2017-12-07 07:20:46,320:DEBUG:certbot.main:certbot version: 0.20.0
2017-12-07 07:20:46,321:DEBUG:certbot.main:Arguments: ['-a', 'webroot', '-d', 'letsssl.space', '-d', 'www.letsssl.space', '--webroot-path', '/home/letsssl/public_html', '--duplicate', '--manual-public-ip-logging-ok', '--config', '/tmp/.webmin/256546_12580_1_letsencrypt.cgi', '--rsa-key-size', '2048']
2017-12-07 07:20:46,321:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2017-12-07 07:20:46,397:DEBUG:certbot.log:Root logging level set at 20
2017-12-07 07:20:46,398:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2017-12-07 07:20:46,399:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2017-12-07 07:20:46,407:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0xb5f8cf8c>
Prep: True
2017-12-07 07:20:46,408:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0xb5f8cf8c> and installer None
2017-12-07 07:20:46,408:INFO:certbot.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2017-12-07 07:20:46,418:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(status=None, contact=(u'mailto:mail@gerardroos.nl',), agreement=u'https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf', key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0xb5f824ac>)>)), uri=u'https://acme-v01.api.letsencrypt.org/acme/reg/1420306', new_authzr_uri=u'https://acme-v01.api.letsencrypt.org/acme/new-authz', terms_of_service=u'https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf'), 06849b7beffc9d77b71908b12cc58b3b, Meta(creation_host=u'server11.webfederatie.nl', creation_dt=datetime.datetime(2016, 4, 24, 18, 49, 55, tzinfo=<UTC>)))>
2017-12-07 07:20:46,420:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/directory.
2017-12-07 07:20:46,430:DEBUG:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2017-12-07 07:20:46,800:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 562
2017-12-07 07:20:46,802:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 562
Replay-Nonce: IqObkzZoPnN_dJvUx6kLo5rbQbpp43R819JE8wmwuDo
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Thu, 07 Dec 2017 07:21:44 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 07 Dec 2017 07:21:44 GMT
Connection: keep-alive

{
  "97EkYxf2DfA": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change",
  "meta": {
    "terms-of-service": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf"
  },
  "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",
  "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",
  "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",
  "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"
}
2017-12-07 07:20:46,802:INFO:certbot.main:Obtaining a new certificate
2017-12-07 07:20:46,803:DEBUG:acme.client:Requesting fresh nonce
2017-12-07 07:20:46,803:DEBUG:acme.client:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz.
2017-12-07 07:20:46,996:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "HEAD /acme/new-authz HTTP/1.1" 405 0
2017-12-07 07:20:46,997:DEBUG:acme.client:Received response:
HTTP 405
Server: nginx
Content-Type: application/problem+json
Content-Length: 91
Allow: POST
Replay-Nonce: g0Ew8K4qFEh0bstgCbvc0ekNOUpyqpxvooGLIGwggic
