Page MenuHomeDevCentral

Current nginx configuration on Dwellers forbid social.nasqueron.org acme renewal
Closed, ResolvedPublic

Description

Error

Dwellers
$ letsencrypt renew

 - The following errors were reported by the server:

   Domain: social.nasqueron.org
   Type:   unauthorized
   Detail: Invalid response from
   http://social.nasqueron.org/.well-known/acme-challenge/HNU0jQnNnz-qpX_c6pc4T5HwOJW2liK22SoRjxgG2mk
   [2001:470:1f13:ce7:ca5:cade:fab:1e]: 404

Nginx configuration

/etc/nginx/nginx.conf
server {
    listen 80;
    listen [::]:80;
    server_name social.nasqueron.org;

    include letsencrypt;

    return 301 https://social.nasqueron.org$request_uri;
}

server {
    server_name social.nasqueron.org;

    #
    # TLS terminaison
    #

    include ssl_params;

    …

served only on :80, but Let's encrypt service queries server in :443 too by defualt.

Event Timeline

dereckson updated the task description. (Show Details)

include letsencrypt; added too in SSL block.

$ letsencrypt renew
-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/social.nasqueron.org.conf
-------------------------------------------------------------------------------
Cert is due for renewal, auto-renewing...
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for social.nasqueron.org
Waiting for verification...
Cleaning up challenges
Unable to clean up challenge directory /www/.well-known/acme-challenge
Generating key (2048 bits): /etc/letsencrypt/keys/0085_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0085_csr-certbot.pem