Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image?
Yes
Are you sure you're not using someone else's docker image?
Yes
Have you searched for similar issues (both open and closed)?
Yes
Describe the bug
I try to add an SSL and get Internal Error. I have found the workaroung with the "/.well-known" and it worked for 2 out of 3 domains - all 3 domains point to ha proxy for load balancing.
Nginx Proxy Manager Version
2.10.4
To Reproduce
Steps to reproduce the behavior:
Go to 'your proxy host'
Click on 'Edit'
Add the relevant info in details
Go to custom locations
Add "/.well-known"
Scheme: http
Go to Forward hostname/IP
Write "npm-app" <--- This the name of the container
Port: 80
Go to SSL
Request new certificate
Forse SSL - HTTPS/2 - Agree to the Terms
And Click 'Save'
Expected behavior
Approve the SSL
Screenshots
Operating System
I am using Debian 11
Additional context
Here are the logs of "letsencrypt.log" in "/tmp/letsencrypt-log/". Press Ctrl+F to search for "failed"... What do you think may be wrong?
2023-12-09 22:01:22,265:DEBUG:certbot._internal.main:certbot version: 2.5.0
2023-12-09 22:01:22,266:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2023-12-09 22:01:22,266:DEBUG:certbot._internal.main:Arguments: ['--config', '/etc/letsencrypt.ini', '--work-dir', '/tmp/letsencrypt-lib', '--logs-dir', '/tmp/letsencrypt-log', '--cert-name', 'npm-36', '--agree-tos', '--authenticator', 'webroot', '--email', 'admin@domain.eu', '--preferred-challenges', 'dns,http', '--domains', 'sub.domain.eu']
2023-12-09 22:01:22,266:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2023-12-09 22:01:22,293:DEBUG:certbot._internal.log:Root logging level set at 30
2023-12-09 22:01:22,295:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None
2023-12-09 22:01:22,300:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * webroot
Description: Saves the necessary validation files to a .well-known/acme-challenge/ directory within the nominated webroot path. A seperate HTTP server must be running and serving files from the webroot path. HTTP challenge only (wildcards not supported).
Interfaces: Authenticator, Plugin
Entry point: webroot = certbot._internal.plugins.webroot:Authenticator
Initialized: <certbot._internal.plugins.webroot.Authenticator object at 0x7fc48f349ef0>
Prep: True
2023-12-09 22:01:22,301:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.webroot.Authenticator object at 0x7fc48f349ef0> and installer None
2023-12-09 22:01:22,301:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2023-12-09 22:01:22,340:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/1456316666', new_authzr_uri=None, terms_of_service=None), 0eb3bcbf5bfe50fcc2f4b122fe04675d, Meta(creation_dt=datetime.datetime(2023, 12, 9, 15, 6, 26, tzinfo=), creation_host='3bc05dd66322', register_to_eff=None))>
2023-12-09 22:01:22,342:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2023-12-09 22:01:22,346:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2023-12-09 22:01:22,749:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 752
2023-12-09 22:01:22,750:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sat, 09 Dec 2023 22:01:22 GMT
Content-Type: application/json
Content-Length: 752
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.
2023-12-09 22:01:56,182:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2023-12-09 22:01:56,182:DEBUG:certbot._internal.error_handler:Calling registered functions
2023-12-09 22:01:56,182:INFO:certbot._internal.auth_handler:Cleaning up challenges
2023-12-09 22:01:56,182:DEBUG:certbot._internal.plugins.webroot:Removing /data/letsencrypt-acme-challenge/.well-known/acme-challenge/T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI
2023-12-09 22:01:56,184:DEBUG:certbot._internal.plugins.webroot:All challenges cleaned up
2023-12-09 22:01:56,185:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 8, in
sys.exit(main())
File "/opt/certbot/lib/python3.7/site-packages/certbot/main.py", line 19, in main
return internal_main.main(cli_args)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1864, in main
return config.func(config, plugins)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1597, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 141, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 516, in obtain_and_enrollcertificate
cert, chain, key, = self.obtain_certificate(domains)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 428, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 496, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2023-12-09 22:01:56,189:ERROR:certbot._internal.log:Some challenges have failed.
Checklist
jc21/nginx-proxy-manager:latest
docker image?Describe the bug
I try to add an SSL and get Internal Error. I have found the workaroung with the "/.well-known" and it worked for 2 out of 3 domains - all 3 domains point to ha proxy for load balancing.
Nginx Proxy Manager Version
2.10.4
To Reproduce Steps to reproduce the behavior:
Expected behavior
Approve the SSL
Screenshots
Operating System
I am using Debian 11
Additional context
Here are the logs of "letsencrypt.log" in "/tmp/letsencrypt-log/". Press Ctrl+F to search for "failed"... What do you think may be wrong?
