Secure connection - certbot error
It probably means that your subdomain doesn't point to this server.
But it does.
It can easily be verified by visiting the url. It bounches back and forth between the server and my webpage (different server). If the subdomain didn't point to the server the proxy wouldn't kick in in the first place.
So does the path actually exists for that subdomain?
http://gps.lobetosset.dk/.well-known/acme-challenge/
And the exact error from the log.
invalid response
gps.lobetosset.dk points to 195.242.130.52, which doesn't host Traccar or Apache, from what I can tell. So to me it clearly looks like misconfigured DNS.
@Anton
No it does in fact point to my traccar server (109.176.202.37). I have removed the traccar site redirect and reverted back to default. When visiting gps.lobetosset.dk we do get a apache greeting site on http://109.176.202.37/
It is only when I use the traccar site it is point BACK at gps.lobetosset.dk which does reside on 195.242.130.52
@track-trace
I havn't created that path no, the guide does not tell me to?
@Morten So there is no exact log error message from certbot?
@track-trace
I'm unfortunately not by a computer where I can copy the exact error message, but I'll get back to you on that.
Might be a stupid question, but from the documentation it shows I should replace with my domain, is it correct that would be gps.lobetosset.dk? Or should it be the traccer server IP? Or should it be the toplevel domain (lobetosset.dk)?
@track-trace
This is the error:
Cleaning up challenges
Failed authorization procedure. gps.lobetosset.dk (http-01): urn:ietf:params:acme:error:unauthorized:: The client lacks sufficient authorization :: 195.242.130.52: Invalid response from http://gps.lobetosset.dk/.well-known/acme-challenge/ODNB60auMJL9utTFscBHneIPr645Rgv-r-NOCY2A4yY: 404
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: gps.lobetosset.dk
Type: unauthorized
Detail: 195.242.130.52: Invalid response from
http://gps.lobetosset.dk/.well-known/acme-challenge/ODNB60auMJL9utTFscBHneIPr 645Rgv-r-NOCY2A4yY:
404
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.No it does in fact point to my traccar server (109.176.202.37). ...
No, it doesn't. When someone tries to help you, you should probably at least double check the information.
How am I ending up on the server then when I'm entering gps.lobetosset.dk?
Maybe you have a local override, but you can clearly see that DNS is not configured the way you said it is.
My apologies! I seem to have misunderstood the terminilogy of my webhotel and since I did end up on the server I believed I had made the changes the correct place.
All right - so now that I have fixed the wrong DNS I was able to obtain a certificate as expected. Thank you so far!
Perhaps I just don't understand how it's supposed to work, but when entering gps.lobetosset.dk in the browser I'm not ending up on the traccar server, but rather on a 404 page from my website. I have done as described in the documentation. Do I need to configure the traccar.conf file differently when my toplevel domain is on one server and the traccar installation is on a different server?
I have a domain (lobetosset.dk) which already have a SSL certificate up and running on the toplevel.
Now I have created a subdomain (gps.lobetosset.dk) and pointed it to the ip of my server. I then tried to follow the guide in the documentation. Everything works perfectly fine up untill the point where certbot should be able get a certificate. Instead it just throws that it gets an invalid response from
http://gps.lobetosset.dk/.well-known/acme-challenge/...Any idea what might be the cause for this? I have edited the configuration from the guide to reflerect my domain: