Question
Let's Encrypt Auto Renew Fails
I followed this tutorial:
https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-14-04
I got to the part where the command is ./letsencrypt-auto
and it returns this:
Failed authorization procedure. example.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://example.com/.well-known/acme-challenge/QPUDzybZszvcrjQ1a7ShzMHBbiq8pYCmbN1y8p_K5Dw [server_ip]: 404, www.example.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.example.com/.well-known/acme-challenge/VtyUCMvp2hX_80e-x84T-X8Be94xPiPiPsBxbj_pP04 [server_ip]: 404
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: example.com
Type: unauthorized
Detail: Invalid response from http://example.com/.well-known
/acme-challenge/QPUDzybZszvcrjQ1a7ShzMHBbiq8pYCmbN1y8p_K5Dw
[server_ip]: 404
Domain: www.example.com
Type: unauthorized
Detail: Invalid response from http://www.example.com/.well-
known/acme-challenge/VtyUCMvp2hX_80e-x84T-X8Be94xPiPiPsBxbj_pP04
[server_ip]: 404
The site redirects to https automatically using nginx config, and this error is returned whenever i run the renewal command.
The directory .well-known exists on the server, even in the browser it returns 404, which I don’t know why.
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×
Looks like you did not change the configuration as it has example.com ?
I think you may have missed the “Create a Let’s Encrypt Configuration File” steps with the config file. It has example.com but you have to change it for your domain values (and subdomains also have to reside in there, if you wish https for them too).
PS. it’s not supposed to be able to run via your browser, so do not change it so you can :)
It’s hard to help without more information. Could you share your configuration and the actual command you are calling? A 404 suggests that your acme-challenge is unreachable. Make sure that you updated the path to your webroot when running the renewal command.
Replace
/usr/share/nginx/html
with where your files are located, e.g./var/www/html