2023-12-09 22:01:22,265:DEBUG:certbot._internal.main:certbot version: 2.5.0 2023-12-09 22:01:22,266:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot 2023-12-09 22:01:22,266:DEBUG:certbot._internal.main:Arguments: ['--config', '/etc/letsencrypt.ini', '--work-dir', '/tmp/letsencrypt-lib', '--logs-dir', '/tmp/letsencrypt-log', '--cert-name', 'npm-36', '--agree-tos', '--authenticator', 'webroot', '--email', 'admin@domain.eu', '--preferred-challenges', 'dns,http', '--domains', 'sub.domain.eu'] 2023-12-09 22:01:22,266:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2023-12-09 22:01:22,293:DEBUG:certbot._internal.log:Root logging level set at 30 2023-12-09 22:01:22,295:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None 2023-12-09 22:01:22,300:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * webroot Description: Saves the necessary validation files to a .well-known/acme-challenge/ directory within the nominated webroot path. A seperate HTTP server must be running and serving files from the webroot path. HTTP challenge only (wildcards not supported). Interfaces: Authenticator, Plugin Entry point: webroot = certbot._internal.plugins.webroot:Authenticator Initialized: <certbot._internal.plugins.webroot.Authenticator object at 0x7fc48f349ef0> Prep: True 2023-12-09 22:01:22,301:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.webroot.Authenticator object at 0x7fc48f349ef0> and installer None 2023-12-09 22:01:22,301:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator webroot, Installer None 2023-12-09 22:01:22,340:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/1456316666', new_authzr_uri=None, terms_of_service=None), 0eb3bcbf5bfe50fcc2f4b122fe04675d, Meta(creation_dt=datetime.datetime(2023, 12, 9, 15, 6, 26, tzinfo=), creation_host='3bc05dd66322', register_to_eff=None))>
2023-12-09 22:01:22,342:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2023-12-09 22:01:22,346:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2023-12-09 22:01:22,749:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 752
2023-12-09 22:01:22,750:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sat, 09 Dec 2023 22:01:22 GMT
Content-Type: application/json
Content-Length: 752
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{ "DDUcjb4TyMA": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-01/renewalInfo/", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2023-12-09 22:01:22,751:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for sub.domain.eu 2023-12-09 22:01:22,760:DEBUG:acme.client:Requesting fresh nonce 2023-12-09 22:01:22,760:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2023-12-09 22:01:22,895:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2023-12-09 22:01:22,897:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 09 Dec 2023 22:01:22 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Replay-Nonce: 5L5O4-CSKhQ_SbEcexXAIILwticj_jK7SZhaUPgSpeY2xLLaJ3E X-Frame-Options: DENY Strict-Transport-Security: max-age=604800
2023-12-09 22:01:22,897:DEBUG:acme.client:Storing nonce: 5L5O4-CSKhQ_SbEcexXAIILwticj_jK7SZhaUPgSpeY2xLLaJ3E 2023-12-09 22:01:22,897:DEBUG:acme.client:JWS payload: b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "sub.domain.eu"\n }\n ]\n}' 2023-12-09 22:01:22,901:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTQ1NjMxNjY2NiIsICJub25jZSI6ICI1TDVPNC1DU0toUV9TYkVjZXhYQUlJTHd0aWNqX2pLN1NaaGFVUGdTcGVZMnhMTGFKM0UiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9", "signature": "btJuRTEZ6GlF8wAq0n9q-pBo9Y3CwkoU3unDxd_MTDZqCn7CTaGBYwMqYpFrZGLgYcjxvr_nU5NrKwKSmxBM-X2USQRjdGIg6lozckY8sx5HwbqAVXXpV44YNh5Gzb702T8nYqdEi3d-N7RT6GBJB_jlu1DDk4ZAJxRlYh5UaSpwQG9ZubyEi49u4NdQpLp5x-oP5-Y1B8gXqcEo6_d7DAnxsP1AmUJYiJUtdXdiD8S11xwNJnWIXrtCK3W6i3stq9y1KV4v20go7kiBz_pU1NyJ5YRww9AXSQNFG7p2_Dyvebz_jEFtI2qMpjk4xTqyVWvtpsLiV_jgt4YcNVKh8g", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImFpY29kZS5kaHFpLmV1IgogICAgfQogIF0KfQ" } 2023-12-09 22:01:23,192:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 340 2023-12-09 22:01:23,193:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Sat, 09 Dec 2023 22:01:23 GMT Content-Type: application/json Content-Length: 340 Connection: keep-alive Boulder-Requester: 1456316666 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/1456316666/228061686216 Replay-Nonce: 5L5O4-CSyWh_L1_9JYhx7EvxlHBYNL0HZZqZiMvtcKxdYE8ARgw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800
