I am having an issue with the provisioning of replacement certificates. The initial set-up was executed fine. Currently using V61.1 with patching fully up to date and no error in system status checks
I have made zero changes to config or server other than applying security updates and rebooting as required
There is not much useful information in the response/logs other than:
Invalid response from http://MADEUPDOMAINNAME/.well-known/acme-challenge/xZ243dkJ2rb-4PnaQBSyMA0SRfxpWHRgzUkTJIjMpos
Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.
Any pointers appreciated before I attempt to build a new server and migrate the data
Thanks
All certificates
Automated renewal, 11 days remaining, failed again over night
Manual provisioning via web interface and also cmd line is also failing
I suspect that the problem is related to an issue with the .well-known/acme-challenge directory not being presented by nginx. The config is present for nginx but the directory structure was missing under /home/user-data/ssl/lets_encrypt/webroot/. I tried creating the directories with the same permissions and ownership as the parent directory and then rebooting, with no success. I cannot navigate to the directory in a browser
The automated provisioning worked for the initial move to a new server in November and the last automated renewal
After much messing around I decided to got for the new server build
tar’d up the mailboxes directory and transferred rather than using the full back up to avoid pulling in any old config
All up and running