By lnxdrk
As I was following thought the tutorial (https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-20-04) I get stuck on the step 4, I get this:
Challenge failed for domain katze-community.com Challenge failed for domain www.katze-community.com http-01 challenge for katze-community.com http-01 challenge for www.katze-community.com Cleaning up challenges Some challenges have failed.
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: katze-community.com Type: unauthorized Detail: Invalid response from http://katze-community.com/.well-known/acme-challenge/PxznC7398ZGJAx7YhKH2Zw8EkH_RkYfrrKM0ov8Sf0c [68.183.26.17]: “<!DOCTYPE html>\n<html lang="en">\n <head>\n <meta charset="utf-8"/>\n \n <base href”
Domain: www.katze-community.com Type: unauthorized Detail: Invalid response from http://www.katze-community.com/.well-known/acme-challenge/uytLzPYP_Sl6H9TnTSjKtjFof7BDopPu0a0cIwDys9Q [68.183.26.17]: “<!DOCTYPE html>\n<html lang="en">\n <head>\n <meta charset="utf-8"/>\n \n <base href”
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
I already check for the DNS A and I get the correct ip and also with the AAAA, but I can’t make it work, I waited maybe a day, it seems that it doesn’t help, I even use “ufw disable” just to check if the firewall is not blocking something, but It keeps the same.
I checked the logs on /var/log/letsencrypt/lestencrypt.log, but it seems to be the same, I tried to use “root /home/KatzeCommunity/proyect-KC/;” and “root /var/www/html” in the /etc/nginx/sites-available/default, but it doesn’t work in any case.
Not only that, but I tried to use these on the same document:
location /.well-known/acme-challenge/ {
try_files $uri = 404;
root /var/www/html;
}
location /.well-known {
allow all;
}
And I seem that certbot can get the.well-known/acme-challenge/… neither.
And the last thing I tried was using the “Add certificate” option in the Security Tab under the Settings panel on my digital ocean account, but it doesn’t let me use the https on my website (I tried this first the first time I tried to get SSL on my website).
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
The solution to this issue for me was to add the following lines to my Nginx configuration server block:
listen 80;
listen [::]:80;
It turns out Nginx defaults to “listen *:80;” if no listen directive is present. This means Nginx by default ignores IPv6 requests. Certbot uses IPv6 for the challenge, so it fails.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.