Назад | Перейти на главную страницу

Ошибка при обновлении SSL-сертификата с помощью certbot

root@nl6g:~# sudo certbot --nginx -d cienciadelgaza.com -d www.cienciadelgaza.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Cert is due for renewal, auto-renewing...
Renewing an existing certificate
Performing the following challenges:
tls-sni-01 challenge for cienciadelgaza.com
tls-sni-01 challenge for www.cienciadelgaza.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. www.cienciadelgaza.com (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect validation certificate for tls-sni-01 challenge. Requested f4ae04029f9e7fde28171a912073bd6b.6c8545d86d20ce09f8f2dda3d59db46b.acme.invalid from 185.185.40.134:443. Received 2 certificate(s), first certificate had names "cienciadelgaza.com, www.cienciadelgaza.com"

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: www.cienciadelgaza.com
   Type:   unauthorized
   Detail: Incorrect validation certificate for tls-sni-01 challenge.
   Requested
   f4ae04029f9e7fde28171a912073bd6b.6c8545d86d20ce09f8f2dda3d59db46b.acme.invalid
   from 185.185.40.134:443. Received 2 certificate(s), first
   certificate had names "cienciadelgaza.com, www.cienciadelgaza.com"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A record(s) for that domain
   contain(s) the right IP address.

Конфигурация сервера:

server {
    listen       443 ssl;
ssl_certificate /etc/letsencrypt/live/cienciadelgaza.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/cienciadelgaza.com/privkey.pem; # managed by Certbot
    server_name  cienciadelgaza.com;
    return       301 https://www.cienciadelgaza.com$request_uri;
}
server {
    listen       80;
    server_name  cienciadelgaza.com www.cienciadelgaza.com;
    return       301 https://www.cienciadelgaza.com$request_uri;
}
server {
        listen       443 ssl;
ssl_certificate /etc/letsencrypt/live/cienciadelgaza.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/cienciadelgaza.com/privkey.pem; # managed by Certbot
    root /var/www/cienciadelgaza/;
    index index.html index.htm index.php;

    server_name www.cienciadelgaza.com;

    location ...(irrelevant)...

}

Журнал Letsencrypt: http://public.t1ip.com/letsencrypt.log