Expires: Thu, 07 Dec 2017 07:21:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 07 Dec 2017 07:21:45 GMT
Connection: keep-alive


2017-12-07 07:20:46,998:DEBUG:acme.client:Storing nonce: g0Ew8K4qFEh0bstgCbvc0ekNOUpyqpxvooGLIGwggic
2017-12-07 07:20:46,998:DEBUG:acme.client:JWS payload:
{
  "identifier": {
    "type": "dns", 
    "value": "letsssl.space"
  }, 
  "resource": "new-authz"
}
2017-12-07 07:20:47,031:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz:
{
  "protected": "eyJub25jZSI6ICJnMEV3OEs0cUZFaDBic3RnQ2J2YzBla05PVXB5cXB4dm9vR0xJR3dnZ2ljIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAidUVrYzVjNUxlN1RJQVpjVTBOZVF5dzAyaG1qYWdTY2c2VWpPdTFmN0ZiTkpubnZFa0l5ZDFwZUJjOTA4cEJuQ3kzRzNfdGU2VWdHcVVldm1qRUhBRF9CY0YwbnlYQzc1TFNKSmtBQU9yREg3bFl5UVZnamdRRThIMzNKcDJHcUZLZnhVMkVzeUtZTlAySEM5dWdRcVVDaGltZXdCMzhjVUl3ZFlzTFFfQTdQc0Z3VzVRZXdjdkFHZi1JcktOTmlBMDVnbkdkeHpqT1hYOEhCZVc3WjlOV3kwY2I1QzBPdHlfdmhzVTA3QzhhcTZpN2RUbmVHVU1HS1lab3JGdExDU3hpVFUwM0ZzaDFQT2xWbUM5ODFZX2VGQlNDLXNzMzhNcERUQXFjRGZxY2MyNFJSUVJTVTUzTFFsZjVjenlUNEl0YXdPemQ0d2JtWnJOdTI4ZWVLdHV3In19", 
  "payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAibGV0c3NzbC5zcGFjZSIKICB9LCAKICAicmVzb3VyY2UiOiAibmV3LWF1dGh6Igp9", 
  "signature": "qeTAD6D4TeouGD9n6KYtXaZop5UCY1LtyM5kkgn8BgmnitOl2TaI6uN84Daf4Ua3h7sP3oNDRvRlteGTrY9hwxBnrlQ6fYeKznHA6jt3nKhy6Oo-_AFN9FYHk5VQG8o9UW1QVXNzs1ofMqitwoSrX5uIVv-3aoQUPZMctj1LRhTH_qF0WZ4PpKjdk_-VYcTqKfBGjMXq_oAn49EawKXXvY3WZNNvvCGMPdIIxNvUk5CEd4RIHNk4JR672a1eMlOdUf7HD7G9GRWHGQCaBVoD2R9lBR0ppA0jgfc__jDpERw1GXzz4SZmOtCJ87MRaDmOjmUgdWAJRWWikeHaYRrELg"
}
2017-12-07 07:20:47,322:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 1001
2017-12-07 07:20:47,324:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 1001
Boulder-Requester: 1420306
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Location: https://acme-v01.api.letsencrypt.org/acme/authz/vxvXcUiyPP3DY5g0Z4poiSLJjLAUXR_5P3pJ8HR9t5U
Replay-Nonce: NPiXVd2S6uVprbWp0-sBlHKmZQ06UbUxp8iGwmSIRbU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Thu, 07 Dec 2017 07:21:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 07 Dec 2017 07:21:45 GMT
Connection: keep-alive

{
  "identifier": {
    "type": "dns",
    "value": "letsssl.space"
  },
  "status": "pending",
  "expires": "2017-12-14T07:21:45.264700817Z",
  "challenges": [
    {
      "type": "dns-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/vxvXcUiyPP3DY5g0Z4poiSLJjLAUXR_5P3pJ8HR9t5U/2663524205",
      "token": "1fTgt3NXF9OhqO6_NnZIUjEsNgPCDTamSHbwWUYeTmE"
    },
    {
      "type": "tls-sni-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/vxvXcUiyPP3DY5g0Z4poiSLJjLAUXR_5P3pJ8HR9t5U/2663524206",
      "token": "YBdXpfMKD_jTmCkiQyW_6UG3SzupwQl6XDjjN-3J_dg"
    },
    {
      "type": "http-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/vxvXcUiyPP3DY5g0Z4poiSLJjLAUXR_5P3pJ8HR9t5U/2663524207",
      "token": "JAYIorr0UggBLQZwcYyGEGGJRXAD83JUvbpH7Bv79l4"
    }
  ],
  "combinations": [
    [
      1
    ],
    [
      2
    ],
    [
      0
    ]
  ]
}
2017-12-07 07:20:47,324:DEBUG:acme.client:Storing nonce: NPiXVd2S6uVprbWp0-sBlHKmZQ06UbUxp8iGwmSIRbU
2017-12-07 07:20:47,325:DEBUG:acme.client:JWS payload:
{
  "identifier": {
