Hello, I’m trying to set up Let’s crypt SSL certificate on a server running Apache following this tutorial for the domain clinicapragma.com.br. I follow everything to the risk, but when I run sudo certbot renew --dry-run, I receive an output with the following errors:
Attempting to renew cert (yourdomain.com.br) from /etc/letsencrypt/renewal/yourdomain.com.br.conf produced an unexpected error: Failed authorization procedure. www.yourdomain.com.br (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.yourdomain.com.br/.well-known/acme-challenge/uCyqlVSFmcCpFWcBQ0HWF-ilE8ReqpVgKvV6TGDhjgM [45.55.150.150]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p". Skipping.
(...)
The following certs could not be renewed:
/etc/letsencrypt/live/yourdomain.com.br/fullchain.pem (failure)
I’m a newbie and I’m having a hard time figuring out how to solve this problem. Could someone please help me?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hello, @renatov
Can you please confirm if the fullchain file is present: /etc/letsencrypt/live/yourdomain.com.br/fullchain.pem
Also I will suggest to check our latest tutorial for Ubuntu 18.04:
Looking forward to your reply.
Regards, Alex
Hello @alexdo
Thank you for your reply. I think the file you mentioned is present, but it’s seems to be a link to another file:
$ sudo ls -l /etc/letsencrypt/live/clinicapragma.com.br/
total 4
lrwxrwxrwx 1 root root 44 Dec 2 00:30 cert.pem -> ../../archive/clinicapragma.com.br/cert2.pem
lrwxrwxrwx 1 root root 45 Dec 2 00:30 chain.pem -> ../../archive/clinicapragma.com.br/chain2.pem
lrwxrwxrwx 1 root root 49 Dec 2 00:30 fullchain.pem -> ../../archive/clinicapragma.com.br/fullchain2.pem
lrwxrwxrwx 1 root root 47 Dec 2 00:30 privkey.pem -> ../../archive/clinicapragma.com.br/privkey2.pem
-rw-r--r-- 1 root root 692 Dec 2 00:30 README
By the way, it only has read access as root. Is everything the way it should be? Concerning the tutorial you mentioned, I must stick with Ubuntu 14.04 until 04/2020. I can’t afford to install and configure the whole server just now, but I’m scheduling to do it when Ubuntu 20.04 LTS is out. I’d like to keep going with Ubuntu 14.04 until then. Everything is working just fine, I just need to provide a HTTPS to this domain and everything is running ok.
Hello, @renatov
This looks okay from what I can see. Let’s encrypt creates those symlinks so it’s fine.
You can also check if the yourdomain.com.br/.well-known/acme-challenge directory is present and if it has sufficient permissions (both .well-known and acme-challenge are 755)
Let me know how it goes.
Regards, Alex
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.