root@mail:/var/log/letsencrypt# cat letsencrypt.log 2019-11-04 18:26:40,105:DEBUG:certbot.main:certbot version: 0.39.0 2019-11-04 18:26:40,106:DEBUG:certbot.main:Arguments: [] 2019-11-04 18:26:40,106:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2019-11-04 18:26:40,122:DEBUG:certbot.log:Root logging level set at 20 2019-11-04 18:26:40,123:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2019-11-04 18:26:40,168:DEBUG:certbot.plugins.selection:Requested authenticator and installer 2019-11-04 18:26:40,206:INFO:certbot.renewal:Cert not yet due for renewal 2019-11-04 18:26:40,207:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer None 2019-11-04 18:26:40,240:INFO:certbot.renewal:Cert not yet due for renewal 2019-11-04 18:26:40,241:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer None 2019-11-04 18:26:40,274:INFO:certbot.renewal:Cert not yet due for renewal 2019-11-04 18:26:40,274:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None 2019-11-04 18:26:40,306:INFO:certbot.renewal:Cert not yet due for renewal 2019-11-04 18:26:40,306:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None 2019-11-04 18:26:40,308:WARNING:certbot.renewal: Traceback (most recent call last): File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/renewal.py", line 64, in _reconstitute renewal_candidate = storage.RenewableCert(full_path, config) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/storage.py", line 465, in __init__ self._check_symlinks() File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/storage.py", line 523, in _check_symlinks "expected {0} to be a symlink".format(link)) CertStorageError: expected /etc/letsencrypt/live/eisgeliebt.de-0001/cert.pem to be a symlink 2019-11-04 18:26:40,309:WARNING:certbot.renewal:Renewal configuration file /etc/letsencrypt/renewal/eisgeliebt.de-0001.conf is broken. Skipping. 2019-11-04 18:26:40,309:DEBUG:certbot.renewal:Traceback was: Traceback (most recent call last): File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/renewal.py", line 64, in _reconstitute renewal_candidate = storage.RenewableCert(full_path, config) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/storage.py", line 465, in __init__ self._check_symlinks() File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/storage.py", line 523, in _check_symlinks "expected {0} to be a symlink".format(link)) CertStorageError: expected /etc/letsencrypt/live/eisgeliebt.de-0001/cert.pem to be a symlink 2019-11-04 18:26:40,345:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2019-03-14 12:32:41 UTC. 2019-11-04 18:26:40,345:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2019-11-04 18:26:40,346:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None 2019-11-04 18:26:40,351:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot Description: Place files in webroot directory Interfaces: IAuthenticator, IPlugin Entry point: webroot = certbot.plugins.webroot:Authenticator Initialized: Prep: True 2019-11-04 18:26:40,352:DEBUG:certbot.plugins.selection:Selected authenticator and installer None 2019-11-04 18:26:40,352:INFO:certbot.plugins.selection:Plugins selected: Authenticator webroot, Installer None 2019-11-04 18:26:40,355:DEBUG:certbot.main:Picked account: )>), external_account_binding=None), uri=u'https://acme-v01.api.letsencrypt.org/acme/reg/30233806', new_authzr_uri=u'https://acme-v01.api.letsencrypt.org/acme/new-authz', terms_of_service=u'https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'), da2741d321a8782bc72a4cec2197ff46, Meta(creation_host=u'debian', creation_dt=datetime.datetime(2018, 2, 27, 21, 44, 42, tzinfo=)))> 2019-11-04 18:26:40,358:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2019-11-04 18:26:40,360:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2019-11-04 18:26:40,972:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2019-11-04 18:26:40,974:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 04 Nov 2019 17:26:40 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "l2gZdjqcm1s": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2019-11-04 18:26:40,974:INFO:certbot.hooks:Running pre-hook command: service nginx stop 2019-11-04 18:26:46,532:INFO:certbot.main:Renewing an existing certificate 2019-11-04 18:26:46,634:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0145_key-certbot.pem 2019-11-04 18:26:46,638:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0145_csr-certbot.pem 2019-11-04 18:26:46,639:DEBUG:acme.client:Requesting fresh nonce 2019-11-04 18:26:46,639:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2019-11-04 18:26:46,794:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2019-11-04 18:26:46,794:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 04 Nov 2019 17:26:46 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001H_UuqOBxJqeVnDFLUMHYKkZOiDkPhe2I_rpTur-uvhA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2019-11-04 18:26:46,795:DEBUG:acme.client:Storing nonce: 0001H_UuqOBxJqeVnDFLUMHYKkZOiDkPhe2I_rpTur-uvhA 2019-11-04 18:26:46,829:DEBUG:acme.client:JWS payload: { "identifiers": [ { "type": "dns", "value": "eisgeliebt.de" }, { "type": "dns", "value": "www.eisgeliebt.de" } ] } 2019-11-04 18:26:46,832:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJub25jZSI6ICIwMDAxSF9VdXFPQnhKcWVWbkRGTFVNSFlLa1pPaURrUGhlMklfcnBUdXItdXZoQSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9yZWcvMzAyMzM4MDYiLCAiYWxnIjogIlJTMjU2In0", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwgCiAgICAgICJ2YWx1ZSI6ICJlaXNnZWxpZWJ0LmRlIgogICAgfSwgCiAgICB7CiAgICAgICJ0eXBlIjogImRucyIsIAogICAgICAidmFsdWUiOiAid3d3LmVpc2dlbGllYnQuZGUiCiAgICB9CiAgXQp9", "signature": "KjqPknDhKj8MI63fWCCYVU99YFiMi2BJemkCSr01aUZKxzI1Zx41rQhDrDaryPw7TwI_-M4BCrbfv0pkLs_WEPckHRbXurkBcTdZjlcMkC6ovVVlkzmil46enzRSbC2HkxOqNK8ul6bBsz9l1pGXe92XdxZk1RpeCktWAgq8h_AD2ZXUodxAne9BXVOVrTgFPSLfyFul6sip9vg3mOVXGydI2TdCMLRchNhDkGYrXKZA2iq_yTySWhooMfHfN9crazIym0gENolZf9GZ-WiV4UfhheIvtwTE7B87rDbdU0ppJcvPZhe8CEGj1Z7NmP72FFpttSiiKK5W8yX47ZNptQ" } 2019-11-04 18:26:47,024:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 481 2019-11-04 18:26:47,025:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Mon, 04 Nov 2019 17:26:46 GMT Content-Type: application/json Content-Length: 481 Connection: keep-alive Boulder-Requester: 30233806 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/30233806/1436765565 Replay-Nonce: 0002q3p0eh6k2SKYZpo8xYrBKLt18-_2SEVPoL-9qFWRMWY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2019-11-11T17:26:46.943221583Z", "identifiers": [ { "type": "dns", "value": "eisgeliebt.de" }, { "type": "dns", "value": "www.eisgeliebt.de" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/1084751717", "https://acme-v02.api.letsencrypt.org/acme/authz-v3/1084751719" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/30233806/1436765565" } 2019-11-04 18:26:47,025:DEBUG:acme.client:Storing nonce: 0002q3p0eh6k2SKYZpo8xYrBKLt18-_2SEVPoL-9qFWRMWY 2019-11-04 18:26:47,026:DEBUG:acme.client:JWS payload: 2019-11-04 18:26:47,029:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/1084751717: { "protected": "eyJub25jZSI6ICIwMDAycTNwMGVoNmsyU0tZWnBvOHhZckJLTHQxOC1fMlNFVlBvTC05cUZXUk1XWSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMTA4NDc1MTcxNyIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMS5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvcmVnLzMwMjMzODA2IiwgImFsZyI6ICJSUzI1NiJ9", "payload": "", "signature": "KPIjMv609NMjKDVZ0WqO7MaP_4r-JQLixFqlQ8a5OyyaHfJAc7pV2ljNQptkwxvMBcxumAWUrRm9eTJvBQEvqTZjHFJ5WBNs3qsnOquppPz0Q54LUgZfnL64OOY-iq_XKI7CegCZ2rCVJ6IxpxSJS7C8GKVXLvPu1w8fcxr99FAB4DBbqBv5Qyf23CZgK3HzTPh9VuFzX2N_deqpG8vGGPrObkxJk6IWIAOSkyOUilhc5n7mf7dCNXQJt2NbQqldvf8BA4TOEUgVXbIm_bf7I-HQl0iJ4ON9KwhzHElCoci90COxsmqZxNuPccMfMoKxR7jeKOAO3OhLswxPMIqz_w" } 2019-11-04 18:26:47,186:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/1084751717 HTTP/1.1" 200 791 2019-11-04 18:26:47,186:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 04 Nov 2019 17:26:47 GMT Content-Type: application/json Content-Length: 791 Connection: keep-alive Boulder-Requester: 30233806 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002i5gzLR3GZQ-VBAwESrAzoIFprrHV0MNtQe9GlTmMyxg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "eisgeliebt.de" }, "status": "pending", "expires": "2019-11-11T17:26:46Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751717/WFw75Q", "token": "dILsejKQIUP50-htQKKuwe22fsxADSWiCyE9q8GJfd4" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751717/NP_UIg", "token": "dILsejKQIUP50-htQKKuwe22fsxADSWiCyE9q8GJfd4" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751717/x3jU4A", "token": "dILsejKQIUP50-htQKKuwe22fsxADSWiCyE9q8GJfd4" } ] } 2019-11-04 18:26:47,187:DEBUG:acme.client:Storing nonce: 0002i5gzLR3GZQ-VBAwESrAzoIFprrHV0MNtQe9GlTmMyxg 2019-11-04 18:26:47,187:DEBUG:acme.client:JWS payload: 2019-11-04 18:26:47,189:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/1084751719: { "protected": "eyJub25jZSI6ICIwMDAyaTVnekxSM0daUS1WQkF3RVNyQXpvSUZwcnJIVjBNTnRRZTlHbFRtTXl4ZyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMTA4NDc1MTcxOSIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMS5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvcmVnLzMwMjMzODA2IiwgImFsZyI6ICJSUzI1NiJ9", "payload": "", "signature": "cXE13F1Tti5SA34sbCvC06KguSdpjBodgkK_uSVfFngRwb01E_guSvEYrD6Sr1_BW-0xDTYHzBikKcXlZKdCrEtGvegkH8wjUQ9h30tAudwxzb7aCVkhhFcuDs9u2Ne5qwVTml7H5Jk81CuJzDBeG7AVZIS6Nod9-Nz-2Ws6obt-6AQx03h5QyiAd7hCygT156XQS0UBvMyzdEPhJGaLuQeZgSBtw1ig-pfOX_0J7_QgF72Q38HH2jXJpYwcNbsYj6aKUIEtvw2u1bgQw62SDFWpoeYmEMue3LRcCAJY3XmIwaR7FUll877Hx2Cr7uvs2-cAKyQz3X-EzxuuPRZAqQ" } 2019-11-04 18:26:47,346:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/1084751719 HTTP/1.1" 200 795 2019-11-04 18:26:47,346:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 04 Nov 2019 17:26:47 GMT Content-Type: application/json Content-Length: 795 Connection: keep-alive Boulder-Requester: 30233806 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002HZrDMw_ft5RnuHAw7j6URlfWr6qoRea1vJjSU4e0Aas X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.eisgeliebt.de" }, "status": "pending", "expires": "2019-11-11T17:26:46Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751719/FxLveg", "token": "ic06Ak7BYY7WQJg79l__kI0DKPXIKJPdoB8anagtY6I" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751719/7Swzjw", "token": "ic06Ak7BYY7WQJg79l__kI0DKPXIKJPdoB8anagtY6I" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751719/ImwTVg", "token": "ic06Ak7BYY7WQJg79l__kI0DKPXIKJPdoB8anagtY6I" } ] } 