chentmin/letsencrypt.log

## letsencrypt.log
2018-06-13 18:28:16,497:DEBUG:certbot.main:certbot version: 0.25.0
2018-06-13 18:28:16,497:DEBUG:certbot.main:Arguments: ['-d', 'animal2018.lightpaw.com', '--webroot', '--webroot-path', '/usr/share/nginx/html']
2018-06-13 18:28:16,497:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2018-06-13 18:28:16,512:DEBUG:certbot.log:Root logging level set at 20
2018-06-13 18:28:16,512:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2018-06-13 18:28:16,513:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2018-06-13 18:28:16,518:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0x7f69e2f78fd0>
Prep: True
2018-06-13 18:28:16,519:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7f69e2f78fd0> and installer None
2018-06-13 18:28:16,519:INFO:certbot.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2018-06-13 18:28:16,522:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(status=None, terms_of_service_agreed=None, contact=(u'mailto:timmy@lightpaw.com',), agreement=u'https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf', key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7f69e2f78c50>)>)), uri=u'https://acme-v01.api.letsencrypt.org/acme/reg/18487389', new_authzr_uri=u'https://acme-v01.api.letsencrypt.org/acme/new-authz', terms_of_service=u'https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf'), ede568cd526ecfe2a41da525fe0d5f45, Meta(creation_host=u'ip-10-0-1-240.cn-north-1.compute.internal', creation_dt=datetime.datetime(2017, 7, 8, 5, 52, 21, tzinfo=<UTC>)))>
2018-06-13 18:28:16,523:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/directory.
2018-06-13 18:28:16,525:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org:443
2018-06-13 18:28:17,951:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
2018-06-13 18:28:17,951:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 658
Replay-Nonce: 1S6fyCLLNUsZigduTUv2NwatTXjQYA7m5AJPxUr_4Fo
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Wed, 13 Jun 2018 10:28:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 13 Jun 2018 10:28:17 GMT
Connection: keep-alive

{
  "7ed_KDiNJSI": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "terms-of-service": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
    "website": "https://letsencrypt.org"
  },
  "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",
  "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",
  "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",
  "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"
}
2018-06-13 18:28:17,963:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2018-06-24 09:15:44 UTC.
2018-06-13 18:28:17,963:INFO:certbot.renewal:Cert is due for renewal, auto-renewing...
2018-06-13 18:28:17,964:INFO:certbot.main:Renewing an existing certificate
2018-06-13 18:28:18,061:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0030_key-certbot.pem
2018-06-13 18:28:18,064:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0030_csr-certbot.pem
2018-06-13 18:28:18,064:DEBUG:acme.client:Requesting fresh nonce
2018-06-13 18:28:18,064:DEBUG:acme.client:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz.
2018-06-13 18:28:18,615:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "HEAD /acme/new-authz HTTP/1.1" 405 0
2018-06-13 18:28:18,616:DEBUG:acme.client:Received response:
HTTP 405
Server: nginx
Content-Type: application/problem+json
Content-Length: 91
Allow: POST
Replay-Nonce: 3ceMG-owpTU-4U_MzjwrLez1H_nrx_mZTaBFWOCyEQg
Expires: Wed, 13 Jun 2018 10:28:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 13 Jun 2018 10:28:18 GMT
Connection: keep-alive


