Related
Join 1M+ other developers and:
- Get help and share knowledge in Q&A
- Subscribe to topics of interest
- Get courses & tools that help you grow as a developer or small business owner
Question
Question
Question
invalid response 404 acme challenge certbot
hi
I have a nginx docker that I use as reverse proxy. I been trying to auto renew my certs lately and followed this blog to do so. I had my certs working before but now they are not working.
My domain is:
1040nra.com
I ran this command:
certbot certonly –webroot -w /var/www/certbot -d 1040nra.com
It produced this output:
*Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for 1040nra.com
http-01 challenge for www.1040nra.com
Using the webroot path /var/www/certbot for all unmatched domains.
Waiting for verification…
Challenge failed for domain 1040nra.com
Challenge failed for domain www.1040nra.com
http-01 challenge for 1040nra.com
http-01 challenge for www.1040nra.com
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
The following errors were reported by the server:
Domain: 1040nra.com
Type: unauthorized
Detail: Invalid response from
http://1040nra.com/.well-known/acme-challenge/NX6nmGvCUpg5L_c_hGePFu6ffuu2wn6MJ2CWHsg3PSw
[167.99.107.175]: “\r\n404 Not
Found\r\n\r\n
404 Not
Found
\r\n
nginx/1.15.12</c”
Domain: www.1040nra.com
Type: unauthorized
Detail: Invalid response from
http://www.1040nra.com/.well-known/acme-challenge/UFJgtKNI2FZtJne5GGnEFeuYfMS8qVF_UlPTJpBOb9s
[167.99.107.175]: "\r\n404 Not
404 Not
nginx/1.15.12
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.*
My web server is (include version): spring boot [tomcat]
The operating system my web server runs on is (include version): ubuntu 18.04
My hosting provider, if applicable, is: digital ocean
I can login to a root shell on my machine (yes or no, or I don’t know):yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot –version or certbot-auto –version if you’re using Certbot):
Nginx.conf
server {
listen 80;
server_name 1040nra.com;
server_tokens off;
location /.well-known/acme-challenge/ {
allow all;
root /var/www/certbot;
}
return 301 https://www.1040nra.com$request_uri;
}
server {
listen 443 ssl;
server_name 1040nra.com;
ssl_certificate /etc/letsencrypt/live/1040nra.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/1040nra.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
proxy_pass http://1040nra.com;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
Docker compose
nginx:
image: nginx:1.15-alpine
volumes:
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
ports:
- 80:80
- 443:443
depends_on:
- keycloak
- dt-app
links:
- keycloak
- dt-app
command: “/bin/sh -c ‘while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g “daemon off;”’”
certbot:
image: certbot/certbot
restart: unless-stopped
volumes:
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
entrypoint: “/bin/sh -c ‘trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;’”
Related
Join 1M+ other developers and:
- Get help and share knowledge in Q&A
- Subscribe to topics of interest
- Get courses & tools that help you grow as a developer or small business owner
Question
Question
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×