2019-11-04 18:26:47,347:DEBUG:acme.client:Storing nonce: 0002HZrDMw_ft5RnuHAw7j6URlfWr6qoRea1vJjSU4e0Aas 2019-11-04 18:26:47,347:INFO:certbot.auth_handler:Performing the following challenges: 2019-11-04 18:26:47,348:INFO:certbot.auth_handler:http-01 challenge for eisgeliebt.de 2019-11-04 18:26:47,348:INFO:certbot.auth_handler:http-01 challenge for www.eisgeliebt.de 2019-11-04 18:26:47,348:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /www/sites/eisgeliebt.de/htdocs/.well-known/acme-challenge 2019-11-04 18:26:47,349:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /www/sites/eisgeliebt.de/htdocs/.well-known/acme-challenge 2019-11-04 18:26:47,352:DEBUG:certbot.plugins.webroot:Attempting to save validation to /www/sites/eisgeliebt.de/htdocs/.well-known/acme-challenge/dILsejKQIUP50-htQKKuwe22fsxADSWiCyE9q8GJfd4 2019-11-04 18:26:47,355:DEBUG:certbot.plugins.webroot:Attempting to save validation to /www/sites/eisgeliebt.de/htdocs/.well-known/acme-challenge/ic06Ak7BYY7WQJg79l__kI0DKPXIKJPdoB8anagtY6I 2019-11-04 18:26:47,355:INFO:certbot.auth_handler:Waiting for verification... 2019-11-04 18:26:47,355:DEBUG:acme.client:JWS payload: { "type": "http-01", "resource": "challenge" } 2019-11-04 18:26:47,357:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751717/WFw75Q: { "protected": "eyJub25jZSI6ICIwMDAySFpyRE13X2Z0NVJudUhBdzdqNlVSbGZXcjZxb1JlYTF2SmpTVTRlMEFhcyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMTA4NDc1MTcxNy9XRnc3NVEiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDEuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL3JlZy8zMDIzMzgwNiIsICJhbGciOiAiUlMyNTYifQ", "payload": "ewogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9", "signature": "E-t7L2C_zCgXAMdoz8x3yTfK3CIJxz0bV1u0et2nKAMkgJNT-jzbQ7gZXLa7DSGkuGz4eADW4B3ve68ewSJ25YHPiqiLMa7EYXPQ0CqCLp9rxN3d1yy5Rc6X7pE8apslIglCYD0mUETMpvyYwDrbfDU_xfm7jfcqJ_JQUwex3Zu0Rb5AMpsjfZG0V05v0FesPvVzMMh1flUzOigEJj0ShIgJzaMev_HgpViWuz6gE1X5OK1AHrnatuT8sNzAM5_bxr0K4UPsydyC7-sfckNmy5xPH6cbENa4GwscgtwUJo4gt3i2QGG7wOCOdq8YDlQxLltN10C3ZFTpURSKU4GD4w" } 2019-11-04 18:26:47,515:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/1084751717/WFw75Q HTTP/1.1" 200 185 2019-11-04 18:26:47,516:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 04 Nov 2019 17:26:47 GMT Content-Type: application/json Content-Length: 185 Connection: keep-alive Boulder-Requester: 30233806 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751717/WFw75Q Replay-Nonce: 0001kNtIE-tfhnY3keVAalEK5p_KBTpTW3hLTYa5SCaQKsM X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751717/WFw75Q", "token": "dILsejKQIUP50-htQKKuwe22fsxADSWiCyE9q8GJfd4" } 2019-11-04 18:26:47,517:DEBUG:acme.client:Storing nonce: 0001kNtIE-tfhnY3keVAalEK5p_KBTpTW3hLTYa5SCaQKsM 2019-11-04 18:26:47,518:DEBUG:acme.client:JWS payload: { "type": "http-01", "resource": "challenge" } 2019-11-04 18:26:47,521:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751719/FxLveg: { "protected": "eyJub25jZSI6ICIwMDAxa050SUUtdGZoblkza2VWQWFsRUs1cF9LQlRwVFczaExUWWE1U0NhUUtzTSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMTA4NDc1MTcxOS9GeEx2ZWciLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDEuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL3JlZy8zMDIzMzgwNiIsICJhbGciOiAiUlMyNTYifQ", "payload": "ewogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9", "signature": "Ly8zvwR7IvILX9efNvmntDZAfzYLrBbhjbclRs9F0H0I9qc9CDb0qKJYf9bLL9m74r6jaPlcxoFvVOj2Gts8cs_W2PZtoZBNcuAYL8kePYd7T-6Olr2epCsAHYNXBiKB0SBoqPn1MK5PQfWmPEpzFu6bt2g76x1ByA7Oo1PjIaW-QKb_K-CYHH3ZaX8j0JXsupF1t1rN255AUXDo0BRknHJXUc9Mq37zt-fdcepXQpGTZ1xO2TuiSeFB_KbYpdOpoElKGK7TRyl8IKEeHgAZoe2IUDh5UMfFIMINbkwdFja8iTLZu2axC2ScEkPwqqqZbx9-F5n87cziEwvFp0CCFQ" } 2019-11-04 18:26:47,682:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/1084751719/FxLveg HTTP/1.1" 200 185 2019-11-04 18:26:47,683:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 04 Nov 2019 17:26:47 GMT Content-Type: application/json Content-Length: 185 Connection: keep-alive Boulder-Requester: 30233806 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751719/FxLveg Replay-Nonce: 0002ABNoLAbWHHbj7BLQ_dNShxIPWsld23tjjIUD9rL0U0I X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751719/FxLveg", "token": "ic06Ak7BYY7WQJg79l__kI0DKPXIKJPdoB8anagtY6I" } 2019-11-04 18:26:47,683:DEBUG:acme.client:Storing nonce: 0002ABNoLAbWHHbj7BLQ_dNShxIPWsld23tjjIUD9rL0U0I 2019-11-04 18:26:48,685:DEBUG:acme.client:JWS payload: 2019-11-04 18:26:48,687:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/1084751717: { "protected": "eyJub25jZSI6ICIwMDAyQUJOb0xBYldISGJqN0JMUV9kTlNoeElQV3NsZDIzdGpqSVVEOXJMMFUwSSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMTA4NDc1MTcxNyIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMS5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvcmVnLzMwMjMzODA2IiwgImFsZyI6ICJSUzI1NiJ9", "payload": "", "signature": "sKKg_v_LRwVW1MbgNhIq8u67Q-dQxn7Huy6pu_8AUYeEhL9YR7EgEVMiI3V9xktRmiG42Seecw-08ShIItS6EcpZ7QPLY4LAuRROj7dYbIth8ZXChBZGIBwRn_RKRCBI2dNcqoAlNUlQLbRhDLy3fMz1F4Nl5kS-sVPfiMjT9eScwK4iOspgtNSLZxyKZDinKdRkwLzCtL9GUFrPSwFoWgtpyqFB_JUCGEeDwoYw4HWiemqsCbTRwKh9jbn8OmUqgeIToy5mfBz40ULtWOg4xS0v3XhKQ1ZTtUS74Ici9H4KAyZPYLIWcsaDkhKGvzh240ZfCupII4FZ8p93Ux28aw" } 