{"id":765,"date":"2019-01-20T22:10:53","date_gmt":"2019-01-20T21:10:53","guid":{"rendered":"https:\/\/www.yelloworb.com\/orbblog\/?p=765"},"modified":"2019-01-20T22:13:19","modified_gmt":"2019-01-20T21:13:19","slug":"lets-encrypt-auto-renew-only-fails-for-the-server-domain","status":"publish","type":"post","link":"https:\/\/www.yelloworb.com\/orbblog\/lets-encrypt-auto-renew-only-fails-for-the-server-domain\/","title":{"rendered":"Let&#8217;s Encrypt auto renew only fails for the server domain"},"content":{"rendered":"<p>I had a bit of struggle with Let&#8217;s Encrypts certbot today. Somehow it got 403 Forbidden each time it tried to authenticate the domain for my server. All the other website it worked without problem.<\/p>\n<p>I created a simple text file in \/.well-known\/acme-challenge to see if I could access it. Yes it worked externally but then I realized I got 403 Forbidden when I tried to access from the server!<\/p>\n<p>After lots of digging and testing I checked the apache general error.log and saw these lines:<br \/>\n<code class=\"\" data-line=\"\">[Sun Jan 20 21:52:32.754574 2019] [authz_core:error] [pid 2238] [client 2001:4b98:dc2:47:216:3eff:fe9b:cec6] AH01630: client denied by server configuration: \/var\/www\/<\/code><\/p>\n<p>Seeing that IPv6 address gave a clue and soon I found out it was due to that my webserver is not setup to listen to IPv6.<br \/>\n<code class=\"\" data-line=\"\">&lt;virtualhost 185.26.124.99:80 [2001:4b98:dc2:47:216:3eff:fe9b:cec6]:80&gt;<\/code><\/p>\n<p>Adding it to the Virtual host listen config it solved it!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I had a bit of struggle with Let&#8217;s Encrypts certbot today. Somehow it got 403 Forbidden each time it tried to authenticate the domain for my server. All the other website it worked without problem. I created a simple text file in \/.well-known\/acme-challenge to see if I could access it. Yes it worked externally but [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[74],"tags":[],"class_list":["post-765","post","type-post","status-publish","format-standard","hentry","category-server"],"_links":{"self":[{"href":"https:\/\/www.yelloworb.com\/orbblog\/wp-json\/wp\/v2\/posts\/765","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.yelloworb.com\/orbblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.yelloworb.com\/orbblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.yelloworb.com\/orbblog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.yelloworb.com\/orbblog\/wp-json\/wp\/v2\/comments?post=765"}],"version-history":[{"count":4,"href":"https:\/\/www.yelloworb.com\/orbblog\/wp-json\/wp\/v2\/posts\/765\/revisions"}],"predecessor-version":[{"id":769,"href":"https:\/\/www.yelloworb.com\/orbblog\/wp-json\/wp\/v2\/posts\/765\/revisions\/769"}],"wp:attachment":[{"href":"https:\/\/www.yelloworb.com\/orbblog\/wp-json\/wp\/v2\/media?parent=765"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.yelloworb.com\/orbblog\/wp-json\/wp\/v2\/categories?post=765"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.yelloworb.com\/orbblog\/wp-json\/wp\/v2\/tags?post=765"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}