how to configure requests and response?

Question

how to configure requests and response?

Closed this issue 7 years ago · 10 comments

Admin interface seems working now. But how to configure it?

CMD:
sudo letsencrypt certonly -a webroot --webroot-path=/var/www/html -d example.net -d www.example.net -d ins.example.net

Admin interface

console print

IMPORTANT NOTES:

The following errors were reported by the server:

Domain: www.example.net
Type: unauthorized
Detail: Invalid response from
http://www.example.net/.well-known/acme-challenge/j7IoGk-28pxqO1Jwj7NX2ILcaBRg_VHsP4X5t3invMM:
"
<title>Page not"
Domain: ins.doask.net
Type: unauthorized
Detail: Invalid response from
http://ins.example.net/.well-known/acme-challenge/wbey1tDSg1K09qsfLYLTIhLuE09jqlC_qmJkY6vfx5w:
"
<title>Page not"
Domain: doask.net
Type: unauthorized
Detail: Invalid response from
http://example.net/.well-known/acme-challenge/KYgmodeitfS769zHRLy018JfFYw5e2i07qGMm9dwBUY:
"
<title>Page not"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.

Answer 1 · 2017-04-19T00:26:43.000Z

It looks like you did not configure your urls.py correctly, since your object is missing a link in the admin site. Please configure your urls.py correctly for the root of your project as detailed in the README, step 3.

Answer 2 · 2017-04-19T07:44:47.000Z

I've configured the url pattern there. Check the screenshot here. Updated something new. Once configured request and reponse in admin interface , I could get the response by domain.net/well-known/acme-challenge/kXQ3wo6dqpRUKIZV7PCn6-9ZikEIoaaL42HA2q2wO94

When all finished, same command above runs again, the same error happened.

project
#blog.urls
urlpatterns = [
url(r'^admin/', admin.site.urls),
url(r'^', include('posts.url', namespace='posts')),
]

app
#post.url
urlpatterns = [
url(r'^$', home, name='down'),
url(r'^api/$', down, name='api'),
url(r'^p/(?P[-\w]+)/$', get_data_by_post, name='slug'),
url(r'^.well-known/', include('letsencrypt.urls')),
]

Answer 3 · 2017-04-19T19:07:22.000Z

You should probably have the .well-known include in your blog.urls and not your post.urls.

I recommend you also take a moment and review the example_project which demos a basic Django app using this project.

You should also take a moment and review the URL dispatcher for the Django project. You can see the app in your admin panel, you demonstrated in your own photo that you could reach .well-known and at this point it seems you are struggling with Django basics.

Answer 4 · 2017-04-19T19:12:29.000Z

Here's the urls.py file from the example_project:

https://github.com/urda/django-letsencrypt/blob/v2.0.0/example_project/example_project/urls.py

Answer 5 · 2017-04-20T07:06:28.000Z

The same error, didn't work yet. Nginx and letsencrypt runs in the host , and Django(1.9) app runs in a docker container.

root@i-atbxncfv:~# sudo letsencrypt certonly -a webroot --webroot-path=/var/www/html -d example.net -d www.example.net -d ins.example.net
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for example.net
http-01 challenge for www.example.net
http-01 challenge for ins.example.net
Using the webroot path /var/www/html for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. example.net (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://example.net/.well-known/acme-challenge/oAPXbQjSnDxRyiilXZK9Npz0esalPBFeHcHxw8AfjhI: "
<!DOCTYPE html>
<html lang="en">
<head>
  <meta http-equiv="content-type" content="text/html; charset=utf-8">
  <title>Page not", ins.example.net (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://ins.example.net/.well-known/acme-challenge/UWDr5lmIxHSKVF8cM0GzZEH4OGAlmhYNAs5_WqEJy5s: "
<!DOCTYPE html>
<html lang="en">
<head>
  <meta http-equiv="content-type" content="text/html; charset=utf-8">
  <title>Page not", www.example.net (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.example.net/.well-known/acme-challenge/Lob9-QouaEQfxwEsBIe8mj58_RRKyKKO8s6hGklktAQ: "
<!DOCTYPE html>
<html lang="en">
<head>
  <meta http-equiv="content-type" content="text/html; charset=utf-8">
  <title>Page not"

cat /var/log/letsencrypt/letsencrypt.log

root@i-atbxncfv:~# cat /var/log/letsencrypt/letsencrypt.log
2017-04-20 06:44:16,814:DEBUG:certbot.main:Root logging level set at 20
2017-04-20 06:44:16,815:INFO:certbot.main:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2017-04-20 06:44:16,816:DEBUG:certbot.main:certbot version: 0.11.1
2017-04-20 06:44:16,816:DEBUG:certbot.main:Arguments: ['-a', 'webroot', '--webroot-path=/var/www/html', '-d', 'example.net', '-d', 'www.example.net', '-d', 'ins.example.net']
2017-04-20 06:44:16,816:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
2017-04-20 06:44:16,817:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2017-04-20 06:44:16,817:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0x7f9d313f3b50>
Prep: True
2017-04-20 06:44:16,818:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7f9d313f3b50> and installer None
2017-04-20 06:44:16,834:DEBUG:certbot.main:Picked account: <Account(0c527007866c82522dc155bee1beecde)>
2017-04-20 06:44:16,835:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/directory.
2017-04-20 06:44:16,861:DEBUG:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2017-04-20 06:44:17,213:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 352
2017-04-20 06:44:17,214:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 352
Boulder-Request-Id: Z2ZdDnXGYNUThj9m6VgqYvRNZNUAaCcLs_rRozp_rsM
Replay-Nonce: x-VocLuOqki6tF7dfDriiCGABEonFVyGq5dmKtzrd0I
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Thu, 20 Apr 2017 06:44:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 20 Apr 2017 06:44:17 GMT
Connection: keep-alive

{
  "key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change",
  "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",
  "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",
  "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",
  "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"
}
2017-04-20 06:44:17,216:INFO:certbot.main:Obtaining a new certificate
2017-04-20 06:44:17,217:DEBUG:root:Requesting fresh nonce
2017-04-20 06:44:17,217:DEBUG:root:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz.
2017-04-20 06:44:17,440:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "HEAD /acme/new-authz HTTP/1.1" 405 0
2017-04-20 06:44:17,441:DEBUG:acme.client:Received response:
HTTP 405
Server: nginx
Content-Type: application/problem+json
Content-Length: 91
Allow: POST
Boulder-Request-Id: bgipKxHFJm7rNL9xXkl52Eb4U9RkOGbdzZtYfBaTTZM
Replay-Nonce: B_j3IyuNw5XMPza5REiDdqkQd1a3rwPFNnxdH5jHylU
Expires: Thu, 20 Apr 2017 06:44:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 20 Apr 2017 06:44:17 GMT
Connection: keep-alive


