API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 24th, 2022
79
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 19.27 KB | None | 0 0
raw download clone embed print report
  1. # certbot certonly --nginx --dry-run -d kacper.grzybnia.de -vv
  2. Root logging level set at 10
  3. Saving debug log to /var/log/letsencrypt/letsencrypt.log
  4. Requested authenticator nginx and installer nginx
  5. Single candidate plugin: * nginx
  6. Description: Nginx Web Server plugin
  7. Interfaces: Installer, Authenticator, Plugin
  8. Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator
  9. Initialized: <certbot_nginx._internal.configurator.NginxConfigurator object at 0x7efcfc9b03c8>
  10. Prep: True
  11. Single candidate plugin: * nginx
  12. Description: Nginx Web Server plugin
  13. Interfaces: Installer, Authenticator, Plugin
  14. Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator
  15. Initialized: <certbot_nginx._internal.configurator.NginxConfigurator object at 0x7efcfc9b03c8>
  16. Prep: True
  17. Selected authenticator <certbot_nginx._internal.configurator.NginxConfigurator object at 0x7efcfc9b03c8> and installer <certbot_nginx._internal.configurator.NginxConfigurator object at 0x7efcfc9b03c8>
  18. Plugins selected: Authenticator nginx, Installer nginx
  19. Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-staging-v02.api.letsencrypt.org/acme/acct/58463854', new_authzr_uri=None, terms_of_service=None), 83ceed3dc69a1602bfdf63a686f341b2, Meta(creation_dt=datetime.datetime(2022, 6, 23, 20, 22, 54, tzinfo=<UTC>), creation_host='grzybnia', register_to_eff=None))>
  20. Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory.
  21. Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org:443
  22. https://acme-staging-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 822
  23. Received response:
  24. HTTP 200
  25. Server: nginx
  26. Date: Fri, 24 Jun 2022 06:24:06 GMT
  27. Content-Type: application/json
  28. Content-Length: 822
  29. Connection: keep-alive
  30. Cache-Control: public, max-age=0, no-cache
  31. X-Frame-Options: DENY
  32. Strict-Transport-Security: max-age=604800
  33.  
  34. {
  35. "keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change",
  36. "meta": {
  37. "caaIdentities": [
  38. "letsencrypt.org"
  39. ],
  40. "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
  41. "website": "https://letsencrypt.org/docs/staging-environment/"
  42. },
  43. "mpCWeUEJXEI": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  44. "newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct",
  45. "newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce",
  46. "newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order",
  47. "renewalInfo": "https://acme-staging-v02.api.letsencrypt.org/get/draft-aaron-ari/renewalInfo/",
  48. "revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert"
  49. }
  50. Notifying user: Simulating a certificate request for kacper.grzybnia.de
  51. Simulating a certificate request for kacper.grzybnia.de
  52. Requesting fresh nonce
  53. Sending HEAD request to https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce.
  54. https://acme-staging-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
  55. Received response:
  56. HTTP 200
  57. Server: nginx
  58. Date: Fri, 24 Jun 2022 06:24:07 GMT
  59. Connection: keep-alive
  60. Cache-Control: public, max-age=0, no-cache
  61. Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
  62. Replay-Nonce: 0001WcPmimOs4v8sHI8C1_jYyUeg_VIELo6vLI2r4AKXrF4
  63. X-Frame-Options: DENY
  64. Strict-Transport-Security: max-age=604800
  65.  
  66.  