{ "status": "pending", "expires": "2023-12-16T22:01:23Z", "identifiers": [ { "type": "dns", "value": "sub.domain.eu" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/292061706076" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/1456316666/228061686216" } 2023-12-09 22:01:23,193:DEBUG:acme.client:Storing nonce: 5L5O4-CSyWh_L1_9JYhx7EvxlHBYNL0HZZqZiMvtcKxdYE8ARgw 2023-12-09 22:01:23,194:DEBUG:acme.client:JWS payload: b'' 2023-12-09 22:01:23,197:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/292061706076: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTQ1NjMxNjY2NiIsICJub25jZSI6ICI1TDVPNC1DU3lXaF9MMV85SlloeDdFdnhsSEJZTkwwSFpacVppTXZ0Y0t4ZFlFOEFSZ3ciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzI5MjA2MTcwNjA3NiJ9", "signature": "yTSp_xj_XG0TXjZJpZDZ2Huc-2gizU1Q4rQ9DVMvQ9kxdj1ftMHJ8gKzYV2uDYfNGQJRvFwHG71DMjyLmWHFiK_P3Ym3U3wqWInwZI_B8NzwlLgqnj04RA3SLOML7wYUml-WOtyX475Z2Vl_Gx-LmuMg7AGDMI3MesHWOrxmbEyD7JFtTW5oCDQIHEXvkhxNF5St_X5bxgUR9rxRpKSRGdRWuw3qA8xZ7tTRcj18bdWMaubuorXR94tZAIIALBQcdwMDmLqAPaj3_L0vSUuZ_lQmNamMMoZ41I62dHdRL62HPLsrf2Vj5se-w11QtLAHEjdPJSUy0U88H2RPse7SBQ", "payload": "" } 2023-12-09 22:01:23,336:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/292061706076 HTTP/1.1" 200 798 2023-12-09 22:01:23,337:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 09 Dec 2023 22:01:23 GMT Content-Type: application/json Content-Length: 798 Connection: keep-alive Boulder-Requester: 1456316666 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Replay-Nonce: 5L5O4-CSVgPtNOjyxWYVcWncZGNcrHDmGi6qdOBmyC3huo9Y7z8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800
{ "identifier": { "type": "dns", "value": "sub.domain.eu" }, "status": "pending", "expires": "2023-12-16T22:01:23Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/NYxVZw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/SxlsJw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/UYL1ag", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" } ] } 2023-12-09 22:01:23,337:DEBUG:acme.client:Storing nonce: 5L5O4-CSVgPtNOjyxWYVcWncZGNcrHDmGi6qdOBmyC3huo9Y7z8 2023-12-09 22:01:23,338:INFO:certbot._internal.auth_handler:Performing the following challenges: 2023-12-09 22:01:23,338:INFO:certbot._internal.auth_handler:http-01 challenge for sub.domain.eu 2023-12-09 22:01:23,339:INFO:certbot._internal.plugins.webroot:Using the webroot path /data/letsencrypt-acme-challenge for all unmatched domains. 2023-12-09 22:01:23,339:DEBUG:certbot._internal.plugins.webroot:Creating root challenges validation dir at /data/letsencrypt-acme-challenge/.well-known/acme-challenge 2023-12-09 22:01:23,344:DEBUG:certbot._internal.plugins.webroot:Attempting to save validation to /data/letsencrypt-acme-challenge/.well-known/acme-challenge/T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI 2023-12-09 22:01:23,345:DEBUG:acme.client:JWS payload: b'{}' 2023-12-09 22:01:23,348:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/NYxVZw: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTQ1NjMxNjY2NiIsICJub25jZSI6ICI1TDVPNC1DU1ZnUHROT2p5eFdZVmNXbmNaR05jckhEbUdpNnFkT0JteUMzaHVvOVk3ejgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzI5MjA2MTcwNjA3Ni9OWXhWWncifQ", "signature": "QbELDPjFiqOsA0wiZUVkMu0py83vc8YbObjDgWO0U3mSXFMPvE_euxziP0zObxcaAdEyXTPYv3ct-qmsqtO_m7AIVGLl-nhTpeF5Mr7ZWD3HxiHkJDupPm-YLjtX3dDOh02NQypd1EepjBzYImvpqsY2YRuMNY8tT6nWA2_oltOw4b1KXxisU1tkf1WN6DGX-3RBNGVNbK5UqtYF_8vFdLoWDQ9I9anLfpexTBojLusfpfbfynJmwW1KcqIsX4tSjtcK_KOUapJI9GgajDu_m6T1uqPsokJJvAEPtnPqon7I5Tv_9Mip2S41_mNrhqCLbSZCU0JDoMnRM8fSkes8ig", "payload": "e30" } 2023-12-09 22:01:23,503:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/292061706076/NYxVZw HTTP/1.1" 200 187 2023-12-09 22:01:23,505:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 09 Dec 2023 22:01:23 GMT Content-Type: application/json Content-Length: 187 Connection: keep-alive Boulder-Requester: 1456316666 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index", https://acme-v02.api.letsencrypt.org/acme/authz-v3/292061706076;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/NYxVZw Replay-Nonce: vwMFqfCEVJelMRlJZqDz0aIeWq2hZQ7ApEca3DZ9PzohopUyyXA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800
