2018-02-03 17:49:50,246:DEBUG:certbot.main:certbot version: 0.19.0 2018-02-03 17:49:50,246:DEBUG:certbot.main:Arguments: ['--nginx', '-d', 'proj9ct.fr', '-d', 'www.proj9ct.fr', '-d', 'app.proj9ct.fr'] 2018-02-03 17:49:50,246:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2018-02-03 17:49:50,257:DEBUG:certbot.log:Root logging level set at 20 2018-02-03 17:49:50,258:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2018-02-03 17:49:50,258:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2018-02-03 17:49:50,352:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin - Alpha Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: nginx = certbot_nginx.configurator:NginxConfigurator Initialized: Prep: True 2018-02-03 17:49:50,353:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2018-02-03 17:49:50,353:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx 2018-02-03 17:49:50,356:DEBUG:certbot.main:Picked account: )>)), uri=u'https://acme-v01.api.letsencrypt.org/acme/reg/28748088', new_authzr_uri=u'https://acme-v01.api.letsencrypt.org/acme/new-authz', terms_of_service=u'https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'), 77a48d04a7c453e0077f858d27dd06e2, Meta(creation_host=u'ip-172-31-33-185.eu-west-3.compute.internal', creation_dt=datetime.datetime(2018, 2, 3, 9, 4, 43, tzinfo=)))> 2018-02-03 17:49:50,357:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/directory. 2018-02-03 17:49:50,359:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org 2018-02-03 17:49:50,684:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 562 2018-02-03 17:49:50,684:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Content-Type: application/json Content-Length: 562 Replay-Nonce: xMNKwPSEu4-wdGG3jzY1kPUhgZYw8eIfN4nbCjePRS0 X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 Expires: Sat, 03 Feb 2018 17:49:50 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 03 Feb 2018 17:49:50 GMT Connection: keep-alive { "T2IVbsgTRyk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417", "key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change", "meta": { "terms-of-service": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf" }, "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz", "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert", "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg", "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert" } 2018-02-03 17:49:50,685:INFO:certbot.main:Obtaining a new certificate 2018-02-03 17:49:50,685:DEBUG:acme.client:Requesting fresh nonce 2018-02-03 17:49:50,685:DEBUG:acme.client:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz. 2018-02-03 17:49:50,928:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "HEAD /acme/new-authz HTTP/1.1" 405 0 2018-02-03 17:49:50,929:DEBUG:acme.client:Received response: HTTP 405 Server: nginx Content-Type: application/problem+json Content-Length: 91 Allow: POST Replay-Nonce: gnOcd58hm1x2YDeeuKZMM_5sP33CHOzht-1ifOHQjC0 Expires: Sat, 03 Feb 2018 17:49:50 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 03 Feb 2018 17:49:50 GMT Connection: keep-alive 2018-02-03 17:49:50,929:DEBUG:acme.client:Storing nonce: gnOcd58hm1x2YDeeuKZMM_5sP33CHOzht-1ifOHQjC0 2018-02-03 17:49:50,929:DEBUG:acme.client:JWS payload: { "identifier": { "type": "dns", "value": "proj9ct.fr" }, "resource": "new-authz" } 2018-02-03 17:49:50,932:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz: { "protected": "eyJub25jZSI6ICJnbk9jZDU4aG0xeDJZRGVldUtaTU1fNXNQMzNDSE96aHQtMWlmT0hRakMwIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAidFJUQ1BkTkl2ZV9JVElNU2ZJVWxtalVnYWdvU0UwTUFiOXlXRXhxeXdaa29MTkJkVzNhLU9NZnRwcjdqckNwZ3FHM1NkcEk2MnpvRmphYk1rOFM5ZXhsNUlhZm92Y3dWWkhRMDhhdmtyczNLQ1hoZFV1UlVOVjRTNXQyN2owWjA1Tkl2cDJ6TjRTQmdwWUpaRTdYMnJRQkFUVWZiWjFReU5FVnZ2VlpDT2JlZEpMdXlicW9BektMTjdhQXFESWtEbHFjcGVucXV6a3dKZHVOSmxkRXlMRjZkWlNfZE1iV205djRxdnRUNjFWTmMzd0szd1o5TUoxWTZYS1Mxb0F3dU1xSGxOS0RPQTRybWc1NFljOXZkczNFRkRyek9hSmJiTWhNeUxwUTZFRzk3Ri02VTVONjJibXJkTWtuOVFCOU9pQ3lFal9aaDhEVTZCQVoxOHVkSkdRIn19", "payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAicHJvajljdC5mciIKICB9LCAKICAicmVzb3VyY2UiOiAibmV3LWF1dGh6Igp9", "signature": "G8qqafS8UIinW_gKYK9VXJJcLGPVMzpnvhyXZ3U9IrKe2T2Cs8fegJOqSPDXDyrP2sckmJROFAHHjaCtLft1bsmGimD0623hwvgVVNb8SGkftGN2FQiQ0_dXUyJIzt00YCpdknB7cxLogtBxSnOUhl6ftJLVyiC62mTCYFxlpmCYf75NQaiO83ZoSYtilX7Hfhyo0-VxGxktCdK_vpTlMg0IOMBhaK5-jCaV1keLz3bRrBWkwMw726dNjTkzJ9ziKlBlXCRgOr34EBV-GZPzijOYYnJeYsnQ40nHWZibs79HzLlS-Yio4qpBYc4assfyiQ9ws4XVUcwtdRDoYxpV-Q" } 2018-02-03 17:49:51,266:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 715 2018-02-03 17:49:51,266:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Content-Type: application/json Content-Length: 715 Boulder-Requester: 28748088 Link: ;rel="next" Location: https://acme-v01.api.letsencrypt.org/acme/authz/ORys3gdXRWhC70KFMYLeHPgwMmAYpjZOgNb1nGPEqhM Replay-Nonce: -QsmAoU6MVUzS96avrklvwcLcw2d79r5CeJ9-56atyg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 Expires: Sat, 03 Feb 2018 17:49:51 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 03 Feb 2018 17:49:51 GMT Connection: keep-alive { "identifier": { "type": "dns", "value": "proj9ct.fr" }, "status": "pending", "expires": "2018-02-10T16:59:05Z", "challenges": [ { "type": "http-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/ORys3gdXRWhC70KFMYLeHPgwMmAYpjZOgNb1nGPEqhM/3332700232", "token": "_2O-d_W0LDtvSdDwMI2NiMaHQuDD9hpiR1HmWUS7xQU" }, { "type": "dns-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/ORys3gdXRWhC70KFMYLeHPgwMmAYpjZOgNb1nGPEqhM/3332700233", "token": "bz7s5DjRcDzASWWkbR6H2jM44xfFatcLSyLQhGZkVBE" } ], "combinations": [ [ 1 ], [ 0 ] ] } 2018-02-03 17:49:51,266:DEBUG:acme.client:Storing nonce: -QsmAoU6MVUzS96avrklvwcLcw2d79r5CeJ9-56atyg 2018-02-03 17:49:51,267:DEBUG:acme.client:JWS payload: { "identifier": { "type": "dns", "value": "www.proj9ct.fr" }, "resource": "new-authz" } 2018-02-03 17:49:51,269:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz: { "protected": "eyJub25jZSI6ICItUXNtQW9VNk1WVXpTOTZhdnJrbHZ3Y0xjdzJkNzlyNUNlSjktNTZhdHlnIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAidFJUQ1BkTkl2ZV9JVElNU2ZJVWxtalVnYWdvU0UwTUFiOXlXRXhxeXdaa29MTkJkVzNhLU9NZnRwcjdqckNwZ3FHM1NkcEk2MnpvRmphYk1rOFM5ZXhsNUlhZm92Y3dWWkhRMDhhdmtyczNLQ1hoZFV1UlVOVjRTNXQyN2owWjA1Tkl2cDJ6TjRTQmdwWUpaRTdYMnJRQkFUVWZiWjFReU5FVnZ2VlpDT2JlZEpMdXlicW9BektMTjdhQXFESWtEbHFjcGVucXV6a3dKZHVOSmxkRXlMRjZkWlNfZE1iV205djRxdnRUNjFWTmMzd0szd1o5TUoxWTZYS1Mxb0F3dU1xSGxOS0RPQTRybWc1NFljOXZkczNFRkRyek9hSmJiTWhNeUxwUTZFRzk3Ri02VTVONjJibXJkTWtuOVFCOU9pQ3lFal9aaDhEVTZCQVoxOHVkSkdRIn19", "payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAid3d3LnByb2o5Y3QuZnIiCiAgfSwgCiAgInJlc291cmNlIjogIm5ldy1hdXRoeiIKfQ", "signature": "LNdwhKQu04YLCQZC5B13-8LeusY-Xn6PxZ-kR5r4qZDngqJE1cPoGX8Fya96tN2CzXz5JtfFsZdn8yJ8iiPsV4Sv73WdiW_DcHQlmQAY9QkUX271_FBremsLeT1dxaaVsEwqf7v7U1mXs2RjR6ly2-bPg-_hxemSV1rAiTt6Sw3AFRTP77L6XmM6JHg6kaXBko6hHebZpd5GYE7X1AiwNVnQyCjEvkeAnD9Y9tEp7DjHMrCflszSVQlxH0i0YfJ3jnyZrG3m9fnGPV_zjPpjaVP2Vs0UD6kuspv3_e8fARval0vIgs1hXVq5kYAbOnZdbFfsYU8KvRYYDaxiQBT6OQ" } 2018-02-03 17:49:51,542:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 719 2018-02-03 17:49:51,543:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Content-Type: application/json Content-Length: 719 Boulder-Requester: 28748088 Link: ;rel="next" Location: https://acme-v01.api.letsencrypt.org/acme/authz/fAyj195k1Yve98vAQw_xMF7Yv9KRR3--6Y2oo2dpplc Replay-Nonce: inbg69t11ws1bduDNUNCZclv656bHSJ3vSgZFcWcOMg X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 Expires: Sat, 03 Feb 2018 17:49:51 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 03 Feb 2018 17:49:51 GMT Connection: keep-alive { "identifier": { "type": "dns", "value": "www.proj9ct.fr" }, "status": "pending", "expires": "2018-02-10T17:43:38Z", "challenges": [ { "type": "http-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/fAyj195k1Yve98vAQw_xMF7Yv9KRR3--6Y2oo2dpplc/3333026942", "token": "8MvI6jWlt5iMAwH9qtytK7OzntcqYkTcEMjOJT5qyIQ" }, { "type": "dns-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/fAyj195k1Yve98vAQw_xMF7Yv9KRR3--6Y2oo2dpplc/3333026943", "token": "S6X1IcPpdAX-QvwqIQfUXvZG26rJWEKyBihvxDppiu0" } ], "combinations": [ [ 0 ], [ 1 ] ] } 2018-02-03 17:49:51,543:DEBUG:acme.client:Storing nonce: inbg69t11ws1bduDNUNCZclv656bHSJ3vSgZFcWcOMg 2018-02-03 17:49:51,544:DEBUG:acme.client:JWS payload: { "identifier": { "type": "dns", "value": "app.proj9ct.fr" }, "resource": "new-authz" } 2018-02-03 17:49:51,546:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz: { "protected": "eyJub25jZSI6ICJpbmJnNjl0MTF3czFiZHVETlVOQ1pjbHY2NTZiSFNKM3ZTZ1pGY1djT01nIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAidFJUQ1BkTkl2ZV9JVElNU2ZJVWxtalVnYWdvU0UwTUFiOXlXRXhxeXdaa29MTkJkVzNhLU9NZnRwcjdqckNwZ3FHM1NkcEk2MnpvRmphYk1rOFM5ZXhsNUlhZm92Y3dWWkhRMDhhdmtyczNLQ1hoZFV1UlVOVjRTNXQyN2owWjA1Tkl2cDJ6TjRTQmdwWUpaRTdYMnJRQkFUVWZiWjFReU5FVnZ2VlpDT2JlZEpMdXlicW9BektMTjdhQXFESWtEbHFjcGVucXV6a3dKZHVOSmxkRXlMRjZkWlNfZE1iV205djRxdnRUNjFWTmMzd0szd1o5TUoxWTZYS1Mxb0F3dU1xSGxOS0RPQTRybWc1NFljOXZkczNFRkRyek9hSmJiTWhNeUxwUTZFRzk3Ri02VTVONjJibXJkTWtuOVFCOU9pQ3lFal9aaDhEVTZCQVoxOHVkSkdRIn19", "payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAiYXBwLnByb2o5Y3QuZnIiCiAgfSwgCiAgInJlc291cmNlIjogIm5ldy1hdXRoeiIKfQ", "signature": "p_PtglJrFaRew_R_WopRaQmSSiBz5eLTCAhr16kW42OAoRaJLReaUcCybMjkWf-pr56VhFCm0Ut4nPKGBksFbIjWJbMMftnuMG508etJhTMKq-CeuSULePkyobSZ29eNSqYAP_-69PegWdi2_55Are5jvUN0pnJzGUDQyC7y0_S3usuIr9bFs2CSGFMCaG_PeRGVE7fWXZ_-FE7SIePzZqzoq5HfThudFYEprYdvchCC0NoyvZsRQ9Iwk8rzDWW2Ijhf0S1kVKcU3lrAbpnCYHnH9MVwlVnrgDC3ydaUv91eSQ0E1maDPXMns-WnIcFmSWxLIJo0DPZCgPILjX6qBw" } 2018-02-03 17:49:51,840:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 719 2018-02-03 17:49:51,841:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Content-Type: application/json Content-Length: 719 Boulder-Requester: 28748088 Link: ;rel="next" Location: https://acme-v01.api.letsencrypt.org/acme/authz/H01cZgCmkEFehF2kDH9jfr72YJliu0Nc0wSq7occmUs Replay-Nonce: 7puX3pRDZkNupl_5S9R1WoxtTBXHfVLOx4GL9pFqk8k X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 Expires: Sat, 03 Feb 2018 17:49:51 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 03 Feb 2018 17:49:51 GMT Connection: keep-alive { "identifier": { "type": "dns", "value": "app.proj9ct.fr" }, "status": "pending", "expires": "2018-02-10T09:05:45Z", "challenges": [ { "type": "dns-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/H01cZgCmkEFehF2kDH9jfr72YJliu0Nc0wSq7occmUs/3329280850", "token": "oS1DKl_Q2CXoQ6R1hiUhwXJelk3dV0tj5jFlls-BAvo" }, { "type": "http-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/H01cZgCmkEFehF2kDH9jfr72YJliu0Nc0wSq7occmUs/3329280852", "token": "VDxzZVn-MFHSLYskq-slZzjf9uqZv2LnigDPcOwMjo8" } ], "combinations": [ [ 1 ], [ 0 ] ] } 2018-02-03 17:49:51,841:DEBUG:acme.client:Storing nonce: 7puX3pRDZkNupl_5S9R1WoxtTBXHfVLOx4GL9pFqk8k 2018-02-03 17:49:51,841:INFO:certbot.auth_handler:Performing the following challenges: 2018-02-03 17:49:51,842:CRITICAL:certbot.auth_handler:Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. 2018-02-03 17:49:51,842:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.19.0', 'console_scripts', 'certbot')() File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 861, in main return config.func(config, plugins) File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 698, in run certname, lineage) File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 85, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 357, in obtain_and_enroll_certificate certr, chain, key, _ = self.obtain_certificate(domains) File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 318, in obtain_certificate self.config.allow_subset_of_names) File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 68, in get_authorizations self._choose_challenges(domains) File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 103, in _choose_challenges self.authzr[dom].body.combinations) File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 374, in gen_challenge_path return _find_smart_path(challbs, preferences, combinations) File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 411, in _find_smart_path _report_no_chall_path() File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 442, in _report_no_chall_path raise errors.AuthorizationError(msg) AuthorizationError: Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.