    "type": "dns", 
    "value": "www.letsssl.space"
  }, 
  "resource": "new-authz"
}
2017-12-07 07:20:47,349:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz:
{
  "protected": "eyJub25jZSI6ICJOUGlYVmQyUzZ1VnByYldwMC1zQmxIS21aUTA2VWJVeHA4aUd3bVNJUmJVIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAidUVrYzVjNUxlN1RJQVpjVTBOZVF5dzAyaG1qYWdTY2c2VWpPdTFmN0ZiTkpubnZFa0l5ZDFwZUJjOTA4cEJuQ3kzRzNfdGU2VWdHcVVldm1qRUhBRF9CY0YwbnlYQzc1TFNKSmtBQU9yREg3bFl5UVZnamdRRThIMzNKcDJHcUZLZnhVMkVzeUtZTlAySEM5dWdRcVVDaGltZXdCMzhjVUl3ZFlzTFFfQTdQc0Z3VzVRZXdjdkFHZi1JcktOTmlBMDVnbkdkeHpqT1hYOEhCZVc3WjlOV3kwY2I1QzBPdHlfdmhzVTA3QzhhcTZpN2RUbmVHVU1HS1lab3JGdExDU3hpVFUwM0ZzaDFQT2xWbUM5ODFZX2VGQlNDLXNzMzhNcERUQXFjRGZxY2MyNFJSUVJTVTUzTFFsZjVjenlUNEl0YXdPemQ0d2JtWnJOdTI4ZWVLdHV3In19", 
  "payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAid3d3LmxldHNzc2wuc3BhY2UiCiAgfSwgCiAgInJlc291cmNlIjogIm5ldy1hdXRoeiIKfQ", 
  "signature": "rg_HpkP2wuLGsonAzEAXdcgRwZTPIWU0fCP9gwijKitqhZkF-kNOuwusUE3zwCC4XNI3QW7PhWWGZS0BTaRnxOWAgY1JMLgGfDDcKTl1N5m97R8G0Wj3YMZmB-6gG0vYGBb7GmvdCwpJbkQygc5lgqYfEgVIzQlC4GxCGisjVPFNZokM6s5KJfp_4J5Mx5K4qurGy9HVuqJPCevxc6oC2MzJ9oAhpd75EDBFe7rRcMNP-_Mmg8EiKfJn8TdDEgDNo6fwF1KkD4jFwr3svYLOUZs0knuT0AdtTpwWpbjvobEEtCj-ey2EnLeX9yoB9vrtQzTPgbyB21PrZIykWmsLpQ"
}
2017-12-07 07:20:47,637:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 1005
2017-12-07 07:20:47,638:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 1005
Boulder-Requester: 1420306
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Location: https://acme-v01.api.letsencrypt.org/acme/authz/WTTEm48qZDagVzTFzUZkT8U3eKFkbWHjjuvca0UoWOI
Replay-Nonce: t_6pJ6smOVL_b0fib2BrApDNLIqlWhpY4kuYfnihtTk
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Thu, 07 Dec 2017 07:21:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 07 Dec 2017 07:21:45 GMT
Connection: keep-alive

{
  "identifier": {
    "type": "dns",
    "value": "www.letsssl.space"
  },
  "status": "pending",
  "expires": "2017-12-14T07:21:45.588094386Z",
  "challenges": [
    {
      "type": "tls-sni-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/WTTEm48qZDagVzTFzUZkT8U3eKFkbWHjjuvca0UoWOI/2663524220",
      "token": "HFgpmCGcclNmte5aPgCyV1NUB-bjNdh1QTj5WOGCMks"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/WTTEm48qZDagVzTFzUZkT8U3eKFkbWHjjuvca0UoWOI/2663524221",
      "token": "oqjWPduUtWGWpqwjRqGn-3cfC1DBLeKPRq90xU_QcLo"
    },
    {
      "type": "http-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/WTTEm48qZDagVzTFzUZkT8U3eKFkbWHjjuvca0UoWOI/2663524222",
      "token": "Xdzqq3sg7B9CyxeC7Z7Dkg7N5dz-4h1k3C0X_zdMPt0"
    }
  ],
  "combinations": [
    [
      0
    ],
    [
      1
    ],
    [
      2
    ]
  ]
}
2017-12-07 07:20:47,638:DEBUG:acme.client:Storing nonce: t_6pJ6smOVL_b0fib2BrApDNLIqlWhpY4kuYfnihtTk
2017-12-07 07:20:47,639:INFO:certbot.auth_handler:Performing the following challenges:
2017-12-07 07:20:47,639:INFO:certbot.auth_handler:http-01 challenge for letsssl.space
2017-12-07 07:20:47,640:INFO:certbot.auth_handler:http-01 challenge for www.letsssl.space
2017-12-07 07:20:47,640:INFO:certbot.plugins.webroot:Using the webroot path /home/letsssl/public_html for all unmatched domains.