{ "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/NYxVZw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" } 2023-12-09 22:01:23,505:DEBUG:acme.client:Storing nonce: vwMFqfCEVJelMRlJZqDz0aIeWq2hZQ7ApEca3DZ9PzohopUyyXA 2023-12-09 22:01:23,506:INFO:certbot._internal.auth_handler:Waiting for verification... 2023-12-09 22:01:24,507:DEBUG:acme.client:JWS payload: b'' 2023-12-09 22:01:24,511:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/292061706076: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTQ1NjMxNjY2NiIsICJub25jZSI6ICJ2d01GcWZDRVZKZWxNUmxKWnFEejBhSWVXcTJoWlE3QXBFY2EzRFo5UHpvaG9wVXl5WEEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzI5MjA2MTcwNjA3NiJ9", "signature": "K0170ITuqblu2vbd-UOjI9t6mG7Gql0cLZq-QrhMk6mtsZGozt3qcz1-11Mg5IGBdRYU9ltMP-Cdvvyg5ljCDvq1bwfEwdYhlOy97E1orj1oiTxJDePueIHNzUiMYNO7-EnTXZCHLBj3R5qd0yRMbugy_VccdvMe8PYjWQo-voKWUXemYo9OOEgmwv6SmsQE5cjcGtJZFQklQbdSxQXvgcfXu21w81heO6wKIY46Rlwvl4SYSUGQPzkWHZQN4xqFfh9it4RvDPEi3m26Fsc6RaOsS7EItUKvXFKh9CwnioON9A9fKJsG3Cf6TJcDZYuAU5lbWWqLlxXehCJGH3JshA", "payload": "" } 2023-12-09 22:01:24,650:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/292061706076 HTTP/1.1" 200 798 2023-12-09 22:01:24,652:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 09 Dec 2023 22:01:24 GMT Content-Type: application/json Content-Length: 798 Connection: keep-alive Boulder-Requester: 1456316666 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Replay-Nonce: vwMFqfCEbxaD8M6UnJPmxpiggpii2LRL6EKSkDk0AiL5endC9S0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800
{ "identifier": { "type": "dns", "value": "sub.domain.eu" }, "status": "pending", "expires": "2023-12-16T22:01:23Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/NYxVZw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/SxlsJw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/UYL1ag", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" } ] } 2023-12-09 22:01:24,655:DEBUG:acme.client:Storing nonce: vwMFqfCEbxaD8M6UnJPmxpiggpii2LRL6EKSkDk0AiL5endC9S0 2023-12-09 22:01:27,657:DEBUG:acme.client:JWS payload: b'' 2023-12-09 22:01:27,661:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/292061706076: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTQ1NjMxNjY2NiIsICJub25jZSI6ICJ2d01GcWZDRWJ4YUQ4TTZVbkpQbXhwaWdncGlpMkxSTDZFS1NrRGswQWlMNWVuZEM5UzAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzI5MjA2MTcwNjA3NiJ9", "signature": "vvccd90MYyuDZMoRbG3jZUKgyW5XPH7yPpm18GYbyEZjfnBTwlfCtIl_NtNjoEhgWsnjivm8V4UxisGGWQeiwYT59YU8TxsatlhjURlO2g_DH7Tmsxa0HDLhLKaPhGidVnroBBtTurm5_Mge8NwA6vE6ljY4XuSdYQdw0nLjIqarnseIjl6TereSHJOUjzM_lkMKNNRzsaneLlnYYol7elL63St7LGdraEwoDEYzJB_oOoB6oFcyckAZI38eOzgX0cfif6n5nhiwLiUMErBvE7XYmiV7NA7hNXntnCI02AmhYUK2g3wRkLCWgqxDg-ieFt_N6eL5NAoG0Jo0NXephA", "payload": "" } 2023-12-09 22:01:27,801:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/292061706076 HTTP/1.1" 200 798 2023-12-09 22:01:27,802:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 09 Dec 2023 22:01:27 GMT Content-Type: application/json Content-Length: 798 Connection: keep-alive Boulder-Requester: 1456316666 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Replay-Nonce: 5L5O4-CSlebVvjPtQfgmdqNEdwQbRiEBCbDJsDQEn4U3M--rxvg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800
{ "identifier": { "type": "dns", "value": "sub.domain.eu" }, "status": "pending", "expires": "2023-12-16T22:01:23Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/NYxVZw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/SxlsJw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/UYL1ag", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" } ] } 2023-12-09 22:01:27,803:DEBUG:acme.client:Storing nonce: 5L5O4-CSlebVvjPtQfgmdqNEdwQbRiEBCbDJsDQEn4U3M--rxvg 2023-12-09 22:01:30,809:DEBUG:acme.client:JWS payload: b'' 2023-12-09 22:01:30,812:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/292061706076: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTQ1NjMxNjY2NiIsICJub25jZSI6ICI1TDVPNC1DU2xlYlZ2alB0UWZnbWRxTkVkd1FiUmlFQkNiREpzRFFFbjRVM00tLXJ4dmciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzI5MjA2MTcwNjA3NiJ9", "signature": "F16NIN_OQxvcaWAJop6MeU6rHPGrJzqcw0xyriSdvhDcFDz0xBiPeX7T9JgGGbgs3hP-Pvxb_YW0Yb44Wrv_UBqUtlCjpPRhcthrWaPbNFvXh46Gw_J-NcBCYuKFA7gR6vOJ8SEu1q8eRF-X20ugNKIbamdEzDTpsS6MtT-qd9x8SoTzPmzNeKAA-h_62v6NtaQBUqrUFRp-ii6bDYIbC4qMnu03lEeU4AReI6GIR08XetHigSQbqWWmrCBrh87i2gSEh9v4F2PmFm3n2buLMtyzy2s-WpnRRfaUjcuLcrr6WzggcYIHBgZHzE0dhzk1Hqf1wJRo3FkV7CQh9PY8vg", "payload": "" } 2023-12-09 22:01:30,951:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/292061706076 HTTP/1.1" 200 798 2023-12-09 22:01:30,952:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 09 Dec 2023 22:01:30 GMT Content-Type: application/json Content-Length: 798 Connection: keep-alive Boulder-Requester: 1456316666 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Replay-Nonce: vwMFqfCEJ3IPgpKATkwTWfw6Fx_kjoQldzve57Yqbsue_7_HbjA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800
