AS2kPsqJVAWwUR3mpHwZ9Zg6M1ufOqAAFbpLd8WuNU1vXguZ895yjvmW4euyNCir2iwU1MOZ7s_fTxbMFbVKkkPb3GmuxC0yUDPAW-HWeWIg1tGw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNoYXQud2FzcGFhLmNvbSIKICAgIH0KICBdCn0" } 2021-09-29 06:38:52,231:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 429 201 2021-09-29 06:38:52,232:DEBUG:acme.client:Received response: HTTP 429 Server: nginx Date: Wed, 29 Sep 2021 06:38:52 GMT Content-Type: application/problem+json Content-Length: 201 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 01019ss4H2CjBeQD2a6xcLy9epXLZyWGRdyA_MMfDrHfHBo { "type": "urn:ietf:params:acme:error:rateLimited", "detail": "Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/", "status": 429 } 2021-09-29 06:38:52,232:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/local/bin/certbot", line 8, in sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1432, in certonly lineage = _get_and_save_cert(le_client, config, domains, certname, lineage) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 454, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 384, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 416, in _get_order_and_authorizations orderr = self.acme.new_order(csr_pem) File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 899, in new_order return cast(ClientV2, self.client).new_order(csr_pem) File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 671, in new_order response = self._post(self.directory['newOrder'], order) File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 92, in _post return self.net.post(*args, **kwargs) File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 1227, in post return self._post_once(*args, **kwargs) File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 1240, in _post_once response = self._check_response(response, content_type=content_type) File "/usr/local/lib/python3.8/dist-packages/acme/client.py", line 1087, in _check_response raise messages.Error.from_json(jobj) acme.messages.Error: urn:ietf:params:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/ 2021-09-29 06:38:52,234:ERROR:certbot._internal.log:An unexpected error occurred: 2021-09-29 06:38:52,234:ERROR:certbot._internal.log:There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/ 2021-09-29 11:20:17,521:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-29 11:20:17,521:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-29 11:20:17,521:DEBUG:certbot._internal.main:Arguments: ['--standalone', '--agree-tos', '--preferred-challenges', 'http', '-d', 'chat.waspaa.com'] 2021-09-29 11:20:17,521:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-29 11:20:17,544:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-29 11:20:17,549:DEBUG:certbot._internal.plugins.selection:Requested authenticator standalone and installer None 2021-09-29 11:20:17,550:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * standalone Description: Spin up a temporary webserver Interfaces: Authenticator, Plugin Entry point: standalone = certbot._internal.plugins.standalone:Authenticator Initialized: Prep: True 2021-09-29 11:20:17,552:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer None 2021-09-29 11:20:17,552:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator standalone, Installer None 2021-09-29 11:20:17,574:DEBUG:certbot._internal.main:Picked account: ), creation_host='ip-172-31-40-153.ap-southeast-2.compute.internal', register_to_eff=None))> 2021-09-29 11:20:17,575:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-09-29 11:20:17,584:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-09-29 11:20:18,319:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-09-29 11:20:18,320:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 11:20:18 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "jgEcNke8MAA": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-09-29 11:20:18,321:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for chat.waspaa.com 2021-09-29 11:20:18,483:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0015_key-certbot.pem 2021-09-29 11:20:18,486:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0015_csr-certbot.pem 2021-09-29 11:20:18,487:DEBUG:acme.client:Requesting fresh nonce 2021-09-29 11:20:18,487:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-09-29 11:20:18,664:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-09-29 11:20:18,664:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 11:20:18 