i’m getting the error “Wrote file to , but couldn’t download”, but the generated letsencrypt file is in /srv/www/letsencrypt directory, publicly accessible from browser via url http://peregorodki-optom.ru/.well-known/acme-challenge/4F7-qeW9TfDkqEDqxzRiCrVhS7z_kXonEiGBx_lLhHA , and i also can download it using wget and ping ping.txt file. does anybody know what can cause the error?
as i can see, my DNS is ok
full error text:
TASK [letsencrypt : Generate the certificates] ****************************************************************************
System info:
Ansible 2.10.3; Darwin
Trellis version (per changelog): "Validate that `letsencrypt_contact_emails` is a list"
---------------------------------------------------
non-zero return code
Error while generating certificate for peregorodki-optom.ru
Traceback (most recent call last):
File "/usr/local/letsencrypt/acme_tiny.py", line 198, in <module>
main(sys.argv[1:])
File "/usr/local/letsencrypt/acme_tiny.py", line 194, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir,
log=LOGGER, CA=args.ca, disable_check=args.disable_check,
directory_url=args.directory_url, contact=args.contact)
File "/usr/local/letsencrypt/acme_tiny.py", line 143, in get_crt
raise ValueError("Wrote file to {0}, but couldn't download {1}:
{2}".format(wellknown_path, wellknown_url, e))
ValueError: Wrote file to
/srv/www/letsencrypt/4F7-qeW9TfDkqEDqxzRiCrVhS7z_kXonEiGBx_lLhHA, but
couldn't download http://peregorodki-optom.ru/.well-known/acme-
challenge/4F7-qeW9TfDkqEDqxzRiCrVhS7z_kXonEiGBx_lLhHA:
fatal: [62.109.9.184]: FAILED! => {"changed": false, "cmd": ["./renew-certs.py"], "delta": "0:00:06.362793", "end": "2021-03-08 11:49:13.978633", "rc": 1, "start": "2021-03-08 11:49:07.615840", "stderr_lines": ["Error while generating certificate for peregorodki-optom.ru", "Traceback (most recent call last):", " File \"/usr/local/letsencrypt/acme_tiny.py\", line 198, in <module>", " main(sys.argv[1:])", " File \"/usr/local/letsencrypt/acme_tiny.py\", line 194, in main", " signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca, disable_check=args.disable_check, directory_url=args.directory_url, contact=args.contact)", " File \"/usr/local/letsencrypt/acme_tiny.py\", line 143, in get_crt", " raise ValueError(\"Wrote file to {0}, but couldn't download {1}: {2}\".format(wellknown_path, wellknown_url, e))", "ValueError: Wrote file to /srv/www/letsencrypt/4F7-qeW9TfDkqEDqxzRiCrVhS7z_kXonEiGBx_lLhHA, but couldn't download http://peregorodki-optom.ru/.well-known/acme-challenge/4F7-qeW9TfDkqEDqxzRiCrVhS7z_kXonEiGBx_lLhHA: "], "stdout": "Certificate file /etc/nginx/ssl/letsencrypt/mebel-50.ru-51b7bec-bundled.cert already exists and is younger than 60 days. Not creating a new certificate.\nCertificate file /etc/nginx/ssl/letsencrypt/sigma-peregorodki.ru-b781878-bundled.cert already exists and is younger than 60 days. Not creating a new certificate.\nCertificate file /etc/nginx/ssl/letsencrypt/prostoperegorodki.ru-a3a3068-bundled.cert already exists and is younger than 60 days. Not creating a new certificate.", "stdout_lines": ["Certificate file /etc/nginx/ssl/letsencrypt/mebel-50.ru-51b7bec-bundled.cert already exists and is younger than 60 days. Not creating a new certificate.", "Certificate file /etc/nginx/ssl/letsencrypt/sigma-peregorodki.ru-b781878-bundled.cert already exists and is younger than 60 days. Not creating a new certificate.", "Certificate file /etc/nginx/ssl/letsencrypt/prostoperegorodki.ru-a3a3068-bundled.cert already exists and is younger than 60 days. Not creating a new certificate."]}
wordpress_sites config:
peregorodki-optom.ru:
site_hosts:
- canonical: peregorodki-optom.ru
redirects:
- www.peregorodki-optom.ru
local_path: ../projects/web/peregorodki-optom # path targeting local Bedrock site directory (relative to Ansible root)
repo: <repo>
admin_email: estov69@gmail.com
multisite:
enabled: false
ssl:
enabled: true
provider: self-signed
cache:
enabled: false
env:
db_prefix: sp3w_
cron_backup:
hour: "21"
weekday: "5"
cron_interval: "*/1"