2017-12-07 07:20:47,640:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /home/letsssl/public_html/.well-known/acme-challenge
2017-12-07 07:20:47,640:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /home/letsssl/public_html/.well-known/acme-challenge
2017-12-07 07:20:47,648:DEBUG:certbot.plugins.webroot:Attempting to save validation to /home/letsssl/public_html/.well-known/acme-challenge/JAYIorr0UggBLQZwcYyGEGGJRXAD83JUvbpH7Bv79l4
2017-12-07 07:20:47,654:DEBUG:certbot.plugins.webroot:Attempting to save validation to /home/letsssl/public_html/.well-known/acme-challenge/Xdzqq3sg7B9CyxeC7Z7Dkg7N5dz-4h1k3C0X_zdMPt0
2017-12-07 07:20:47,654:INFO:certbot.auth_handler:Waiting for verification...
2017-12-07 07:20:47,655:DEBUG:acme.client:JWS payload:
{
  "keyAuthorization": "JAYIorr0UggBLQZwcYyGEGGJRXAD83JUvbpH7Bv79l4.Lf_o5zgHdnAlGjRrXxIcWzaaeYmwRWWiE1lG7MvLmVU", 
  "type": "http-01", 
  "resource": "challenge"
}
2017-12-07 07:20:47,678:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/vxvXcUiyPP3DY5g0Z4poiSLJjLAUXR_5P3pJ8HR9t5U/2663524207:
{
  "protected": "eyJub25jZSI6ICJ0XzZwSjZzbU9WTF9iMGZpYjJCckFwRE5MSXFsV2hwWTRrdVlmbmlodFRrIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAidUVrYzVjNUxlN1RJQVpjVTBOZVF5dzAyaG1qYWdTY2c2VWpPdTFmN0ZiTkpubnZFa0l5ZDFwZUJjOTA4cEJuQ3kzRzNfdGU2VWdHcVVldm1qRUhBRF9CY0YwbnlYQzc1TFNKSmtBQU9yREg3bFl5UVZnamdRRThIMzNKcDJHcUZLZnhVMkVzeUtZTlAySEM5dWdRcVVDaGltZXdCMzhjVUl3ZFlzTFFfQTdQc0Z3VzVRZXdjdkFHZi1JcktOTmlBMDVnbkdkeHpqT1hYOEhCZVc3WjlOV3kwY2I1QzBPdHlfdmhzVTA3QzhhcTZpN2RUbmVHVU1HS1lab3JGdExDU3hpVFUwM0ZzaDFQT2xWbUM5ODFZX2VGQlNDLXNzMzhNcERUQXFjRGZxY2MyNFJSUVJTVTUzTFFsZjVjenlUNEl0YXdPemQ0d2JtWnJOdTI4ZWVLdHV3In19", 
  "payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogIkpBWUlvcnIwVWdnQkxRWndjWXlHRUdHSlJYQUQ4M0pVdmJwSDdCdjc5bDQuTGZfbzV6Z0hkbkFsR2pSclh4SWNXemFhZVltd1JXV2lFMWxHN012TG1WVSIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9", 
  "signature": "sh8ajZfefuQBO2lHLfKizOUa7yPPp8J8DfTWtEwuO8FqtMz9wXkgrlaLutgrFGcwd2NX_xCtdxCYSB085SBNUrfhQGALOUQx-yVCELIu3CbIkObsBB0lqIFAEgLXi28bkv2v2J1WZIRiC_DmvzSv_XzhslSzRDOuVIr4IbBx10qBs5avRBlBgvzS1Gll-lXM6QF5CJZpelgUzyw0To1wq5ehhGct147Un5RdkJ5gXnw6fV97jKUXHHilrX0BBB1TS2_4Q2mWpVpZSq8lun8PpJ99j_F7cirXf3fbIe4Yj6BUAv1r9B4QeQysO4W4A0TxkhF4ml_-5dAcKYyHbnju2Q"
