Hi
I got several sites. All secured with Let's Encrypt without any issue. I've added a new domain. When I try to request an Let's Encrypt certificat this always fails because it lookups the acme-file in the wrong directory!?
My new domain is bellespieds.be but for some reason it goes to another site (hosted on the same server) to perform the check: https://spellenfestival.be/.well-known/acme-challenge No forwards have been setup (really just added a new domain, uploaded an index.html file as a placeholder to verify and tried to fetch a certificate).
I've been looking into the DNS records, config-files, everything. Can't figure out what's wrong. DNS records are not maintained on my server but with GoDaddy. So that's normal to fail. HTTP-based authentication did succeed without any issue for all my other domains.
Requesting a certificate for bellespieds.be, www.bellespieds.be from Let's Encrypt ..
.. request failed : Web-based validation failed :
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for bellespieds.be
http-01 challenge for www.bellespieds.be
Using the webroot path /home/bellespieds/public_html for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. www.bellespieds.be (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://spellenfestival.be/.well-known/acme-challenge/eL5VWNrZ10HfXIABYWSs7Y8QAgMKkX5HBwrbyoZUjP4 [2a01:7c8:aac8:116:5054:ff:fe65:3796]: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p", bellespieds.be (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from https://spellenfestival.be/.well-known/acme-challenge/ep6H7o0XVilZXhP2SR0mIxm5DMjfNcj7euhMkzSsbKE [2a01:7c8:aac8:116:5054:ff:fe65:3796]: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: www.bellespieds.be
Type: unauthorized
Detail: Invalid response from
https://spellenfestival.be/.well-known/acme-challenge/eL5VWNrZ10HfXIABYWSs7Y8QAgMKkX5HBwrbyoZUjP4
[2a01:7c8:aac8:116:5054:ff:fe65:3796]: "<!DOCTYPE HTML PUBLIC
"-//IETF//DTD HTML 2.0//EN">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
Domain: bellespieds.be
Type: unauthorized
Detail: Invalid response from
https://spellenfestival.be/.well-known/acme-challenge/ep6H7o0XVilZXhP2SR0mIxm5DMjfNcj7euhMkzSsbKE
[2a01:7c8:aac8:116:5054:ff:fe65:3796]: "<!DOCTYPE HTML PUBLIC
"-//IETF//DTD HTML 2.0//EN">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
DNS-based validation failed :
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for bellespieds.be
dns-01 challenge for www.bellespieds.be
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. bellespieds.be (dns-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.bellespieds.be, www.bellespieds.be (dns-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.www.bellespieds.be
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: bellespieds.be
Type: None
Detail: DNS problem: NXDOMAIN looking up TXT for
_acme-challenge.bellespieds.be
Domain: www.bellespieds.be
Type: None
Detail: DNS problem: NXDOMAIN looking up TXT for
_acme-challenge.www.bellespieds.be
this is resolved! It turned that -for some reason- in my httpd.conf file my new virtualhosts only got the ipv4 address configured, not the ipv6 address. I manually updated it which resolved all issues.