{ "identifier": { "type": "dns", "value": "sub.domain.eu" }, "status": "pending", "expires": "2023-12-16T22:01:23Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/NYxVZw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/SxlsJw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/UYL1ag", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" } ] } 2023-12-09 22:01:30,952:DEBUG:acme.client:Storing nonce: vwMFqfCEJ3IPgpKATkwTWfw6Fx_kjoQldzve57Yqbsue_7_HbjA 2023-12-09 22:01:33,957:DEBUG:acme.client:JWS payload: b'' 2023-12-09 22:01:33,960:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/292061706076: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTQ1NjMxNjY2NiIsICJub25jZSI6ICJ2d01GcWZDRUozSVBncEtBVGt3VFdmdzZGeF9ram9RbGR6dmU1N1lxYnN1ZV83X0hiakEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzI5MjA2MTcwNjA3NiJ9", "signature": "mbnP-m7dMhly3GWu7kH8XohRZeQTrj-eEWSf4DHXU5r9g8O06MHTKdf39ku8bTSCF2YcPXp3JmTzKGnk02fsX4oSRRGPQgRHT99EDWhawFomnoXbF2chsqJK4vyBM8oML6fOJgzRXJIzij1L6eyEx-H0Jiz51rNdpPh3UqxhsaLbzoUZzoGeW8aQpSv5f6G1DOLYY7dtHO_GgUGX6dZwUIvT2Qtezr7aKgqmMt0loIvcbuHsetrFyvOqvpSmLIS7tcc3vCGYnQ2MMFHDlmJHbfmeNQIDVoMJxVVwkJ__kKJhLl5nMRIie-vSzFCKyHCjEDmVlCO1oyffKkgWRHAe_Q", "payload": "" } 2023-12-09 22:01:34,099:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/292061706076 HTTP/1.1" 200 798 2023-12-09 22:01:34,100:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 09 Dec 2023 22:01:34 GMT Content-Type: application/json Content-Length: 798 Connection: keep-alive Boulder-Requester: 1456316666 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Replay-Nonce: 5L5O4-CSswhKC7Fn9glFfR5gR_M7wruXYS8JTzw8ByyxRMsf76M X-Frame-Options: DENY Strict-Transport-Security: max-age=604800
{ "identifier": { "type": "dns", "value": "sub.domain.eu" }, "status": "pending", "expires": "2023-12-16T22:01:23Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/NYxVZw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/SxlsJw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/UYL1ag", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" } ] } 2023-12-09 22:01:34,101:DEBUG:acme.client:Storing nonce: 5L5O4-CSswhKC7Fn9glFfR5gR_M7wruXYS8JTzw8ByyxRMsf76M 2023-12-09 22:01:37,105:DEBUG:acme.client:JWS payload: b'' 2023-12-09 22:01:37,108:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/292061706076: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTQ1NjMxNjY2NiIsICJub25jZSI6ICI1TDVPNC1DU3N3aEtDN0ZuOWdsRmZSNWdSX003d3J1WFlTOEpUenc4Qnl5eFJNc2Y3Nk0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzI5MjA2MTcwNjA3NiJ9", "signature": "J5JDaDDphQF3RDPoK8sJHQE1oThqQMjDK0P2KcorzkdNmM5iU5luUw3-cXAJvI8KDLaBwv_DWABz00JB-u_VoMxpGt72kJlN354YBxWfsJmr7rKycGr7mcjpOsw2uP3KyAQEZb-0fqG_XZADrey1u9QLsNb9pU1xmURIXl9DQXH0v4ZGrfxgMjE6SIh186xJPwrAGJmGRUk-PZOKT0yGsQEkNiZRA6EeQs_IVZPC9sR9UMsjAOFhj1UyKuqacqbbo8Yo38RsUZpsBSl3AvycNlU9OSLtGaKXRx9vA54VESJ4SBqEGaT20V57wWayL8bZZMbrOm2fePX-bIp73ph0OA", "payload": "" } 2023-12-09 22:01:37,259:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/292061706076 HTTP/1.1" 200 798 2023-12-09 22:01:37,259:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 09 Dec 2023 22:01:37 GMT Content-Type: application/json Content-Length: 798 Connection: keep-alive Boulder-Requester: 1456316666 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Replay-Nonce: 5L5O4-CSvAJpPJc5acaQk_tw6KBdHSq1Wa2x9gMvg_zeTEFPaPE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800
{ "identifier": { "type": "dns", "value": "sub.domain.eu" }, "status": "pending", "expires": "2023-12-16T22:01:23Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/NYxVZw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/SxlsJw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/UYL1ag", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" } ] } 2023-12-09 22:01:37,260:DEBUG:acme.client:Storing nonce: 5L5O4-CSvAJpPJc5acaQk_tw6KBdHSq1Wa2x9gMvg_zeTEFPaPE 2023-12-09 22:01:40,261:DEBUG:acme.client:JWS payload: b'' 2023-12-09 22:01:40,263:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/292061706076: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTQ1NjMxNjY2NiIsICJub25jZSI6ICI1TDVPNC1DU3ZBSnBQSmM1YWNhUWtfdHc2S0JkSFNxMVdhMng5Z012Z196ZVRFRlBhUEUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzI5MjA2MTcwNjA3NiJ9", "signature": "O-8hVb7tsYKzIDlqR1Mn5q0TJNao9fRcMKdIacuEvaSTUqqamq4oN6hyZ-vTO5MFsYsNhzV-yo5B9n9ykK-opiiCILzEniivh2dz8G6KyraSwSACBs_afZzSA5ESvIdgFW6gKsKvRJH76NH0S17DWogS4YsdAZTYwjV0Ptxt1JS9SiC1gdl0YgMb71Jrj1EzjSuUjc9rJ23wrgMuy3-6vqDzZANcmtZt4X5khZT2X7Kp0Vx9ZlRqYNz1fdulsbVFfzhvjhWCNgVO4KPFy3y8WXJDSVW__NtBtR3d5q3YJ5KYdhAvgJozRoHqMO4onnRfk-NmLCZi1HAlSawFP6bavA", "payload": "" } 2023-12-09 22:01:40,400:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/292061706076 HTTP/1.1" 200 798 2023-12-09 22:01:40,401:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 09 Dec 2023 22:01:40 GMT Content-Type: application/json Content-Length: 798 Connection: keep-alive Boulder-Requester: 1456316666 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Replay-Nonce: vwMFqfCEy7YsbKFhu_ULTmV_GYve-w-SLMvumG3Fsc4oZbhEJ1w X-Frame-Options: DENY Strict-Transport-Security: max-age=604800
{ "identifier": { "type": "dns", "value": "sub.domain.eu" }, "status": "pending", "expires": "2023-12-16T22:01:23Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/NYxVZw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/SxlsJw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/UYL1ag", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" } ] } 2023-12-09 22:01:40,401:DEBUG:acme.client:Storing nonce: vwMFqfCEy7YsbKFhu_ULTmV_GYve-w-SLMvumG3Fsc4oZbhEJ1w 2023-12-09 22:01:43,405:DEBUG:acme.client:JWS payload: b'' 2023-12-09 22:01:43,408:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/292061706076: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTQ1NjMxNjY2NiIsICJub25jZSI6ICJ2d01GcWZDRXk3WXNiS0ZodV9VTFRtVl9HWXZlLXctU0xNdnVtRzNGc2M0b1piaEVKMXciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzI5MjA2MTcwNjA3NiJ9", "signature": "QXamn97WKHQ9bEP9vnEHIq4VRl51uEx82r-2A5LmDE_XI6zSDs8P-JcrreQJmREM4MSChwTciE8r1Sv7zqhIF3yReUZfop_K5exeQ3PUbvKLPUchCyEBv13MMd_QDXPuF_sM3A46jpS8Hvu4qoNmddyWwBhp23tcbhPEBTZPJQpK5ND1E-fptbcYpevAf-l9n9KdF8vOA4TsVLwxjqWeEw4pEtBFR6bOTgVs_ZPovWWeyBqCJLzKK7JFlREd0xisz-iBhTojHTPtBjGv8nEdw56hrzJ8gikhknU3rip0DBuh0kf3NdZekQxHW8D6RZmPiXg34nBqsAH0nITwR09fAA", "payload": "" } 2023-12-09 22:01:43,559:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/292061706076 HTTP/1.1" 200 798 2023-12-09 22:01:43,560:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 09 Dec 2023 22:01:43 GMT Content-Type: application/json Content-Length: 798 Connection: keep-alive Boulder-Requester: 1456316666 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Replay-Nonce: 5L5O4-CSkH0E0bZzVdIY48_N8OWskX0G6UgNWViW64XxM5BlPP8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800
{ "identifier": { "type": "dns", "value": "sub.domain.eu" }, "status": "pending", "expires": "2023-12-16T22:01:23Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/NYxVZw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/SxlsJw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/UYL1ag", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" } ] } 2023-12-09 22:01:43,561:DEBUG:acme.client:Storing nonce: 5L5O4-CSkH0E0bZzVdIY48_N8OWskX0G6UgNWViW64XxM5BlPP8 2023-12-09 22:01:46,564:DEBUG:acme.client:JWS payload: b'' 2023-12-09 22:01:46,568:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/292061706076: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTQ1NjMxNjY2NiIsICJub25jZSI6ICI1TDVPNC1DU2tIMEUwYlp6VmRJWTQ4X044T1dza1gwRzZVZ05XVmlXNjRYeE01QmxQUDgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzI5MjA2MTcwNjA3NiJ9", "signature": "LCa17F6UQYE4KxwDvjCm1pVdfSU7ddv-w-eTjtZ9Byggj_6OeV0pkVAzP6-_PqpiBvVVCW4eq53la5RffkKcQlCSV0ZBh2TFUwMzkceavpNqvn1iVz9ZVenVqoQsRizXXQhqj9lSW2-OA16WywPFUwoyrtLf6yUe9lTYDufGez4DkSluIgWksfU4FI7JMXd9ZyAAcM8Bo6XEX-CaTttu6NkeEi-4SbodjrtxCIoCxgycav0S6OpteRbggzjou4laE5_mMhTol0gvxPDuzE3CaXvRUreZXYpjciP6aUvIKw1Lb77GG9SyxVarv5YhzVNbFSLRiZ3YYkPfTm_xXokBCQ", "payload": "" } 2023-12-09 22:01:46,718:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/292061706076 HTTP/1.1" 200 798 2023-12-09 22:01:46,719:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 09 Dec 2023 22:01:46 GMT Content-Type: application/json Content-Length: 798 Connection: keep-alive Boulder-Requester: 1456316666 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Replay-Nonce: vwMFqfCErOklze-8-n19ZlixGfUHgMn3RWDPeRWRF9_fgaq6H7A X-Frame-Options: DENY Strict-Transport-Security: max-age=604800
