System configuration notes:
Nextcloud version (eg, 12.0.2) : 16.0.3
Operating system and version (eg, Ubuntu 17.04) : Raspbian GNU/Linux 10 (buster)
Apache or nginx version (eg, Apache 2.4.25) : nginx/1.14.2
PHP version (eg, 7.1) : 7.3
The issue you are facing:
Unfortunately I have some problems with the automated renewal of Let’s Encrypt certificates.
When I try with the command
sudo certbot certonly --dry-run --noninteractive --agree-tos --email test@mail.de --webroot -w /var/www -d subdomain.domain.com
to renew a certificate in test mode, then I get the error message
... The client lacks sufficient authorization :: Invalid response from https://subdomain.domain.de/.well-known/acme-challenge/longstring
I’m not quite sure which is the webroot directory. I assume it is the directory where I put in my Nextcloud installation. This is in a folder named cloud under /var/www, so I assume that /var/www is my webroot directory.
I’ve had the same problem before. At that time I simply had tried the command
sudo certbot certonly d- Subdomain.domain.com
and everything went. No idea what the problem is now. I would be very happy if you could help me. In that case I would also set up a cronjob for the automated renewal.
Is this the first time you’ve seen this error? (Y/N): N
Kindly Regards,
fly
Hi!
Today i’v tried again to find some stuff at the web round about my problem and have found a site about the same error message based on a try to get a let’s encrypt certificate vor an apache2 configuration. I’m not sure, if it work exactly that way for nginx, but i will try it end report.
May be you would like to comment my source, especially if i’m going the wrong path?
Here i find the article!
Update: I’m not sure but i think i have found may be a better way. It exists for nginx-servers a nginx-plug-in for certbot i’ve read in the certbot documentation. I give it a try in testmode:
sudo apt-get install python-certbot-nginx
sudo certbot certonly --debug-challenges --nginx --dry-run --noninteractive --agree-tos --email example@email.de -d subdomain.domain.de
The test was successfull. That leads to some other questions before i will write the last command in a cron job:
- I only can use the webroot or the nginx-plugin but not both in one command. What’s here the difference for both? I know that if i use the webroot-plugin, i have to specify the webroot-folder e.g. with –webroot -w /var/www.
- Why the certification process failed with the webroot-plug in but did not with the nginx-plugin?
- I get the same certificates in the same folder no matter which method i choose?
Would be great if i find someone to discuss with.
n8,
fly