JustPaste.it - Share Text & Images the Easy Way

2018-08-31 16:52:17,363:DEBUG:certbot.main:certbot version: 0.26.1
2018-08-31 16:52:17,364:DEBUG:certbot.main:Arguments: ['--dry-run']
2018-08-31 16:52:17,364:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2018-08-31 16:52:17,386:DEBUG:certbot.log:Root logging level set at 20
2018-08-31 16:52:17,386:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2018-08-31 16:52:17,400:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7f0f25f4d710> and installer <certbot.cli._Default object at 0x7f0f25f4d710>
2018-08-31 16:52:17,400:DEBUG:certbot.cli:Var dry_run=True (set by user).
2018-08-31 16:52:17,400:DEBUG:certbot.cli:Var server=set(['staging', 'dry_run']) (set by user).
2018-08-31 16:52:17,401:DEBUG:certbot.cli:Var account=set(['server']) (set by user).
2018-08-31 16:52:17,411:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2018-08-27 12:34:26 UTC.
2018-08-31 16:52:17,411:INFO:certbot.renewal:Cert is due for renewal, auto-renewing...
2018-08-31 16:52:17,411:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx
2018-08-31 16:52:17,651:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx.configurator:NginxConfigurator
Initialized: <certbot_nginx.configurator.NginxConfigurator object at 0x7f0f25f51910>
Prep: True
2018-08-31 16:52:17,652:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx.configurator:NginxConfigurator
Initialized: <certbot_nginx.configurator.NginxConfigurator object at 0x7f0f25f51910>
Prep: True
2018-08-31 16:52:17,652:DEBUG:certbot.plugins.selection:Selected authenticator <certbot_nginx.configurator.NginxConfigurator object at 0x7f0f25f51910> and installer <certbot_nginx.configurator.NginxConfigurator object at 0x7f0f25f51910>
2018-08-31 16:52:17,652:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx
2018-08-31 16:52:17,696:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(status=None, terms_of_service_agreed=None, agreement=None, only_return_existing=None, contact=(), key=None), uri=u'https://acme-staging-v02.api.letsencrypt.org/acme/acct/6671828', new_authzr_uri=None, terms_of_service=None), c79fcc378c40aaefb5fc63faf1560efc, Meta(creation_host=u'centos-s-2vcpu-4gb-nyc1-01', creation_dt=datetime.datetime(2018, 8, 17, 13, 12, 35, tzinfo=<UTC>)))>
2018-08-31 16:52:17,698:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory.
2018-08-31 16:52:17,704:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
2018-08-31 16:52:17,847:DEBUG:requests.packages.urllib3.connectionpool:"GET /directory HTTP/1.1" 200 724
2018-08-31 16:52:17,848:DEBUG:acme.client:Received response:
HTTP 200
content-length: 724
expires: Fri, 31 Aug 2018 16:52:17 GMT
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
date: Fri, 31 Aug 2018 16:52:17 GMT
x-frame-options: DENY
content-type: application/json

{
"TlOhEtLcYSg": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org/docs/staging-environment/"
},
"newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert"
}
2018-08-31 16:52:17,849:INFO:certbot.main:Renewing an existing certificate
2018-08-31 16:52:18,102:DEBUG:acme.client:Requesting fresh nonce
2018-08-31 16:52:18,103:DEBUG:acme.client:Sending HEAD request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order.
2018-08-31 16:52:18,200:DEBUG:requests.packages.urllib3.connectionpool:"HEAD /acme/new-order HTTP/1.1" 405 0
2018-08-31 16:52:18,201:DEBUG:acme.client:Received response:
HTTP 405
content-length: 103
pragma: no-cache
expires: Fri, 31 Aug 2018 16:52:18 GMT
server: nginx
connection: keep-alive
allow: POST
cache-control: max-age=0, no-cache, no-store
date: Fri, 31 Aug 2018 16:52:18 GMT
content-type: application/problem+json
replay-nonce: 2Bw7h12XStC7f_2csqV2E3DPcHAbzNXmrymLgr2DLjE