2018-06-13 18:28:18,616:DEBUG:acme.client:Storing nonce: 3ceMG-owpTU-4U_MzjwrLez1H_nrx_mZTaBFWOCyEQg
2018-06-13 18:28:18,616:DEBUG:acme.client:JWS payload:
{
  "identifier": {
    "type": "dns",
    "value": "animal2018.lightpaw.com"
  },
  "resource": "new-authz"
}
2018-06-13 18:28:18,619:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz:
{
  "protected": "eyJub25jZSI6ICIzY2VNRy1vd3BUVS00VV9Nemp3ckxlejFIX25yeF9tWlRhQkZXT0N5RVFnIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAidFE0Y3hMcDZTVWg2ajREZG9VVXl3bnJDcXh5SWFkRmRBUFpENVhjSjlSUzRDVnlxanJGWFNELTZQTms1anJPTzVaRGNsSVlpU0FfaFRtSG9ua2NKYng3SG5jdnd1bW9mTG1jSVFQZjNBc0ZZZXpZdkdtMVdnUDlMY05ZeEZEYWw0RkRSeVJnMmFMeElXQms3c1pOZW1RRG80M0d1RFY1djF2YzNCR1RPUjd3Q2M1czBWN3pBNUdwZ0ExWW5Edl9lcjBmRThidF9ZenVNZGkxb20wbml1amQ3eFhDU0RJZXJxbGdMbVpteUI1d3pQbGVQRzhheHl1MGxVSlZEd1JNaG9zMzRVVzRNZnhJZldHWjd2NDZqUTlHUndmQmFOLXFvbGRUWE5wX0tqLWFHay0wTzVCQ0lnY1pER1EzR1czbnpIa1FrbHYyRS1kbFYwbDltQkJ5OG13In19",
  "payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAiYW5pbWFsMjAxOC5saWdodHBhdy5jb20iCiAgfSwgCiAgInJlc291cmNlIjogIm5ldy1hdXRoeiIKfQ",
  "signature": "EbSRzhz7sFg0l4PFBZwufZka1ntLNeD9_uh61xyvvqw2W-XZXVjj0mH4Ny3C_8WkNBFV_eLzNI6-XKFMdxMfwcDyZyVsMouZiqYrdZCLfjQBqBsJrEvnHXr28vEKRwkToOAyjmmxiafr1fEjb8SEBqGWYx_RwvnVWerGJQkecPJcfgouw0B4uDOWUH_t-ZTPaE3Rq8MYjjHpFpMfwgVFG_mIilcM19yb9QIjyO_vZlXlCLXcmZYac9J9q6_WefGns_1dDGh9ishbNj81s0oLhJ7j1F2ckm4rxpV3o35sUd0ZGzMrd6AN3PJdBYktvP3O06tI_cAg1rv2bT-Ksztgvw"
}
2018-06-13 18:28:19,101:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 1001
2018-06-13 18:28:19,101:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 1001
Boulder-Requester: 18487389
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Location: https://acme-v01.api.letsencrypt.org/acme/authz/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM
Replay-Nonce: 5Zs1YRmqk8X23HRWdoKY7BwJNFn38a4qWHhyH3s6c50
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Wed, 13 Jun 2018 10:28:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 13 Jun 2018 10:28:19 GMT
Connection: keep-alive