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002xG0YzaXTNmzqA8lzkiasSC7W9Rta610xWkca7gT1GAM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-09-29 11:20:18,664:DEBUG:acme.client:Storing nonce: 0002xG0YzaXTNmzqA8lzkiasSC7W9Rta610xWkca7gT1GAM 2021-09-29 11:20:18,665:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "chat.waspaa.com"\n }\n ]\n}' 2021-09-29 11:20:18,666:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDJ4RzBZemFYVE5tenFBOGx6a2lhc1NDN1c5UnRhNjEweFdrY2E3Z1QxR0FNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "G9WAUfxRfq4nFfsJjtXLu52AhWmvz8PgI9hFwCYHFIvfGnsDkRUVfnEOZEnLeU6qyOrbR0F94XHH7eRb7y2I2DleQTitRxSfXXOAXTkPFaDbuNxosfbEdhP12XeB1pNGp5-XwUxZC0YPnu-pgwEkotZ2foOFwzNdjaYjxPHbs2QpcI3wFyR3_CR2SJltIjmIVMkNV3okTyxlw5Ts-UiYHY45lyX0ofXK63vGSJSdUcthM3coKgxNnagrV2_D84dqXEo0Y1AYBvKytnHp2wFO19N0mDETvZUp2rutPZpAlG_MKUSVYKktSpYe_wkRFd0SwstRl8V1138YJIP-nny8ZA", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNoYXQud2FzcGFhLmNvbSIKICAgIH0KICBdCn0" } 2021-09-29 11:20:18,876:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 338 2021-09-29 11:20:18,877:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 29 Sep 2021 11:20:18 GMT Content-Type: application/json Content-Length: 338 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/217949130/28067438960 Replay-Nonce: 0001kSi1SmQb1QJCqYAAEpoJEw6DVqUKgeGWbiOIAIM8siA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-10-06T11:20:18Z", "identifiers": [ { "type": "dns", "value": "chat.waspaa.com" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/35387101300" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/217949130/28067438960" } 2021-09-29 11:20:18,877:DEBUG:acme.client:Storing nonce: 0001kSi1SmQb1QJCqYAAEpoJEw6DVqUKgeGWbiOIAIM8siA 2021-09-29 11:20:18,877:DEBUG:acme.client:JWS payload: b'' 2021-09-29 11:20:18,878:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35387101300: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDFrU2kxU21RYjFRSkNxWUFBRXBvSkV3NkRWcVVLZ2VHV2JpT0lBSU04c2lBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTM4NzEwMTMwMCJ9", "signature": "rXn7cxzE4OnW2m8V5k5GBHioKQtU8EkBIX1_dsRaFn_FlsvaCYdJ-lpAQYGmvzpNQjJ1uMSaImCtA3ygb7OVOdLr-xTtYSlBwq1AXKzyKNTwgnD5odr8JTv1FQV5RwaVf7VvryJxjnwyUJvXO-C6ZR3ZjVqoTysTY8JNr3cQSSFBHXPV11TIxHGNDSd_pUkWis8s7B_t-VmJZhWQc4crDU0KCfoGx0mPb1xCxm1wZ3RDxWpHOnPVYqYb0fxPqE4-v99SGBfSDrddG88FjhBFi-JSKD-zQvtBbBQEJb5LEa0qz_mfSEKT_1o1SOqF2220z-nPnUPvxWzDFdpaUlRmsg", "payload": "" } 2021-09-29 11:20:19,061:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35387101300 HTTP/1.1" 200 796 2021-09-29 11:20:19,061:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 11:20:19 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001YCTFB-pK024EDpkLDJzV6JNMlcY7PTh5G3KPasyN1Bw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "pending", "expires": "2021-10-06T11:20:18Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35387101300/4s20fw", "token": "NGuKEquektHucd2jOJNQ6Jj5-85jUEnHi9BE7xKx0v0" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35387101300/gjLx3g", "token": "NGuKEquektHucd2jOJNQ6Jj5-85jUEnHi9BE7xKx0v0" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35387101300/x5V9Vw", "token": "NGuKEquektHucd2jOJNQ6Jj5-85jUEnHi9BE7xKx0v0" } ] } 2021-09-29 11:20:19,061:DEBUG:acme.client:Storing nonce: 0001YCTFB-pK024EDpkLDJzV6JNMlcY7PTh5G3KPasyN1Bw 2021-09-29 11:20:19,062:INFO:certbot._internal.auth_handler:Performing the following challenges: 2021-09-29 11:20:19,062:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-29 11:20:19,062:DEBUG:acme.standalone:Failed to bind to :80 using IPv6 2021-09-29 11:20:19,062:DEBUG:acme.standalone:Failed to bind to :80 using IPv4 2021-09-29 11:21:26,473:DEBUG:acme.standalone:Successfully bound to :80 using IPv6 2021-09-29 11:21:26,474:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations. 2021-09-29 11:21:26,478:DEBUG:acme.client:JWS payload: b'{}' 2021-09-29 11:21:26,479:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/35387101300/4s20fw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDFZQ1RGQi1wSzAyNEVEcGtMREp6VjZKTk1sY1k3UFRoNUczS1Bhc3lOMUJ3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8zNTM4NzEwMTMwMC80czIwZncifQ", "signature": "RSzhlDvmHEJpwZcjyYxnNOFcWIZHHKn_W_dkJUheGs_6PJAua64coW_YP9Ed-Qu92_4l9m8ihNYEQEsI5RCP6WPDnlUxP_Z9mlgEKCjEAsE8kmSk9VWvnoAwkVqsU1A9VMKI8FGOqwfCysW26f-o8EkRH8oYa6ZKWIkeyJuSz1oHva-FYxdrhcsIni6RucaCbi1VqW38MZMuVZD2ZWdEVmqgkRJGKYfkUJGfOKfyseHI8pPny6P-MomTPKA48DzcLZj7imHFozIBWy6P-YkZq2dq4qTpE0SvPcKex9jIu_VeTma-mGA-Ma0BoJbyrzA3OI3a2MisaU1SSaS9VNBhYQ", "payload": "e30" } 2021-09-29 11:21:26,666:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/35387101300/4s20fw HTTP/1.1" 200 186 2021-09-29 11:21:26,666:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 11:21:26 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/35387101300/4s20fw Replay-Nonce: 00014_oslgy8GVXFyPI6c4g4D_QET_K48MjIV5C17TTqgBk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35387101300/4s20fw", "token": "NGuKEquektHucd2jOJNQ6Jj5-85jUEnHi9BE7xKx0v0" } 2021-09-29 11:21:26,666:DEBUG:acme.client:Storing nonce: 00014_oslgy8GVXFyPI6c4g4D_QET_K48MjIV5C17TTqgBk 2021-09-29 11:21:26,667:INFO:certbot._internal.auth_handler:Waiting for verification... 