"Failed authorization procedure" when trying to install Certbot
Linode
Linode Staff
When trying to install Certbot on my Linode, I get the following authorization error:
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: domain.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for domain.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. domain.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://domain.com/.well-known/acme-challenge/vlJv6b9Bv52YkePkscbugWUCWWjqQVPN86aM2Y2HMIc [2600:3c02::f03c:91ff:fece:ec1f]: "<html>\r\n<head><title>404 Not Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404 Not Found</h1></center>\r\n<hr><center>"
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: domain.com
Type: unauthorized
Detail: Invalid response from
http://domain.com/.well-known/acme-challenge/vlJv6b9Bv52YkePkscbugWUCWWjqQVPN86aM2Y2HMIc
[2600:3c02::f03c:91ff:fece:ec1f]: "<html>\r\n<head><title>404 Not
Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404
Not Found</h1></center>\r\n<hr><center>"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
(base) domain@localhost:~$
1 Reply
jdutton
Linode Staff
After doing some research on this, it looks like you'll need to edit the server block in your Nginx configuration file to include an additional permission. I was able to find a possible solution on askubuntu.com here:
“Failed authorization procedure” when trying to add SSL certificate to site
Essentially, when you open your Nginx configuration file, you're adding a permission allowing public accessibility (replace 'your_path_to' with your file path):
location ^~ /.well-known {
root /your_path_to/document_root;
allow all;
}
There's also some really good information about editing your Nginx server block in this Community site post and this guide on configuring Nginx.
I hope this points you in the right direction. Let us know if this works!