Question

Unable to renew SSL Certificate

Hello, I just want to renew my certificate because it has expired and my website shows an 526 error.

I have used the command:

sudo certbot renew

and give this error:

Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/ramonsaudioworld.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for ramonsaudioworld.com
http-01 challenge for www.ramonsaudioworld.com
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (ramonsaudioworld.com) from /etc/letsencrypt/renewal/ramonsaudioworld.com.conf produced an unexpected error: Failed authorization procedure. ramonsaudioworld.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://ramonsaudioworld.com/.well-known/acme-challenge/sPcDfo4oEHIKUtY_WJLqBl1sn2CJCQyRUjttn4Y3Iqs [2606:4700:3031::6812:2714]: "<!DOCTYPE html>\n<!--[if lt IE 7]> <html class=\"no-js ie6 oldie\" lang=\"en-US\"> <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js ", www.ramonsaudioworld.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://www.ramonsaudioworld.com/.well-known/acme-challenge/vM_k7J41BagPhEJ9rKjDJWR7bPZG6UYUterZNJmxS_8 [2606:4700:3031::6812:2714]: "<!DOCTYPE html>\n<!--[if lt IE 7]> <html class=\"no-js ie6 oldie\" lang=\"en-US\"> <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js ". Skipping.
All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/ramonsaudioworld.com/fullchain.pem (failure)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/ramonsaudioworld.com/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: ramonsaudioworld.com
   Type:   unauthorized
   Detail: Invalid response from
   https://ramonsaudioworld.com/.well-known/acme-challenge/sPcDfo4oEHIKUtY_WJLqBl1sn2CJCQyRUjttn4Y3Iqs
   [2606:4700:3031::6812:2714]: "<!DOCTYPE html>\n<!--[if lt IE 7]>
   <html class=\"no-js ie6 oldie\" lang=\"en-US\">
   <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js "

   Domain: www.ramonsaudioworld.com
   Type:   unauthorized
   Detail: Invalid response from
   https://www.ramonsaudioworld.com/.well-known/acme-challenge/vM_k7J41BagPhEJ9rKjDJWR7bPZG6UYUterZNJmxS_8
   [2606:4700:3031::6812:2714]: "<!DOCTYPE html>\n<!--[if lt IE 7]>
   <html class=\"no-js ie6 oldie\" lang=\"en-US\">
   <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js "

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

Than I used

sudo certbot renew --dry-run

and got

Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/ramonsaudioworld.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for ramonsaudioworld.com
http-01 challenge for www.ramonsaudioworld.com
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (ramonsaudioworld.com) from /etc/letsencrypt/renewal/ramonsaudioworld.com.conf produced an unexpected error: Failed authorization procedure. www.ramonsaudioworld.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://www.ramonsaudioworld.com/.well-known/acme-challenge/ODSDgdLGV0IwmysSWu2Ew3sykqH2KXCDm-WN_9GxH4o [2606:4700:3034::6812:2614]: "<!DOCTYPE html>\n<!--[if lt IE 7]> <html class=\"no-js ie6 oldie\" lang=\"en-US\"> <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js ", ramonsaudioworld.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://ramonsaudioworld.com/.well-known/acme-challenge/LrgE7yw2BO_4PeQp1FCaXhV3Rulbsre0gCm0eAUrabU [2606:4700:3034::6812:2614]: "<!DOCTYPE html>\n<!--[if lt IE 7]> <html class=\"no-js ie6 oldie\" lang=\"en-US\"> <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js ". Skipping.
All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/ramonsaudioworld.com/fullchain.pem (failure)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates below have not been saved.)

All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/ramonsaudioworld.com/fullchain.pem (failure)
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates above have not been saved.)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: www.ramonsaudioworld.com
   Type:   unauthorized
   Detail: Invalid response from
   https://www.ramonsaudioworld.com/.well-known/acme-challenge/ODSDgdLGV0IwmysSWu2Ew3sykqH2KXCDm-WN_9GxH4o
   [2606:4700:3034::6812:2614]: "<!DOCTYPE html>\n<!--[if lt IE 7]>
   <html class=\"no-js ie6 oldie\" lang=\"en-US\">
   <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js "

   Domain: ramonsaudioworld.com
   Type:   unauthorized
   Detail: Invalid response from
   https://ramonsaudioworld.com/.well-known/acme-challenge/LrgE7yw2BO_4PeQp1FCaXhV3Rulbsre0gCm0eAUrabU
   [2606:4700:3034::6812:2614]: "<!DOCTYPE html>\n<!--[if lt IE 7]>
   <html class=\"no-js ie6 oldie\" lang=\"en-US\">
   <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js "

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

Can you help me please? My website is down. I have the DNS records on Cloudflare and I just configured some certificate but I don’t know if its correct.

https://imgur.com/XQyX6T4

Subscribe
Share

How did you fix this issue? I am also struggling with the same problem.


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hi,

Your website is working well now. The certificate expires in April. It looks like you fixed it by yourself.