2018-08-31 16:52:18,201:DEBUG:acme.client:Storing nonce: 2Bw7h12XStC7f_2csqV2E3DPcHAbzNXmrymLgr2DLjE
2018-08-31 16:52:18,201:DEBUG:acme.client:JWS payload:
{
"status": "pending",
"identifiers": [
{
"type": "dns",
"value": "nomorestars.com"
},
{
"type": "dns",
"value": "pod.nomorestars.com"
},
{
"type": "dns",
"value": "www.nomorestars.com"
}
],
"resource": "new-order"
}
2018-08-31 16:52:18,203:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJub25jZSI6ICIyQnc3aDEyWFN0QzdmXzJjc3FWMkUzRFBjSEFiek5YbXJ5bUxncjJETGpFIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzY2NzE4MjgiLCAiYWxnIjogIlJTMjU2In0",
"payload": "ewogICJzdGF0dXMiOiAicGVuZGluZyIsIAogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwgCiAgICAgICJ2YWx1ZSI6ICJub21vcmVzdGFycy5jb20iCiAgICB9LCAKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwgCiAgICAgICJ2YWx1ZSI6ICJwb2Qubm9tb3Jlc3RhcnMuY29tIgogICAgfSwgCiAgICB7CiAgICAgICJ0eXBlIjogImRucyIsIAogICAgICAidmFsdWUiOiAid3d3Lm5vbW9yZXN0YXJzLmNvbSIKICAgIH0KICBdLCAKICAicmVzb3VyY2UiOiAibmV3LW9yZGVyIgp9",
"signature": "wATxDPk0T1g8ggd-Jq_xxEJZ1x081p7-dC4xdJ-ctyQtUckkn8HiXGiHyyRqJwktjmrps__GE-jQqHRPW64ceLK-RZ2i0gPdlfddIDnEZ-QlnGYpvUiryFvmgQZuYKJ_4gf1KL209fXTa3vTWgOhAouISWPv7Ylw3nArdPhwVF21yw-V-txlCnmHe5aAGlqJb-OFyqE5NdkM3I77mbXkiFiivhuVuhOfvFpjRjdBnfG2elXi3n7f2ysBo7GcWOJ2wILIvaoCAZQDjXjHnIYWlgxpi3LhR0Ibxhl1kwwmu2aPUNNMJK9nhtWqOwmA12IfhmUKt0jp5rRxHT6RlzJnNQ"
}
2018-08-31 16:52:18,636:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/new-order HTTP/1.1" 201 742
2018-08-31 16:52:18,637:DEBUG:acme.client:Received response:
HTTP 201
content-length: 742
expires: Fri, 31 Aug 2018 16:52:18 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
location: https://acme-staging-v02.api.letsencrypt.org/acme/order/6671828/6787511
pragma: no-cache
boulder-requester: 6671828
date: Fri, 31 Aug 2018 16:52:18 GMT
x-frame-options: DENY
content-type: application/json
replay-nonce: 4Hp6IUr6Ob9iS8TETqAgWotGPPqRXnida7cOnmWoGAU

{
"status": "pending",
"expires": "2018-09-07T16:52:18.55358749Z",
"identifiers": [
{
"type": "dns",
"value": "nomorestars.com"
},
{
"type": "dns",
"value": "pod.nomorestars.com"
},
{
"type": "dns",
"value": "www.nomorestars.com"
}
],
"authorizations": [
"https://acme-staging-v02.api.letsencrypt.org/acme/authz/wLRqJMo8QLbvu-P5hmXqiMndmOKpebu7ykdG3NRcqLk",
"https://acme-staging-v02.api.letsencrypt.org/acme/authz/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4",
"https://acme-staging-v02.api.letsencrypt.org/acme/authz/6wieNoLQLLjvwOp8MnBcTk9DwsPVQXQfKVroLyT3TMo"
],
"finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/6671828/6787511"
}
2018-08-31 16:52:18,637:DEBUG:acme.client:Storing nonce: 4Hp6IUr6Ob9iS8TETqAgWotGPPqRXnida7cOnmWoGAU
2018-08-31 16:52:18,637:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/acme/authz/wLRqJMo8QLbvu-P5hmXqiMndmOKpebu7ykdG3NRcqLk.
2018-08-31 16:52:18,736:DEBUG:requests.packages.urllib3.connectionpool:"GET /acme/authz/wLRqJMo8QLbvu-P5hmXqiMndmOKpebu7ykdG3NRcqLk HTTP/1.1" 200 1331
2018-08-31 16:52:18,737:DEBUG:acme.client:Received response:
HTTP 200
content-length: 1331
expires: Fri, 31 Aug 2018 16:52:18 GMT
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
date: Fri, 31 Aug 2018 16:52:18 GMT
x-frame-options: DENY
content-type: application/json

{
"identifier": {
"type": "dns",
"value": "nomorestars.com"
},
"status": "valid",
"expires": "2018-09-16T13:12:37Z",
"challenges": [
{
"type": "http-01",
"status": "valid",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/wLRqJMo8QLbvu-P5hmXqiMndmOKpebu7ykdG3NRcqLk/160659382",
"token": "M3alJzalblPhhWvTo_rNgCvvuP3C983WY1jymiueKxg",
"validationRecord": [
{
"url": "http://nomorestars.com/.well-known/acme-challenge/M3alJzalblPhhWvTo_rNgCvvuP3C983WY1jymiueKxg",
"hostname": "nomorestars.com",
"port": "80",
"addressesResolved": [
"206.189.255.48",
"2604:a880:400:d1::78b:7001"
],
"addressUsed": "2604:a880:400:d1::78b:7001"
}
]
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/wLRqJMo8QLbvu-P5hmXqiMndmOKpebu7ykdG3NRcqLk/160659383",
"token": "REnmm7UUsCyN_C6rWtkWA4yyxCirh-Bt8eo9s513g5w"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/wLRqJMo8QLbvu-P5hmXqiMndmOKpebu7ykdG3NRcqLk/160659384",
"token": "J9s0HcGtAR-uVgfghO1iAjLWgzTF6Irn18EMKKTf5iw"
}
]
}
2018-08-31 16:52:18,737:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/acme/authz/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4.
2018-08-31 16:52:18,835:DEBUG:requests.packages.urllib3.connectionpool:"GET /acme/authz/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4 HTTP/1.1" 200 1343
2018-08-31 16:52:18,836:DEBUG:acme.client:Received response:
HTTP 200
content-length: 1343
expires: Fri, 31 Aug 2018 16:52:18 GMT
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
date: Fri, 31 Aug 2018 16:52:18 GMT
x-frame-options: DENY
content-type: application/json