2019-11-04 18:26:48,847:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/1084751717 HTTP/1.1" 200 791 2019-11-04 18:26:48,848:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 04 Nov 2019 17:26:48 GMT Content-Type: application/json Content-Length: 791 Connection: keep-alive Boulder-Requester: 30233806 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001CfP6PJTb05O4q6L5RkoV9OZ0l5rbGkbk93VgZsr2pSY X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "eisgeliebt.de" }, "status": "pending", "expires": "2019-11-11T17:26:46Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751717/WFw75Q", "token": "dILsejKQIUP50-htQKKuwe22fsxADSWiCyE9q8GJfd4" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751717/NP_UIg", "token": "dILsejKQIUP50-htQKKuwe22fsxADSWiCyE9q8GJfd4" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751717/x3jU4A", "token": "dILsejKQIUP50-htQKKuwe22fsxADSWiCyE9q8GJfd4" } ] } 2019-11-04 18:26:48,848:DEBUG:acme.client:Storing nonce: 0001CfP6PJTb05O4q6L5RkoV9OZ0l5rbGkbk93VgZsr2pSY 2019-11-04 18:26:48,849:DEBUG:acme.client:JWS payload: 2019-11-04 18:26:48,852:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/1084751719: { "protected": "eyJub25jZSI6ICIwMDAxQ2ZQNlBKVGIwNU80cTZMNVJrb1Y5T1owbDVyYkdrYms5M1ZnWnNyMnBTWSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMTA4NDc1MTcxOSIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMS5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvcmVnLzMwMjMzODA2IiwgImFsZyI6ICJSUzI1NiJ9", "payload": "", "signature": "m9sQeswM9b35zo-bMq6Z3IdWZc9bgBadumJgia2Lb8-zqcds_raqttdOVg2ZeMKYCoPp0rXoq00MB1RVsaH2HY6WU-862SEXvi33UODsBZjokNTh3UtLNr8AHU-YyHs7uE5clTchrnmyT2AvVO3r0DLIoiVDClmXoV1jFDdmfq_JmCYk78AQEP739Iizztx14fOeLELkEdhSmrVv2Yg_5tKUp0AGRCjnvNEEF4Tp31s97XiJkyntShguy2OU7uU4qvsGi0fB9orU0s9dh0qGQeSmUJ8fPzZIoxOfjduy7PD_HpsrJ8TxGHaGNFHuTJcodMHDngcSvRprwKZxjcZXYw" } 2019-11-04 18:26:49,009:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/1084751719 HTTP/1.1" 200 795 2019-11-04 18:26:49,010:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 04 Nov 2019 17:26:48 GMT Content-Type: application/json Content-Length: 795 Connection: keep-alive Boulder-Requester: 30233806 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 000283I3c5KLqqMR3M-8a2jEzSRnhISc4GEarKETf5MIWZw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.eisgeliebt.de" }, "status": "pending", "expires": "2019-11-11T17:26:46Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751719/FxLveg", "token": "ic06Ak7BYY7WQJg79l__kI0DKPXIKJPdoB8anagtY6I" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751719/7Swzjw", "token": "ic06Ak7BYY7WQJg79l__kI0DKPXIKJPdoB8anagtY6I" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751719/ImwTVg", "token": "ic06Ak7BYY7WQJg79l__kI0DKPXIKJPdoB8anagtY6I" } ] } 2019-11-04 18:26:49,011:DEBUG:acme.client:Storing nonce: 000283I3c5KLqqMR3M-8a2jEzSRnhISc4GEarKETf5MIWZw 2019-11-04 18:26:52,014:DEBUG:acme.client:JWS payload: 2019-11-04 18:26:52,017:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/1084751717: { "protected": "eyJub25jZSI6ICIwMDAyODNJM2M1S0xxcU1SM00tOGEyakV6U1JuaElTYzRHRWFyS0VUZjVNSVdadyIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMTA4NDc1MTcxNyIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMS5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvcmVnLzMwMjMzODA2IiwgImFsZyI6ICJSUzI1NiJ9", "payload": "", "signature": "ODQ-oXCy-tdY4WEPzCjfxVsGdMZTNc7qFjWfnrItu8Z2f5R79iSe1Y8pbGis0-Pmi-g5vFsNfFY6L4P_IxlMCA6U4jTUzJnt6xWpUcnZaWNsDoEbmXOJMiZuSgThw9Qs5DTIHJQJX4txLkVNSc_oB3mSoUjTFUiD_13jvTLRGMB2UPyhyawGy8PkVMqrwOWnrkKdC1hTetZmRw6AHnCyHgKSZB04RQGED2SIARSy6BwqW-k37WN9VbmKyeSdvH3M88p5B8NHVZkE0izFtJm-UCqnWWD0x47HgmDE-kKtyFq4FHnX1nrWfckOGE2aept5CftHoYSWY6cvDQ7I9JPH0Q" } 2019-11-04 18:26:52,178:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/1084751717 HTTP/1.1" 200 1710 2019-11-04 18:26:52,180:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 04 Nov 2019 17:26:52 GMT Content-Type: application/json Content-Length: 1710 Connection: keep-alive Boulder-Requester: 30233806 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001KyFNNpmDGjHoHe-mDTzyFle680f2blGWKkGvQRs6w44 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "eisgeliebt.de" }, "status": "invalid", "expires": "2019-11-11T17:26:46Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:connection", "detail": "Fetching http://www.eisgeliebt.cafe/.well-known/acme-challenge/dILsejKQIUP50-htQKKuwe22fsxADSWiCyE9q8GJfd4: Connection refused", "status": 400 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751717/WFw75Q", "token": "dILsejKQIUP50-htQKKuwe22fsxADSWiCyE9q8GJfd4", "validationRecord": [ { "url": "http://eisgeliebt.de/.well-known/acme-challenge/dILsejKQIUP50-htQKKuwe22fsxADSWiCyE9q8GJfd4", "hostname": "eisgeliebt.de", "port": "80", "addressesResolved": [ "89.31.143.1" ], "addressUsed": "89.31.143.1" }, { "url": "http://www.eisgeliebt.cafe/.well-known/acme-challenge/dILsejKQIUP50-htQKKuwe22fsxADSWiCyE9q8GJfd4", "hostname": "www.eisgeliebt.cafe", "port": "80", "addressesResolved": [ "173.249.63.91" ], "addressUsed": "173.249.63.91" } ] }, { "type": "dns-01", "status": "invalid", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751717/NP_UIg", "token": "dILsejKQIUP50-htQKKuwe22fsxADSWiCyE9q8GJfd4" }, { "type": "tls-alpn-01", "status": "invalid", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751717/x3jU4A", "token": "dILsejKQIUP50-htQKKuwe22fsxADSWiCyE9q8GJfd4" } ] } 