{
  "identifier": {
    "type": "dns",
    "value": "animal2018.lightpaw.com"
  },
  "status": "pending",
  "expires": "2018-06-20T10:28:18Z",
  "challenges": [
    {
      "type": "dns-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383285",
      "token": "FOu9EVWrDfgcWMow5skSjWj20Q69chXJ0zmmm4M_dOQ"
    },
    {
      "type": "http-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383286",
      "token": "AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY"
    },
    {
      "type": "tls-sni-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383287",
      "token": "tXrWdIl-5uY8mYGnlJ3PXSHtXPKTKPqCWBVfCFh2J3A"
    }
  ],
  "combinations": [
    [
      2
    ],
    [
      0
    ],
    [
      1
    ]
  ]
}
2018-06-13 18:28:19,101:DEBUG:acme.client:Storing nonce: 5Zs1YRmqk8X23HRWdoKY7BwJNFn38a4qWHhyH3s6c50
2018-06-13 18:28:19,102:INFO:certbot.auth_handler:Performing the following challenges:
2018-06-13 18:28:19,102:INFO:certbot.auth_handler:http-01 challenge for animal2018.lightpaw.com
2018-06-13 18:28:19,103:INFO:certbot.plugins.webroot:Using the webroot path /usr/share/nginx/html for all unmatched domains.
2018-06-13 18:28:19,103:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /usr/share/nginx/html/.well-known/acme-challenge
2018-06-13 18:28:19,106:DEBUG:certbot.plugins.webroot:Attempting to save validation to /usr/share/nginx/html/.well-known/acme-challenge/AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY
2018-06-13 18:28:19,107:INFO:certbot.auth_handler:Waiting for verification...
2018-06-13 18:28:19,107:DEBUG:acme.client:JWS payload:
{
  "keyAuthorization": "AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY.a8DUPPLJTseyYz3nQXfDbCvfqh8RGeFQOiMCjdLAqzI",
  "type": "http-01",
  "resource": "challenge"
}
2018-06-13 18:28:19,109:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383286:
{
  "protected": "eyJub25jZSI6ICI1WnMxWVJtcWs4WDIzSFJXZG9LWTdCd0pORm4zOGE0cVdIaHlIM3M2YzUwIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAidFE0Y3hMcDZTVWg2ajREZG9VVXl3bnJDcXh5SWFkRmRBUFpENVhjSjlSUzRDVnlxanJGWFNELTZQTms1anJPTzVaRGNsSVlpU0FfaFRtSG9ua2NKYng3SG5jdnd1bW9mTG1jSVFQZjNBc0ZZZXpZdkdtMVdnUDlMY05ZeEZEYWw0RkRSeVJnMmFMeElXQms3c1pOZW1RRG80M0d1RFY1djF2YzNCR1RPUjd3Q2M1czBWN3pBNUdwZ0ExWW5Edl9lcjBmRThidF9ZenVNZGkxb20wbml1amQ3eFhDU0RJZXJxbGdMbVpteUI1d3pQbGVQRzhheHl1MGxVSlZEd1JNaG9zMzRVVzRNZnhJZldHWjd2NDZqUTlHUndmQmFOLXFvbGRUWE5wX0tqLWFHay0wTzVCQ0lnY1pER1EzR1czbnpIa1FrbHYyRS1kbFYwbDltQkJ5OG13In19",
  "payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogIkF6cE82WHpwNVVlanNRaXl2M0YtelFIVlJvOXdIWFc1RnNyRng1OTRTeVkuYThEVVBQTEpUc2V5WXozblFYZkRiQ3ZmcWg4UkdlRlFPaU1DamRMQXF6SSIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9",
  "signature": "A_wT8F6iYq12pIUmNvYo1fkY4QwP1p0UYc_wdPtuLbmcbW7xkJlDwh2jG-rBQB4ialbHVSffZ3DfhsZ65e1A8SUlzQ5RWcjGzMAkSQW6RvUpYHqXHB6LR_hD0dTIjysi1FO-kriakvskWAi_rp40VCBLeH1MLP50kyzTsIDeaIAfSgFD5REJf9z8AIgDRiEEOCcxzli1upL_xE_TZM54SPpvaIV0JujQBy6df-Oh2duNCOgHDUQO3hiI_m4MuKwmzKYl3sFgIjbshombN00qjSQySaQyj5ZDQt1lB51ilWJLpfiTIY8to6bVZBmUtwzHquepWZE5WkSE5zZmZo9qUQ"
}
2018-06-13 18:28:19,548:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383286 HTTP/1.1" 202 336
2018-06-13 18:28:19,548:DEBUG:acme.client:Received response:
HTTP 202
Server: nginx
Content-Type: application/json
Content-Length: 336
Boulder-Requester: 18487389
Link: <https://acme-v01.api.letsencrypt.org/acme/authz/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM>;rel="up"
Location: https://acme-v01.api.letsencrypt.org/acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383286
Replay-Nonce: -Qm12L-2fqj1QUvRPXKAaamcc870yStDgQlT49KCvPg
Expires: Wed, 13 Jun 2018 10:28:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 13 Jun 2018 10:28:19 GMT
Connection: keep-alive

{
  "type": "http-01",
  "status": "pending",
  "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383286",
  "token": "AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY",
  "keyAuthorization": "AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY.a8DUPPLJTseyYz3nQXfDbCvfqh8RGeFQOiMCjdLAqzI"
}
2018-06-13 18:28:19,548:DEBUG:acme.client:Storing nonce: -Qm12L-2fqj1QUvRPXKAaamcc870yStDgQlT49KCvPg
2018-06-13 18:28:22,552:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM.
2018-06-13 18:28:23,093:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /acme/authz/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM HTTP/1.1" 200 1918
2018-06-13 18:28:23,093:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1918
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Replay-Nonce: gcUm5nasMqpFGNPng_uVQ5VbhVWF9kvvQXz9Vreo7jg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Wed, 13 Jun 2018 10:28:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 13 Jun 2018 10:28:23 GMT
Connection: keep-alive

{
  "identifier": {
    "type": "dns",
    "value": "animal2018.lightpaw.com"
  },
  "status": "invalid",
  "expires": "2018-06-20T10:28:18Z",
  "challenges": [
    {
      "type": "dns-01",
      "status": "invalid",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383285",
      "token": "FOu9EVWrDfgcWMow5skSjWj20Q69chXJ0zmmm4M_dOQ"
    },
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:acme:error:unauthorized",
        "detail": "Invalid response from http://animal2018.lightpaw.com/.well-known/acme-challenge/AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY: \"\u003chtml\u003e\n\t\u003chead\u003e\n\t\t\u003cmeta http-equiv=\"Content-Type\" content=\"textml;charset=GB2312\" /\u003e\n\t\t\u003cstyle\u003ebody{background-color:#FFFFFF}\u003c/sty\"",
        "status": 403
      },
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383286",
      "token": "AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY",
      "keyAuthorization": "AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY.a8DUPPLJTseyYz3nQXfDbCvfqh8RGeFQOiMCjdLAqzI",
      "validationRecord": [
        {
          "url": "http://animal2018.lightpaw.com/.well-known/acme-challenge/AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY",
          "hostname": "animal2018.lightpaw.com",
          "port": "80",
          "addressesResolved": [
            "54.222.242.159"
          ],
          "addressUsed": "54.222.242.159"
        }
      ]
    },
    {
      "type": "tls-sni-01",
      "status": "invalid",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383287",
      "token": "tXrWdIl-5uY8mYGnlJ3PXSHtXPKTKPqCWBVfCFh2J3A"
    }
  ],
  "combinations": [
    [
      2
    ],
    [
      0
    ],
    [
      1
    ]
  ]
}
2018-06-13 18:28:23,094:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:

Domain: animal2018.lightpaw.com
Type:   unauthorized
Detail: Invalid response from http://animal2018.lightpaw.com/.well-known/acme-challenge/AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY: "<html>
	<head>
		<meta http-equiv="Content-Type" content="textml;charset=GB2312" />
		<style>body{background-color:#FFFFFF}</sty"

To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
2018-06-13 18:28:23,095:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
    self._respond(aauthzrs, resp, best_effort)
  File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 155, in _respond
    self._poll_challenges(aauthzrs, chall_update, best_effort)
  File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 226, in _poll_challenges
    raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. animal2018.lightpaw.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://animal2018.lightpaw.com/.well-known/acme-challenge/AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY: "<html>
	<head>
		<meta http-equiv="Content-Type" content="textml;charset=GB2312" />
		<style>body{background-color:#FFFFFF}</sty"

2018-06-13 18:28:23,095:DEBUG:certbot.error_handler:Calling registered functions
2018-06-13 18:28:23,095:INFO:certbot.auth_handler:Cleaning up challenges
2018-06-13 18:28:23,095:DEBUG:certbot.plugins.webroot:Removing /usr/share/nginx/html/.well-known/acme-challenge/AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY
2018-06-13 18:28:23,095:DEBUG:certbot.plugins.webroot:All challenges cleaned up
2018-06-13 18:28:23,095:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/certbot", line 11, in <module>
    sys.exit(main())
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 1323, in main
    return config.func(config, plugins)
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 1213, in certonly
    lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 115, in _get_and_save_cert
    renewal.renew_cert(config, domains, le_client, lineage)
  File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 304, in renew_cert
    new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
  File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 326, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 362, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
  File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
    self._respond(aauthzrs, resp, best_effort)
  File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 155, in _respond
    self._poll_challenges(aauthzrs, chall_update, best_effort)
  File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 226, in _poll_challenges
    raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. animal2018.lightpaw.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://animal2018.lightpaw.com/.well-known/acme-challenge/AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY: "<html>
	<head>
		<meta http-equiv="Content-Type" content="textml;charset=GB2312" />
		<style>body{background-color:#FFFFFF}</sty"
	2018-06-13 18:28:16,497:DEBUG:certbot.main:certbot version: 0.25.0
	2018-06-13 18:28:16,497:DEBUG:certbot.main:Arguments: ['-d', 'animal2018.lightpaw.com', '--webroot', '--webroot-path', '/usr/share/nginx/html']
	2018-06-13 18:28:16,497:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
	2018-06-13 18:28:16,512:DEBUG:certbot.log:Root logging level set at 20
	2018-06-13 18:28:16,512:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
	2018-06-13 18:28:16,513:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
	2018-06-13 18:28:16,518:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
	Description: Place files in webroot directory
	Interfaces: IAuthenticator, IPlugin
	Entry point: webroot = certbot.plugins.webroot:Authenticator
	Initialized: <certbot.plugins.webroot.Authenticator object at 0x7f69e2f78fd0>
	Prep: True
	2018-06-13 18:28:16,519:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7f69e2f78fd0> and installer None
	2018-06-13 18:28:16,519:INFO:certbot.plugins.selection:Plugins selected: Authenticator webroot, Installer None
	2018-06-13 18:28:16,522:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(status=None, terms_of_service_agreed=None, contact=(u'mailto:timmy@lightpaw.com',), agreement=u'https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf', key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7f69e2f78c50>)>)), uri=u'https://acme-v01.api.letsencrypt.org/acme/reg/18487389', new_authzr_uri=u'https://acme-v01.api.letsencrypt.org/acme/new-authz', terms_of_service=u'https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf'), ede568cd526ecfe2a41da525fe0d5f45, Meta(creation_host=u'ip-10-0-1-240.cn-north-1.compute.internal', creation_dt=datetime.datetime(2017, 7, 8, 5, 52, 21, tzinfo=<UTC>)))>
	2018-06-13 18:28:16,523:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/directory.
	2018-06-13 18:28:16,525:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org:443
	2018-06-13 18:28:17,951:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
	2018-06-13 18:28:17,951:DEBUG:acme.client:Received response:
	HTTP 200
	Server: nginx
	Content-Type: application/json
	Content-Length: 658
	Replay-Nonce: 1S6fyCLLNUsZigduTUv2NwatTXjQYA7m5AJPxUr_4Fo
	X-Frame-Options: DENY
	Strict-Transport-Security: max-age=604800
	Expires: Wed, 13 Jun 2018 10:28:17 GMT
	Cache-Control: max-age=0, no-cache, no-store
	Pragma: no-cache
	Date: Wed, 13 Jun 2018 10:28:17 GMT
	Connection: keep-alive

