certbot/www is empty after running the script
vlio20 opened this issue · comments
Vlad Ioffe commented
Hi,
When running the script all goes well but the challenges are failing with the following error:
### Requesting Let's Encrypt certificate for mysite.io ...
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mysite.io
Using the webroot path /var/www/certbot for all unmatched domains.
Waiting for verification...
Challenge failed for domain mysite.io
http-01 challenge for mysite.io
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: mysite.io
Type: unauthorized
Detail: Invalid response from
http://mysite.io/.well-known/acme-challenge/BcjIBO_5jNqGIj3aujUEILwPr916CXY4QCsVI6Mnaf0
[ip.ip.ip.ip]: "<html>\r\n<head><title>404 Not
Found</title></head>\r\n<body>\r\n<center><h1>404 Not
Found</h1></center>\r\n<hr><center>nginx</center>\r\n"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
This is my nginx.conf (notice that I am using load balancer):
events {}
http {
upstream app {
server app1:8080;
server app2:8080;
}
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml;
server {
listen 80;
server_name mysite.io;
server_tokens off;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name mysite.io;
server_tokens off;
ssl_certificate /etc/letsencrypt/live/mysite.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mysite.io/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location = / {
return 302 /Mysite;
}
location / {
proxy_pass http://app;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
}
When taking a look into /var/www/certbot there are no files there.
Any idea why it happens?
Vlad Ioffe commented
fixed: more details here
https://community.letsencrypt.org/t/challenge-failed-for-domain/129056