{
"identifier": {
"type": "dns",
"value": "www.nomorestars.com"
},
"status": "pending",
"expires": "2018-09-07T16:52:18Z",
"challenges": [
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/6wieNoLQLLjvwOp8MnBcTk9DwsPVQXQfKVroLyT3TMo/165746591",
"token": "gtCHuMdpVlV6zH3mbEE0phYQ_A40W3Ygy4Ibyy-P3Ho"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/6wieNoLQLLjvwOp8MnBcTk9DwsPVQXQfKVroLyT3TMo/165746592",
"token": "Kb92KXVYvIYCNQCYG9_IyUcHSW6OH_-mVZaly9mVVvQ"
},
{
"type": "http-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/6wieNoLQLLjvwOp8MnBcTk9DwsPVQXQfKVroLyT3TMo/165746593",
"token": "2kuDgZyQttXORuaraZjjq9i51UgHp4__t01WqavxGpY"
}
]
}
2018-08-31 16:52:18,943:INFO:certbot.auth_handler:Performing the following challenges:
2018-08-31 16:52:18,943:INFO:certbot.auth_handler:http-01 challenge for nomorestars.com
2018-08-31 16:52:18,944:INFO:certbot.auth_handler:http-01 challenge for pod.nomorestars.com
2018-08-31 16:52:18,944:INFO:certbot.auth_handler:http-01 challenge for www.nomorestars.com
2018-08-31 16:52:19,031:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf
2018-08-31 16:52:19,032:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/www
2018-08-31 16:52:19,032:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types
2018-08-31 16:52:19,032:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/pod
2018-08-31 16:52:19,034:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf:
user nginx;
worker_processes 4;
pid /run/nginx.pid;

events {
worker_connections 1024;
multi_accept on;
}

http {
include /etc/letsencrypt/le_http_01_cert_challenge.conf;
server_names_hash_bucket_size 128;

##
# Basic Settings
##

sendfile on;
tcp_nopush on;
tcp_nodelay on;
types_hash_max_size 2048;
server_tokens off;
client_max_body_size 8192k;
client_header_timeout 10;
client_body_timeout 10;
keepalive_timeout 10 10;
send_timeout 10;

# server_names_hash_bucket_size 64;
# server_name_in_redirect off;

include /etc/nginx/mime.types;
default_type application/octet-streams;

##
# Logging Settings
##

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

##
# Gzip Settings
##

gzip on;
gzip_disable "msie6";

gzip_vary on;
gzip_proxied any;
# gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_min_length 1100;
# gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml application/x-font-ttf font/opentype application/vnd.ms-fontobject;

ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m;

#ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_protocols TLSv1.2;
#ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers on;
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
add_header Strict-Transport-Security max-age=15768000;

# OCSP Stapling ---
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;

## verify chain of trust of OCSP response using Root CA and Intermediate certs
# ssl_trusted_certificate /etc/letsencrypt/live/nomorestars.com/chain.pem;
ssl_trusted_certificate /etc/letsencrypt/live/nomorestars.com/fullchain.pem;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}

2018-08-31 16:52:19,036:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/www:
server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot

rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot

if ($host = www.nomorestars.com) {
return 301 https://$host$request_uri;
} # managed by Certbot

listen 80;
server_name www.nomorestars.com nomorestars.com;
rewrite ^ https://$host$request_uri permanent;
location = /.well-known/acme-challenge/M3alJzalblPhhWvTo_rNgCvvuP3C983WY1jymiueKxg{default_type text/plain;return 200 M3alJzalblPhhWvTo_rNgCvvuP3C983WY1jymiueKxg.54F21uyFjrLqqhH_ekMa0JMXmltCohxlM_MJsbunmko;} # managed by Certbot

location = /.well-known/acme-challenge/2kuDgZyQttXORuaraZjjq9i51UgHp4__t01WqavxGpY{default_type text/plain;return 200 2kuDgZyQttXORuaraZjjq9i51UgHp4__t01WqavxGpY.54F21uyFjrLqqhH_ekMa0JMXmltCohxlM_MJsbunmko;} # managed by Certbot

}

server {
listen 443;
listen [::]:443;
server_name www.nomorestars.com nomorestars.com;
ssl on;
ssl_certificate /etc/letsencrypt/live/nomorestars.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/nomorestars.com/privkey.pem; # managed by Certbot
index index.html index.htm index.php;
root /usr/share/nginx/html;
location ^~ /.well-known/acme-challenge/ {
alias /usr/share/nginx/html/acme-challenge/;
}
try_files $uri $uri/ =404
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}

location / {
try_files $uri $uri/ /index.php;
}

location /blog/ {
try_files $uri $uri/ /blog/index.php?$args;
rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.xml$ "/index.php?xml_sitemap=params=$2" last;
rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.xml\.gz$ "/index.php?xml_sitemap=params=$2;zip=true" last;
rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.html$ "/index.php?xml_sitemap=params=$2;html=true" last;
rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.html.gz$ "/index.php?xml_sitemap=params=$2;html=true;zip=true" last;
}

location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}

2018-08-31 16:52:19,037:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/pod:
server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot

listen 80;
listen [::]:80;
server_name pod.nomorestars.com;
rewrite ^/(.*) https://pod.nomorestars.com/$1 permanent;
location = /.well-known/acme-challenge/pcFoAnDfWxyCATr7K858ZV1RQHvJPj4LX2_aeRiV-YY{default_type text/plain;return 200 pcFoAnDfWxyCATr7K858ZV1RQHvJPj4LX2_aeRiV-YY.54F21uyFjrLqqhH_ekMa0JMXmltCohxlM_MJsbunmko;} # managed by Certbot