  67. Storing nonce: 0001WcPmimOs4v8sHI8C1_jYyUeg_VIELo6vLI2r4AKXrF4
  68. JWS payload:
  69. b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "kacper.grzybnia.de"\n }\n ]\n}'
  70. Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order:
  71. {
  72. "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC81ODQ2Mzg1NCIsICJub25jZSI6ICIwMDAxV2NQbWltT3M0djhzSEk4QzFfall5VWVnX1ZJRUxvNnZMSTJyNEFLWHJGNCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
  73. "signature": "fE_qKH5dYKbdwf6k9YVnoYfukCw5W9Hg4i5XauAFn4G_UtL-e9lVmsBlmSXvS2RnWefj_nz2dXXMxdb85V_lWe3fNYb0PHRMymZvkr42thMPFh-k0MlRFP02vn8-ecCQOqEhaGHTBzIXfGfDg0RI22kPOi6jtizSrLIvF9nvFDv6fxxcajMv8VMnToCRoNQzaoIk-neuMu7LNE63zO7g4NEv0-G2xwH-S9i3KUFx-_KhN80Oc_AObqgrnkabzCmVDgILSaikqJmhKpGs1CMqt2jLX2dH8n5nmBS67gBJiuUr7Lkdj0Tq0M7iXbWRwfXKCaYJfGgd7YZzFCgO_2xSGg",
  74. "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImthY3Blci5ncnp5Ym5pYS5kZSIKICAgIH0KICBdCn0"
  75. }
  76. https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 354
  77. Received response:
  78. HTTP 201
  79. Server: nginx
  80. Date: Fri, 24 Jun 2022 06:24:07 GMT
  81. Content-Type: application/json
  82. Content-Length: 354
  83. Connection: keep-alive
  84. Boulder-Requester: 58463854
  85. Cache-Control: public, max-age=0, no-cache
  86. Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
  87. Location: https://acme-staging-v02.api.letsencrypt.org/acme/order/58463854/2934003574
  88. Replay-Nonce: 00021ijw6i9Dq-cyTSrwjzuNKaArt8rRRCbnodC4_GzTEwg
  89. X-Frame-Options: DENY
  90. Strict-Transport-Security: max-age=604800
  91.  
  92. {
  93. "status": "pending",
  94. "expires": "2022-07-01T06:24:07Z",
  95. "identifiers": [
  96. {
  97. "type": "dns",
  98. "value": "kacper.grzybnia.de"
  99. }
  100. ],
  101. "authorizations": [
  102. "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/2797495724"
  103. ],
  104. "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/58463854/2934003574"
  105. }
  106. Storing nonce: 00021ijw6i9Dq-cyTSrwjzuNKaArt8rRRCbnodC4_GzTEwg
  107. JWS payload:
  108. b''
  109. Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/2797495724:
  110. {
  111. "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC81ODQ2Mzg1NCIsICJub25jZSI6ICIwMDAyMWlqdzZpOURxLWN5VFNyd2p6dU5LYUFydDhyUlJDYm5vZEM0X0d6VEV3ZyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yNzk3NDk1NzI0In0",
  112. "signature": "f38F-xIK--KVCfGLwqdSOTxjqeNUqioXjS4Jrq2SrHXJZC-oSAcsiCWc9vOZYDoslWrJihWbCw3IcNR6Er14HiK6ChBkUA0yx8gtTTFu9ESlMmMGwGOCmDtQ7BzFf9vV3v8Ea8CjDjrl26c38wJEz7cWBFOdAwKnHW7yhkML6DvZ78VKe5--weAmtutsENcZVnT-Ny2NoXWry6opqQqHkzgK4JR9cjt-wXotbJZHlspHttELv92BI1OyhZZnJJCJfBAJJrctIs3wWIGZHoR_5-h_i3NP8FOg1hXl8_tNZMZSElhjl29b9JM72gREIOdNrOrzqXvYYzK3T8a2omsFrg",
  113. "payload": ""
  114. }
  115. https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/2797495724 HTTP/1.1" 200 820
  116. Received response:
  117. HTTP 200
  118. Server: nginx
  119. Date: Fri, 24 Jun 2022 06:24:07 GMT
  120. Content-Type: application/json
  121. Content-Length: 820
  122. Connection: keep-alive
  123. Boulder-Requester: 58463854
  124. Cache-Control: public, max-age=0, no-cache
  125. Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
  126. Replay-Nonce: 0002n0zKrj-uj7sh5asqOW_LurwO74TscDE30udVFizXgOo
  127. X-Frame-Options: DENY
  128. Strict-Transport-Security: max-age=604800
  129.  