}
2017-12-07 07:20:47,940:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/challenge/vxvXcUiyPP3DY5g0Z4poiSLJjLAUXR_5P3pJ8HR9t5U/2663524207 HTTP/1.1" 202 336
2017-12-07 07:20:47,941:DEBUG:acme.client:Received response:
HTTP 202
Server: nginx
Content-Type: application/json
Content-Length: 336
Boulder-Requester: 1420306
Link: <https://acme-v01.api.letsencrypt.org/acme/authz/vxvXcUiyPP3DY5g0Z4poiSLJjLAUXR_5P3pJ8HR9t5U>;rel="up"
Location: https://acme-v01.api.letsencrypt.org/acme/challenge/vxvXcUiyPP3DY5g0Z4poiSLJjLAUXR_5P3pJ8HR9t5U/2663524207
Replay-Nonce: RAW6f1Bd8hzBdoZJ_eeJY7pvqsCN1ybZfBoyBpnwbe0
Expires: Thu, 07 Dec 2017 07:21:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 07 Dec 2017 07:21:46 GMT
Connection: keep-alive

{
  "type": "http-01",
  "status": "pending",
  "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/vxvXcUiyPP3DY5g0Z4poiSLJjLAUXR_5P3pJ8HR9t5U/2663524207",
  "token": "JAYIorr0UggBLQZwcYyGEGGJRXAD83JUvbpH7Bv79l4",
  "keyAuthorization": "JAYIorr0UggBLQZwcYyGEGGJRXAD83JUvbpH7Bv79l4.Lf_o5zgHdnAlGjRrXxIcWzaaeYmwRWWiE1lG7MvLmVU"
}
2017-12-07 07:20:47,941:DEBUG:acme.client:Storing nonce: RAW6f1Bd8hzBdoZJ_eeJY7pvqsCN1ybZfBoyBpnwbe0
2017-12-07 07:20:47,942:DEBUG:acme.client:JWS payload:
{
  "keyAuthorization": "Xdzqq3sg7B9CyxeC7Z7Dkg7N5dz-4h1k3C0X_zdMPt0.Lf_o5zgHdnAlGjRrXxIcWzaaeYmwRWWiE1lG7MvLmVU", 
  "type": "http-01", 
  "resource": "challenge"
}
2017-12-07 07:20:47,966:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/WTTEm48qZDagVzTFzUZkT8U3eKFkbWHjjuvca0UoWOI/2663524222:
{
  "protected": "eyJub25jZSI6ICJSQVc2ZjFCZDhoekJkb1pKX2VlSlk3cHZxc0NOMXliWmZCb3lCcG53YmUwIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAidUVrYzVjNUxlN1RJQVpjVTBOZVF5dzAyaG1qYWdTY2c2VWpPdTFmN0ZiTkpubnZFa0l5ZDFwZUJjOTA4cEJuQ3kzRzNfdGU2VWdHcVVldm1qRUhBRF9CY0YwbnlYQzc1TFNKSmtBQU9yREg3bFl5UVZnamdRRThIMzNKcDJHcUZLZnhVMkVzeUtZTlAySEM5dWdRcVVDaGltZXdCMzhjVUl3ZFlzTFFfQTdQc0Z3VzVRZXdjdkFHZi1JcktOTmlBMDVnbkdkeHpqT1hYOEhCZVc3WjlOV3kwY2I1QzBPdHlfdmhzVTA3QzhhcTZpN2RUbmVHVU1HS1lab3JGdExDU3hpVFUwM0ZzaDFQT2xWbUM5ODFZX2VGQlNDLXNzMzhNcERUQXFjRGZxY2MyNFJSUVJTVTUzTFFsZjVjenlUNEl0YXdPemQ0d2JtWnJOdTI4ZWVLdHV3In19", 