}

server {
listen 443;
listen [::]:443;
ssl on;
server_name pod.nomorestars.com;
root /home/diaspora/diaspora/public;

# Configure maximum picture size
# Note that Diaspora has a client side check set at 4M
client_max_body_size 5M;
client_body_buffer_size 256K;

# SSL setup

# This file should also include any necessary intermediate certificates
# For example for StartSSL that would be http://www.startssl.com/certs/sub.class1.server.ca.pem
ssl_certificate /etc/letsencrypt/live/nomorestars.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/nomorestars.com/privkey.pem; # managed by Certbot

# generate with openssl dhparam 2048 > /path/to/dhparam.pem
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_session_timeout 5m;

# Proxy if requested file not found
try_files $uri @diaspora;

location @diaspora {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_redirect off;

proxy_pass http://diaspora_server;
}

}

# Proxy destination
# Add as many server directives as you want
# Also takes a socket, like unix:/path/to/some/socket.sock
upstream diaspora_server {
server 127.0.0.1:3000;
#server unix:/home/diaspora/diaspora/tmp/diaspora.sock;

}

2018-08-31 16:52:20,058:INFO:certbot.auth_handler:Waiting for verification...
2018-08-31 16:52:20,059:DEBUG:acme.client:JWS payload:
{
"keyAuthorization": "M3alJzalblPhhWvTo_rNgCvvuP3C983WY1jymiueKxg.54F21uyFjrLqqhH_ekMa0JMXmltCohxlM_MJsbunmko",
"type": "http-01",
"resource": "challenge"
}
2018-08-31 16:52:20,061:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/challenge/wLRqJMo8QLbvu-P5hmXqiMndmOKpebu7ykdG3NRcqLk/160659382:
{
"protected": "eyJub25jZSI6ICI0SHA2SVVyNk9iOWlTOFRFVHFBZ1dvdEdQUHFSWG5pZGE3Y09ubVdvR0FVIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsZW5nZS93TFJxSk1vOFFMYnZ1LVA1aG1YcWlNbmRtT0twZWJ1N3lrZEczTlJjcUxrLzE2MDY1OTM4MiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzY2NzE4MjgiLCAiYWxnIjogIlJTMjU2In0",
"payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogIk0zYWxKemFsYmxQaGhXdlRvX3JOZ0N2dnVQM0M5ODNXWTFqeW1pdWVLeGcuNTRGMjF1eUZqckxxcWhIX2VrTWEwSk1YbWx0Q29oeGxNX01Kc2J1bm1rbyIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9",
"signature": "UHz6s-3F-zkY4rC4XpnLNlwiPvakLJBCBd9cNqUfPVgpJ4iaffJF8TntxaKk_AvtjMYP93sVN5xDENBGuna7CyF1vBkY7TCBfV2ZUMLl5Rg4LMQvwnNxOJ-XC0pcgWfJEdY_-XWEVfFdedfFnBM0XhyKFZDIrzzc9NX5uulFgqxkM7jidihQrt1LY5IOBhRR0QSls6mtX6Z4itPuKxMN41B93j9y1krgCL-8WLWIHMogH1K5dLlHAl03qP9ssDs6XzzeNsGk8TdlRGE2YO3IKKJcAFs5jKxVSPJDL6q2Bq6d2l7u_lFZy1t--o-7Z6WR8bEIbCNYojF0RuHZswmdaA"
}
2018-08-31 16:52:20,166:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/challenge/wLRqJMo8QLbvu-P5hmXqiMndmOKpebu7ykdG3NRcqLk/160659382 HTTP/1.1" 200 587
2018-08-31 16:52:20,167:DEBUG:acme.client:Received response:
HTTP 200
content-length: 587
expires: Fri, 31 Aug 2018 16:52:20 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
link: <https://acme-staging-v02.api.letsencrypt.org/acme/authz/wLRqJMo8QLbvu-P5hmXqiMndmOKpebu7ykdG3NRcqLk>;rel="nofollow"
location: https://acme-staging-v02.api.letsencrypt.org/acme/challenge/wLRqJMo8QLbvu-P5hmXqiMndmOKpebu7ykdG3NRcqLk/160659382
pragma: no-cache
boulder-requester: 6671828
date: Fri, 31 Aug 2018 16:52:20 GMT
x-frame-options: DENY
content-type: application/json
replay-nonce: SGGGaS7ZHcmKMDKRsEGzJut4FZVQJhT4ZnRIPBpuQ98

{
"type": "http-01",
"status": "valid",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/wLRqJMo8QLbvu-P5hmXqiMndmOKpebu7ykdG3NRcqLk/160659382",
"token": "M3alJzalblPhhWvTo_rNgCvvuP3C983WY1jymiueKxg",
"validationRecord": [
{
"url": "http://nomorestars.com/.well-known/acme-challenge/M3alJzalblPhhWvTo_rNgCvvuP3C983WY1jymiueKxg",
"hostname": "nomorestars.com",
"port": "80",
"addressesResolved": [
"206.189.255.48",
"2604:a880:400:d1::78b:7001"
],
"addressUsed": "2604:a880:400:d1::78b:7001"
}
]
}
2018-08-31 16:52:20,167:DEBUG:acme.client:Storing nonce: SGGGaS7ZHcmKMDKRsEGzJut4FZVQJhT4ZnRIPBpuQ98
2018-08-31 16:52:20,168:DEBUG:acme.client:JWS payload:
{
"keyAuthorization": "pcFoAnDfWxyCATr7K858ZV1RQHvJPj4LX2_aeRiV-YY.54F21uyFjrLqqhH_ekMa0JMXmltCohxlM_MJsbunmko",
"type": "http-01",
"resource": "challenge"
}
2018-08-31 16:52:20,170:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/challenge/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4/160659386:
{
"protected": "eyJub25jZSI6ICJTR0dHYVM3WkhjbUtNREtSc0VHekp1dDRGWlZRSmhUNFpuUklQQnB1UTk4IiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsZW5nZS82WTJ1czdjQk5pSjdqWUpGeWZZOUZ3Wkxhc2FMdzNYRnJNR2tPYzlkZEI0LzE2MDY1OTM4NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzY2NzE4MjgiLCAiYWxnIjogIlJTMjU2In0",
"payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogInBjRm9BbkRmV3h5Q0FUcjdLODU4WlYxUlFIdkpQajRMWDJfYWVSaVYtWVkuNTRGMjF1eUZqckxxcWhIX2VrTWEwSk1YbWx0Q29oeGxNX01Kc2J1bm1rbyIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9",
"signature": "3TDR9YydtffRXtj1o3A4KamhA6Hsg1FmfE81Sj2gE6DSd7WdZOmVQWUxoeW0SNW5iPngFp_puBO3bUeo1F-PzfCUAQBAlPHCFYUV4eooaPKmK0ZiXNlvpLiMlsv5cJPVPTToJV3t2KUGrOjE6K90Yh_VDw_QuboZCMRhvhBlXtHypL9AQ0TvGNP2eiaspzcBsg8bxUs5GnFzCnX7a1zV-HI8b8TVz1618tMZJ7HHGqpQ44scTKgTW8MJ9PADwz8wCu9c5gRh8OzIV1NiudAC0BL5TsbSOHeZeFT71hzbeZbxl9pWObm8xaesgF-yaL7w4-gNH_x9imE3vUp0mZCsYw"
}
2018-08-31 16:52:20,277:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/challenge/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4/160659386 HTTP/1.1" 200 595
2018-08-31 16:52:20,278:DEBUG:acme.client:Received response:
HTTP 200
content-length: 595
expires: Fri, 31 Aug 2018 16:52:20 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
link: <https://acme-staging-v02.api.letsencrypt.org/acme/authz/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4>;rel="nofollow"
location: https://acme-staging-v02.api.letsencrypt.org/acme/challenge/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4/160659386
pragma: no-cache
boulder-requester: 6671828
date: Fri, 31 Aug 2018 16:52:20 GMT
x-frame-options: DENY
content-type: application/json
replay-nonce: 3Qwws8Jhdlly0i9rsA82pAasneiJKpDd-jhZBG8INkA

{
"type": "http-01",
"status": "valid",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4/160659386",
"token": "pcFoAnDfWxyCATr7K858ZV1RQHvJPj4LX2_aeRiV-YY",
"validationRecord": [
{
"url": "http://pod.nomorestars.com/.well-known/acme-challenge/pcFoAnDfWxyCATr7K858ZV1RQHvJPj4LX2_aeRiV-YY",
"hostname": "pod.nomorestars.com",
"port": "80",
"addressesResolved": [
"206.189.255.48",
"2604:a880:400:d1::78b:7001"
],
"addressUsed": "2604:a880:400:d1::78b:7001"
}
]
}
2018-08-31 16:52:20,278:DEBUG:acme.client:Storing nonce: 3Qwws8Jhdlly0i9rsA82pAasneiJKpDd-jhZBG8INkA
2018-08-31 16:52:20,279:DEBUG:acme.client:JWS payload:
{
"keyAuthorization": "2kuDgZyQttXORuaraZjjq9i51UgHp4__t01WqavxGpY.54F21uyFjrLqqhH_ekMa0JMXmltCohxlM_MJsbunmko",
"type": "http-01",
"resource": "challenge"
}
2018-08-31 16:52:20,281:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/challenge/6wieNoLQLLjvwOp8MnBcTk9DwsPVQXQfKVroLyT3TMo/165746593:
{
"protected": "eyJub25jZSI6ICIzUXd3czhKaGRsbHkwaTlyc0E4MnBBYXNuZWlKS3BEZC1qaFpCRzhJTmtBIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsZW5nZS82d2llTm9MUUxManZ3T3A4TW5CY1RrOUR3c1BWUVhRZktWcm9MeVQzVE1vLzE2NTc0NjU5MyIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzY2NzE4MjgiLCAiYWxnIjogIlJTMjU2In0",
"payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogIjJrdURnWnlRdHRYT1J1YXJhWmpqcTlpNTFVZ0hwNF9fdDAxV3FhdnhHcFkuNTRGMjF1eUZqckxxcWhIX2VrTWEwSk1YbWx0Q29oeGxNX01Kc2J1bm1rbyIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9",
"signature": "HkKbM5LfYeSSEjRtPShd_OEqNQBSDaXQFig4gCqjjvNw_MUyKLtTqkqRCQegdSVHsfXC84mjvMPw66oTG420UTtnn1HaV3xeFqRvlvnnhr3pjEdyFy09lR7ejuLtRZX-R1mEUbLXztWYKYLRGMsYMO37jLrKLfNUwZJSUlpuY19LACYHsf5Pb63XoyATnHfX0Y2j5puJ0qE-sUv0RJ5md2zqvxA-JGkPHKL10w472n-8DMB0SnNMcvSI9TKNr5W0LR9H5ctwUvkwimgiDRJ-AZZJUJ18l6UVZypIdDt_IbtvCitFPWVWe-mzWTb6YpJIhyQt24ow44NeMm4apXQvEg"
}
2018-08-31 16:52:20,401:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/challenge/6wieNoLQLLjvwOp8MnBcTk9DwsPVQXQfKVroLyT3TMo/165746593 HTTP/1.1" 200 230
2018-08-31 16:52:20,402:DEBUG:acme.client:Received response:
HTTP 200
content-length: 230
expires: Fri, 31 Aug 2018 16:52:20 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
link: <https://acme-staging-v02.api.letsencrypt.org/acme/authz/6wieNoLQLLjvwOp8MnBcTk9DwsPVQXQfKVroLyT3TMo>;rel="nofollow"
location: https://acme-staging-v02.api.letsencrypt.org/acme/challenge/6wieNoLQLLjvwOp8MnBcTk9DwsPVQXQfKVroLyT3TMo/165746593
pragma: no-cache
boulder-requester: 6671828
date: Fri, 31 Aug 2018 16:52:20 GMT
x-frame-options: DENY
content-type: application/json
replay-nonce: NzwtIBqecQsVeOubLBv2ROqQ6osJyw5pHHmJx7vHWUI

{
"type": "http-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/6wieNoLQLLjvwOp8MnBcTk9DwsPVQXQfKVroLyT3TMo/165746593",
"token": "2kuDgZyQttXORuaraZjjq9i51UgHp4__t01WqavxGpY"
}
2018-08-31 16:52:20,402:DEBUG:acme.client:Storing nonce: NzwtIBqecQsVeOubLBv2ROqQ6osJyw5pHHmJx7vHWUI
2018-08-31 16:52:23,406:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/acme/authz/wLRqJMo8QLbvu-P5hmXqiMndmOKpebu7ykdG3NRcqLk.
2018-08-31 16:52:23,505:DEBUG:requests.packages.urllib3.connectionpool:"GET /acme/authz/wLRqJMo8QLbvu-P5hmXqiMndmOKpebu7ykdG3NRcqLk HTTP/1.1" 200 1331
2018-08-31 16:52:23,506:DEBUG:acme.client:Received response:
HTTP 200
content-length: 1331
expires: Fri, 31 Aug 2018 16:52:23 GMT
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
date: Fri, 31 Aug 2018 16:52:23 GMT
x-frame-options: DENY
content-type: application/json

{
"identifier": {
"type": "dns",
"value": "nomorestars.com"
},
"status": "valid",
"expires": "2018-09-16T13:12:37Z",
"challenges": [
{
"type": "http-01",
"status": "valid",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/wLRqJMo8QLbvu-P5hmXqiMndmOKpebu7ykdG3NRcqLk/160659382",
"token": "M3alJzalblPhhWvTo_rNgCvvuP3C983WY1jymiueKxg",
"validationRecord": [
{
"url": "http://nomorestars.com/.well-known/acme-challenge/M3alJzalblPhhWvTo_rNgCvvuP3C983WY1jymiueKxg",
"hostname": "nomorestars.com",
"port": "80",
"addressesResolved": [
"206.189.255.48",
"2604:a880:400:d1::78b:7001"
],
"addressUsed": "2604:a880:400:d1::78b:7001"
}
]
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/wLRqJMo8QLbvu-P5hmXqiMndmOKpebu7ykdG3NRcqLk/160659383",
"token": "REnmm7UUsCyN_C6rWtkWA4yyxCirh-Bt8eo9s513g5w"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/wLRqJMo8QLbvu-P5hmXqiMndmOKpebu7ykdG3NRcqLk/160659384",
"token": "J9s0HcGtAR-uVgfghO1iAjLWgzTF6Irn18EMKKTf5iw"
}
]
}
2018-08-31 16:52:23,507:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/acme/authz/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4.
2018-08-31 16:52:23,609:DEBUG:requests.packages.urllib3.connectionpool:"GET /acme/authz/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4 HTTP/1.1" 200 1343
2018-08-31 16:52:23,610:DEBUG:acme.client:Received response:
HTTP 200
content-length: 1343
expires: Fri, 31 Aug 2018 16:52:23 GMT
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
date: Fri, 31 Aug 2018 16:52:23 GMT
x-frame-options: DENY
content-type: application/json

{
"identifier": {
"type": "dns",
"value": "www.nomorestars.com"
},
"status": "invalid",
"expires": "2018-09-07T16:52:18Z",
"challenges": [
{
"type": "dns-01",
"status": "invalid",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/6wieNoLQLLjvwOp8MnBcTk9DwsPVQXQfKVroLyT3TMo/165746591",
"token": "gtCHuMdpVlV6zH3mbEE0phYQ_A40W3Ygy4Ibyy-P3Ho"
},
{
"type": "tls-alpn-01",
"status": "invalid",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/6wieNoLQLLjvwOp8MnBcTk9DwsPVQXQfKVroLyT3TMo/165746592",
"token": "Kb92KXVYvIYCNQCYG9_IyUcHSW6OH_-mVZaly9mVVvQ"
},
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "Invalid response from http://www.nomorestars.com/.well-known/acme-challenge/2kuDgZyQttXORuaraZjjq9i51UgHp4__t01WqavxGpY: \"\u003chtml\u003e\r\n\u003chead\u003e\u003ctitle\u003e404 Not Found\u003c/title\u003e\u003c/head\u003e\r\n\u003cbody bgcolor=\"white\"\u003e\r\n\u003ccenter\u003e\u003ch1\u003e404 Not Found\u003c/h1\u003e\u003c/center\u003e\r\n\u003chr\u003e\u003ccenter\u003e\"",
"status": 403
},
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/6wieNoLQLLjvwOp8MnBcTk9DwsPVQXQfKVroLyT3TMo/165746593",
"token": "2kuDgZyQttXORuaraZjjq9i51UgHp4__t01WqavxGpY",
"validationRecord": [
{
"url": "http://www.nomorestars.com/.well-known/acme-challenge/2kuDgZyQttXORuaraZjjq9i51UgHp4__t01WqavxGpY",
"hostname": "www.nomorestars.com",
"port": "80",
"addressesResolved": [
"206.189.255.48",
"2604:a880:400:d1::78b:7001"
],
"addressUsed": "2604:a880:400:d1::78b:7001"
}
]
}
]
}
2018-08-31 16:52:23,714:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:

Domain: www.nomorestars.com
Type: unauthorized
Detail: Invalid response from http://www.nomorestars.com/.well-known/acme-challenge/2kuDgZyQttXORuaraZjjq9i51UgHp4__t01WqavxGpY: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"

To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
2018-08-31 16:52:23,716:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/certbot/auth_handler.py", line 82, in handle_authorizations
self._respond(aauthzrs, resp, best_effort)
File "/usr/lib/python2.7/site-packages/certbot/auth_handler.py", line 155, in _respond
self._poll_challenges(aauthzrs, chall_update, best_effort)
File "/usr/lib/python2.7/site-packages/certbot/auth_handler.py", line 226, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. www.nomorestars.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.nomorestars.com/.well-known/acme-challenge/2kuDgZyQttXORuaraZjjq9i51UgHp4__t01WqavxGpY: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"

2018-08-31 16:52:23,716:DEBUG:certbot.error_handler:Calling registered functions
2018-08-31 16:52:23,716:INFO:certbot.auth_handler:Cleaning up challenges
2018-08-31 16:52:24,941:WARNING:certbot.renewal:Attempting to renew cert (nomorestars.com) from /etc/letsencrypt/renewal/nomorestars.com.conf produced an unexpected error: Failed authorization procedure. www.nomorestars.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.nomorestars.com/.well-known/acme-challenge/2kuDgZyQttXORuaraZjjq9i51UgHp4__t01WqavxGpY: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>". Skipping.
2018-08-31 16:52:24,945:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/certbot/renewal.py", line 430, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File "/usr/lib/python2.7/site-packages/certbot/main.py", line 1197, in renew_cert
renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage)
File "/usr/lib/python2.7/site-packages/certbot/main.py", line 115, in _get_and_save_cert
renewal.renew_cert(config, domains, le_client, lineage)
File "/usr/lib/python2.7/site-packages/certbot/renewal.py", line 305, in renew_cert
new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
File "/usr/lib/python2.7/site-packages/certbot/client.py", line 334, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/usr/lib/python2.7/site-packages/certbot/client.py", line 370, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File "/usr/lib/python2.7/site-packages/certbot/auth_handler.py", line 82, in handle_authorizations
self._respond(aauthzrs, resp, best_effort)
File "/usr/lib/python2.7/site-packages/certbot/auth_handler.py", line 155, in _respond
self._poll_challenges(aauthzrs, chall_update, best_effort)
File "/usr/lib/python2.7/site-packages/certbot/auth_handler.py", line 226, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. www.nomorestars.com (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.nomorestars.com/.well-known/acme-challenge/2kuDgZyQttXORuaraZjjq9i51UgHp4__t01WqavxGpY: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"