	{
	"7ed_KDiNJSI": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
	"key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change",
	"meta": {
	"caaIdentities": [
	"letsencrypt.org"
	],
	"terms-of-service": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
	"website": "https://letsencrypt.org"
	},
	"new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",
	"new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",
	"new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",
	"revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"
	}
	2018-06-13 18:28:17,963:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2018-06-24 09:15:44 UTC.
	2018-06-13 18:28:17,963:INFO:certbot.renewal:Cert is due for renewal, auto-renewing...
	2018-06-13 18:28:17,964:INFO:certbot.main:Renewing an existing certificate
	2018-06-13 18:28:18,061:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0030_key-certbot.pem
	2018-06-13 18:28:18,064:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0030_csr-certbot.pem
	2018-06-13 18:28:18,064:DEBUG:acme.client:Requesting fresh nonce
	2018-06-13 18:28:18,064:DEBUG:acme.client:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz.
	2018-06-13 18:28:18,615:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "HEAD /acme/new-authz HTTP/1.1" 405 0
	2018-06-13 18:28:18,616:DEBUG:acme.client:Received response:
	HTTP 405
	Server: nginx
	Content-Type: application/problem+json
	Content-Length: 91
	Allow: POST
	Replay-Nonce: 3ceMG-owpTU-4U_MzjwrLez1H_nrx_mZTaBFWOCyEQg
	Expires: Wed, 13 Jun 2018 10:28:18 GMT
	Cache-Control: max-age=0, no-cache, no-store
	Pragma: no-cache
	Date: Wed, 13 Jun 2018 10:28:18 GMT
	Connection: keep-alive