  130. {
  131. "identifier": {
  132. "type": "dns",
  133. "value": "kacper.grzybnia.de"
  134. },
  135. "status": "pending",
  136. "expires": "2022-07-01T06:24:07Z",
  137. "challenges": [
  138. {
  139. "type": "http-01",
  140. "status": "pending",
  141. "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2797495724/_ILFzg",
  142. "token": "t3YHQRxs5R5jJwTpE_b12ZU-klJntcpKujCKx_15Nyw"
  143. },
  144. {
  145. "type": "dns-01",
  146. "status": "pending",
  147. "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2797495724/ZGtMUw",
  148. "token": "t3YHQRxs5R5jJwTpE_b12ZU-klJntcpKujCKx_15Nyw"
  149. },
  150. {
  151. "type": "tls-alpn-01",
  152. "status": "pending",
  153. "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2797495724/GLc0Cg",
  154. "token": "t3YHQRxs5R5jJwTpE_b12ZU-klJntcpKujCKx_15Nyw"
  155. }
  156. ]
  157. }
  158. Storing nonce: 0002n0zKrj-uj7sh5asqOW_LurwO74TscDE30udVFizXgOo
  159. Performing the following challenges:
  160. http-01 challenge for kacper.grzybnia.de
  161. Generated server block:
  162. []
  163. Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf
  164. Creating backup of /etc/nginx/sites-enabled/kacper.grzybnia.de
  165. Creating backup of /etc/nginx/modules-enabled/50-mod-http-echo.conf
  166. Creating backup of /etc/letsencrypt/options-ssl-nginx.conf
  167. Creating backup of /etc/nginx/sites-enabled/pihole.grzybnia.de
  168. Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf
  169. Creating backup of /etc/nginx/modules-enabled/50-mod-http-upstream-fair.conf
  170. Creating backup of /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf
  171. Creating backup of /etc/nginx/modules-enabled/50-mod-http-geoip.conf
  172. Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf
  173. Creating backup of /etc/nginx/nginx.conf
  174. Creating backup of /etc/nginx/modules-enabled/50-mod-http-dav-ext.conf
  175. Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf
  176. Creating backup of /etc/nginx/mime.types
  177. Creating backup of /etc/nginx/modules-enabled/50-mod-http-subs-filter.conf
  178. Creating backup of /etc/nginx/sites-enabled/grzybnia.de
  179. Writing nginx conf tree to /etc/nginx/nginx.conf:
  180. user www-data;
  181. worker_processes auto;
  182. pid /run/nginx.pid;
  183. include /etc/nginx/modules-enabled/*.conf;
  184.  
  185. events {
  186. worker_connections 768;
  187. # multi_accept on;
  188. }
  189.  
  190. http {
  191. server_names_hash_bucket_size 128;
  192. include /etc/letsencrypt/le_http_01_cert_challenge.conf;
  193.  
  194. ##
  195. # Basic Settings
  196. ##
  197.  
  198. sendfile on;
  199. tcp_nopush on;
  200. tcp_nodelay on;
  201. keepalive_timeout 65;
  202. types_hash_max_size 2048;
  203. # server_tokens off;
  204.  
  205. # server_names_hash_bucket_size 64;
  206. # server_name_in_redirect off;
  207.  
  208. include /etc/nginx/mime.types;
  209. default_type application/octet-stream;
  210.  
  211. ##
  212. # SSL Settings
  213. ##
  214.  
  215. ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
  216. ssl_prefer_server_ciphers on;
  217.  
  218. ##
  219. # Logging Settings
  220. ##
  221.  
  222. access_log /var/log/nginx/access.log;
  223. error_log /var/log/nginx/error.log;
  224.  
  225. ##
  226. # Gzip Settings
  227. ##
  228.  
  229. gzip on;
  230.  
  231. # gzip_vary on;
  232. # gzip_proxied any;
  233. # gzip_comp_level 6;
  234. # gzip_buffers 16 8k;
  235. # gzip_http_version 1.1;
  236. # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
  237.  
  238. ##
  239. # Virtual Host Configs
  240. ##
  241.  
  242. include /etc/nginx/conf.d/*.conf;
  243. include /etc/nginx/sites-enabled/*;
  244. }
  245.  
  246.  
  247. #mail {
  248. # # See sample authentication script at:
  249. # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
  250. #
  251. # # auth_http localhost/auth.php;
  252. # # pop3_capabilities "TOP" "USER";
  253. # # imap_capabilities "IMAP4rev1" "UIDPLUS";
  254. #
  255. # server {
  256. # listen localhost:110;
  257. # protocol pop3;
  258. # proxy on;
  259. # }
  260. #
  261. # server {
  262. # listen localhost:143;
  263. # protocol imap;
  264. # proxy on;
  265. # }
  266. #}
  267.  
  268. stream {
  269. include /etc/nginx/streams/*;
  270. }
  271.  
  272. Writing nginx conf tree to /etc/nginx/sites-enabled/kacper.grzybnia.de:
  273. server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot
  274.  
  275.  
  276. server_name kacper.grzybnia.de;
  277.  
  278. root /var/www/html/kacper.grzybnia.de;
  279. autoindex off;
  280.  
  281. index index.html;
  282.  
  283. location / {
  284. expires max;
  285. try_files $uri $uri/ =404;
  286. }
  287. location = /.well-known/acme-challenge/t3YHQRxs5R5jJwTpE_b12ZU-klJntcpKujCKx_15Nyw{default_type text/plain;return 200 t3YHQRxs5R5jJwTpE_b12ZU-klJntcpKujCKx_15Nyw.DXEbgZoyFzw9hp3Oe0rcmzS5iB-cV3QtrsBvIC5QVI8;} # managed by Certbot
  288.  