2019-11-04 18:26:52,180:DEBUG:acme.client:Storing nonce: 0001KyFNNpmDGjHoHe-mDTzyFle680f2blGWKkGvQRs6w44 2019-11-04 18:26:52,181:DEBUG:acme.client:JWS payload: 2019-11-04 18:26:52,184:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/1084751719: { "protected": "eyJub25jZSI6ICIwMDAxS3lGTk5wbURHakhvSGUtbURUenlGbGU2ODBmMmJsR1dLa0d2UVJzNnc0NCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMTA4NDc1MTcxOSIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMS5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvcmVnLzMwMjMzODA2IiwgImFsZyI6ICJSUzI1NiJ9", "payload": "", "signature": "WC5Ur2J8WlaGe1-Ouj7bsfGI65gIElPOLmWbMpPRJqEjMRkiMyT5YAidU6GpYeAhtRuP44DHI2GCJ5Ik2HC36H0XbY0ZxbA8kGe0zQairSBYG4aHdDYqcxf90YWCSBeuMVB0vvxm6EgCVQubS8777U-ZB7hBEgKyQbtuUt4BpkJYcGlfYQYLkscKjhJ-PcE_xzMAOlmmqCMlMd7wfQup_ttu4EP3BdULjjU3MDdk6dPAjlsULmz2UKNKMZZZLjBZbT1YEw9Jy8iqpCePap3A-GfIqA9hIvwvf7_JGH9bshi6vIGiFyuPAs38xDNQ6QxtW6V-zTlN8Y_zKMsNYGWESw" } 2019-11-04 18:26:52,339:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/1084751719 HTTP/1.1" 200 1722 2019-11-04 18:26:52,340:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 04 Nov 2019 17:26:52 GMT Content-Type: application/json Content-Length: 1722 Connection: keep-alive Boulder-Requester: 30233806 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0001sWZc1yJ6CQzO076hms2v-_OMoOpJTwQePyhIAG0fkwk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "www.eisgeliebt.de" }, "status": "invalid", "expires": "2019-11-11T17:26:46Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:connection", "detail": "Fetching http://www.eisgeliebt.cafe/.well-known/acme-challenge/ic06Ak7BYY7WQJg79l__kI0DKPXIKJPdoB8anagtY6I: Connection refused", "status": 400 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751719/FxLveg", "token": "ic06Ak7BYY7WQJg79l__kI0DKPXIKJPdoB8anagtY6I", "validationRecord": [ { "url": "http://www.eisgeliebt.de/.well-known/acme-challenge/ic06Ak7BYY7WQJg79l__kI0DKPXIKJPdoB8anagtY6I", "hostname": "www.eisgeliebt.de", "port": "80", "addressesResolved": [ "89.31.143.1" ], "addressUsed": "89.31.143.1" }, { "url": "http://www.eisgeliebt.cafe/.well-known/acme-challenge/ic06Ak7BYY7WQJg79l__kI0DKPXIKJPdoB8anagtY6I", "hostname": "www.eisgeliebt.cafe", "port": "80", "addressesResolved": [ "173.249.63.91" ], "addressUsed": "173.249.63.91" } ] }, { "type": "dns-01", "status": "invalid", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751719/7Swzjw", "token": "ic06Ak7BYY7WQJg79l__kI0DKPXIKJPdoB8anagtY6I" }, { "type": "tls-alpn-01", "status": "invalid", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084751719/ImwTVg", "token": "ic06Ak7BYY7WQJg79l__kI0DKPXIKJPdoB8anagtY6I" } ] } 2019-11-04 18:26:52,340:DEBUG:acme.client:Storing nonce: 0001sWZc1yJ6CQzO076hms2v-_OMoOpJTwQePyhIAG0fkwk 2019-11-04 18:26:52,341:WARNING:certbot.auth_handler:Challenge failed for domain eisgeliebt.de 2019-11-04 18:26:52,341:WARNING:certbot.auth_handler:Challenge failed for domain www.eisgeliebt.de 2019-11-04 18:26:52,341:INFO:certbot.auth_handler:http-01 challenge for eisgeliebt.de 2019-11-04 18:26:52,342:INFO:certbot.auth_handler:http-01 challenge for www.eisgeliebt.de 2019-11-04 18:26:52,342:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: eisgeliebt.de Type: connection Detail: Fetching http://www.eisgeliebt.cafe/.well-known/acme-challenge/dILsejKQIUP50-htQKKuwe22fsxADSWiCyE9q8GJfd4: Connection refused Domain: www.eisgeliebt.de Type: connection Detail: Fetching http://www.eisgeliebt.cafe/.well-known/acme-challenge/ic06Ak7BYY7WQJg79l__kI0DKPXIKJPdoB8anagtY6I: Connection refused To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided. 2019-11-04 18:26:52,342:DEBUG:certbot.error_handler:Encountered exception: Traceback (most recent call last): File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 90, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 154, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') AuthorizationError: Some challenges have failed. 2019-11-04 18:26:52,342:DEBUG:certbot.error_handler:Calling registered functions 2019-11-04 18:26:52,342:INFO:certbot.auth_handler:Cleaning up challenges 2019-11-04 18:26:52,342:DEBUG:certbot.plugins.webroot:Removing /www/sites/eisgeliebt.de/htdocs/.well-known/acme-challenge/dILsejKQIUP50-htQKKuwe22fsxADSWiCyE9q8GJfd4 2019-11-04 18:26:52,343:DEBUG:certbot.plugins.webroot:Removing /www/sites/eisgeliebt.de/htdocs/.well-known/acme-challenge/ic06Ak7BYY7WQJg79l__kI0DKPXIKJPdoB8anagtY6I 2019-11-04 18:26:52,343:DEBUG:certbot.plugins.webroot:All challenges cleaned up 2019-11-04 18:26:52,343:WARNING:certbot.renewal:Attempting to renew cert (eisgeliebt.de) from /etc/letsencrypt/renewal/eisgeliebt.de.conf produced an unexpected error: Some challenges have failed.. Skipping. 