  "payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogIlhkenFxM3NnN0I5Q3l4ZUM3WjdEa2c3TjVkei00aDFrM0MwWF96ZE1QdDAuTGZfbzV6Z0hkbkFsR2pSclh4SWNXemFhZVltd1JXV2lFMWxHN012TG1WVSIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9", 
  "signature": "oJsDelmvCkm1aaOL3Z77Rw2-dtgFA0YwsMnYItGcLNxc1MVV08yazJIyl9ZPTsJw6cyOdFQ_AxoIbZJHqALABrzfSrGlH3i4IUc2zdpT3Nhhe7U3r5FbIf_uq7Pi43OwzLL5R63YE2WxW9ymKzF5WCPPz03x4rqrUld3vNf4affuMoP1YjjZJsFkSl296RccEvRXwcMxe_embhafisKhg3DHLZ-MpfXz78c5kRrHsto8rwT_GnyFT8KT5fcz65BFj1uNJkdViJq37jhDnb3M1LrlGGusWqr9FXjh42XWlpHIBXXAXUBmOrczg68xflkQUZtbsmWVewPJXDgXD5lSaQ"
}
2017-12-07 07:20:48,228:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/challenge/WTTEm48qZDagVzTFzUZkT8U3eKFkbWHjjuvca0UoWOI/2663524222 HTTP/1.1" 202 336
2017-12-07 07:20:48,229:DEBUG:acme.client:Received response:
HTTP 202
Server: nginx
Content-Type: application/json
Content-Length: 336
Boulder-Requester: 1420306
Link: <https://acme-v01.api.letsencrypt.org/acme/authz/WTTEm48qZDagVzTFzUZkT8U3eKFkbWHjjuvca0UoWOI>;rel="up"
Location: https://acme-v01.api.letsencrypt.org/acme/challenge/WTTEm48qZDagVzTFzUZkT8U3eKFkbWHjjuvca0UoWOI/2663524222
Replay-Nonce: nfdVias9XgyAvukJtv8t7LQ7CHadxpKfCkS_KlHCYIs
Expires: Thu, 07 Dec 2017 07:21:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 07 Dec 2017 07:21:46 GMT
Connection: keep-alive

{
  "type": "http-01",
  "status": "pending",
  "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/WTTEm48qZDagVzTFzUZkT8U3eKFkbWHjjuvca0UoWOI/2663524222",
  "token": "Xdzqq3sg7B9CyxeC7Z7Dkg7N5dz-4h1k3C0X_zdMPt0",
  "keyAuthorization": "Xdzqq3sg7B9CyxeC7Z7Dkg7N5dz-4h1k3C0X_zdMPt0.Lf_o5zgHdnAlGjRrXxIcWzaaeYmwRWWiE1lG7MvLmVU"
}
2017-12-07 07:20:48,229:DEBUG:acme.client:Storing nonce: nfdVias9XgyAvukJtv8t7LQ7CHadxpKfCkS_KlHCYIs
2017-12-07 07:20:51,233:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/vxvXcUiyPP3DY5g0Z4poiSLJjLAUXR_5P3pJ8HR9t5U.