	2018-06-13 18:28:18,616:DEBUG:acme.client:Storing nonce: 3ceMG-owpTU-4U_MzjwrLez1H_nrx_mZTaBFWOCyEQg
	2018-06-13 18:28:18,616:DEBUG:acme.client:JWS payload:
	{
	"identifier": {
	"type": "dns",
	"value": "animal2018.lightpaw.com"
	},
	"resource": "new-authz"
	}
	2018-06-13 18:28:18,619:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz:
	{
	"protected": "eyJub25jZSI6ICIzY2VNRy1vd3BUVS00VV9Nemp3ckxlejFIX25yeF9tWlRhQkZXT0N5RVFnIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAidFE0Y3hMcDZTVWg2ajREZG9VVXl3bnJDcXh5SWFkRmRBUFpENVhjSjlSUzRDVnlxanJGWFNELTZQTms1anJPTzVaRGNsSVlpU0FfaFRtSG9ua2NKYng3SG5jdnd1bW9mTG1jSVFQZjNBc0ZZZXpZdkdtMVdnUDlMY05ZeEZEYWw0RkRSeVJnMmFMeElXQms3c1pOZW1RRG80M0d1RFY1djF2YzNCR1RPUjd3Q2M1czBWN3pBNUdwZ0ExWW5Edl9lcjBmRThidF9ZenVNZGkxb20wbml1amQ3eFhDU0RJZXJxbGdMbVpteUI1d3pQbGVQRzhheHl1MGxVSlZEd1JNaG9zMzRVVzRNZnhJZldHWjd2NDZqUTlHUndmQmFOLXFvbGRUWE5wX0tqLWFHay0wTzVCQ0lnY1pER1EzR1czbnpIa1FrbHYyRS1kbFYwbDltQkJ5OG13In19",
	"payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAiYW5pbWFsMjAxOC5saWdodHBhdy5jb20iCiAgfSwgCiAgInJlc291cmNlIjogIm5ldy1hdXRoeiIKfQ",
	"signature": "EbSRzhz7sFg0l4PFBZwufZka1ntLNeD9_uh61xyvvqw2W-XZXVjj0mH4Ny3C_8WkNBFV_eLzNI6-XKFMdxMfwcDyZyVsMouZiqYrdZCLfjQBqBsJrEvnHXr28vEKRwkToOAyjmmxiafr1fEjb8SEBqGWYx_RwvnVWerGJQkecPJcfgouw0B4uDOWUH_t-ZTPaE3Rq8MYjjHpFpMfwgVFG_mIilcM19yb9QIjyO_vZlXlCLXcmZYac9J9q6_WefGns_1dDGh9ishbNj81s0oLhJ7j1F2ckm4rxpV3o35sUd0ZGzMrd6AN3PJdBYktvP3O06tI_cAg1rv2bT-Ksztgvw"
	}
	2018-06-13 18:28:19,101:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 1001
	2018-06-13 18:28:19,101:DEBUG:acme.client:Received response:
	HTTP 201
	Server: nginx
	Content-Type: application/json
	Content-Length: 1001
	Boulder-Requester: 18487389
	Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
	Location: https://acme-v01.api.letsencrypt.org/acme/authz/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM
	Replay-Nonce: 5Zs1YRmqk8X23HRWdoKY7BwJNFn38a4qWHhyH3s6c50
	X-Frame-Options: DENY
	Strict-Transport-Security: max-age=604800
	Expires: Wed, 13 Jun 2018 10:28:19 GMT
	Cache-Control: max-age=0, no-cache, no-store
	Pragma: no-cache
	Date: Wed, 13 Jun 2018 10:28:19 GMT
	Connection: keep-alive

