Question

Unable to renew SSL Certificate

Posted December 31, 2020 215 views
Ubuntu 20.04

Hello, I just want to renew my certificate because it has expired and my website shows an 526 error.

I have used the command:

sudo certbot renew

and give this error:

Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/ramonsaudioworld.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for ramonsaudioworld.com
http-01 challenge for www.ramonsaudioworld.com
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (ramonsaudioworld.com) from /etc/letsencrypt/renewal/ramonsaudioworld.com.conf produced an unexpected error: Failed authorization procedure. ramonsaudioworld.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://ramonsaudioworld.com/.well-known/acme-challenge/sPcDfo4oEHIKUtY_WJLqBl1sn2CJCQyRUjttn4Y3Iqs [2606:4700:3031::6812:2714]: "<!DOCTYPE html>\n<!--[if lt IE 7]> <html class=\"no-js ie6 oldie\" lang=\"en-US\"> <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js ", www.ramonsaudioworld.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://www.ramonsaudioworld.com/.well-known/acme-challenge/vM_k7J41BagPhEJ9rKjDJWR7bPZG6UYUterZNJmxS_8 [2606:4700:3031::6812:2714]: "<!DOCTYPE html>\n<!--[if lt IE 7]> <html class=\"no-js ie6 oldie\" lang=\"en-US\"> <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js ". Skipping.
All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/ramonsaudioworld.com/fullchain.pem (failure)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/ramonsaudioworld.com/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: ramonsaudioworld.com
   Type:   unauthorized
   Detail: Invalid response from
   https://ramonsaudioworld.com/.well-known/acme-challenge/sPcDfo4oEHIKUtY_WJLqBl1sn2CJCQyRUjttn4Y3Iqs
   [2606:4700:3031::6812:2714]: "<!DOCTYPE html>\n<!--[if lt IE 7]>
   <html class=\"no-js ie6 oldie\" lang=\"en-US\">
   <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js "

   Domain: www.ramonsaudioworld.com
   Type:   unauthorized
   Detail: Invalid response from
   https://www.ramonsaudioworld.com/.well-known/acme-challenge/vM_k7J41BagPhEJ9rKjDJWR7bPZG6UYUterZNJmxS_8
   [2606:4700:3031::6812:2714]: "<!DOCTYPE html>\n<!--[if lt IE 7]>
   <html class=\"no-js ie6 oldie\" lang=\"en-US\">
   <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js "

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

Than I used

sudo certbot renew --dry-run

and got

Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/ramonsaudioworld.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for ramonsaudioworld.com
http-01 challenge for www.ramonsaudioworld.com
Waiting for verification...
Cleaning up challenges
Attempting to renew cert (ramonsaudioworld.com) from /etc/letsencrypt/renewal/ramonsaudioworld.com.conf produced an unexpected error: Failed authorization procedure. www.ramonsaudioworld.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://www.ramonsaudioworld.com/.well-known/acme-challenge/ODSDgdLGV0IwmysSWu2Ew3sykqH2KXCDm-WN_9GxH4o [2606:4700:3034::6812:2614]: "<!DOCTYPE html>\n<!--[if lt IE 7]> <html class=\"no-js ie6 oldie\" lang=\"en-US\"> <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js ", ramonsaudioworld.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://ramonsaudioworld.com/.well-known/acme-challenge/LrgE7yw2BO_4PeQp1FCaXhV3Rulbsre0gCm0eAUrabU [2606:4700:3034::6812:2614]: "<!DOCTYPE html>\n<!--[if lt IE 7]> <html class=\"no-js ie6 oldie\" lang=\"en-US\"> <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js ". Skipping.
All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/ramonsaudioworld.com/fullchain.pem (failure)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates below have not been saved.)

All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/ramonsaudioworld.com/fullchain.pem (failure)
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates above have not been saved.)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: www.ramonsaudioworld.com
   Type:   unauthorized
   Detail: Invalid response from
   https://www.ramonsaudioworld.com/.well-known/acme-challenge/ODSDgdLGV0IwmysSWu2Ew3sykqH2KXCDm-WN_9GxH4o
   [2606:4700:3034::6812:2614]: "<!DOCTYPE html>\n<!--[if lt IE 7]>
   <html class=\"no-js ie6 oldie\" lang=\"en-US\">
   <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js "

   Domain: ramonsaudioworld.com
   Type:   unauthorized
   Detail: Invalid response from
   https://ramonsaudioworld.com/.well-known/acme-challenge/LrgE7yw2BO_4PeQp1FCaXhV3Rulbsre0gCm0eAUrabU
   [2606:4700:3034::6812:2614]: "<!DOCTYPE html>\n<!--[if lt IE 7]>
   <html class=\"no-js ie6 oldie\" lang=\"en-US\">
   <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js "

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

Can you help me please? My website is down. I have the DNS records on Cloudflare and I just configured some certificate but I don’t know if its correct.

https://imgur.com/XQyX6T4

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hi,

Your website is working well now. The certificate expires in April. It looks like you fixed it by yourself.

Submit an Answer