2017-12-07 07:20:51,443:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /acme/authz/vxvXcUiyPP3DY5g0Z4poiSLJjLAUXR_5P3pJ8HR9t5U HTTP/1.1" 200 2026
2017-12-07 07:20:51,445:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 2026
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Replay-Nonce: gL8DzhlmcW0LonnDjEV20xJSkfyEsjfmAm2ivtQEvu0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Thu, 07 Dec 2017 07:21:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 07 Dec 2017 07:21:49 GMT
Connection: keep-alive

{
  "identifier": {
    "type": "dns",
    "value": "letsssl.space"
  },
  "status": "invalid",
  "expires": "2017-12-14T07:21:45Z",
  "challenges": [
    {
      "type": "dns-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/vxvXcUiyPP3DY5g0Z4poiSLJjLAUXR_5P3pJ8HR9t5U/2663524205",
      "token": "1fTgt3NXF9OhqO6_NnZIUjEsNgPCDTamSHbwWUYeTmE"
    },
    {
      "type": "tls-sni-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/vxvXcUiyPP3DY5g0Z4poiSLJjLAUXR_5P3pJ8HR9t5U/2663524206",
      "token": "YBdXpfMKD_jTmCkiQyW_6UG3SzupwQl6XDjjN-3J_dg"
    },
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:acme:error:unauthorized",
        "detail": "Invalid response from http://letsssl.space/.well-known/acme-challenge/JAYIorr0UggBLQZwcYyGEGGJRXAD83JUvbpH7Bv79l4: \"\u003c!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"\u003e\n\u003chtml\u003e\u003chead\u003e\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\n\u003c/head\u003e\u003cbody\u003e\n\u003ch1\u003eNot Found\u003c/h1\u003e\n\u003cp\"",
        "status": 403
      },
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/vxvXcUiyPP3DY5g0Z4poiSLJjLAUXR_5P3pJ8HR9t5U/2663524207",
      "token": "JAYIorr0UggBLQZwcYyGEGGJRXAD83JUvbpH7Bv79l4",
      "keyAuthorization": "JAYIorr0UggBLQZwcYyGEGGJRXAD83JUvbpH7Bv79l4.Lf_o5zgHdnAlGjRrXxIcWzaaeYmwRWWiE1lG7MvLmVU",
      "validationRecord": [
        {
          "url": "http://letsssl.space/.well-known/acme-challenge/JAYIorr0UggBLQZwcYyGEGGJRXAD83JUvbpH7Bv79l4",
          "hostname": "letsssl.space",
          "port": "80",
          "addressesResolved": [
            "46.226.109.26",
            "2001:4b98:dc2:41:216:3eff:feb1:d732"
          ],
          "addressUsed": "2001:4b98:dc2:41:216:3eff:feb1:d732",
          "addressesTried": []
        }
      ]
    }
  ],
  "combinations": [
    [
      1
    ],
    [
      2
    ],
    [
      0
    ]
  ]
}
2017-12-07 07:20:51,448:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/WTTEm48qZDagVzTFzUZkT8U3eKFkbWHjjuvca0UoWOI.
2017-12-07 07:20:51,655:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /acme/authz/WTTEm48qZDagVzTFzUZkT8U3eKFkbWHjjuvca0UoWOI HTTP/1.1" 200 2042
2017-12-07 07:20:51,656:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 2042
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Replay-Nonce: 0KeDRlCQvKvRfcVkJhbCGhl4IEeMfmytvgj_bDcLIXQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Thu, 07 Dec 2017 07:21:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 07 Dec 2017 07:21:49 GMT
Connection: keep-alive

{
  "identifier": {
    "type": "dns",
    "value": "www.letsssl.space"
  },
  "status": "invalid",
  "expires": "2017-12-14T07:21:45Z",
  "challenges": [
    {
      "type": "tls-sni-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/WTTEm48qZDagVzTFzUZkT8U3eKFkbWHjjuvca0UoWOI/2663524220",
      "token": "HFgpmCGcclNmte5aPgCyV1NUB-bjNdh1QTj5WOGCMks"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/WTTEm48qZDagVzTFzUZkT8U3eKFkbWHjjuvca0UoWOI/2663524221",
      "token": "oqjWPduUtWGWpqwjRqGn-3cfC1DBLeKPRq90xU_QcLo"
    },
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:acme:error:unauthorized",
        "detail": "Invalid response from http://www.letsssl.space/.well-known/acme-challenge/Xdzqq3sg7B9CyxeC7Z7Dkg7N5dz-4h1k3C0X_zdMPt0: \"\u003c!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"\u003e\n\u003chtml\u003e\u003chead\u003e\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\n\u003c/head\u003e\u003cbody\u003e\n\u003ch1\u003eNot Found\u003c/h1\u003e\n\u003cp\"",
