[SAC] [OSGeo] #3001: geotools.org SSL certificate renewal failed (letsencrypt) (was: docs.geotools.org SSL certificate renewal failed (letsencrypt))

OSGeo trac_osgeo at osgeo.org
Mon Oct 16 06:24:11 PDT 2023 

#3001: geotools.org SSL certificate renewal failed (letsencrypt)
---------------------------+----------------------------------------
 Reporter:  strk           |       Owner:  sac@…
     Type:  task           |      Status:  new
 Priority:  normal         |   Milestone:  Sysadmin Contract 2023-II
Component:  Systems Admin  |  Resolution:
 Keywords:                 |
---------------------------+----------------------------------------
Changes (by strk):

 * summary:  docs.geotools.org SSL certificate renewal failed (letsencrypt)
     => geotools.org SSL certificate renewal failed (letsencrypt)


Old description:

> Something wrong was reported upon letsencrypt cert renewal for
> docs.geotools.org (still needed?):
>
> {{{
> Processing /etc/letsencrypt/renewal/docs.geotools.org.conf
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> - - -
> Cert is due for renewal, auto-renewing...
> Non-interactive renewal: random delay of 158 seconds
> Plugins selected: Authenticator apache, Installer apache
> Renewing an existing certificate
> Performing the following challenges:
> http-01 challenge for docs.geotools.org
> Waiting for verification...
> Cleaning up challenges
> Attempting to renew cert (docs.geotools.org) from
> /etc/letsencrypt/renewal/docs.geotools.org.conf produced an unexpected
> error: Failed
> authorization procedure. docs.geotools.org (http-01):
> urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient
> authorization :: 140.211.15.6: Invalid response from
> https://docs.geotools.org/.well-known/acme-
> challenge/Xeu03iLu0Mv7QrxIV4lhGrfd0OzfJokvUepDF3CjmUk: 404. Skipping.
> }}}

New description:

 Something wrong was reported upon letsencrypt cert renewal for
 docs.geotools.org and geotools.org (still needed?):

 {{{
  - The following errors were reported by the server:

    Domain: docs.geotools.org
    Type:   unauthorized
    Detail: 140.211.15.6: Invalid response from
    https://docs.geotools.org/.well-known/acme-
 challenge/Xeu03iLu0Mv7QrxIV4lhGrfd0OzfJokvUepDF3CjmUk:
    404

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address.
  - The following errors were reported by the server:

    Domain: www.geotools.org
    Type:   unauthorized
    Detail: 140.211.15.6: Invalid response from
    http://www.geotools.org/.well-known/acme-
 challenge/SBaEF5syGR0AgPBjr3BI7VsiQrXqrXgFWhi10JqWQUo:
    404

    Domain: geotools.org
    Type:   unauthorized
    Detail: 140.211.15.6: Invalid response from
    http://geotools.org/.well-known/acme-
 challenge/DKElh5cEHfZ7ygGm0KStuvz2_3pWnJCdRJ994kyICLQ:
    404

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address.

 }}}

--
-- 
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/3001#comment:1>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.

More information about the Sac mailing list