{ "identifier": { "type": "dns", "value": "sub.domain.eu" }, "status": "pending", "expires": "2023-12-16T22:01:23Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/NYxVZw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/SxlsJw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/UYL1ag", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" } ] } 2023-12-09 22:01:46,719:DEBUG:acme.client:Storing nonce: vwMFqfCErOklze-8-n19ZlixGfUHgMn3RWDPeRWRF9_fgaq6H7A 2023-12-09 22:01:49,724:DEBUG:acme.client:JWS payload: b'' 2023-12-09 22:01:49,727:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/292061706076: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTQ1NjMxNjY2NiIsICJub25jZSI6ICJ2d01GcWZDRXJPa2x6ZS04LW4xOVpsaXhHZlVIZ01uM1JXRFBlUldSRjlfZmdhcTZIN0EiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzI5MjA2MTcwNjA3NiJ9", "signature": "pRg--ycRwWJ6uFQh2MhT0-HpIUcncPiSKAYXwVsxDKitqM2TA3VuTdukxxBvFXbaCQMk9LGYRDgbe37NGuNsx9Lh6GHq00ReJV2NRMNUh_Obd-9m8wkKAcQtbn9tfS6VXeOjLa3oEboHeJhWd-8HEyMGnDAy8BVhhebg0wBFdUk6iFmqS8j5yZ5KIK9n-WeDAxfa6HFdmMd3HeJxzz979JBrK--SvDjfw8l_aEm3ewN2OdMSKYTrcDY69POG2irAUmw7Bx_ORAq7_gEvRHJoTvdUqPLrxnPQrgT5sfssNH0n9RDrtQt3Ny1wEfVotd7X7MvpSiqJ5QtPWWnA1J-cDg", "payload": "" } 2023-12-09 22:01:49,864:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/292061706076 HTTP/1.1" 200 798 2023-12-09 22:01:49,865:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 09 Dec 2023 22:01:49 GMT Content-Type: application/json Content-Length: 798 Connection: keep-alive Boulder-Requester: 1456316666 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Replay-Nonce: 5L5O4-CSn8pntyK4CC3s1uzigrRyXfKU9JpO2HBED1P93pTMAB8 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800
{ "identifier": { "type": "dns", "value": "sub.domain.eu" }, "status": "pending", "expires": "2023-12-16T22:01:23Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/NYxVZw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/SxlsJw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/UYL1ag", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" } ] } 2023-12-09 22:01:49,866:DEBUG:acme.client:Storing nonce: 5L5O4-CSn8pntyK4CC3s1uzigrRyXfKU9JpO2HBED1P93pTMAB8 2023-12-09 22:01:52,869:DEBUG:acme.client:JWS payload: b'' 2023-12-09 22:01:52,872:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/292061706076: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTQ1NjMxNjY2NiIsICJub25jZSI6ICI1TDVPNC1DU244cG50eUs0Q0MzczF1emlnclJ5WGZLVTlKcE8ySEJFRDFQOTNwVE1BQjgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzI5MjA2MTcwNjA3NiJ9", "signature": "LGIeL9o0Vi4HDsDOFPA8fnhgizuTy6XJxjOjsKWFpyBwEhkV1QH22L-U7OStac_j4hrfuXSmNlvwzaG9U9MhiCfnzP30PimwGARuMwmFs8ja1v0uXTrCKIcKtA3wDXBD7wBCa3jX2cmzC-F2n2vA6458BUTyBrL5cYoMA8WQbylgi0YSEqok7XHrvXWeJqVgo2ZUBSSFHIgPlYK-M-5ARNXar0tSgYLzq7PPjIWJ-dR8_IJW6uqC5eWeEVst9t8bAEpMzV2Epm2v1ciOccuT0o1XAnNPYena0xSs7Yzt7lX8TXJTd9PIdrs0vs0btwEqdalymO5XfAqFUHBytxuyXw", "payload": "" } 2023-12-09 22:01:53,014:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/292061706076 HTTP/1.1" 200 798 2023-12-09 22:01:53,015:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 09 Dec 2023 22:01:52 GMT Content-Type: application/json Content-Length: 798 Connection: keep-alive Boulder-Requester: 1456316666 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Replay-Nonce: vwMFqfCE46QD27F_9BB5TPVpLg3ylRgimpX5R1_pq3cYJV5W0xA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800