        "status": 403
      },
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/WTTEm48qZDagVzTFzUZkT8U3eKFkbWHjjuvca0UoWOI/2663524222",
      "token": "Xdzqq3sg7B9CyxeC7Z7Dkg7N5dz-4h1k3C0X_zdMPt0",
      "keyAuthorization": "Xdzqq3sg7B9CyxeC7Z7Dkg7N5dz-4h1k3C0X_zdMPt0.Lf_o5zgHdnAlGjRrXxIcWzaaeYmwRWWiE1lG7MvLmVU",
      "validationRecord": [
        {
          "url": "http://www.letsssl.space/.well-known/acme-challenge/Xdzqq3sg7B9CyxeC7Z7Dkg7N5dz-4h1k3C0X_zdMPt0",
          "hostname": "www.letsssl.space",
          "port": "80",
          "addressesResolved": [
            "46.226.109.26",
            "2001:4b98:dc2:41:216:3eff:feb1:d732"
          ],
          "addressUsed": "2001:4b98:dc2:41:216:3eff:feb1:d732",
          "addressesTried": []
        }
      ]
    }
  ],
  "combinations": [
    [
      0
    ],
    [
      1
    ],
    [
      2
    ]
  ]
}
2017-12-07 07:20:51,657:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:

Domain: letsssl.space
Type:   unauthorized
Detail: Invalid response from http://letsssl.space/.well-known/acme-challenge/JAYIorr0UggBLQZwcYyGEGGJRXAD83JUvbpH7Bv79l4: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p"

Domain: www.letsssl.space
Type:   unauthorized
Detail: Invalid response from http://www.letsssl.space/.well-known/acme-challenge/Xdzqq3sg7B9CyxeC7Z7Dkg7N5dz-4h1k3C0X_zdMPt0: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p"

To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
2017-12-07 07:20:51,658:INFO:certbot.auth_handler:Cleaning up challenges
2017-12-07 07:20:51,658:DEBUG:certbot.plugins.webroot:Removing /home/letsssl/public_html/.well-known/acme-challenge/JAYIorr0UggBLQZwcYyGEGGJRXAD83JUvbpH7Bv79l4
2017-12-07 07:20:51,658:DEBUG:certbot.plugins.webroot:Removing /home/letsssl/public_html/.well-known/acme-challenge/Xdzqq3sg7B9CyxeC7Z7Dkg7N5dz-4h1k3C0X_zdMPt0
2017-12-07 07:20:51,659:INFO:certbot.plugins.webroot:Unable to clean up challenge directory /home/letsssl/public_html/.well-known/acme-challenge
2017-12-07 07:20:51,659:DEBUG:certbot.plugins.webroot:Error was: [Errno 39] Directory not empty: '/home/letsssl/public_html/.well-known/acme-challenge'
2017-12-07 07:20:51,660:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 11, in <module>
    sys.exit(main())
  File "/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/main.py", line 861, in main
    return config.func(config, plugins)
  File "/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/main.py", line 786, in certonly
    lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
  File "/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/main.py", line 85, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
  File "/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/client.py", line 357, in obtain_and_enroll_certificate
    certr, chain, key, _ = self.obtain_certificate(domains)
  File "/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/client.py", line 318, in obtain_certificate
    self.config.allow_subset_of_names)
  File "/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/auth_handler.py", line 81, in get_authorizations
    self._respond(resp, best_effort)
  File "/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/auth_handler.py", line 138, in _respond
    self._poll_challenges(chall_update, best_effort)
  File "/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/auth_handler.py", line 202, in _poll_challenges
    raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. letsssl.space (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://letsssl.space/.well-known/acme-challenge/JAYIorr0UggBLQZwcYyGEGGJRXAD83JUvbpH7Bv79l4: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p", www.letsssl.space (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.letsssl.space/.well-known/acme-challenge/Xdzqq3sg7B9CyxeC7Z7Dkg7N5dz-4h1k3C0X_zdMPt0: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p"