2021-09-29 11:21:27,668:DEBUG:acme.client:JWS payload: b'' 2021-09-29 11:21:27,670:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35387101300: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAwMDE0X29zbGd5OEdWWEZ5UEk2YzRnNERfUUVUX0s0OE1qSVY1QzE3VFRxZ0JrIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTM4NzEwMTMwMCJ9", "signature": "l-O7Tc9iLo_T1E1qYwzjxBm5VCvcFSiRKeDHzA9_8ulcufdZhD7cUn6Cv2pAniU9GLr-lTTM1wp5rb52ZqMKZHrABC7gAxMF93A8J1BXHK4wNuPU_X0na6HekMkLgHExtK6BYe5semmuxTL5oMK5YB2I52UwGyBv7_Q5H_MILZ5c6rji2TY4JI0IVSdiFkhOORjIwqquuO_hvUbX1XEHSr0YNOQQSPCLcKEhK_IkGtfvumylQnYIjPi-oeixrPVLtU20JVl7_TbuYNU5hc6IRCqMOHQ514oHYttdeK6UGcOBQUfB22FiDJkDuMi8fvkTpbp8OGV0da7qZ6PxFNHwPQ", "payload": "" } 2021-09-29 11:21:27,851:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35387101300 HTTP/1.1" 200 1274 2021-09-29 11:21:27,851:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 11:21:27 GMT Content-Type: application/json Content-Length: 1274 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002YWCV_8lCO4t7kb086SPPNH7S1GdSkVe8uhssiRDSbyY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "invalid", "expires": "2021-10-06T11:20:18Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/NGuKEquektHucd2jOJNQ6Jj5-85jUEnHi9BE7xKx0v0 [162.241.217.240]: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eNot Found\u003c/h1\u003e\\n\u003cp\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35387101300/4s20fw", "token": "NGuKEquektHucd2jOJNQ6Jj5-85jUEnHi9BE7xKx0v0", "validationRecord": [ { "url": "http://chat.waspaa.com/.well-known/acme-challenge/NGuKEquektHucd2jOJNQ6Jj5-85jUEnHi9BE7xKx0v0", "hostname": "chat.waspaa.com", "port": "80", "addressesResolved": [ "162.241.217.240" ], "addressUsed": "162.241.217.240" } ], "validated": "2021-09-29T11:21:26Z" } ] } 2021-09-29 11:21:27,852:DEBUG:acme.client:Storing nonce: 0002YWCV_8lCO4t7kb086SPPNH7S1GdSkVe8uhssiRDSbyY 2021-09-29 11:21:27,852:INFO:certbot._internal.auth_handler:Challenge failed for domain chat.waspaa.com 2021-09-29 11:21:27,852:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-29 11:21:27,852:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems: Domain: chat.waspaa.com Type: unauthorized Detail: Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/NGuKEquektHucd2jOJNQ6Jj5-85jUEnHi9BE7xKx0v0 [162.241.217.240]: "\n\n404 Not Found\n\n

Not Found

\n sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1432, in certonly lineage = _get_and_save_cert(le_client, config, domains, certname, lineage) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 454, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 384, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 434, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-09-29 11:21:27,986:ERROR:certbot._internal.log:Some challenges have failed. 2021-09-29 17:29:28,341:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-29 17:29:28,342:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-29 17:29:28,342:DEBUG:certbot._internal.main:Arguments: ['--nginx', '--agree-tos', '--preferred-challenges', 'http', '-d', 'chat.waspaa.com'] 2021-09-29 17:29:28,342:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-29 17:29:28,356:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-29 17:29:28,360:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2021-09-29 17:29:28,872:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: Installer, Authenticator, Plugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2021-09-29 17:29:28,873:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2021-09-29 17:29:28,873:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-09-29 17:29:28,914:DEBUG:certbot._internal.main:Picked account: ), creation_host='ip-172-31-40-153.ap-southeast-2.compute.internal', register_to_eff=None))> 2021-09-29 