{ "identifier": { "type": "dns", "value": "sub.domain.eu" }, "status": "pending", "expires": "2023-12-16T22:01:23Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/NYxVZw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/SxlsJw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/UYL1ag", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI" } ] } 2023-12-09 22:01:53,015:DEBUG:acme.client:Storing nonce: vwMFqfCE46QD27F_9BB5TPVpLg3ylRgimpX5R1pq3cYJV5W0xA 2023-12-09 22:01:56,016:DEBUG:acme.client:JWS payload: b'' 2023-12-09 22:01:56,019:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/292061706076: { "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTQ1NjMxNjY2NiIsICJub25jZSI6ICJ2d01GcWZDRTQ2UUQyN0ZfOUJCNVRQVnBMZzN5bFJnaW1wWDVSMV9wcTNjWUpWNVcweEEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzI5MjA2MTcwNjA3NiJ9", "signature": "JyYbrr0S15c-kkSm2nwMGE8zlxq-6gCO4QVlVDl3hhfZlorzhnhQaRh0tdY_fcy-ixsBQhI_rQ8dkn2onvwlEauGLUxQdiBUg6j-zCFRgK_JXFJHf3Knuy40YU-xXM86RN9AVYthTGIUJbLypCflRAUn-ahMZ723iRxSSi8uyV4uLmZXB0rveyg5bpp1HcMsOe4xiN3_CEY4t4Jj6Mk4H78krgjTmCkH8pFzjGrKYtGFV2u7KFEssX1nPiFUa78xtWuzXhgFpEsNOKorx6ZXk2GangSpY6P5P01RxiQ3SnVoD8H3PjFlvx4Y3zeTyMKPKQMeek7ruRk29pV6cBi9g", "payload": "" } 2023-12-09 22:01:56,175:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/292061706076 HTTP/1.1" 200 1158 2023-12-09 22:01:56,177:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Sat, 09 Dec 2023 22:01:56 GMT Content-Type: application/json Content-Length: 1158 Connection: keep-alive Boulder-Requester: 1456316666 Cache-Control: public, max-age=0, no-cache Link: https://acme-v02.api.letsencrypt.org/directory;rel="index" Replay-Nonce: 5L5O4-CSO9GlAgoOn-x3zOY2NaixO1O2PncQRhblo3Uz6-e_UCU X-Frame-Options: DENY Strict-Transport-Security: max-age=604800
{ "identifier": { "type": "dns", "value": "sub.domain.eu" }, "status": "invalid", "expires": "2023-12-16T22:01:23Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:unauthorized", "detail": "2606:4700:3035::ac43:8761: Invalid response from http://sub.domain.eu/.well-known/acme-challenge/T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI: 522", "status": 403 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/292061706076/NYxVZw", "token": "T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI", "validationRecord": [ { "url": "http://sub.domain.eu/.well-known/acme-challenge/T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI", "hostname": "sub.domain.eu", "port": "80", "addressesResolved": [ "104.21.26.46", "172.67.135.97", "2606:4700:3035::ac43:8761", "2606:4700:3032::6815:1a2e" ], "addressUsed": "2606:4700:3035::ac43:8761" } ], "validated": "2023-12-09T22:01:23Z" } ] } 2023-12-09 22:01:56,178:DEBUG:acme.client:Storing nonce: 5L5O4-CSO9GlAgoOn-x3zOY2NaixO1O2PncQRhblo3Uz6-e_UCU 2023-12-09 22:01:56,179:INFO:certbot._internal.auth_handler:Challenge failed for domain sub.domain.eu 2023-12-09 22:01:56,179:INFO:certbot._internal.auth_handler:http-01 challenge for sub.domain.eu 2023-12-09 22:01:56,179:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems: Domain: sub.domain.eu Type: unauthorized Detail: 2606:4700:3035::ac43:8761: Invalid response from http://sub.domain.eu/.well-known/acme-challenge/T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI: 522
Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.
2023-12-09 22:01:56,182:DEBUG:certbot._internal.error_handler:Encountered exception: Traceback (most recent call last): File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort) File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') certbot.errors.AuthorizationError: Some challenges have failed.
2023-12-09 22:01:56,182:DEBUG:certbot._internal.error_handler:Calling registered functions 2023-12-09 22:01:56,182:INFO:certbot._internal.auth_handler:Cleaning up challenges 2023-12-09 22:01:56,182:DEBUG:certbot._internal.plugins.webroot:Removing /data/letsencrypt-acme-challenge/.well-known/acme-challenge/T6MNy4uL22ZqRKt6XDzp9Z25EvD-tk3-IZQaJGU3EXI 2023-12-09 22:01:56,184:DEBUG:certbot._internal.plugins.webroot:All challenges cleaned up 2023-12-09 22:01:56,185:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 8, in
sys.exit(main())
File "/opt/certbot/lib/python3.7/site-packages/certbot/main.py", line 19, in main
return internal_main.main(cli_args)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1864, in main
return config.func(config, plugins)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 1597, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/main.py", line 141, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 516, in obtain_and_enrollcertificate
cert, chain, key, = self.obtain_certificate(domains)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 428, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/client.py", line 496, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
File "/opt/certbot/lib/python3.7/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2023-12-09 22:01:56,189:ERROR:certbot._internal.log:Some challenges have failed.