2019-11-04 18:26:52,344:DEBUG:certbot.renewal:Traceback was: Traceback (most recent call last): File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/renewal.py", line 449, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 1208, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 116, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/renewal.py", line 307, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/client.py", line 348, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/client.py", line 384, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 90, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 154, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') AuthorizationError: Some challenges have failed. 2019-11-04 18:26:52,377:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2019-11-19 09:23:36 UTC. 2019-11-04 18:26:52,378:INFO:certbot.renewal:Cert is due for renewal, auto-renewing... 2019-11-04 18:26:52,378:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None 2019-11-04 18:26:52,383:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot Description: Place files in webroot directory Interfaces: IAuthenticator, IPlugin Entry point: webroot = certbot.plugins.webroot:Authenticator Initialized: Prep: True 2019-11-04 18:26:52,384:DEBUG:certbot.plugins.selection:Selected authenticator and installer None 2019-11-04 18:26:52,384:INFO:certbot.plugins.selection:Plugins selected: Authenticator webroot, Installer None 2019-11-04 18:26:52,387:DEBUG:certbot.main:Picked account: )>), external_account_binding=None), uri=u'https://acme-v01.api.letsencrypt.org/acme/reg/30233806', new_authzr_uri=u'https://acme-v01.api.letsencrypt.org/acme/new-authz', terms_of_service=u'https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'), da2741d321a8782bc72a4cec2197ff46, Meta(creation_host=u'debian', creation_dt=datetime.datetime(2018, 2, 27, 21, 44, 42, tzinfo=)))> 2019-11-04 18:26:52,387:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory. 2019-11-04 18:26:52,388:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443 2019-11-04 18:26:52,996:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658 2019-11-04 18:26:52,997:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 04 Nov 2019 17:26:52 GMT Content-Type: application/json Content-Length: 658 Connection: keep-alive Cache-Control: public, max-age=0, no-cache X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "HsR0tpElLeA": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change", "meta": { "caaIdentities": [ "letsencrypt.org" ], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf", "website": "https://letsencrypt.org" }, "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct", "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce", "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order", "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert" } 2019-11-04 18:26:52,997:INFO:certbot.main:Renewing an existing certificate 2019-11-04 18:26:53,109:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0146_key-certbot.pem 2019-11-04 18:26:53,115:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0146_csr-certbot.pem 2019-11-04 18:26:53,116:DEBUG:acme.client:Requesting fresh nonce 2019-11-04 18:26:53,116:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce. 2019-11-04 18:26:53,269:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0 2019-11-04 18:26:53,270:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 04 Nov 2019 17:26:53 GMT Connection: keep-alive Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002bIxUbSlqze2zE33QSyNs3TjL6tgEVXHVptNUUHLvzzE X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 2019-11-04 18:26:53,270:DEBUG:acme.client:Storing nonce: 0002bIxUbSlqze2zE33QSyNs3TjL6tgEVXHVptNUUHLvzzE 2019-11-04 18:26:53,270:DEBUG:acme.client:JWS payload: { "identifiers": [ { "type": "dns", "value": "physiotherapieferber.de" } ] } 2019-11-04 18:26:53,272:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order: { "protected": "eyJub25jZSI6ICIwMDAyYkl4VWJTbHF6ZTJ6RTMzUVN5TnMzVGpMNnRnRVZYSFZwdE5VVUhMdnp6RSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvbmV3LW9yZGVyIiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAxLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9yZWcvMzAyMzM4MDYiLCAiYWxnIjogIlJTMjU2In0", "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwgCiAgICAgICJ2YWx1ZSI6ICJwaHlzaW90aGVyYXBpZWZlcmJlci5kZSIKICAgIH0KICBdCn0", "signature": "YfklG2NBOWJCPJtI6Y2EdEvv7E7wmDE5cGL4LHHlNHaCjInGqJMXiKlqwMuM1KStBMcN6XN7LMrdpZqiKnHzh3qf0YdNFDFO5X4vNSDAFxY42RHt3og570qYaYlnC2HRYJ2bda5_57DbG0QkAlZy10jUmxmmEo0fKnkZlL3a-d0KLLxWN7bzD-rIiykKzLJBAl8ogYylVjq3kJGxMrkw5lPXAMU-Sz3rnd8fSx1WYBG6pXNz2jEodsjKCCpqhK6JbBnu6KufUS9yt3lUamKZKIaGaRS03PbiR1voRNiuQ6TmrjIp0eOPyxS3Rh9mv4X0BCVmSLGIIxL0AqNbWV9Wmw" } 2019-11-04 18:26:53,452:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 353 2019-11-04 18:26:53,453:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Date: Mon, 04 Nov 2019 17:26:53 GMT Content-Type: application/json Content-Length: 353 Connection: keep-alive Boulder-Requester: 30233806 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Location: https://acme-v02.api.letsencrypt.org/acme/order/30233806/1436765900 Replay-Nonce: 0002DA8WnalPjX8dpNUP8kUAWFdEf0YivkgMik8GySH7X24 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "status": "pending", "expires": "2019-11-11T17:26:53.374732515Z", "identifiers": [ { "type": "dns", "value": "physiotherapieferber.de" } ], "authorizations": [ "https://acme-v02.api.letsencrypt.org/acme/authz-v3/1084752580" ], "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/30233806/1436765900" } 