2017-04-20 06:44:17,441:DEBUG:acme.client:Storing nonce: B_j3IyuNw5XMPza5REiDdqkQd1a3rwPFNnxdH5jHylU
2017-04-20 06:44:17,441:DEBUG:acme.client:JWS payload:
{
  "identifier": {
    "type": "dns", 
    "value": "example.net"
  }, 
  "resource": "new-authz"
}
2017-04-20 06:44:17,447:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz:
{
  "header": {
    "alg": "RS256", 
    "jwk": {
      "e": "AQAB", 
      "kty": "RSA", 
      "n": "v-X_twiKYSdADNMEKX88sMtlyf93kXpg5lOSgrF6LgML_bLN4BXBH2iVfKJB1XM85YXbAeIL-18c3hjz3afVzuWgzp8iGcPqF-X8hEmMfast3eTqCclv1ivGqH0r09ypbGbPaTby4WBeKdyttAph-kPbSGRGj5npsbt32teQsWh5mAzXum2hf4bfg4dQd0Qw8_V6Fd6zJFhgbiezGUo5XA7AAgVbomEM5YwWEDLAlxx7pp1-Ztz7w7L7HoRDDbhEmVi6ItA2sqmlBdZaVM8c2wbDr5TpwgNyGeW_3XEibEQIsNyeXVK_Xy4a6dC6-OVEng1BSrcwVBTAwTlvLE-aMw"
    }
  }, 
  "protected": "eyJub25jZSI6ICJCX2ozSXl1Tnc1WE1QemE1UkVpRGRxa1FkMWEzcndQRk5ueGRINWpIeWxVIn0", 
  "payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAiZG9hc2submV0IgogIH0sIAogICJyZXNvdXJjZSI6ICJuZXctYXV0aHoiCn0", 
  "signature": "NfDF5B5H9iI7fSNlROji5nbXucCsrpPsSEJjBumCecDiPOFiR7lOzI9TIByghL10AZXYgF0GNvIc3Oo7A7CaI8UZPYWc7qnd22PNymdrvedHkpkFKuM7poo0I_2wZsC0oGnVrbnw40iBzMOxvazo4wV_zFjfYedktI65jn9Yk3TONeDp2QLBX4g3l0NrngBoYHT23m5KDC-TTQlCFlGyBpfP2Gm-r0C30z3nuc5LdSipowiX4K7PepMeeh64cFLOBK2zN4I8IiA9lz1hjPJGiLo6uJ9Dc-eUqAtuXBEu2KIhVHnnfCjCxx6ionBudonD0-llYAIUz42LTM0WPmD2_Q"
}
2017-04-20 06:44:17,704:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 997
2017-04-20 06:44:17,705:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 997
Boulder-Request-Id: lqetishi1IXm0PGK9B7_Q8_eFwSZZ20OHQERsEzyQTc
Boulder-Requester: 12807713
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Location: https://acme-v01.api.letsencrypt.org/acme/authz/EoSjgswFfS4qAebcU-j0VF2T-wrMfWmKhBnKO2SpOdo
Replay-Nonce: EflDV9cfxxcG3o4IrTM4ryAf5gcZEl4Vysfhd_otrMA
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Thu, 20 Apr 2017 06:44:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 20 Apr 2017 06:44:17 GMT
Connection: keep-alive

{
  "identifier": {
    "type": "dns",
    "value": "example.net"
  },
  "status": "pending",
  "expires": "2017-04-27T06:44:17.597102967Z",
  "challenges": [
    {
      "type": "dns-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/EoSjgswFfS4qAebcU-j0VF2T-wrMfWmKhBnKO2SpOdo/1054463761",
      "token": "BG6WXnBqp8Z5bH0iqDP--hoJ9dNNAR-pWB64ya3GMJ8"
    },
    {
      "type": "tls-sni-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/EoSjgswFfS4qAebcU-j0VF2T-wrMfWmKhBnKO2SpOdo/1054463762",
      "token": "Y9ntBouSqDvPgUZ5bDDvMu8jL9TwiEzLygJuQMv9_bc"
    },
    {
      "type": "http-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/EoSjgswFfS4qAebcU-j0VF2T-wrMfWmKhBnKO2SpOdo/1054463763",
      "token": "oAPXbQjSnDxRyiilXZK9Npz0esalPBFeHcHxw8AfjhI"
    }
  ],
  "combinations": [
    [
      0
    ],
    [
      1
    ],
    [
      2
    ]
  ]
}
2017-04-20 06:44:17,705:DEBUG:acme.client:Storing nonce: EflDV9cfxxcG3o4IrTM4ryAf5gcZEl4Vysfhd_otrMA
2017-04-20 06:44:17,706:DEBUG:acme.client:JWS payload:
{
  "identifier": {
    "type": "dns", 
    "value": "www.exmaple.net"
  }, 
  "resource": "new-authz"
}
2017-04-20 06:44:17,709:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz:
{
  "header": {
    "alg": "RS256", 
    "jwk": {
      "e": "AQAB", 
      "kty": "RSA", 
      "n": "v-X_twiKYSdADNMEKX88sMtlyf93kXpg5lOSgrF6LgML_bLN4BXBH2iVfKJB1XM85YXbAeIL-18c3hjz3afVzuWgzp8iGcPqF-X8hEmMfast3eTqCclv1ivGqH0r09ypbGbPaTby4WBeKdyttAph-kPbSGRGj5npsbt32teQsWh5mAzXum2hf4bfg4dQd0Qw8_V6Fd6zJFhgbiezGUo5XA7AAgVbomEM5YwWEDLAlxx7pp1-Ztz7w7L7HoRDDbhEmVi6ItA2sqmlBdZaVM8c2wbDr5TpwgNyGeW_3XEibEQIsNyeXVK_Xy4a6dC6-OVEng1BSrcwVBTAwTlvLE-aMw"
    }
  }, 
  "protected": "eyJub25jZSI6ICJFZmxEVjljZnh4Y0czbzRJclRNNHJ5QWY1Z2NaRWw0VnlzZmhkX290ck1BIn0", 
  "payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAid3d3LmRvYXNrLm5ldCIKICB9LCAKICAicmVzb3VyY2UiOiAibmV3LWF1dGh6Igp9", 
  "signature": "tWIPyQZVGVK_fenFhC6xIuzxISwX8IP_hFfP3FRWfSNJBzbUkpyhqZE3Pn1B6Xcb5pzObE-0pzIsMok58FZiZefoAEIkBAJJvZqY5A1FMX5MIDrn-JmT9qAF8Xh-jzFRil1zlRqhJKaitcuhnSScUAzAafwYwgRkSMdv2rIWc5B9FJwvqo9ampxI-LR4lD81HetoBh-luqFWik8ClY9ZcJ5v6xu-D-0phKTXRduN1QKqvzc42u9dbNm2QqKA9jzf6_dlKkAGEoFhzAloRJhTHfZQocVl6RaobPS17TVDK6WuH4jEY3ChKGdOysKB6x07cKDZ9IUsTTwDUamNmH4tnA"
}
2017-04-20 06:44:17,970:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 1001
2017-04-20 06:44:17,972:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 1001
Boulder-Request-Id: L58UO_ifGSzgIS6gtr7HYn4YfdL-TI3T8FAggCLoAeA
Boulder-Requester: 12807713
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Location: https://acme-v01.api.letsencrypt.org/acme/authz/F2KgmLzjtGsuJgjaheWw52DpNNGc5dF3c_wmMdkXi7I
Replay-Nonce: ZjBILji-LWqAkqxYaN5EYZSEmQrcUzY4uH6lM7eQP-M
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Thu, 20 Apr 2017 06:44:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 20 Apr 2017 06:44:17 GMT
Connection: keep-alive