17:29:28,915:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-09-29 17:29:28,931:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-09-29 17:29:29,673:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-09-29 17:29:29,674:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 17:29:29 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "1lQa33Wb5Y0": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-09-29 17:29:29,675:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for chat.waspaa.com 2021-09-29 17:29:29,715:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0016_key-certbot.pem 2021-09-29 17:29:29,718:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0016_csr-certbot.pem 2021-09-29 17:29:29,719:DEBUG:acme.client:Requesting fresh nonce 2021-09-29 17:29:29,719:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-09-29 17:29:29,895:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-09-29 17:29:29,896:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 17:29:29 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102h7Wqx4R_ZMM2Mq70HtqdX4mGacizvQqN0WHh9lIBVXM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-09-29 17:29:29,896:DEBUG:acme.client:Storing nonce: 0102h7Wqx4R_ZMM2Mq70HtqdX4mGacizvQqN0WHh9lIBVXM 2021-09-29 17:29:29,896:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "chat.waspaa.com"\n }\n ]\n}' 2021-09-29 17:29:29,898:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJoN1dxeDRSX1pNTTJNcTcwSHRxZFg0bUdhY2l6dlFxTjBXSGg5bElCVlhNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "exxU28jGgeBIwkESf6OOloBlKSVOhK51gq8j_PXYL5mka_faRmR8Tux5i2cczcrgFNWGAGGQ7Xu-71qrIsgkmb7B3PLrGW-YWOEZEhnbl57v7I9SK5bpHuaw48YYSSg6QPfw6AzPFNfYGSOouluNvPU8G706Gv2XGhHoXSlu2_ThMBzlds_InDRqJ7T2WViT6BJT0QTfGwyPqu0rgaSrynNkxx7h7yE36vOpTvm0vuvi2bOA85dvaakI3qvL4CZ7Qp80CTkAQ9fXBYrQD5mR5FBK8V1mmbXFSmRAdFQV6MPsp9eJy9jb7hIG68btG28dR4RIgRgWhMSZyPs0343Txw", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNoYXQud2FzcGFhLmNvbSIKICAgIH0KICBdCn0" } 2021-09-29 17:29:30,228:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 338 2021-09-29 17:29:30,229:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 29 Sep 2021 17:29:30 GMT Content-Type: application/json Content-Length: 338 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/217949130/28129087640 Replay-Nonce: 0101Kb5PUzHe2J3m9AKFYH1hFcdqX3UioUccvXXbi627iSE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-10-06T17:29:30Z", "identifiers": [ { "type": "dns", "value": "chat.waspaa.com" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/35461828910" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/217949130/28129087640" } 2021-09-29 17:29:30,229:DEBUG:acme.client:Storing nonce: 0101Kb5PUzHe2J3m9AKFYH1hFcdqX3UioUccvXXbi627iSE 2021-09-29 17:29:30,229:DEBUG:acme.client:JWS payload: b'' 2021-09-29 17:29:30,230:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35461828910: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDFLYjVQVXpIZTJKM205QUtGWUgxaEZjZHFYM1Vpb1VjY3ZYWGJpNjI3aVNFIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTQ2MTgyODkxMCJ9", "signature": "nomsLtL-afeMBQyiSvSLa8CuW3prRK_ZZHh1Jqrndx5ZBCm6PGD_0k7avMAgB_CixOxTAONixYVrA6yJ-8c6kMxCFbctXq7i2j6iOrReMJ6CwyifoC1zcX-7_rIphNQGTa-hkBZ3-hTtR9RKzmx11Am7l7BRwXafc7SFkpeyz4d1T2dqGmwPzb04uewR2kxqsGngpcV4xeRtz_2n5hga6LfFKS4fgW3it898kEgLbOUIbKAQr1FaJwvJIHnFbInhbmGEkTwcD3aRDTD10bLLMxEnW_PX0A3wXejHIZsIERBP2rCofiC-I5mH5b_157HzFFoDiwQWWTqpCvbVmcSZ7Q", "payload": "" } 2021-09-29 17:29:30,440:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35461828910 HTTP/1.1" 200 796 2021-09-29 17:29:30,440:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 17:29:30 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102JOl2ElJoQVVOAuxxeKKYJCRvu66YHwHUv3bHTc_wz-o X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "pending", "expires": "2021-10-06T17:29:30Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35461828910/4wy9rQ", "token": "MNuPm9n9P8Aeowp_tUTYoRN1pO861adDXVuarRM1Acs" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35461828910/o9qHxw", "token": "MNuPm9n9P8Aeowp_tUTYoRN1pO861adDXVuarRM1Acs" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35461828910/QtvfqQ", "token": "MNuPm9n9P8Aeowp_tUTYoRN1pO861adDXVuarRM1Acs" } ] } 2021-09-29 17:29:30,441:DEBUG:acme.client:Storing nonce: 0102JOl2ElJoQVVOAuxxeKKYJCRvu66YHwHUv3bHTc_wz-o 2021-09-29 17:29:30,441:INFO:certbot._internal.auth_handler:Performing the following challenges: 2021-09-29 17:29:30,441:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-29 