wiki:certbot_troubleshooting
This is an old revision of the document!
Table of Contents
Letsencrypt certbot troubleshooting
- certbot first establishes connection over ipv6. If you are getting timeout errors check firewall for ipv6 https access or set network stack to prefer ipv4 over ipv6
- Make sure that you can access a file path under webserver root as certbot uses .well-acme folder inside it to fetch the token it uses to check the owner of domain/server
- If there is a previous redirect in webserver configuration it could also interfere with certificate generation
- Certbot only works on default ports, 80 and 443. Check if the Listen directive has a different port if you get “Unauthorized error.
Failed authorization procedure....
Error: Failed authorization procedure. www.example.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from…
There might redirect rules in effect. Try putting this in your .htaccess or vhost file:
RewriteCond %{REQUEST_URI} !^\.well-known/(.*)$
Tested on
- Debian 10.8
- certbot 0.31
See also
References
wiki/certbot_troubleshooting.1622797384.txt.gz · Last modified: 2021/06/04 09:03 by antisa