search

wmnnd / nginx-certbot

Boilerplate configuration for nginx and certbot with docker-compose
MIT License
3.16k stars 1.17k forks source link

Init script produces this error (some challenges failed) #113

Open mlp1802 opened 3 years ago

mlp1802 commented 3 years ago

Downloading recommended TLS parameters ...

Creating dummy certificate for example.org ...

Creating network "nginx-certbot_default" with the default driver Creating nginx-certbot_certbot_run ... done Generating a RSA private key ............++++ ..............++++ writing new private key to '/etc/letsencrypt/live/example.org/privkey.pem'

Starting nginx ...

Pulling nginx (nginx:1.15-alpine)... 1.15-alpine: Pulling from library/nginx e7c96db7181b: Pull complete 264026bbe255: Pull complete a71634c55d29: Pull complete 5595887beb81: Pull complete Digest: sha256:57a226fb6ab6823027c0704a9346a890ffb0cacde06bc19bbc234c8720673555 Status: Downloaded newer image for nginx:1.15-alpine Creating nginx-certbot_nginx_1 ... done

Deleting dummy certificate for example.org ...

Creating nginx-certbot_certbot_run ... done

Requesting Let's Encrypt certificate for example.org ...

Creating nginx-certbot_certbot_run ... done Saving debug log to /var/log/letsencrypt/letsencrypt.log Account registered. Requesting a certificate for example.org and www.example.org

Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems: Domain: example.org Type: unauthorized Detail: Invalid response from http://example.org/.well-known/acme-challenge/Pl57GIKuPyt6FVUJ8fLfXk1-pr0zUJCU30IBQlTG2Zo [2606:2800:220:1:248:1893:25c8:1946]: "<!doctype html>\n\n\n Example Domain\n\n <meta charset=\"utf-8\" />\n <meta http-equiv=\"Content-type"

Domain: www.example.org Type: unauthorized Detail: Invalid response from http://www.example.org/.well-known/acme-challenge/jMjE5k5MYuepQFvfiHuKK42Qnh-LczBCHYxa3d2ubds [2606:2800:220:1:248:1893:25c8:1946]: "<!doctype html>\n\n\n Example Domain\n\n <meta charset=\"utf-8\" />\n <meta http-equiv=\"Content-type"

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

Some challenges have failed. Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

Reloading nginx ...

2021/07/30 19:27:40 [emerg] 10#10: cannot load certificate "/etc/letsencrypt/live/example.org/fullchain.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/example.org/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file) nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/example.org/fullchain.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/example.org/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)

justin-apolloscientific commented 3 years ago

You didn't update the certificate paths in your app.conf file with your own domain (it still reads as example.org in your error output).

I had the same ...duh moment for about an hour before figuring out I hadn't done this.

pikhovkin commented 3 years ago

Try chown -R www-data:www-data "$data_path/conf/live" and rerun init-letsencrypt.sh