nginx-certbot
nginx-certbot copied to clipboard
wmnnd
Init script produces this error (some challenges failed)
Downloading recommended TLS parameters ...
Creating dummy certificate for example.org ...
Creating network "nginx-certbot_default" with the default driver Creating nginx-certbot_certbot_run ... done Generating a RSA private key ............++++ ..............++++ writing new private key to '/etc/letsencrypt/live/example.org/privkey.pem'
Starting nginx ...
Pulling nginx (nginx:1.15-alpine)... 1.15-alpine: Pulling from library/nginx e7c96db7181b: Pull complete 264026bbe255: Pull complete a71634c55d29: Pull complete 5595887beb81: Pull complete Digest: sha256:57a226fb6ab6823027c0704a9346a890ffb0cacde06bc19bbc234c8720673555 Status: Downloaded newer image for nginx:1.15-alpine Creating nginx-certbot_nginx_1 ... done
Deleting dummy certificate for example.org ...
Creating nginx-certbot_certbot_run ... done
Requesting Let's Encrypt certificate for example.org ...
Creating nginx-certbot_certbot_run ... done Saving debug log to /var/log/letsencrypt/letsencrypt.log Account registered. Requesting a certificate for example.org and www.example.org
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems: Domain: example.org Type: unauthorized Detail: Invalid response from http://example.org/.well-known/acme-challenge/Pl57GIKuPyt6FVUJ8fLfXk1-pr0zUJCU30IBQlTG2Zo [2606:2800:220:1:248:1893:25c8:1946]: "<!doctype html>\n\n
\nDomain: www.example.org Type: unauthorized Detail: Invalid response from http://www.example.org/.well-known/acme-challenge/jMjE5k5MYuepQFvfiHuKK42Qnh-LczBCHYxa3d2ubds [2606:2800:220:1:248:1893:25c8:1946]: "<!doctype html>\n\n
\nHint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.
Some challenges have failed. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
Reloading nginx ...
2021/07/30 19:27:40 [emerg] 10#10: cannot load certificate "/etc/letsencrypt/live/example.org/fullchain.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/example.org/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file) nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/example.org/fullchain.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/example.org/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)
You didn't update the certificate paths in your app.conf file with your own domain (it still reads as example.org in your error output).
I had the same ...duh moment for about an hour before figuring out I hadn't done this.
Try chown -R www-data:www-data "$data_path/conf/live" and rerun init-letsencrypt.sh