17:29:30,450:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2021-09-29 17:29:30,451:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-09-29 17:29:30,451:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-09-29 17:29:30,452:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-09-29 17:29:30,453:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-09-29 17:29:30,454:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/default 2021-09-29 17:29:30,455:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-09-29 17:29:30,455:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-09-29 17:29:30,456:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-09-29 17:29:30,458:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/default: ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name chat.waspaa.com; location ^~ /.well-known { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. #try_files $uri $uri/ =404; root /usr/share/nginx/html; } location / { return 418; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} location = /.well-known/acme-challenge/MNuPm9n9P8Aeowp_tUTYoRN1pO861adDXVuarRM1Acs{default_type text/plain;return 200 MNuPm9n9P8Aeowp_tUTYoRN1pO861adDXVuarRM1Acs.hM7dzhwApZf7ljiWUXuEkPQbAIYgz8h8LX33rC8U8yY;} # managed by Certbot } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} 2021-09-29 17:29:30,531:DEBUG:certbot_nginx._internal.configurator:nginx reload failed: nginx: [error] invalid PID number "" in "/run/nginx.pid" 2021-09-29 17:29:31,545:DEBUG:acme.client:JWS payload: b'{}' 2021-09-29 17:29:31,547:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/35461828910/4wy9rQ: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJKT2wyRWxKb1FWVk9BdXh4ZUtLWUpDUnZ1NjZZSHdIVXYzYkhUY193ei1vIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8zNTQ2MTgyODkxMC80d3k5clEifQ", "signature": "qRPtDkpCQ8KxyGDYR0DlphQoUgQ6DCUdujTJho_9mbBjWvaCPLzcYj9AAnTwpfTNGGttQQ0E8Z7DjgERF8MLT8-E3zlySbInVYGXOIpHP-gtFMQ_swMaM3s2YUmoKpNjjwf4KJNnpjxNWNF5Ze74QstcarHIWOHYiZCe2eDPuinJ2VZO2MB-dnUSBBuHJnGikAQixS2vu32IGr32S-mk9nlBTHW4w7gyMPq_X-mhhZXO8sZSE_GoJRT6wObkytdZtkFwpXoDRKTe9tfMI6FfuoFbUg8jLc6nJFDwtvzexwE89AUWsPge8mF6jYvOrgDCtPTNoQrVsctgqz_nf887UQ", "payload": "e30" } 2021-09-29 17:29:31,767:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/35461828910/4wy9rQ HTTP/1.1" 200 186 2021-09-29 17:29:31,767:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 17:29:31 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/35461828910/4wy9rQ Replay-Nonce: 0102vchlaP2MjlGJJcF9wPKDSK60j2imW6KfRx0EV1IyvQc X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35461828910/4wy9rQ", "token": "MNuPm9n9P8Aeowp_tUTYoRN1pO861adDXVuarRM1Acs" } 2021-09-29 17:29:31,768:DEBUG:acme.client:Storing nonce: 0102vchlaP2MjlGJJcF9wPKDSK60j2imW6KfRx0EV1IyvQc 2021-09-29 17:29:31,768:INFO:certbot._internal.auth_handler:Waiting for verification... 2021-09-29 17:29:32,770:DEBUG:acme.client:JWS payload: b'' 2021-09-29 17:29:32,772:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35461828910: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJ2Y2hsYVAyTWpsR0pKY0Y5d1BLRFNLNjBqMmltVzZLZlJ4MEVWMUl5dlFjIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTQ2MTgyODkxMCJ9", "signature": "ppc-LDglQHdgvwT-4d2Fowo-ZTFAM3juMYFmjmnvJcb9kKcPaDUb1xxvZMMaUxQTTR_aktJGLqj-CNNF8qhL9gYg6nnv8FDfSGBVjy3yas797-bPFv2GXRut-Ki-9Ctbdf_nPbD37ML3zBhfMmiVgybcj2kdEtBVsmHovC6qEL_8M0Kl6ttMjQ_USd_6TSY861ewXgLIYggHLYvgwXT09S6r2JPyX7l4G2I8B-WA9il6L5VH_Ue2AMPWyEmxYrG7INvbtv8_LDP4mPHgf0iviPl-MiEeUJnYjEquTf_DkxNnY3RP-MasUte4S9k4-egVxyze_av0vkogMSv2T61KAw", "payload": "" } 2021-09-29 17:29:32,982:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35461828910 HTTP/1.1" 200 1274 2021-09-29 17:29:32,982:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 17:29:32 GMT Content-Type: application/json Content-Length: 1274 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102bplTFq2p-0hkPfDFT77qF-I15mpwZ-QGCrCeoFtZTnM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "invalid", "expires": "2021-10-06T17:29:30Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/MNuPm9n9P8Aeowp_tUTYoRN1pO861adDXVuarRM1Acs [162.241.217.240]: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eNot Found\u003c/h1\u003e\\n\u003cp\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35461828910/4wy9rQ", "token": "MNuPm9n9P8Aeowp_tUTYoRN1pO861adDXVuarRM1Acs", "validationRecord": [ { "url": "http://chat.waspaa.com/.well-known/acme-challenge/MNuPm9n9P8Aeowp_tUTYoRN1pO861adDXVuarRM1Acs", "hostname": "chat.waspaa.com", "port": "80", "addressesResolved": [ "162.241.217.240" ], "addressUsed": "162.241.217.240" } ], "validated": "2021-09-29T17:29:31Z" } ] } 2021-09-29 17:29:32,983:DEBUG:acme.client:Storing nonce: 0102bplTFq2p-0hkPfDFT77qF-I15mpwZ-QGCrCeoFtZTnM 2021-09-29 17:29:32,983:INFO:certbot._internal.auth_handler:Challenge failed for domain chat.waspaa.com 2021-09-29 17:29:32,983:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-29 17:29:32,983:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems: Domain: chat.waspaa.com Type: unauthorized Detail: Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/MNuPm9n9P8Aeowp_tUTYoRN1pO861adDXVuarRM1Acs [162.241.217.240]: "\n\n404 Not Found\n\n

Not Found

\n sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1285, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 454, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 384, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 434, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-09-29 17:29:34,095:ERROR:certbot._internal.log:Some challenges have failed. 2021-09-29 17:34:06,299:DEBUG:certbot._internal.main:certbot version: 1.19.0 2021-09-29 17:34:06,300:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/local/bin/certbot 2021-09-29 17:34:06,300:DEBUG:certbot._internal.main:Arguments: ['--nginx', '-w', '/var/www/html', '-d', 'chat.waspaa.com'] 2021-09-29 17:34:06,300:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2021-09-29 17:34:06,313:DEBUG:certbot._internal.log:Root logging level set at 30 2021-09-29 17:34:06,317:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx 2021-09-29 17:34:06,583:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: Installer, Authenticator, Plugin Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator Initialized: Prep: True 2021-09-29 17:34:06,583:DEBUG:certbot._internal.plugins.selection:Selected authenticator and installer 2021-09-29 17:34:06,584:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2021-09-29 17:34:06,597:DEBUG:certbot._internal.main:Picked account: ), creation_host='ip-172-31-40-153.ap-southeast-2.compute.internal', register_to_eff=None))> 2021-09-29 17:34:06,598:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2021-09-29 17:34:06,607:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2021-09-29 17:34:07,352:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2021-09-29 17:34:07,353:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 17:34:07 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "dDbrIjJHG3k": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2021-09-29 17:34:07,354:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for chat.waspaa.com 2021-09-29 17:34:07,588:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0017_key-certbot.pem 2021-09-29 17:34:07,591:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0017_csr-certbot.pem 2021-09-29 17:34:07,591:DEBUG:acme.client:Requesting fresh nonce 2021-09-29 17:34:07,592:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2021-09-29 17:34:07,768:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2021-09-29 17:34:07,769:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 17:34:07 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101JYgxm5Uk45d5JRSygxXVpSXsnzdJhz_Dh2Dfu4D6Z94 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2021-09-29 17:34:07,769:DEBUG:acme.client:Storing nonce: 0101JYgxm5Uk45d5JRSygxXVpSXsnzdJhz_Dh2Dfu4D6Z94 2021-09-29 17:34:07,769:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "chat.waspaa.com"\n }\n ]\n}' 2021-09-29 17:34:07,772:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDFKWWd4bTVVazQ1ZDVKUlN5Z3hYVnBTWHNuemRKaHpfRGgyRGZ1NEQ2Wjk0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ", "signature": "l3CMcbyCGjZ-1Nxlwgd091-UbpWOfz2tIJy9vYr8W7Hu9GL2IFiQqV34npHWKKzPWpR34jrIaZQtjiZChjWfpSGm5Xd880TaRTP-kGLQMKEKoOSDo5piFHBU16V-i5gN7AE6J4JOvWOy2I6JT2bQJZ5vA56_S7Jg12YnBfqU8jIpCYrLzDkQb7xG9B6Kaj1Mp0WfI-OjoeGJ8qrQobXYFKgdiL17c7begXZlnyBZB2BH7TFWNjuZV8qeZo_TLm8UpojqeeQh2-daMVYrBOEs9GeVM4AnX76dPpOnYqEx00ZSpqZMKEBBLh-CYnkJz8NcsAoXNKStygnKC8xO7SmZog", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImNoYXQud2FzcGFhLmNvbSIKICAgIH0KICBdCn0" } 2021-09-29 17:34:08,104:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 338 2021-09-29 17:34:08,105:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Wed, 29 Sep 2021 17:34:08 GMT Content-Type: application/json Content-Length: 338 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/217949130/28129833030 