{
  "identifier": {
    "type": "dns",
    "value": "www.example.net"
  },
  "status": "pending",
  "expires": "2017-04-27T06:44:17.857763916Z",
  "challenges": [
    {
      "type": "tls-sni-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/F2KgmLzjtGsuJgjaheWw52DpNNGc5dF3c_wmMdkXi7I/1054463782",
      "token": "1Ad2p3YthtP6uRu99CRGHw860jkruyyM82JMFlQLmhg"
    },
    {
      "type": "http-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/F2KgmLzjtGsuJgjaheWw52DpNNGc5dF3c_wmMdkXi7I/1054463783",
      "token": "Lob9-QouaEQfxwEsBIe8mj58_RRKyKKO8s6hGklktAQ"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/F2KgmLzjtGsuJgjaheWw52DpNNGc5dF3c_wmMdkXi7I/1054463784",
      "token": "O_aIBHk4aSAtylowChf_53-CZuqMHiBiX2p22q3cqJQ"
    }
  ],
  "combinations": [
    [
      1
    ],
    [
      2
    ],
    [
      0
    ]
  ]
}
2017-04-20 06:44:17,972:DEBUG:acme.client:Storing nonce: ZjBILji-LWqAkqxYaN5EYZSEmQrcUzY4uH6lM7eQP-M
2017-04-20 06:44:17,977:DEBUG:acme.client:JWS payload:
{
  "identifier": {
    "type": "dns", 
    "value": "ins.example.net"
  }, 
  "resource": "new-authz"
}
2017-04-20 06:44:17,982:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz:
{
  "header": {
    "alg": "RS256", 
    "jwk": {
      "e": "AQAB", 
      "kty": "RSA", 
      "n": "v-X_twiKYSdADNMEKX88sMtlyf93kXpg5lOSgrF6LgML_bLN4BXBH2iVfKJB1XM85YXbAeIL-18c3hjz3afVzuWgzp8iGcPqF-X8hEmMfast3eTqCclv1ivGqH0r09ypbGbPaTby4WBeKdyttAph-kPbSGRGj5npsbt32teQsWh5mAzXum2hf4bfg4dQd0Qw8_V6Fd6zJFhgbiezGUo5XA7AAgVbomEM5YwWEDLAlxx7pp1-Ztz7w7L7HoRDDbhEmVi6ItA2sqmlBdZaVM8c2wbDr5TpwgNyGeW_3XEibEQIsNyeXVK_Xy4a6dC6-OVEng1BSrcwVBTAwTlvLE-aMw"
    }
  }, 
  "protected": "eyJub25jZSI6ICJaakJJTGppLUxXcUFrcXhZYU41RVlaU0VtUXJjVXpZNHVINmxNN2VRUC1NIn0", 
  "payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAiaW5zLmRvYXNrLm5ldCIKICB9LCAKICAicmVzb3VyY2UiOiAibmV3LWF1dGh6Igp9", 
  "signature": "r62Rfr5OadfxNwkGPtJ2yQXBo3aMBq0BTDpEgQ1EM8VrykvuQq9nTFGq7sDM2nMev4rOIOXOm1yKhWBEpf9kl77TKNH8L23l2fYJcpQE0W42XdWE58m7W3mTf5VESYtqFyL-Zba6WbHpwodcpQV91oNh2Jf6WmPNewA2OcJmTCLYI60D7ME367LcRefH2isBr5uLnvAAvZDXOPvULkNUxgIJ8aLoD7VH88J1VVvr7gV3BM8pKEW3CPyouPkkFuk4wk4_xVyYXb08R6QlLV5kPXaeUKiMYEaqKh3W8e5-CWMZpzSBFpYMD-a-4ZHCk7WxHL7QafEAE4XaG9NePgsnvg"
}
2017-04-20 06:44:18,244:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 1001
2017-04-20 06:44:18,245:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 1001
Boulder-Request-Id: 2sYMmEr--i6Fx7W8AIdoI-biG_FRzavF7ycmZ0kPSXY
Boulder-Requester: 12807713
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Location: https://acme-v01.api.letsencrypt.org/acme/authz/5_uCIGu588tTAkvmDxudcUEnfNPzMuG4GjWH2UIsiQ0
Replay-Nonce: 1JO2wDPhrU9jsUIUJRRuk_mAI1nEalYzejP9BaPXJNg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Thu, 20 Apr 2017 06:44:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 20 Apr 2017 06:44:18 GMT
Connection: keep-alive

{
  "identifier": {
    "type": "dns",
    "value": "ins.example.net"
  },
  "status": "pending",
  "expires": "2017-04-27T06:44:18.127997678Z",
  "challenges": [
    {
      "type": "dns-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/5_uCIGu588tTAkvmDxudcUEnfNPzMuG4GjWH2UIsiQ0/1054463797",
      "token": "T6qSYum4tivq2pj5KRYyJ2UmmYRs0VYb6RPDXc3fxRY"
    },
    {
      "type": "http-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/5_uCIGu588tTAkvmDxudcUEnfNPzMuG4GjWH2UIsiQ0/1054463798",
      "token": "UWDr5lmIxHSKVF8cM0GzZEH4OGAlmhYNAs5_WqEJy5s"
    },
    {
      "type": "tls-sni-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/5_uCIGu588tTAkvmDxudcUEnfNPzMuG4GjWH2UIsiQ0/1054463799",
      "token": "Rxifl4MzhUQOnL8TydV0rUE5tOkehTjYjbtvGKiIIVU"
    }
  ],
  "combinations": [
    [
      1
    ],
    [
      0
    ],
    [
      2
    ]
  ]
}
2017-04-20 06:44:18,246:DEBUG:acme.client:Storing nonce: 1JO2wDPhrU9jsUIUJRRuk_mAI1nEalYzejP9BaPXJNg
2017-04-20 06:44:18,246:INFO:certbot.auth_handler:Performing the following challenges:
2017-04-20 06:44:18,247:INFO:certbot.auth_handler:http-01 challenge for example.net
2017-04-20 06:44:18,247:INFO:certbot.auth_handler:http-01 challenge for www.example.net
2017-04-20 06:44:18,248:INFO:certbot.auth_handler:http-01 challenge for ins.example.net
2017-04-20 06:44:18,248:INFO:certbot.plugins.webroot:Using the webroot path /var/www/html for all unmatched domains.
2017-04-20 06:44:18,248:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /var/www/html/.well-known/acme-challenge
2017-04-20 06:44:18,249:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /var/www/html/.well-known/acme-challenge
2017-04-20 06:44:18,249:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /var/www/html/.well-known/acme-challenge
2017-04-20 06:44:18,254:DEBUG:certbot.plugins.webroot:Attempting to save validation to /var/www/html/.well-known/acme-challenge/oAPXbQjSnDxRyiilXZK9Npz0esalPBFeHcHxw8AfjhI
2017-04-20 06:44:18,259:DEBUG:certbot.plugins.webroot:Attempting to save validation to /var/www/html/.well-known/acme-challenge/Lob9-QouaEQfxwEsBIe8mj58_RRKyKKO8s6hGklktAQ
2017-04-20 06:44:18,263:DEBUG:certbot.plugins.webroot:Attempting to save validation to /var/www/html/.well-known/acme-challenge/UWDr5lmIxHSKVF8cM0GzZEH4OGAlmhYNAs5_WqEJy5s
2017-04-20 06:44:18,263:INFO:certbot.auth_handler:Waiting for verification...
2017-04-20 06:44:18,264:DEBUG:acme.client:JWS payload:
{
  "keyAuthorization": "oAPXbQjSnDxRyiilXZK9Npz0esalPBFeHcHxw8AfjhI.F0H1fNAvgXLWA771dfhtyUNfbdQaJuWl20Y5dmsyIRc", 
  "type": "http-01", 
  "resource": "challenge"
}
2017-04-20 06:44:18,267:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/EoSjgswFfS4qAebcU-j0VF2T-wrMfWmKhBnKO2SpOdo/1054463763:
{
  "header": {
    "alg": "RS256", 
    "jwk": {
      "e": "AQAB", 
      "kty": "RSA", 
      "n": "v-X_twiKYSdADNMEKX88sMtlyf93kXpg5lOSgrF6LgML_bLN4BXBH2iVfKJB1XM85YXbAeIL-18c3hjz3afVzuWgzp8iGcPqF-X8hEmMfast3eTqCclv1ivGqH0r09ypbGbPaTby4WBeKdyttAph-kPbSGRGj5npsbt32teQsWh5mAzXum2hf4bfg4dQd0Qw8_V6Fd6zJFhgbiezGUo5XA7AAgVbomEM5YwWEDLAlxx7pp1-Ztz7w7L7HoRDDbhEmVi6ItA2sqmlBdZaVM8c2wbDr5TpwgNyGeW_3XEibEQIsNyeXVK_Xy4a6dC6-OVEng1BSrcwVBTAwTlvLE-aMw"
    }
  }, 
  "protected": "eyJub25jZSI6ICIxSk8yd0RQaHJVOWpzVUlVSlJSdWtfbUFJMW5FYWxZemVqUDlCYVBYSk5nIn0", 
  "payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogIm9BUFhiUWpTbkR4UnlpaWxYWks5TnB6MGVzYWxQQkZlSGNIeHc4QWZqaEkuRjBIMWZOQXZnWExXQTc3MWRmaHR5VU5mYmRRYUp1V2wyMFk1ZG1zeUlSYyIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9", 
  "signature": "Z8TTcK-YDjBTS3SXPDjw1cm3Zi7bh30qP2HVKVe-47ZssEUFm8IUfVdRxSRyuRBR0cV6PvIeBeN8oBezuHQSfJuOAY_Bzm7xlD3IZ799SelMZ8Y7O2h6lzEUjn0m-Eqfpt23kOgXHejCx4DNHwgUF6mBGo3MKriu4eo2o38Okg12QDL85t41JysSrT4gHtS4BO4U4XU4KRNMvZFRGQsAkXg7FIWrEy0KKYb03WCs0zFetaxAFVxdmKMZBNt2Dn3aahfAZVK1CSCr9BksxGCkreZO-FTUsNRLThPJ_AS3xTqNP6yzVpd0b_Z3hwGNuetXdReXt-yvpwCUoZ2bJdkAHA"
}
2017-04-20 06:44:18,516:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/challenge/EoSjgswFfS4qAebcU-j0VF2T-wrMfWmKhBnKO2SpOdo/1054463763 HTTP/1.1" 202 336
2017-04-20 06:44:18,518:DEBUG:acme.client:Received response:
HTTP 202
Server: nginx
Content-Type: application/json
Content-Length: 336
Boulder-Request-Id: 8qfO0Fz_Rt0Ar1kMco4bLTksgYjaP-qgtP0g7v2Syhc
Boulder-Requester: 12807713
Link: <https://acme-v01.api.letsencrypt.org/acme/authz/EoSjgswFfS4qAebcU-j0VF2T-wrMfWmKhBnKO2SpOdo>;rel="up"
Location: https://acme-v01.api.letsencrypt.org/acme/challenge/EoSjgswFfS4qAebcU-j0VF2T-wrMfWmKhBnKO2SpOdo/1054463763
Replay-Nonce: Ucx11m_RGdOS4RXkavj8Smj2oRf0vWZ03zrHjkdz2Yo
Expires: Thu, 20 Apr 2017 06:44:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 20 Apr 2017 06:44:18 GMT
Connection: keep-alive