2019-11-04 18:26:53,454:DEBUG:acme.client:Storing nonce: 0002DA8WnalPjX8dpNUP8kUAWFdEf0YivkgMik8GySH7X24 2019-11-04 18:26:53,454:DEBUG:acme.client:JWS payload: 2019-11-04 18:26:53,456:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/1084752580: { "protected": "eyJub25jZSI6ICIwMDAyREE4V25hbFBqWDhkcE5VUDhrVUFXRmRFZjBZaXZrZ01pazhHeVNIN1gyNCIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMTA4NDc1MjU4MCIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMS5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvcmVnLzMwMjMzODA2IiwgImFsZyI6ICJSUzI1NiJ9", "payload": "", "signature": "bxbVjC1rzM-QpUryzDVHcbMK52GKKO0pW372RDnx7FenyFLjpyKK9dnoJ1XngyPjTv2oOnJiVBt5RmumNX7b57gDB_CWCGUBa2Bti_-mSnu6E98jsobzFOsZXpVSeofYlS928QUx-zICCbwIWU9g2D7s43h8btjl2HU7kWBr_GkNEOzx0LQcRN6voz2tRK0fVR2AmcU7WeCjai78y9tpkxAZsDQ1Pvr_rjwvLXk7P3pnOqSoxQ7kscew4pMgSt4W3vwwSz83uvMDZJvg7HJ2mzYMVNaQyNYsCahVveNL5Z1dZ9BUCjyCGi3uQ_J9X2azFqOWeoqVNlt52Jw0bYJIww" } 2019-11-04 18:26:53,614:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/1084752580 HTTP/1.1" 200 801 2019-11-04 18:26:53,615:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 04 Nov 2019 17:26:53 GMT Content-Type: application/json Content-Length: 801 Connection: keep-alive Boulder-Requester: 30233806 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 0002JDR5GGLr8qnmK2VQbvm-C6tZJUHlV32p3q2ewneUY4k X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "physiotherapieferber.de" }, "status": "pending", "expires": "2019-11-11T17:26:53Z", "challenges": [ { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084752580/7bPRmw", "token": "yEMeOeydCR_GoXK4sjQxZoIDQ91R5xMlnwkBWzLYP1M" }, { "type": "dns-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084752580/Fn-8jQ", "token": "yEMeOeydCR_GoXK4sjQxZoIDQ91R5xMlnwkBWzLYP1M" }, { "type": "tls-alpn-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084752580/4vjQtQ", "token": "yEMeOeydCR_GoXK4sjQxZoIDQ91R5xMlnwkBWzLYP1M" } ] } 2019-11-04 18:26:53,616:DEBUG:acme.client:Storing nonce: 0002JDR5GGLr8qnmK2VQbvm-C6tZJUHlV32p3q2ewneUY4k 2019-11-04 18:26:53,616:INFO:certbot.auth_handler:Performing the following challenges: 2019-11-04 18:26:53,616:INFO:certbot.auth_handler:http-01 challenge for physiotherapieferber.de 2019-11-04 18:26:53,617:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /www/sites/physiotherapie-ferber.de/htdocs/.well-known/acme-challenge 2019-11-04 18:26:53,620:DEBUG:certbot.plugins.webroot:Attempting to save validation to /www/sites/physiotherapie-ferber.de/htdocs/.well-known/acme-challenge/yEMeOeydCR_GoXK4sjQxZoIDQ91R5xMlnwkBWzLYP1M 2019-11-04 18:26:53,620:INFO:certbot.auth_handler:Waiting for verification... 2019-11-04 18:26:53,621:DEBUG:acme.client:JWS payload: { "type": "http-01", "resource": "challenge" } 2019-11-04 18:26:53,623:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084752580/7bPRmw: { "protected": "eyJub25jZSI6ICIwMDAySkRSNUdHTHI4cW5tSzJWUWJ2bS1DNnRaSlVIbFYzMnAzcTJld25lVVk0ayIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvY2hhbGwtdjMvMTA4NDc1MjU4MC83YlBSbXciLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDEuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL3JlZy8zMDIzMzgwNiIsICJhbGciOiAiUlMyNTYifQ", "payload": "ewogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9", "signature": "O5R0dJH3T36_b6yTvuPbxNOlriEAlnEQ64hFL1rU2hlMo7rEG60vQebC8Sxq7BlW1T00bssk1o2FBM2e9WFDuJ_JlQhCsTjCyDYtJmNFGh9pHVAFHMQbKJgbJnJ0JSjpNmd6CV9eVvzke2uaUh-ZmSIKnX1IDpCVuO23CqF-N_Ud4M3ji1DDES0v2wh53ibxdgkayD1_EYzdwfivGSrtQ9DgGvgibJTGTGakz4iAu7oftYf8IAzN_4Zf3njdCCMT5vaPfNnr6mGqSsUihq67pt9z8YQTz5Bj0sRYwDiHXwAyk-QJh3IrQnoP48BsaRocNy58yil2Xa7AHQv-TWNFOQ" } 2019-11-04 18:26:53,780:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/1084752580/7bPRmw HTTP/1.1" 200 185 2019-11-04 18:26:53,781:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 04 Nov 2019 17:26:53 GMT Content-Type: application/json Content-Length: 185 Connection: keep-alive Boulder-Requester: 30233806 Cache-Control: public, max-age=0, no-cache Link: ;rel="index", ;rel="up" Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084752580/7bPRmw Replay-Nonce: 0001zxd9UqNRSgHLlREeA_miJFZHvXigeGEiTsMR-xmd_YQ X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "type": "http-01", "status": "pending", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084752580/7bPRmw", "token": "yEMeOeydCR_GoXK4sjQxZoIDQ91R5xMlnwkBWzLYP1M" } 2019-11-04 18:26:53,781:DEBUG:acme.client:Storing nonce: 0001zxd9UqNRSgHLlREeA_miJFZHvXigeGEiTsMR-xmd_YQ 2019-11-04 18:26:54,783:DEBUG:acme.client:JWS payload: 2019-11-04 18:26:54,786:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/1084752580: { "protected": "eyJub25jZSI6ICIwMDAxenhkOVVxTlJTZ0hMbFJFZUFfbWlKRlpIdlhpZ2VHRWlUc01SLXhtZF9ZUSIsICJ1cmwiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYXV0aHotdjMvMTA4NDc1MjU4MCIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMS5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvcmVnLzMwMjMzODA2IiwgImFsZyI6ICJSUzI1NiJ9", "payload": "", "signature": "Ka08DwYbk-EXsU0IKsn3vXQB5MBTtgiiYvnyFs3W_YVlYlnnKkDLhltOeS85yeTuGqkjL0gLJCWGeb_THXbcIr2qcw510Ve6SZ2AKMcy1qxGRs_idDQ117qX_0Tc9CVDyY3n-KoDq5fvVJxwGeppG1bieANfwOi0PgaernB3M33E9P-4vIEt-xLWgyK1wo4HjTXWi4y7oMOmgs69q-qztEpB_QkJ9FWBbl-EQ4fFL9RoRFPj5Q5-V3rrUkuTSrIXaNGyPYbNWb7bMpHCbqUfk6FQF8yeOmEvCkoSmnVwyIs9pJ2VfyM3kQP_HxiClc9qSDrlH61HV4xv42QbuLnzGg" } 