Overview
When renewing the Let's Encrypt SSL certificate using the./certbot-auto renew
command, below errors are seen:
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/<domain>/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: <domain>
Type: unauthorized
Detail: Invalid response from
http://<domain>/.well-known/acme-challenge/W4ZwEqdihe4etEkYSqBvRAXGRnY7
[vvv.xxx.yyy.zzz]: "<html>\r\n<head><title>404 Not
Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404
Not Found</h1></center>\r\n<hr><center>"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
Information
- Let's Encrypt is maintained by the Internet Security Research Group (ISRG). It is not one of Kerio Connect products.
- So, direct support for the same can't be provided by Kerio Connect Support for any issues that are found while using Let's Encrypt.
- The deployment guide Deploying Let's Encrypt SSL Certificate on Linux DEB Installations can be used as a reference when using Let's Encrypt with the
certbot
tool. - Verify that the requirements to run the
certbot
tool are met in your environment and if required, deploy the same from scratch. - In case the issues persist, then, you can also check the Let's Encrypt Community portal to see if a solution exists or post a new query on the portal.