{
  "type": "http-01",
  "status": "pending",
  "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/EoSjgswFfS4qAebcU-j0VF2T-wrMfWmKhBnKO2SpOdo/1054463763",
  "token": "oAPXbQjSnDxRyiilXZK9Npz0esalPBFeHcHxw8AfjhI",
  "keyAuthorization": "oAPXbQjSnDxRyiilXZK9Npz0esalPBFeHcHxw8AfjhI.F0H1fNAvgXLWA771dfhtyUNfbdQaJuWl20Y5dmsyIRc"
}
2017-04-20 06:44:18,518:DEBUG:acme.client:Storing nonce: Ucx11m_RGdOS4RXkavj8Smj2oRf0vWZ03zrHjkdz2Yo
2017-04-20 06:44:18,519:DEBUG:acme.client:JWS payload:
{
  "keyAuthorization": "Lob9-QouaEQfxwEsBIe8mj58_RRKyKKO8s6hGklktAQ.F0H1fNAvgXLWA771dfhtyUNfbdQaJuWl20Y5dmsyIRc", 
  "type": "http-01", 
  "resource": "challenge"
}
2017-04-20 06:44:18,523:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/F2KgmLzjtGsuJgjaheWw52DpNNGc5dF3c_wmMdkXi7I/1054463783:
{
  "header": {
    "alg": "RS256", 
    "jwk": {
      "e": "AQAB", 
      "kty": "RSA", 
      "n": "v-X_twiKYSdADNMEKX88sMtlyf93kXpg5lOSgrF6LgML_bLN4BXBH2iVfKJB1XM85YXbAeIL-18c3hjz3afVzuWgzp8iGcPqF-X8hEmMfast3eTqCclv1ivGqH0r09ypbGbPaTby4WBeKdyttAph-kPbSGRGj5npsbt32teQsWh5mAzXum2hf4bfg4dQd0Qw8_V6Fd6zJFhgbiezGUo5XA7AAgVbomEM5YwWEDLAlxx7pp1-Ztz7w7L7HoRDDbhEmVi6ItA2sqmlBdZaVM8c2wbDr5TpwgNyGeW_3XEibEQIsNyeXVK_Xy4a6dC6-OVEng1BSrcwVBTAwTlvLE-aMw"
    }
  }, 
  "protected": "eyJub25jZSI6ICJVY3gxMW1fUkdkT1M0UlhrYXZqOFNtajJvUmYwdldaMDN6ckhqa2R6MllvIn0", 
  "payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogIkxvYjktUW91YUVRZnh3RXNCSWU4bWo1OF9SUkt5S0tPOHM2aEdrbGt0QVEuRjBIMWZOQXZnWExXQTc3MWRmaHR5VU5mYmRRYUp1V2wyMFk1ZG1zeUlSYyIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9", 
  "signature": "exY3ORmGUf_SymnaNn5tEytdiH0qmKdbNOkAAkiFp5qIbt-goMctteoQFFDU5wYddWDRNy6X4vqu_uR-t6Nse63Fz7FIUG8M_aWmGlaGOokOqi_BzUw_iDm6E6TH841IRqJmXp1Is1KDOiTUlc1W1yJuvEbL9bZf8AAWbFFvtjXe1EW-bHWixEadvqmoxyFQhjFIbFbmFVEjkG1cSdZMLKgc2yHTUDoHLKGLCpy04sHX5oJH0uHUvJEQQwWVRU7S75wyu00lGODfwwPdeOY4yhghHEkTw-Cycs98OR9EFSxNUHWPveWjs_Mod3hVfpzKFfurIq0tTplujoGDXBG9EQ"
}
2017-04-20 06:44:18,791:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/challenge/F2KgmLzjtGsuJgjaheWw52DpNNGc5dF3c_wmMdkXi7I/1054463783 HTTP/1.1" 202 336
2017-04-20 06:44:18,792:DEBUG:acme.client:Received response:
HTTP 202
Server: nginx
Content-Type: application/json
Content-Length: 336
Boulder-Request-Id: 5xujNRyomOZMz5gtyrWyZJdNRVfSbQxZuxtNSSKr1dQ
Boulder-Requester: 12807713
Link: <https://acme-v01.api.letsencrypt.org/acme/authz/F2KgmLzjtGsuJgjaheWw52DpNNGc5dF3c_wmMdkXi7I>;rel="up"
Location: https://acme-v01.api.letsencrypt.org/acme/challenge/F2KgmLzjtGsuJgjaheWw52DpNNGc5dF3c_wmMdkXi7I/1054463783
Replay-Nonce: pu4UT2BqxcyXDG3nW0qL3Zg6z8_877zcvg2qj3yNeXE
Expires: Thu, 20 Apr 2017 06:44:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 20 Apr 2017 06:44:18 GMT
Connection: keep-alive

{
  "type": "http-01",
  "status": "pending",
  "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/F2KgmLzjtGsuJgjaheWw52DpNNGc5dF3c_wmMdkXi7I/1054463783",
  "token": "Lob9-QouaEQfxwEsBIe8mj58_RRKyKKO8s6hGklktAQ",
  "keyAuthorization": "Lob9-QouaEQfxwEsBIe8mj58_RRKyKKO8s6hGklktAQ.F0H1fNAvgXLWA771dfhtyUNfbdQaJuWl20Y5dmsyIRc"
}
2017-04-20 06:44:18,792:DEBUG:acme.client:Storing nonce: pu4UT2BqxcyXDG3nW0qL3Zg6z8_877zcvg2qj3yNeXE
2017-04-20 06:44:18,792:DEBUG:acme.client:JWS payload:
{
  "keyAuthorization": "UWDr5lmIxHSKVF8cM0GzZEH4OGAlmhYNAs5_WqEJy5s.F0H1fNAvgXLWA771dfhtyUNfbdQaJuWl20Y5dmsyIRc", 
  "type": "http-01", 
  "resource": "challenge"
}
2017-04-20 06:44:18,796:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/5_uCIGu588tTAkvmDxudcUEnfNPzMuG4GjWH2UIsiQ0/1054463798:
{
  "header": {
    "alg": "RS256", 
    "jwk": {
      "e": "AQAB", 
      "kty": "RSA", 
      "n": "v-X_twiKYSdADNMEKX88sMtlyf93kXpg5lOSgrF6LgML_bLN4BXBH2iVfKJB1XM85YXbAeIL-18c3hjz3afVzuWgzp8iGcPqF-X8hEmMfast3eTqCclv1ivGqH0r09ypbGbPaTby4WBeKdyttAph-kPbSGRGj5npsbt32teQsWh5mAzXum2hf4bfg4dQd0Qw8_V6Fd6zJFhgbiezGUo5XA7AAgVbomEM5YwWEDLAlxx7pp1-Ztz7w7L7HoRDDbhEmVi6ItA2sqmlBdZaVM8c2wbDr5TpwgNyGeW_3XEibEQIsNyeXVK_Xy4a6dC6-OVEng1BSrcwVBTAwTlvLE-aMw"
    }
  }, 
  "protected": "eyJub25jZSI6ICJwdTRVVDJCcXhjeVhERzNuVzBxTDNaZzZ6OF84Nzd6Y3ZnMnFqM3lOZVhFIn0", 
  "payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogIlVXRHI1bG1JeEhTS1ZGOGNNMEd6WkVINE9HQWxtaFlOQXM1X1dxRUp5NXMuRjBIMWZOQXZnWExXQTc3MWRmaHR5VU5mYmRRYUp1V2wyMFk1ZG1zeUlSYyIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9", 
  "signature": "eOi4A-vA53EgtGSFFJ4GzpPHB8YQWUGUIO2WFTGzJ2WGw-vYfqerB2jZnPLL9P731A-b_w2nV8_Mvi7fQQk-0bQKO7fQArT6HtcgNMNH6dZPueVcyS6W7zhHpT6DxRNtx9ZeIzc6fLLlCFDzpUHKpMZEgEUqhY8xasvsiINJ3dmPoqpv_NQJcjSVt5HZ3uB5-JRVsGtzhdXIa1b-HYpY7ks2OTu7AU9ndEWZmQMAnoOMxuhqZE-5mOcsduhB6QrvEnG0dBy3XmMm7JOwZE_8tgxuxCDbvk_NtdglrS8i_vUOWpZmxO40Mgetf_D01zA9oKkFulQrYsLqyoIGyWhW_Q"
}
2017-04-20 06:44:19,090:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/challenge/5_uCIGu588tTAkvmDxudcUEnfNPzMuG4GjWH2UIsiQ0/1054463798 HTTP/1.1" 202 336
2017-04-20 06:44:19,091:DEBUG:acme.client:Received response:
HTTP 202
Server: nginx
Content-Type: application/json
Content-Length: 336
Boulder-Request-Id: i2fGCmzNu6bK2rW_tIAG1m0yTPvt_zScLB8dyF1vV3s
Boulder-Requester: 12807713
Link: <https://acme-v01.api.letsencrypt.org/acme/authz/5_uCIGu588tTAkvmDxudcUEnfNPzMuG4GjWH2UIsiQ0>;rel="up"
Location: https://acme-v01.api.letsencrypt.org/acme/challenge/5_uCIGu588tTAkvmDxudcUEnfNPzMuG4GjWH2UIsiQ0/1054463798
Replay-Nonce: hXBzTphMrgAaYlx6tVW2I-0d3jTPcPB7UralGBArhL4
Expires: Thu, 20 Apr 2017 06:44:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 20 Apr 2017 06:44:19 GMT
Connection: keep-alive

{
  "type": "http-01",
  "status": "pending",
  "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/5_uCIGu588tTAkvmDxudcUEnfNPzMuG4GjWH2UIsiQ0/1054463798",
  "token": "UWDr5lmIxHSKVF8cM0GzZEH4OGAlmhYNAs5_WqEJy5s",
  "keyAuthorization": "UWDr5lmIxHSKVF8cM0GzZEH4OGAlmhYNAs5_WqEJy5s.F0H1fNAvgXLWA771dfhtyUNfbdQaJuWl20Y5dmsyIRc"
}
2017-04-20 06:44:19,092:DEBUG:acme.client:Storing nonce: hXBzTphMrgAaYlx6tVW2I-0d3jTPcPB7UralGBArhL4
2017-04-20 06:44:22,095:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/EoSjgswFfS4qAebcU-j0VF2T-wrMfWmKhBnKO2SpOdo.
2017-04-20 06:44:22,332:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /acme/authz/EoSjgswFfS4qAebcU-j0VF2T-wrMfWmKhBnKO2SpOdo HTTP/1.1" 200 1864
2017-04-20 06:44:22,335:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1864
Boulder-Request-Id: htNmgc9TVRaKa2bYV5oYRSAdQQvZxuTz2t9LYSEQRGE
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Replay-Nonce: PMA2nEHbV9vOjkiRsJ6b2NafG2Q-iWpxSimpeI4i24A
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Thu, 20 Apr 2017 06:44:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 20 Apr 2017 06:44:22 GMT
Connection: keep-alive

{
  "identifier": {
    "type": "dns",
    "value": "example.net"
  },
  "status": "invalid",
  "expires": "2017-04-27T06:44:17Z",
  "challenges": [
    {
      "type": "dns-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/EoSjgswFfS4qAebcU-j0VF2T-wrMfWmKhBnKO2SpOdo/1054463761",
      "token": "BG6WXnBqp8Z5bH0iqDP--hoJ9dNNAR-pWB64ya3GMJ8"
    },
    {
      "type": "tls-sni-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/EoSjgswFfS4qAebcU-j0VF2T-wrMfWmKhBnKO2SpOdo/1054463762",
      "token": "Y9ntBouSqDvPgUZ5bDDvMu8jL9TwiEzLygJuQMv9_bc"
    },
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:acme:error:unauthorized",
        "detail": "Invalid response from http://exmaple.net/.well-known/acme-challenge/oAPXbQjSnDxRyiilXZK9Npz0esalPBFeHcHxw8AfjhI: \"\n\u003c!DOCTYPE html\u003e\n\u003chtml lang=\"en\"\u003e\n\u003chead\u003e\n  \u003cmeta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\"\u003e\n  \u003ctitle\u003ePage not\"",
        "status": 403
      },
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/EoSjgswFfS4qAebcU-j0VF2T-wrMfWmKhBnKO2SpOdo/1054463763",
      "token": "oAPXbQjSnDxRyiilXZK9Npz0esalPBFeHcHxw8AfjhI",
      "keyAuthorization": "oAPXbQjSnDxRyiilXZK9Npz0esalPBFeHcHxw8AfjhI.F0H1fNAvgXLWA771dfhtyUNfbdQaJuWl20Y5dmsyIRc",
      "validationRecord": [
        {
          "url": "http://example.net/.well-known/acme-challenge/oAPXbQjSnDxRyiilXZK9Npz0esalPBFeHcHxw8AfjhI",
          "hostname": "example.net",
          "port": "80",
          "addressesResolved": [
            "103.242.64.83"
          ],
          "addressUsed": "103.242.64.83"
        }
      ]
    }
  ],
  "combinations": [
    [
      0
    ],
    [
      1
    ],
    [
      2
    ]
  ]
}
2017-04-20 06:44:22,336:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/5_uCIGu588tTAkvmDxudcUEnfNPzMuG4GjWH2UIsiQ0.
2017-04-20 06:44:22,576:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /acme/authz/5_uCIGu588tTAkvmDxudcUEnfNPzMuG4GjWH2UIsiQ0 HTTP/1.1" 200 1880
2017-04-20 06:44:22,578:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1880
Boulder-Request-Id: zb_5G73N8N0rctGotD2Wi4ZDun3OvbKYYRcDGigcQUM
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Replay-Nonce: TX4wFm4V364UrjKGA9KSDQyR-A9HCp-l5LLxIFVIuK0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Thu, 20 Apr 2017 06:44:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 20 Apr 2017 06:44:22 GMT
Connection: keep-alive

{
  "identifier": {
    "type": "dns",
    "value": "ins.example.net"
  },
  "status": "invalid",
  "expires": "2017-04-27T06:44:18Z",
  "challenges": [
    {
      "type": "dns-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/5_uCIGu588tTAkvmDxudcUEnfNPzMuG4GjWH2UIsiQ0/1054463797",
      "token": "T6qSYum4tivq2pj5KRYyJ2UmmYRs0VYb6RPDXc3fxRY"
    },
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:acme:error:unauthorized",
        "detail": "Invalid response from http://ins.example.net/.well-known/acme-challenge/UWDr5lmIxHSKVF8cM0GzZEH4OGAlmhYNAs5_WqEJy5s: \"\n\u003c!DOCTYPE html\u003e\n\u003chtml lang=\"en\"\u003e\n\u003chead\u003e\n  \u003cmeta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\"\u003e\n  \u003ctitle\u003ePage not\"",
        "status": 403
      },
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/5_uCIGu588tTAkvmDxudcUEnfNPzMuG4GjWH2UIsiQ0/1054463798",
      "token": "UWDr5lmIxHSKVF8cM0GzZEH4OGAlmhYNAs5_WqEJy5s",
      "keyAuthorization": "UWDr5lmIxHSKVF8cM0GzZEH4OGAlmhYNAs5_WqEJy5s.F0H1fNAvgXLWA771dfhtyUNfbdQaJuWl20Y5dmsyIRc",
      "validationRecord": [
        {
          "url": "http://ins.example.net/.well-known/acme-challenge/UWDr5lmIxHSKVF8cM0GzZEH4OGAlmhYNAs5_WqEJy5s",
          "hostname": "ins.example.net",
          "port": "80",
          "addressesResolved": [
            "103.242.64.83"
          ],
          "addressUsed": "103.242.64.83"
        }
      ]
    },
    {
      "type": "tls-sni-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/5_uCIGu588tTAkvmDxudcUEnfNPzMuG4GjWH2UIsiQ0/1054463799",
      "token": "Rxifl4MzhUQOnL8TydV0rUE5tOkehTjYjbtvGKiIIVU"
    }
  ],
  "combinations": [
    [
      1
    ],
    [
      0
    ],
    [
      2
    ]
  ]
}
2017-04-20 06:44:22,579:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/F2KgmLzjtGsuJgjaheWw52DpNNGc5dF3c_wmMdkXi7I.
2017-04-20 06:44:22,816:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /acme/authz/F2KgmLzjtGsuJgjaheWw52DpNNGc5dF3c_wmMdkXi7I HTTP/1.1" 200 1880
2017-04-20 06:44:22,818:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 1880
Boulder-Request-Id: _14Ti0HddQIYOKb32Rgf_VNjuBlUX8vd1rGKrqR7RcM
Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>;rel="next"
Replay-Nonce: 3b51XKRDltDZ71FCV03pmfMvao1-l4QcmLxaPkFTN4U
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Thu, 20 Apr 2017 06:44:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 20 Apr 2017 06:44:22 GMT
Connection: keep-alive

{
  "identifier": {
    "type": "dns",
    "value": "www.example.net"
  },
  "status": "invalid",
  "expires": "2017-04-27T06:44:17Z",
  "challenges": [
    {
      "type": "tls-sni-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/F2KgmLzjtGsuJgjaheWw52DpNNGc5dF3c_wmMdkXi7I/1054463782",
      "token": "1Ad2p3YthtP6uRu99CRGHw860jkruyyM82JMFlQLmhg"
    },
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:acme:error:unauthorized",
        "detail": "Invalid response from http://www.example.net/.well-known/acme-challenge/Lob9-QouaEQfxwEsBIe8mj58_RRKyKKO8s6hGklktAQ: \"\n\u003c!DOCTYPE html\u003e\n\u003chtml lang=\"en\"\u003e\n\u003chead\u003e\n  \u003cmeta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\"\u003e\n  \u003ctitle\u003ePage not\"",
        "status": 403
      },
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/F2KgmLzjtGsuJgjaheWw52DpNNGc5dF3c_wmMdkXi7I/1054463783",
      "token": "Lob9-QouaEQfxwEsBIe8mj58_RRKyKKO8s6hGklktAQ",
      "keyAuthorization": "Lob9-QouaEQfxwEsBIe8mj58_RRKyKKO8s6hGklktAQ.F0H1fNAvgXLWA771dfhtyUNfbdQaJuWl20Y5dmsyIRc",
      "validationRecord": [
        {
          "url": "http://www.example.net/.well-known/acme-challenge/Lob9-QouaEQfxwEsBIe8mj58_RRKyKKO8s6hGklktAQ",
          "hostname": "www.example.net",
          "port": "80",
          "addressesResolved": [
            "103.242.64.83"
          ],
          "addressUsed": "103.242.64.83"
        }
      ]
    },
    {
      "type": "dns-01",
      "status": "pending",
      "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/F2KgmLzjtGsuJgjaheWw52DpNNGc5dF3c_wmMdkXi7I/1054463784",
      "token": "O_aIBHk4aSAtylowChf_53-CZuqMHiBiX2p22q3cqJQ"
    }
  ],
  "combinations": [
    [
      1
    ],
    [
      2
    ],
    [
      0
    ]
  ]
}
2017-04-20 06:44:22,820:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:

