Problems with Certbot

eddierm · June 5, 2021, 2:51am

Hi again!

My system was working OK after upgrading to dietpi version 7.2.3 but recently I noticed my server Certificate did not renew. Today my certificate expired and I have been trying to renew it without success.

Finally I deleted my certificate ussing the command:

certbot delete --cert-name MyDomain

After that, I tryed to make a new certificate for my server using dietpi-letsencrypt. But I receive the same error message every time.

Here is what I see:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for archivos.mydomain
http-01 challenge for blog.mydomain
http-01 challenge for calendario.mydomain
http-01 challenge for notas.mydomain
http-01 challenge for www.mydomain
http-01 challenge for mydomain
Using the webroot path /var/www for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. archivos.mydomain (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://archivos.mydomain/.well-known/acme-challenge/C6ezUsaMd0PC2fd_UfcuPSMHA3uqhLcjEswdafOuDgY [186.85.XXX.XXX]: "<?xml version=\"1.0\" encoding=\"iso-8859-1\"?>\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n         \"http://www."

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: archivos.mydomain
   Type:   unauthorized
   Detail: Invalid response from
   https://archivos.[i]mydomain[/i]/.well-known/acme-challenge/C6ezUsaMd0PC2fd_UfcuPSMHA3uqhLcjEswdafOuDgY
   [186.85.XXX.XXX]: "<?xml version=\"1.0\"
   encoding=\"iso-8859-1\"?>\n<!DOCTYPE html PUBLIC \"-//W3C//DTD
   XHTML 1.0 Transitional//EN\"\n         \"http://www."

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.
[FAILED] DietPi-LetsEncrypt | Certbot failed, please check its above terminal output. Aborting...

Press any key to return to the DietPi-LetsEncrypt menu ...

(I have changed my domain name and anonimized my IP address…)

Just for your information, my subdomains “archivos” and “notas” are webdav password protected directories and I am usin Lighttpd as webserver…

Thanks for your help!

Joulinar · June 5, 2021, 6:57am

Hi,

I guess the issue is with the password protected sub domain as letsencrypt is trying to access it to verify your domain.