digitalocean/nginxconfig.io

Cannot get SSL certificate.

Open

#157 opened on 2020年7月1日

GitHub で見る
 (3 comments) (0 reactions) (0 assignees)JavaScript (26,979 stars) (1,978 forks)batch import
bughacktoberfesthelp wanted

説明

I've followed the setup instructions step by step. However, when I execute:

sudo certbot certonly --webroot -d domain.com --email my@mail.com -w /var/www/_letsencrypt -n --agree-tos --force-renewal

The following error message appears:

Failed authorization procedure. domain.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://domain.com/.well-known/acme-challenge/V8Gz5gpzI0B6C7iyQ5N6W4MhmYD6Cn6Mh5Pb755s03Y [MY IP]: "<html>\r\n<head><title>404 Not Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404 Not Found</h1></center>\r\n<hr><center>"

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: domain.com
   Type:   unauthorized
   Detail: Invalid response from
   http://domain.com/.well-known/acme-challenge/V8Gz5gpzI0B6C7iyQ5N6W4MhmYD6Cn6Mh5Pb755s03Y
   [MY IP]: "<html>\r\n<head><title>404 Not
   Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404
   Not Found</h1></center>\r\n<hr><center>"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

I'm sure the web server is reachable from the internet. I'm trying to configure the webserver on a Raspberry Pi 4B with Nginx 1.14.2 and Certbot 0.31.0-1

コントリビューターガイド

技術スタック
なし
領域
backendsecurity
Issue 種別
bug
難度新しい貢献者にとっての実装難度です。1 は非常に小さな変更、5 は専門的な作業です。
3
推定時間経験ある貢献者が調査、実装、テスト、pull request 準備にかけるおおよその時間範囲です。
1-3 hours
活動状況Issue が今どれだけ取り組みやすいかを示します。新しい、活発、古い、ブロック中、またはメンテナー入力待ちなどです。
stale
明確さ期待される変更、受け入れ条件、次の手順がどれだけ明確かを示します。
needs investigation
前提条件
basic nginx knowledgefamiliarity with certbot
初心者向け度初回貢献者にどれだけ取り組みやすいかを 1-100 で推定したスコアです。
30
調査方針
Investigate the nginx configuration generated by nginxconfig.io to ensure it includes a location block for /.well known/acme challenge that serves files from the correct webroot path. Check if the user's webroot path matches the one used in the certbot command. Review the repository's documentation for any known issues or updates regarding SSL certificate setup. Also consider that the error might be due to DNS propagation or firewall rules; suggest verifying domain resolution and server accessibility.