	{
	"identifier": {
	"type": "dns",
	"value": "animal2018.lightpaw.com"
	},
	"status": "pending",
	"expires": "2018-06-20T10:28:18Z",
	"challenges": [
	{
	"type": "dns-01",
	"status": "pending",
	"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383285",
	"token": "FOu9EVWrDfgcWMow5skSjWj20Q69chXJ0zmmm4M_dOQ"
	},
	{
	"type": "http-01",
	"status": "pending",
	"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383286",
	"token": "AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY"
	},
	{
	"type": "tls-sni-01",
	"status": "pending",
	"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383287",
	"token": "tXrWdIl-5uY8mYGnlJ3PXSHtXPKTKPqCWBVfCFh2J3A"
	}
	],
	"combinations": [
	[
	2
	],
	[
	0
	],
	[
	1
	]
	]
	}
	2018-06-13 18:28:19,101:DEBUG:acme.client:Storing nonce: 5Zs1YRmqk8X23HRWdoKY7BwJNFn38a4qWHhyH3s6c50
	2018-06-13 18:28:19,102:INFO:certbot.auth_handler:Performing the following challenges:
	2018-06-13 18:28:19,102:INFO:certbot.auth_handler:http-01 challenge for animal2018.lightpaw.com
	2018-06-13 18:28:19,103:INFO:certbot.plugins.webroot:Using the webroot path /usr/share/nginx/html for all unmatched domains.
	2018-06-13 18:28:19,103:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /usr/share/nginx/html/.well-known/acme-challenge
	2018-06-13 18:28:19,106:DEBUG:certbot.plugins.webroot:Attempting to save validation to /usr/share/nginx/html/.well-known/acme-challenge/AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY
	2018-06-13 18:28:19,107:INFO:certbot.auth_handler:Waiting for verification...
	2018-06-13 18:28:19,107:DEBUG:acme.client:JWS payload:
	{
	"keyAuthorization": "AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY.a8DUPPLJTseyYz3nQXfDbCvfqh8RGeFQOiMCjdLAqzI",
	"type": "http-01",
	"resource": "challenge"
	}
	2018-06-13 18:28:19,109:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383286:
	{
	"protected": "eyJub25jZSI6ICI1WnMxWVJtcWs4WDIzSFJXZG9LWTdCd0pORm4zOGE0cVdIaHlIM3M2YzUwIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAidFE0Y3hMcDZTVWg2ajREZG9VVXl3bnJDcXh5SWFkRmRBUFpENVhjSjlSUzRDVnlxanJGWFNELTZQTms1anJPTzVaRGNsSVlpU0FfaFRtSG9ua2NKYng3SG5jdnd1bW9mTG1jSVFQZjNBc0ZZZXpZdkdtMVdnUDlMY05ZeEZEYWw0RkRSeVJnMmFMeElXQms3c1pOZW1RRG80M0d1RFY1djF2YzNCR1RPUjd3Q2M1czBWN3pBNUdwZ0ExWW5Edl9lcjBmRThidF9ZenVNZGkxb20wbml1amQ3eFhDU0RJZXJxbGdMbVpteUI1d3pQbGVQRzhheHl1MGxVSlZEd1JNaG9zMzRVVzRNZnhJZldHWjd2NDZqUTlHUndmQmFOLXFvbGRUWE5wX0tqLWFHay0wTzVCQ0lnY1pER1EzR1czbnpIa1FrbHYyRS1kbFYwbDltQkJ5OG13In19",
	"payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogIkF6cE82WHpwNVVlanNRaXl2M0YtelFIVlJvOXdIWFc1RnNyRng1OTRTeVkuYThEVVBQTEpUc2V5WXozblFYZkRiQ3ZmcWg4UkdlRlFPaU1DamRMQXF6SSIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9",
	"signature": "A_wT8F6iYq12pIUmNvYo1fkY4QwP1p0UYc_wdPtuLbmcbW7xkJlDwh2jG-rBQB4ialbHVSffZ3DfhsZ65e1A8SUlzQ5RWcjGzMAkSQW6RvUpYHqXHB6LR_hD0dTIjysi1FO-kriakvskWAi_rp40VCBLeH1MLP50kyzTsIDeaIAfSgFD5REJf9z8AIgDRiEEOCcxzli1upL_xE_TZM54SPpvaIV0JujQBy6df-Oh2duNCOgHDUQO3hiI_m4MuKwmzKYl3sFgIjbshombN00qjSQySaQyj5ZDQt1lB51ilWJLpfiTIY8to6bVZBmUtwzHquepWZE5WkSE5zZmZo9qUQ"
	}
	2018-06-13 18:28:19,548:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383286 HTTP/1.1" 202 336
	2018-06-13 18:28:19,548:DEBUG:acme.client:Received response:
	HTTP 202
	Server: nginx
	Content-Type: application/json
	Content-Length: 336
	Boulder-Requester: 18487389
	Link: <https://acme-v01.api.letsencrypt.org/acme/authz/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM>;rel="up"
	Location: https://acme-v01.api.letsencrypt.org/acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383286
	Replay-Nonce: -Qm12L-2fqj1QUvRPXKAaamcc870yStDgQlT49KCvPg
	Expires: Wed, 13 Jun 2018 10:28:19 GMT
	Cache-Control: max-age=0, no-cache, no-store
	Pragma: no-cache
	Date: Wed, 13 Jun 2018 10:28:19 GMT
	Connection: keep-alive

	{
	"type": "http-01",
	"status": "pending",
	"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383286",
	"token": "AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY",
	"keyAuthorization": "AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY.a8DUPPLJTseyYz3nQXfDbCvfqh8RGeFQOiMCjdLAqzI"
	}
	2018-06-13 18:28:19,548:DEBUG:acme.client:Storing nonce: -Qm12L-2fqj1QUvRPXKAaamcc870yStDgQlT49KCvPg
	2018-06-13 18:28:22,552:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM.
	2018-06-13 18:28:23,093:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /acme/authz/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM HTTP/1.1" 200 1918
	2018-06-13 18:28:23,093:DEBUG:acme.client:Received response:
	HTTP 200
	Server: nginx
	Content-Type: application/json
	Content-Length: 1918
	Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
	Replay-Nonce: gcUm5nasMqpFGNPng_uVQ5VbhVWF9kvvQXz9Vreo7jg
	X-Frame-Options: DENY
	Strict-Transport-Security: max-age=604800
	Expires: Wed, 13 Jun 2018 10:28:23 GMT
	Cache-Control: max-age=0, no-cache, no-store
	Pragma: no-cache
	Date: Wed, 13 Jun 2018 10:28:23 GMT
	Connection: keep-alive