  289. }
  290.  
  291. JWS payload:
  292. b'{}'
  293. Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2797495724/_ILFzg:
  294. {
  295. "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC81ODQ2Mzg1NCIsICJub25jZSI6ICIwMDAybjB6S3JqLXVqN3NoNWFzcU9XX0x1cndPNzRUc2NERTMwdWRWRml6WGdPbyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yNzk3NDk1NzI0L19JTEZ6ZyJ9",
  296. "signature": "e1zrcgu3h6Tw7QCDHEnZgbRskmuKuRSIaip1FY1lDylvTvUZ8fSCY6COwQH7trDVag0lNFhfiGu9-28eZtQ4vRaudSJSlKPIRUqfuJKPmDqq-kuHyCmkDNeQaZF1trLklr8UEyK8xJIwIlVJe5nymJs5jOY-ckVwRr9I6nehO2zx0tfjtqJ7MH03DobDbLAEmXJpHnTnAEfj57F9BhBEGYFxH0whvTXlqcj8MvSnlBjLUQDbyYEAcNB-WLxpYRF67b5zoiB3V2cpF5JiaI29cZFGed1ieeRPKkZbDWPLCgEPBb0JQKNGuNFX6Fl7kBPp2wkANs_-isIwwBF4b99j-Q",
  297. "payload": "e30"
  298. }
  299. https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/2797495724/_ILFzg HTTP/1.1" 200 193
  300. Received response:
  301. HTTP 200
  302. Server: nginx
  303. Date: Fri, 24 Jun 2022 06:24:08 GMT
  304. Content-Type: application/json
  305. Content-Length: 193
  306. Connection: keep-alive
  307. Boulder-Requester: 58463854
  308. Cache-Control: public, max-age=0, no-cache
  309. Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/2797495724>;rel="up"
  310. Location: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2797495724/_ILFzg
  311. Replay-Nonce: 0001Ntk2Cc4jC1pV-iuyHyBViSiZ_UYCY9t-hKMGT-68IwM
  312. X-Frame-Options: DENY
  313. Strict-Transport-Security: max-age=604800
  314.  
  315. {
  316. "type": "http-01",
  317. "status": "pending",
  318. "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2797495724/_ILFzg",
  319. "token": "t3YHQRxs5R5jJwTpE_b12ZU-klJntcpKujCKx_15Nyw"
  320. }
  321. Storing nonce: 0001Ntk2Cc4jC1pV-iuyHyBViSiZ_UYCY9t-hKMGT-68IwM
  322. Waiting for verification...
  323. JWS payload:
  324. b''
  325. Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/2797495724:
  326. {
  327. "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS1zdGFnaW5nLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC81ODQ2Mzg1NCIsICJub25jZSI6ICIwMDAxTnRrMkNjNGpDMXBWLWl1eUh5QlZpU2laX1VZQ1k5dC1oS01HVC02OEl3TSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yNzk3NDk1NzI0In0",
  328. "signature": "IWdPWcQEAbijlk2AnGtpbk3q2AXXHrCuPX-bzstmd4lYFz9FndIADjdNs0EeeOh5E9bvxMUnj8YtztB2F7y5lAuLTg6EtVqh_ATAz1QLVaEUGorN7MoX5eqLPeOLgA3wWwUsZGPPRMzH4xEFiqfCSFAfsbbuDgQD4Nzf3E0Lw0Gs-FVfD7wRtU11EExTArOiDytuOHZSkRUo9vlGYzUYIMw0_SAnVSi0dfAshC8rq9Ddwt0SfOwAeYM_aVsnGfsxOz1-zFb-haPbjjXnbEuW2LGexThvgyRAkbDSyCIrnpDHlFulso-5Uc--O1opsUivHlUSxxK_QnqZDINweZiwuw",
  329. "payload": ""
  330. }
  331. https://acme-staging-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/2797495724 HTTP/1.1" 200 1102
  332. Received response:
  333. HTTP 200
  334. Server: nginx
  335. Date: Fri, 24 Jun 2022 06:24:09 GMT
  336. Content-Type: application/json
  337. Content-Length: 1102
  338. Connection: keep-alive
  339. Boulder-Requester: 58463854
  340. Cache-Control: public, max-age=0, no-cache
  341. Link: <https://acme-staging-v02.api.letsencrypt.org/directory>;rel="index"
  342. Replay-Nonce: 0002kXxcxAGq7UulpzSHofNpPY4hmQNkLFo_5QSQC_p7um4
  343. X-Frame-Options: DENY
  344. Strict-Transport-Security: max-age=604800
  345.  
  346. {
  347. "identifier": {
  348. "type": "dns",
  349. "value": "kacper.grzybnia.de"
  350. },
  351. "status": "invalid",
  352. "expires": "2022-07-01T06:24:07Z",
  353. "challenges": [
  354. {
  355. "type": "http-01",
  356. "status": "invalid",
  357. "error": {
  358. "type": "urn:ietf:params:acme:error:unauthorized",
  359. "detail": "2a01:4f8:d0:3919::68b3: Invalid response from http://kacper.grzybnia.de/.well-known/acme-challenge/t3YHQRxs5R5jJwTpE_b12ZU-klJntcpKujCKx_15Nyw: 404",
  360. "status": 403
  361. },
  362. "url": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2797495724/_ILFzg",
  363. "token": "t3YHQRxs5R5jJwTpE_b12ZU-klJntcpKujCKx_15Nyw",
  364. "validationRecord": [
  365. {
  366. "url": "http://kacper.grzybnia.de/.well-known/acme-challenge/t3YHQRxs5R5jJwTpE_b12ZU-klJntcpKujCKx_15Nyw",
  367. "hostname": "kacper.grzybnia.de",
  368. "port": "80",
  369. "addressesResolved": [
  370. "194.35.12.231",
  371. "2a01:4f8:d0:3919::68b3"
  372. ],
  373. "addressUsed": "2a01:4f8:d0:3919::68b3"
  374. }
  375. ],
  376. "validated": "2022-06-24T06:24:08Z"
  377. }
  378. ]
  379. }
  380. Storing nonce: 0002kXxcxAGq7UulpzSHofNpPY4hmQNkLFo_5QSQC_p7um4
  381. Challenge failed for domain kacper.grzybnia.de
  382. http-01 challenge for kacper.grzybnia.de
  383. Notifying user:
  384. Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
  385. Domain: kacper.grzybnia.de
  386. Type: unauthorized
  387. Detail: 2a01:4f8:d0:3919::68b3: Invalid response from http://kacper.grzybnia.de/.well-known/acme-challenge/t3YHQRxs5R5jJwTpE_b12ZU-klJntcpKujCKx_15Nyw: 404
  388.  
  389. Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.
  390.  
  391.  
  392. Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
  393. Domain: kacper.grzybnia.de
  394. Type: unauthorized
  395. Detail: 2a01:4f8:d0:3919::68b3: Invalid response from http://kacper.grzybnia.de/.well-known/acme-challenge/t3YHQRxs5R5jJwTpE_b12ZU-klJntcpKujCKx_15Nyw: 404
  396.  
  397. Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.
  398.  
  399. Encountered exception:
  400. Traceback (most recent call last):
  401. File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 106, in handle_authorizations
  402. self._poll_authorizations(authzrs, max_retries, best_effort)
  403. File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 206, in _poll_authorizations
  404. raise errors.AuthorizationError('Some challenges have failed.')
  405. certbot.errors.AuthorizationError: Some challenges have failed.
  406.  
  407. Calling registered functions
  408. Cleaning up challenges
  409. Exiting abnormally:
  410. Traceback (most recent call last):
  411. File "/usr/bin/certbot", line 8, in <module>
  412. sys.exit(main())
  413. File "/opt/certbot/lib/python3.7/site-packages/certbot/main.py", line 19, in main
  414. return internal_main.main(cli_args)
  415. File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1744, in main
  416. return config.func(config, plugins)
  417. File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1591, in certonly
  418. lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
  419. File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 141, in _get_and_save_cert
  420. lineage = le_client.obtain_and_enroll_certificate(domains, certname)
  421. File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 513, in obtain_and_enroll_certificate
  422. cert, chain, key, _ = self.obtain_certificate(domains)
  423. File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 441, in obtain_certificate
  424. orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  425. File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 493, in _get_order_and_authorizations
  426. authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
  427. File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 106, in handle_authorizations
  428. self._poll_authorizations(authzrs, max_retries, best_effort)
  429. File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 206, in _poll_authorizations
  430. raise errors.AuthorizationError('Some challenges have failed.')
  431. certbot.errors.AuthorizationError: Some challenges have failed.
  432. Some challenges have failed.
  433. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!