wiki:certbot_troubleshooting
This is an old revision of the document!
Table of Contents
Letsencrypt certbot troubleshooting
- certbot first establishes connection over ipv6. If you are getting timeout errors check firewall for ipv6 https access or set network stack to prefer ipv4 over ipv6
- Make sure that you can access a file path under webserver root as certbot uses .well-acme folder inside it to fetch the token it uses to check the owner of domain/server
- If there is a previous redirect in webserver configuration it could also interfere with certificate generation
- Certbot only works on default ports, 80 and 443. Check if the Listen directive has a different port if you get “Unauthorized error.
Failed authorization procedure....
Error: Failed authorization procedure. www.example.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from…
There might redirect rules in effect. Try putting this in your .htaccess or vhost file:
RewriteCond %{REQUEST_URI} !^\.well-known/(.*)$
SEC_ERROR_UNKNOWN_ISSUER with certbot in Firefox
If you get this weird error only on Firefox (89.0.2) and other browsers are ok, delete the existing certificate
certbot delete
and run again
certbot
This should resolve the issue.
Tested on
- Debian 10.8
- certbot 0.31.0
See also
References
wiki/certbot_troubleshooting.1626168334.txt.gz · Last modified: 2021/07/13 09:25 by antisa