2019-11-04 18:26:54,943:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/1084752580 HTTP/1.1" 200 1425 2019-11-04 18:26:54,945:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Date: Mon, 04 Nov 2019 17:26:54 GMT Content-Type: application/json Content-Length: 1425 Connection: keep-alive Boulder-Requester: 30233806 Cache-Control: public, max-age=0, no-cache Link: ;rel="index" Replay-Nonce: 00012b8HKgCymzsAWkRN8milMicpioZs3_6RuQW09IvSOiI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 { "identifier": { "type": "dns", "value": "physiotherapieferber.de" }, "status": "invalid", "expires": "2019-11-11T17:26:53Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:ietf:params:acme:error:connection", "detail": "Fetching http://physiotherapieferber.de/.well-known/acme-challenge/yEMeOeydCR_GoXK4sjQxZoIDQ91R5xMlnwkBWzLYP1M: Connection refused", "status": 400 }, "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084752580/7bPRmw", "token": "yEMeOeydCR_GoXK4sjQxZoIDQ91R5xMlnwkBWzLYP1M", "validationRecord": [ { "url": "http://physiotherapieferber.de/.well-known/acme-challenge/yEMeOeydCR_GoXK4sjQxZoIDQ91R5xMlnwkBWzLYP1M", "hostname": "physiotherapieferber.de", "port": "80", "addressesResolved": [ "173.249.63.91" ], "addressUsed": "173.249.63.91" } ] }, { "type": "dns-01", "status": "invalid", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084752580/Fn-8jQ", "token": "yEMeOeydCR_GoXK4sjQxZoIDQ91R5xMlnwkBWzLYP1M" }, { "type": "tls-alpn-01", "status": "invalid", "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/1084752580/4vjQtQ", "token": "yEMeOeydCR_GoXK4sjQxZoIDQ91R5xMlnwkBWzLYP1M" } ] } 2019-11-04 18:26:54,945:DEBUG:acme.client:Storing nonce: 00012b8HKgCymzsAWkRN8milMicpioZs3_6RuQW09IvSOiI 2019-11-04 18:26:54,946:WARNING:certbot.auth_handler:Challenge failed for domain physiotherapieferber.de 2019-11-04 18:26:54,946:INFO:certbot.auth_handler:http-01 challenge for physiotherapieferber.de 2019-11-04 18:26:54,947:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: physiotherapieferber.de Type: connection Detail: Fetching http://physiotherapieferber.de/.well-known/acme-challenge/yEMeOeydCR_GoXK4sjQxZoIDQ91R5xMlnwkBWzLYP1M: Connection refused To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided. 2019-11-04 18:26:54,947:DEBUG:certbot.error_handler:Encountered exception: Traceback (most recent call last): File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 90, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 154, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') AuthorizationError: Some challenges have failed. 2019-11-04 18:26:54,947:DEBUG:certbot.error_handler:Calling registered functions 2019-11-04 18:26:54,947:INFO:certbot.auth_handler:Cleaning up challenges 2019-11-04 18:26:54,947:DEBUG:certbot.plugins.webroot:Removing /www/sites/physiotherapie-ferber.de/htdocs/.well-known/acme-challenge/yEMeOeydCR_GoXK4sjQxZoIDQ91R5xMlnwkBWzLYP1M 2019-11-04 18:26:54,948:DEBUG:certbot.plugins.webroot:All challenges cleaned up 2019-11-04 18:26:54,950:WARNING:certbot.renewal:Attempting to renew cert (physiotherapieferber.de) from /etc/letsencrypt/renewal/physiotherapieferber.de.conf produced an unexpected error: Some challenges have failed.. Skipping. 2019-11-04 18:26:54,951:DEBUG:certbot.renewal:Traceback was: Traceback (most recent call last): File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/renewal.py", line 449, in handle_renewal_request main.renew_cert(lineage_config, plugins, renewal_candidate) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 1208, in renew_cert renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 116, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/renewal.py", line 307, in renew_cert new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/client.py", line 348, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/client.py", line 384, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 90, in handle_authorizations self._poll_authorizations(authzrs, max_retries, best_effort) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 154, in _poll_authorizations raise errors.AuthorizationError('Some challenges have failed.') AuthorizationError: Some challenges have failed. 2019-11-04 18:26:54,951:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed: 2019-11-04 18:26:54,951:ERROR:certbot.renewal: /etc/letsencrypt/live/eisgeliebt.de/fullchain.pem (failure) /etc/letsencrypt/live/physiotherapieferber.de/fullchain.pem (failure) 2019-11-04 18:26:54,953:INFO:certbot.hooks:Running post-hook command: service nginx start 2019-11-04 18:26:55,503:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 11, in sys.exit(main()) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 1378, in main return config.func(config, plugins) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 1287, in renew renewal.handle_renewal_request(config) File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/renewal.py", line 474, in handle_renewal_request len(renew_failures), len(parse_failures))) Error: 2 renew failure(s), 1 parse failure(s) root@mail:/var/log/letsencrypt#