<p>certbot fügt acme-challenge zu falscher Konfiguration hinzu, wenn der Domainname nicht kleingeschrieben ist</p>

• Debian 9.6
• Ich habe Certbot mit dem OS-Paketmanager installiert
• certbot 0.28.0

• nginx

• hatte diesen Host in meiner Konfiguration in /etc/nginx/conf.d/RussianChurchVancouver.ca.conf :

server {
  listen       80;
  server_name  RussianChurchVancouver.ca www.RussianChurchVancouver.ca;
...

• Ich habe certbot ausgeführt und es wurden keine Zertifikate erstellt, weil certbot fehlgeschlagen ist:

root<strong i="18">@deb96</strong>:/var/www/RussianChurchVancouver.ca/web# certbot -m [email protected] --agree-tos --nginx -d RussianChurchVancouver.ca -d www.RussianChurchVancouver.ca
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for russianchurchvancouver.ca
http-01 challenge for www.russianchurchvancouver.ca
nginx: [warn] conflicting server name "www.russianchurchvancouver.ca" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "russianchurchvancouver.ca" on 0.0.0.0:80, ignored
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. russianchurchvancouver.ca (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://russianchurchvancouver.ca/.well-known/acme-challenge/b4vlj_zIdB4H_a94FlltJWx2JBGBDS_ihAFWrpJSl5U: "<html>\r\n<head><title>404 Not Found</title></head>\r\n<body>\r\n<center><h1>404 Not Found</h1></center>\r\n<hr><center>nginx</center>\r\n", www.russianchurchvancouver.ca (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.russianchurchvancouver.ca/.well-known/acme-challenge/B8e0i1p0jhjNtfV1Dd36rlE8eh4K2bpefVvABc6Na48: "<html>\r\n<head><title>404 Not Found</title></head>\r\n<body>\r\n<center><h1>404 Not Found</h1></center>\r\n<hr><center>nginx</center>\r\n"

Bei der Fehlerbehebung habe ich festgestellt, dass certbot acme-challenge zu dieser Konfigurationsdatei hinzufügt:

Writing nginx conf tree to /etc/nginx/conf.d/default.conf

was ist der Fehler. Deshalb habe ich conflicting server name im Protokoll (certbot hat eine Situation erstellt, in der ich russianchurchvancouver.ca sowohl in default.conf als auch in RussianChurchVancouver.ca.conf
Erwartet, dass es dieser Datei acme-challenge hinzufügen würde:

/etc/nginx/conf.d/RussianChurchVancouver.ca.conf

An diesem Punkt begann ich zu vermuten, dass certbot dies tut, weil meine Domains in der Konfigurationsdatei nicht kleingeschrieben sind.
Also habe ich sie kleingeschrieben:

  server_name  russianchurchvancouver.ca www.russianchurchvancouver.ca;

und certbot funktionierte korrekt:

root<strong i="37">@deb96</strong>:/etc/nginx/conf.d# certbot -m [email protected] --agree-tos --nginx -d russianchurchvancouver.ca,www.russianchurchvancouver.ca
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for www.russianchurchvancouver.ca
http-01 challenge for russianchurchvancouver.ca
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/nginx/conf.d/RussianChurchVancouver.ca.conf
Deploying Certificate to VirtualHost /etc/nginx/conf.d/RussianChurchVancouver.ca.conf
...
Congratulations! You have successfully enabled https://russianchurchvancouver.ca
and https://www.russianchurchvancouver.ca