Domain: example.net
Type:   unauthorized
Detail: Invalid response from http://example.net/.well-known/acme-challenge/oAPXbQjSnDxRyiilXZK9Npz0esalPBFeHcHxw8AfjhI: "
<!DOCTYPE html>
<html lang="en">
<head>
  <meta http-equiv="content-type" content="text/html; charset=utf-8">
  <title>Page not"

Domain: ins.example.net
Type:   unauthorized
Detail: Invalid response from http://ins.example.net/.well-known/acme-challenge/UWDr5lmIxHSKVF8cM0GzZEH4OGAlmhYNAs5_WqEJy5s: "
<!DOCTYPE html>
<html lang="en">
<head>
  <meta http-equiv="content-type" content="text/html; charset=utf-8">
  <title>Page not"

Domain: www.example.net
Type:   unauthorized
Detail: Invalid response from http://www.example.net/.well-known/acme-challenge/Lob9-QouaEQfxwEsBIe8mj58_RRKyKKO8s6hGklktAQ: "
<!DOCTYPE html>
<html lang="en">
<head>
  <meta http-equiv="content-type" content="text/html; charset=utf-8">
  <title>Page not"

To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address.
2017-04-20 06:44:22,820:INFO:certbot.auth_handler:Cleaning up challenges
2017-04-20 06:44:22,821:DEBUG:certbot.plugins.webroot:Removing /var/www/html/.well-known/acme-challenge/oAPXbQjSnDxRyiilXZK9Npz0esalPBFeHcHxw8AfjhI
2017-04-20 06:44:22,821:DEBUG:certbot.plugins.webroot:Removing /var/www/html/.well-known/acme-challenge/Lob9-QouaEQfxwEsBIe8mj58_RRKyKKO8s6hGklktAQ
2017-04-20 06:44:22,822:DEBUG:certbot.plugins.webroot:Removing /var/www/html/.well-known/acme-challenge/UWDr5lmIxHSKVF8cM0GzZEH4OGAlmhYNAs5_WqEJy5s
2017-04-20 06:44:22,822:DEBUG:certbot.plugins.webroot:All challenges cleaned up, removing /var/www/html/.well-known/acme-challenge
2017-04-20 06:44:22,832:DEBUG:certbot.main:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/bin/letsencrypt", line 11, in <module>
    load_entry_point('certbot==0.11.1', 'console_scripts', 'certbot')()
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 882, in main
    return config.func(config, plugins)
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 659, in obtain_cert
    action, _ = _auth_from_available(le_client, config, domains, certname, lineage)
  File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 108, in _auth_from_available
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
  File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 294, in obtain_and_enroll_certificate
    certr, chain, key, _ = self.obtain_certificate(domains)
  File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 265, in obtain_certificate
    self.config.allow_subset_of_names)
  File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 77, in get_authorizations
    self._respond(resp, best_effort)
  File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 134, in _respond
    self._poll_challenges(chall_update, best_effort)
  File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 198, in _poll_challenges
    raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. exmaple.net (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://example.net/.well-known/acme-challenge/oAPXbQjSnDxRyiilXZK9Npz0esalPBFeHcHxw8AfjhI: "
<!DOCTYPE html>
<html lang="en">
<head>
  <meta http-equiv="content-type" content="text/html; charset=utf-8">
  <title>Page not", ins.example.net (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://ins.example.net/.well-known/acme-challenge/UWDr5lmIxHSKVF8cM0GzZEH4OGAlmhYNAs5_WqEJy5s: "
<!DOCTYPE html>
<html lang="en">
<head>
  <meta http-equiv="content-type" content="text/html; charset=utf-8">
  <title>Page not", www.example.net (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.example.net/.well-known/acme-challenge/Lob9-QouaEQfxwEsBIe8mj58_RRKyKKO8s6hGklktAQ: "
<!DOCTYPE html>
<html lang="en">
<head>
  <meta http-equiv="content-type" content="text/html; charset=utf-8">
  <title>Page not"

Answer 6 · 2017-04-20T07:47:58.000Z

I do hope you're not seriously using example.net or other example domains. You'll never have proper validation that way.

Second, you gave me certbot logs, which has nothing to do with this project.

Before continuing:

Review the example app. When you run the example app it will offer links on a simple Django home page demonstrating ACME challenge objects.
Attempt a basic curl or wget to your ACME response. Seriously, without certbot and use the link that the admin panel offers you.
If you don't see your ACME response then you didn't configure your Django correctly. If you do see your ACME response, the project has carried out it's task and can go no further.

I cannot diagnose your nginx, docker, or other related tools.

Further, unrelated log files (such as nginx and certbot) being dumped to this issue does us no good. I'll have to lock this thread due to some serious misunderstanding of your own project if you cannot demonstrate clear reproduction steps.

Answer 7 · 2017-04-20T07:50:11.000Z

I may also suggest you review this blog post where another user details how they installed this library for ACME challenges: https://www.petercuret.com/how-ssl-encrypt-your-django-heroku-projects-free-lets-encrypt/

Answer 8 · 2017-04-20T08:01:59.000Z

I just ran through the example_project README on a clean git clone, and the library worked as expected, I suggest you review that and make sure you have your understanding of Django and this project in order first.

Answer 9 · 2017-04-20T12:12:31.000Z

Great Thanks. The question above solved by this tutorial. But some other question happened not so related with letsencrypt. I will ask it in SO. Thanks again!

Answer 10 · 2017-04-20T18:15:12.000Z

Great! Glad you got it working finally. I'll be looking into improving documentation, or the example_project to make things even clearer if possible. As well as building in project diagnostics into the library.