	{
	"identifier": {
	"type": "dns",
	"value": "animal2018.lightpaw.com"
	},
	"status": "invalid",
	"expires": "2018-06-20T10:28:18Z",
	"challenges": [
	{
	"type": "dns-01",
	"status": "invalid",
	"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383285",
	"token": "FOu9EVWrDfgcWMow5skSjWj20Q69chXJ0zmmm4M_dOQ"
	},
	{
	"type": "http-01",
	"status": "invalid",
	"error": {
	"type": "urn:acme:error:unauthorized",
	"detail": "Invalid response from http://animal2018.lightpaw.com/.well-known/acme-challenge/AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY: \"\u003chtml\u003e\n\t\u003chead\u003e\n\t\t\u003cmeta http-equiv=\"Content-Type\" content=\"textml;charset=GB2312\" /\u003e\n\t\t\u003cstyle\u003ebody{background-color:#FFFFFF}\u003c/sty\"",
	"status": 403
	},
	"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383286",
	"token": "AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY",
	"keyAuthorization": "AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY.a8DUPPLJTseyYz3nQXfDbCvfqh8RGeFQOiMCjdLAqzI",
	"validationRecord": [
	{
	"url": "http://animal2018.lightpaw.com/.well-known/acme-challenge/AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY",
	"hostname": "animal2018.lightpaw.com",
	"port": "80",
	"addressesResolved": [
	"54.222.242.159"
	],
	"addressUsed": "54.222.242.159"
	}
	]
	},
	{
	"type": "tls-sni-01",
	"status": "invalid",
	"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9MdFdePTrh2j70GQcE7N5-t3t20mlu-902EQZoiJ3qM/5090383287",
	"token": "tXrWdIl-5uY8mYGnlJ3PXSHtXPKTKPqCWBVfCFh2J3A"
	}
	],
	"combinations": [
	[
	2
	],
	[
	0
	],
	[
	1
	]
	]
	}
	2018-06-13 18:28:23,094:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:

	Domain: animal2018.lightpaw.com
	Type: unauthorized
	Detail: Invalid response from http://animal2018.lightpaw.com/.well-known/acme-challenge/AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY: "<html>
	<head>
	<meta http-equiv="Content-Type" content="textml;charset=GB2312" />
	<style>body{background-color:#FFFFFF}</sty"

	To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
	2018-06-13 18:28:23,095:DEBUG:certbot.error_handler:Encountered exception:
	Traceback (most recent call last):
	File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
	self._respond(aauthzrs, resp, best_effort)
	File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 155, in _respond
	self._poll_challenges(aauthzrs, chall_update, best_effort)
	File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 226, in _poll_challenges
	raise errors.FailedChallenges(all_failed_achalls)
	FailedChallenges: Failed authorization procedure. animal2018.lightpaw.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://animal2018.lightpaw.com/.well-known/acme-challenge/AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY: "<html>
	<head>
	<meta http-equiv="Content-Type" content="textml;charset=GB2312" />
	<style>body{background-color:#FFFFFF}</sty"

	2018-06-13 18:28:23,095:DEBUG:certbot.error_handler:Calling registered functions
	2018-06-13 18:28:23,095:INFO:certbot.auth_handler:Cleaning up challenges
	2018-06-13 18:28:23,095:DEBUG:certbot.plugins.webroot:Removing /usr/share/nginx/html/.well-known/acme-challenge/AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY
	2018-06-13 18:28:23,095:DEBUG:certbot.plugins.webroot:All challenges cleaned up
	2018-06-13 18:28:23,095:DEBUG:certbot.log:Exiting abnormally:
	Traceback (most recent call last):
	File "/usr/bin/certbot", line 11, in <module>
	sys.exit(main())
	File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 1323, in main
	return config.func(config, plugins)
	File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 1213, in certonly
	lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
	File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 115, in _get_and_save_cert
	renewal.renew_cert(config, domains, le_client, lineage)
	File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 304, in renew_cert
	new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
	File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 326, in obtain_certificate
	orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
	File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 362, in _get_order_and_authorizations
	authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
	File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
	self._respond(aauthzrs, resp, best_effort)
	File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 155, in _respond
	self._poll_challenges(aauthzrs, chall_update, best_effort)
	File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 226, in _poll_challenges
	raise errors.FailedChallenges(all_failed_achalls)
	FailedChallenges: Failed authorization procedure. animal2018.lightpaw.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://animal2018.lightpaw.com/.well-known/acme-challenge/AzpO6Xzp5UejsQiyv3F-zQHVRo9wHXW5FsrFx594SyY: "<html>
	<head>
	<meta http-equiv="Content-Type" content="textml;charset=GB2312" />
	<style>body{background-color:#FFFFFF}</sty"