I didn’t do any changes in the domain or server config, in the same VPS (from Contabo) I have others websites and I was able to renew the others certificates with no problems.
@tpnsolutions
Thanks but I already try it, but just in case I did it again, the error now:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for www.rcorta.me
Using the webroot path /home/rcorta/public_html for all unmatched domains.
Waiting for verification...
Challenge failed for domain www.rcorta.me
http-01 challenge for www.rcorta.me
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: www.rcorta.me
Type: unauthorized
Detail: 144.126.159.158: Invalid response from
http://www.rcorta.me/.well-known/acme-challenge/Id5W3RW-nYsPtcJ7guYzeKd75u5WykfMCak3s_UGSqE:
404
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
and:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for www.rcorta.me
Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
Waiting for verification...
Challenge failed for domain www.rcorta.me
dns-01 challenge for www.rcorta.me
Cleaning up challenges
Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: www.rcorta.me
Type: dns
Detail: DNS problem: NXDOMAIN looking up TXT for
_acme-challenge.www.rcorta.me - check that a DNS record exists for
this domain
That domain is running with zero issues almost 2 years, I don’t know why that error is showed because I dont touch anything in the DNS records.
The acme-challenge file doesn’t appear to exist, so it cannot validate against it. Also you are using contabo.net for your DNS so that won’t work either.
At this point, I can only speculate that something is misconfigured somewhere, however I’d need to take a look to be sure what’s going on.
I too am having issues with certificate renewal
I have multiple servers with hundreds of domains.
I have noticed that the acme-challenge file is now being generated owned root:root with perms 660. This file cannot be served by the Apache server and so web based validation fails. The process then tries DNS based validation however this is not the issue.
I coerce the process to work by the following command at the command line chmod 644 .well-known/acme-challenge/*
…this allows the file to be served by Apache and read by the LE servers and the process continues successfully. Check your Apache logs, you will see errors like:
[Tue Jun 07 11:20:31.197061 2022] [core:error] [pid 12884] (13)Permission denied: [client 66.133.109.36:38942] AH00132: file permissions deny server access: /home/clientdomain.com.au/public_html/.well-known/acme-challenge/6KUswp9mZFsLXHnuomn2P3wG4vd7W235tmcokTgU4-U
…this has just started happening on my servers… not sure if it is recent Ubuntu updates or the recent Virtualmin update.
@tpnsolutions In the registrar I point the domain to the Contabo DNS , after that in Contabo Admin panel I need to create the DNS to point it to the VPS IP, all of this is in auto. After that I just create the package in the virtualmin.
I was analyzing @tpnsolutions suggestion when I saw that the certificate was renewed without problems, the only change I made was to disable the htaccess script used on that website which contains the following:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^(.*)$ public/$1 [L]
</IfModule>
