ich versuche auf Apache2 (Buster) ein LetsEncrypt Certificat zu erstellen und bekomme diese Fehlermeldung
Code: Alles auswählen
#certbot --apache certonly --agree-tos -d www.germany.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for www.germany.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. www.germany.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.germany.com/.well-known/acme-challenge/w_LhPb4JptoqWAyJ8gvevR_Hu8x0bo9NomgiFkaS5Go [192.109.24.80]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: www.germany.com
Type: unauthorized
Detail: Invalid response from
http://www.germany.com/.well-known/acme-challenge/w_LhPb4JptoqWAyJ8gvevR_Hu8x0bo9NomgiFkaS5Go
[192.109.24.80]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
Code: Alles auswählen
<VirtualHost *:80>
ServerAdmin hostmaster@germany.com
DocumentRoot /srv/www/www.germany.com/
ServerName www.germany.com
<Directory /srv/www/www.germany.com/>
Options +Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
Alias /.well-known/acme-challenge/ "/srv/www/www.germany.com/.well-known/acme-challenge/"
<Directory "/srv/www/www.germany.com/">
AllowOverride None
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
Require method GET POST OPTIONS
</Directory>
ErrorLog /var/log/apache2/www.germany.com-error.log
LogLevel warn
CustomLog /var/log/apache2/www.germany.com-access.log common
ServerSignature On
# <IfModule mod_rewrite.c>
# RewriteEngine on
# LogLevel alert rewrite:trace3
# RewriteCond %{SERVER_PORT} !^443$
# RewriteCond %{HTTP_HOST} ^www\.germany\.com$ [NC]
# RewriteRule ^(.*) https://www.germany.com/$1 [L,R=301]
# RewriteCond %{SERVER_PORT} !^443$
# </IfModule>
#RewriteCond %{SERVER_NAME} =www.germany.com
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
in certbot.conf
Code: Alles auswählen
<IfModule mod_headers.c>
Alias "/.well-known/acme-challenge/" "/srv/www/acme-challenge/.well-known/acme-challenge/"
<IfModule mod_proxy.c>
# Globale Proxy-Ausnahme für das acme-challenge-Verzeichnis
ProxyPass "/.well-known/acme-challenge/" !
</IfModule>
<Directory "/srv/www/acme-challenge/">
AllowOverride None
Options FollowSymLinks
</Directory>
</IfModule>
Das Verzeichnis gibt es ebenfalls
Code: Alles auswählen
# ll -d /srv/www/acme-challenge/
drwxr-xr-x 2 www-data www-data 4096 Feb 12 11:50 /srv/www/acme-challenge/
Grüße
BrotherJ