Let's Encrypt renewal failing: unauthorized invalid response

Posted June 7, 2020 1.4k views
Let's Encrypt

Hi, I’m admittedly not super technical. I was following the instructions for renewing our Let’s Encrypt SSL cert (which has expired) for a Passbolt droplet and I’m getting the error below:

Any recommendations? These are my current DNS settings:

The IP address is correctly specified. Is it failing because there’s no way to connect via SSL? If so seems like an inherent catch-22 and I’m not sure how to resolve. This instance has all passwords for all the .orgs we support so we’re dead in the water until I figure out how to renew. thanks for any suggestions

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
2 answers
Show answer This answer has been marked as resolved by sean256979.

Hey @sean256979,

From what I understand - you are trying to renew an SSL certificate for a droplet, meaning you are trying to get your droplet to work with HTTPS. I don’t know your current configuration but I can suggest one possible and well-known solution to the problem you are having:

-Issue a stand-alone certificate and put it in your certificates’ directory.

-Mount the certificates’ directory onto a docker container. - Youtube - Medium(Better explanation)

-Connect your droplet needing the SSL certificate to the directory with the certificate.

Best of luck and feel free to continue the thread!

Best regards,

by Brian Boucheron
Certbot offers a variety of ways to validate your domain, fetch certificates, and automatically configure Apache and Nginx. In this tutorial, we'll discuss Certbot's standalone mode and how to use it to secure other types of services, such as a mail server or a message broker like RabbitMQ.
  • Thanks for your suggestion. I actually got it worked out two days ago via the help of a buddy (see my response above). Solution involved reinstalling all the certbot dependencies and the renewal command worked after we did that. Not sure which dependency specifically was the problematic one but that solved it. Thx for your help