| SYSTEM INFORMATION | |
|---|---|
| Ubuntu 20.04.6 | REQUIRED |
| 2.101 | REQUIRED |
| 7.7 Pro | REQUIRED |
Out of the blue, I have 3 sub-domains under jongriffith.com that are failing to renew certificates through Letsencrypt. I don’t know how to troubleshoot this.
I’ve got:
bitwarden.jongriffith.com, which expired on the 8/9 which won’t allow login without SSL
bookstack.jongriffith.com, which failed to renew on 8/11 and expires on the 20th.
ha.jongriffith.com, which expires in 1 day and failed on 8/11 to renew.
The other two subdomains have more than a month on them before renewal is attempted, I presume.
The error I’m getting on all of them is: “Web-based validation failed: saving debug log to /var/log/letsencrypt/letsencrypt.log”
The only thing that has changed on my system since the last successful renewal is that my annual subscription was paid and I don’t know if that does something to Virtualmin or not.
Either way, I’m getting:
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "68.15.186.195: Invalid response from http://bookstack.jongriffith.com/.well-known/acme-challenge/0dsYxKX_cx5oO9gfYzsf1D-QSyel5raS5fd9p38xhlU: 404",
"status": 403
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/254083632606/mX-TLA",
"token": "0dsYxKX_cx5oO9gfYzsf1D-QSyel5raS5fd9p38xhlU",
"validationRecord": [
{
"url": "http://bookstack.jongriffith.com/.well-known/acme-challenge/0dsYxKX_cx5oO9gfYzsf1D-QSyel5raS5fd9p38xhlU",
"hostname": "bookstack.jongriffith.com",
"port": "80",
"addressesResolved": [
"68.15.186.195"
],
"addressUsed": "68.15.186.195"
}
],
"validated": "2023-08-11T20:13:10Z"
}
```
As I look deeper, the one thing they all have in common is that they're reverse proxied to other machines inside of my network. Could this be the problem? It wasn't a problem before.