Replay-Nonce: 0102p7muDTDCBuRobLnPgbuTGisZAvIu0Qo8F-k0xWO0asE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2021-10-06T17:34:08Z", "identifiers": [ { "type": "dns", "value": "chat.waspaa.com" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/35462726590" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/217949130/28129833030" } 2021-09-29 17:34:08,105:DEBUG:acme.client:Storing nonce: 0102p7muDTDCBuRobLnPgbuTGisZAvIu0Qo8F-k0xWO0asE 2021-09-29 17:34:08,105:DEBUG:acme.client:JWS payload: b'' 2021-09-29 17:34:08,106:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35462726590: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJwN211RFREQ0J1Um9iTG5QZ2J1VEdpc1pBdkl1MFFvOEYtazB4V08wYXNFIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTQ2MjcyNjU5MCJ9", "signature": "SWHUKyEK87PsRj9acqExz1MEdzourh2Sb-TEjGs1kJVAWi2enHdZuDz4VqcY2033As8nqvKzRbjiYBUmY2wGxJKj_GeqNFBdoZfSOJcKXoGmlOnPmpu7E5BpHSzc5x6QutYrIs0dypgzbC3hlczDzLU1Srl8a4eGsWb_r2Jls1JwwUQ99yIJdF8d-5hvl7ck2COnqcza1MzMuEYFCQHAjm5ixdfAJDTPafVcp2fZcIUvb9sftOU9ysdqlUo7tSw29ARerQJ9C3eeqHxKezoeV80FUgbPRrdkgm9B-n8Rn5i6IfwWknv2rVfO9ASlcaKxFWqpSI4pkEpKSdQP0ChFMQ", "payload": "" } 2021-09-29 17:34:08,312:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35462726590 HTTP/1.1" 200 796 2021-09-29 17:34:08,312:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 17:34:08 GMT Content-Type: application/json Content-Length: 796 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0102cDHjCNclTSqniVR1geMYFqCrLM0yxoajSgV8pwAxOCM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "pending", "expires": "2021-10-06T17:34:08Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35462726590/vsnfaw", "token": "ewS7WLkSh1-w5QHKkc9KZ9YAt6MYHRx7dpgK0zByniI" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35462726590/f89tbw", "token": "ewS7WLkSh1-w5QHKkc9KZ9YAt6MYHRx7dpgK0zByniI" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35462726590/_4t8vw", "token": "ewS7WLkSh1-w5QHKkc9KZ9YAt6MYHRx7dpgK0zByniI" } ] } 2021-09-29 17:34:08,312:DEBUG:acme.client:Storing nonce: 0102cDHjCNclTSqniVR1geMYFqCrLM0yxoajSgV8pwAxOCM 2021-09-29 17:34:08,313:INFO:certbot._internal.auth_handler:Performing the following challenges: 2021-09-29 17:34:08,313:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-29 17:34:08,322:DEBUG:certbot_nginx._internal.http_01:Generated server block: [] 2021-09-29 17:34:08,323:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types 2021-09-29 17:34:08,323:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf 2021-09-29 17:34:08,323:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf 2021-09-29 17:34:08,323:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf 2021-09-29 17:34:08,323:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf 2021-09-29 17:34:08,324:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf 2021-09-29 17:34:08,325:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/default 2021-09-29 17:34:08,326:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf: user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { include /etc/letsencrypt/le_http_01_cert_challenge.conf; server_names_hash_bucket_size 128; ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #} 2021-09-29 17:34:08,328:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/default: ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot listen 80 default_server; listen [::]:80 default_server; # SSL configuration # # listen 443 ssl default_server; # listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/html; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; server_name chat.waspaa.com; location ^~ /.well-known { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. #try_files $uri $uri/ =404; root /usr/share/nginx/html; } location / { return 418; } # pass PHP scripts to FastCGI server # #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} location = /.well-known/acme-challenge/ewS7WLkSh1-w5QHKkc9KZ9YAt6MYHRx7dpgK0zByniI{default_type text/plain;return 200 ewS7WLkSh1-w5QHKkc9KZ9YAt6MYHRx7dpgK0zByniI.hM7dzhwApZf7ljiWUXuEkPQbAIYgz8h8LX33rC8U8yY;} # managed by Certbot } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} 2021-09-29 17:34:09,355:DEBUG:acme.client:JWS payload: b'{}' 2021-09-29 17:34:09,356:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/35462726590/vsnfaw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDJjREhqQ05jbFRTcW5pVlIxZ2VNWUZxQ3JMTTB5eG9halNnVjhwd0F4T0NNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8zNTQ2MjcyNjU5MC92c25mYXcifQ", "signature": "hTtDtUJd-95w26UEe2Fy6LEiNbBJrissqpi-rKKk93SKNkFYrZockEthmJmnt4keFcz74FK38R0IvWTXyGkaJLS2VycIzwUVxIe10rwdPFhsCBwWApc0aHeIo1TlNQl9VAmigQkdXKCyfJidh5_xOR8cELwE_bEtCEG-ivR4PbOJFhjRKKlhl2lK2Kl3FHHj1aWnjnoFidhdWIm1XVbvvS8YgPtLteAi2LQDVUlYHkHv60tbHw1-PN8JtaiBvsDKrSgRz6bcOJbUhddJ7zEneBWTVGxNch0Bb5HOwnP0Y9ig5RquMhic3LtyxnzY4LZNHtDgd9DwWBj7f6htPFlKOA", "payload": "e30" } 2021-09-29 17:34:09,584:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/35462726590/vsnfaw HTTP/1.1" 200 186 2021-09-29 17:34:09,585:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 17:34:09 GMT Content-Type: application/json Content-Length: 186 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/35462726590/vsnfaw Replay-Nonce: 0101KQqesjByiTxU0MpHS2KJ6op6wIEtgUg9doGKGUzvABE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35462726590/vsnfaw", "token": "ewS7WLkSh1-w5QHKkc9KZ9YAt6MYHRx7dpgK0zByniI" } 2021-09-29 17:34:09,585:DEBUG:acme.client:Storing nonce: 0101KQqesjByiTxU0MpHS2KJ6op6wIEtgUg9doGKGUzvABE 2021-09-29 17:34:09,585:INFO:certbot._internal.auth_handler:Waiting for verification... 2021-09-29 17:34:10,587:DEBUG:acme.client:JWS payload: b'' 2021-09-29 17:34:10,588:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/35462726590: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMjE3OTQ5MTMwIiwgIm5vbmNlIjogIjAxMDFLUXFlc2pCeWlUeFUwTXBIUzJLSjZvcDZ3SUV0Z1VnOWRvR0tHVXp2QUJFIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8zNTQ2MjcyNjU5MCJ9", "signature": "RJN4othhF7CttqeseJCTa-i3ghK9CpeRJ3IMnCTPeg4O5gcxHUrNxklDqeWjoZczdGAIDjR1THUzMSfowGpbAVGti0B4Wd8ih6oJehQoQtHqBk5MXYxiGrxmHlXnvAEB9GImxiVQpKxExb-SAf7AKfXfuCaiVxM-4KTjZ6hbPx-T6mwJHi7R_GBwlpx8JrqFvlVZs3jNzGSVcxOGqr6k_xnaJV2zdChpINR0GGz-gVEWm2XQ9hhAA-5VK4a0ooh-lW7e5GyCaFmbMBsS6SCEndA7pVtiCzc2oDtEFhyX1hQ5qJXdFV4nu1mWte2UFErz_MEAJMNZLq_qvz85RCX0_w", "payload": "" } 2021-09-29 17:34:10,795:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/35462726590 HTTP/1.1" 200 1274 2021-09-29 17:34:10,795:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Wed, 29 Sep 2021 17:34:10 GMT Content-Type: application/json Content-Length: 1274 Connection: keep-alive Boulder-Requester: 217949130 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0101azihujkW3LQW0XMh9AYQ7s91tZbP3_GoK0wYJKFRMfA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "chat.waspaa.com" }, "status": "invalid", "expires": "2021-10-06T17:34:08Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/ewS7WLkSh1-w5QHKkc9KZ9YAt6MYHRx7dpgK0zByniI [162.241.217.240]: \"\u003c!DOCTYPE HTML PUBLIC \\\"-//IETF//DTD HTML 2.0//EN\\\"\u003e\\n\u003chtml\u003e\u003chead\u003e\\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\\n\u003c/head\u003e\u003cbody\u003e\\n\u003ch1\u003eNot Found\u003c/h1\u003e\\n\u003cp\"", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/35462726590/vsnfaw", "token": "ewS7WLkSh1-w5QHKkc9KZ9YAt6MYHRx7dpgK0zByniI", "validationRecord": [ { "url": "http://chat.waspaa.com/.well-known/acme-challenge/ewS7WLkSh1-w5QHKkc9KZ9YAt6MYHRx7dpgK0zByniI", "hostname": "chat.waspaa.com", "port": "80", "addressesResolved": [ "162.241.217.240" ], "addressUsed": "162.241.217.240" } ], "validated": "2021-09-29T17:34:09Z" } ] } 2021-09-29 17:34:10,796:DEBUG:acme.client:Storing nonce: 0101azihujkW3LQW0XMh9AYQ7s91tZbP3_GoK0wYJKFRMfA 2021-09-29 17:34:10,796:INFO:certbot._internal.auth_handler:Challenge failed for domain chat.waspaa.com 2021-09-29 17:34:10,796:INFO:certbot._internal.auth_handler:http-01 challenge for chat.waspaa.com 2021-09-29 17:34:10,796:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems: Domain: chat.waspaa.com Type: unauthorized Detail: Invalid response from http://chat.waspaa.com/.well-known/acme-challenge/ewS7WLkSh1-w5QHKkc9KZ9YAt6MYHRx7dpgK0zByniI [162.241.217.240]: "\n\n404 Not Found\n\n

Not Found

\n sys.exit(main()) File "/usr/local/lib/python3.8/dist-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1572, in main return config.func(config, plugins) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 1285, in run new_lineage = _get_and_save_cert(le_client, config, domains, File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 454, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 384, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/client.py", line 434, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/usr/local/lib/python3.8/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed. 2021-09-29 17:34:11,897:ERROR:certbot._internal.log:Some challenges have failed.