2018-08-31 16:52:24,947:DEBUG:certbot.cli:Var dry_run=True (set by user).
2018-08-31 16:52:24,947:DEBUG:certbot.cli:Var server=set(['staging', 'dry_run']) (set by user).
2018-08-31 16:52:24,947:DEBUG:certbot.cli:Var account=set(['server']) (set by user).
2018-08-31 16:52:24,952:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2018-08-27 13:27:41 UTC.
2018-08-31 16:52:24,952:INFO:certbot.renewal:Cert is due for renewal, auto-renewing...
2018-08-31 16:52:24,952:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx
2018-08-31 16:52:25,190:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx.configurator:NginxConfigurator
Initialized: <certbot_nginx.configurator.NginxConfigurator object at 0x7f0f2567cf50>
Prep: True
2018-08-31 16:52:25,191:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx.configurator:NginxConfigurator
Initialized: <certbot_nginx.configurator.NginxConfigurator object at 0x7f0f2567cf50>
Prep: True
2018-08-31 16:52:25,191:DEBUG:certbot.plugins.selection:Selected authenticator <certbot_nginx.configurator.NginxConfigurator object at 0x7f0f2567cf50> and installer <certbot_nginx.configurator.NginxConfigurator object at 0x7f0f2567cf50>
2018-08-31 16:52:25,191:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx
2018-08-31 16:52:25,194:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(status=None, terms_of_service_agreed=None, agreement=None, only_return_existing=None, contact=(), key=None), uri=u'https://acme-staging-v02.api.letsencrypt.org/acme/acct/6671828', new_authzr_uri=None, terms_of_service=None), c79fcc378c40aaefb5fc63faf1560efc, Meta(creation_host=u'centos-s-2vcpu-4gb-nyc1-01', creation_dt=datetime.datetime(2018, 8, 17, 13, 12, 35, tzinfo=<UTC>)))>
2018-08-31 16:52:25,195:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory.
2018-08-31 16:52:25,196:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
2018-08-31 16:52:25,312:DEBUG:requests.packages.urllib3.connectionpool:"GET /directory HTTP/1.1" 200 724
2018-08-31 16:52:25,313:DEBUG:acme.client:Received response:
HTTP 200
content-length: 724
expires: Fri, 31 Aug 2018 16:52:25 GMT
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
date: Fri, 31 Aug 2018 16:52:25 GMT
x-frame-options: DENY
content-type: application/json

{
"Nl1c99SsGvk": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"keyChange": "https://acme-staging-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org/docs/staging-environment/"
},
"newAccount": "https://acme-staging-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-staging-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert"
}
2018-08-31 16:52:25,314:INFO:certbot.main:Renewing an existing certificate
2018-08-31 16:52:25,450:DEBUG:acme.client:Requesting fresh nonce
2018-08-31 16:52:25,450:DEBUG:acme.client:Sending HEAD request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order.
2018-08-31 16:52:25,588:DEBUG:requests.packages.urllib3.connectionpool:"HEAD /acme/new-order HTTP/1.1" 405 0
2018-08-31 16:52:25,588:DEBUG:acme.client:Received response:
HTTP 405
content-length: 103
pragma: no-cache
expires: Fri, 31 Aug 2018 16:52:25 GMT
server: nginx
connection: keep-alive
allow: POST
cache-control: max-age=0, no-cache, no-store
date: Fri, 31 Aug 2018 16:52:25 GMT
content-type: application/problem+json
replay-nonce: t-2c5-yncCFU22H_ed52rOJJLwnNQ9AhHCs2rUQ8zKQ

2018-08-31 16:52:25,589:DEBUG:acme.client:Storing nonce: t-2c5-yncCFU22H_ed52rOJJLwnNQ9AhHCs2rUQ8zKQ
2018-08-31 16:52:25,589:DEBUG:acme.client:JWS payload:
{
"status": "pending",
"identifiers": [
{
"type": "dns",
"value": "pod.nomorestars.com"
}
],
"resource": "new-order"
}
2018-08-31 16:52:25,591:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJub25jZSI6ICJ0LTJjNS15bmNDRlUyMkhfZWQ1MnJPSkpMd25OUTlBaEhDczJyVVE4ektRIiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzY2NzE4MjgiLCAiYWxnIjogIlJTMjU2In0",
"payload": "ewogICJzdGF0dXMiOiAicGVuZGluZyIsIAogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwgCiAgICAgICJ2YWx1ZSI6ICJwb2Qubm9tb3Jlc3RhcnMuY29tIgogICAgfQogIF0sIAogICJyZXNvdXJjZSI6ICJuZXctb3JkZXIiCn0",
"signature": "nfE4tB7EXHFVv0nQPVaPKy3rKZShlyV9O11-I962DsrNmqnYv3nnW6n1LdrkFMebLNOS8zft6D0Kyz4Maj5PJexpvKOwdR9XgPjtbERsNTLO5X9bzOwWwNyP-jQsLq4eyse0k3P16tX5qqXhTlCTUfE07OOEW0mZwE0ys8aJEEbUwGVnJqPXS7dzzhiHi5I_1RPq2NRF7kDAXxuthhhzJoNRBb6JEkSF95fl54Ntqs3JKflvRJz-wS_EMcSv2_ZAag-NY_Szy89uNQLnNzoe9teTkOkQwbgT1mBINeGhCwgJQcW5_ryXY2Z8j31tuz31BoTxjDmEYmgVS_DrVrpKlQ"
}
2018-08-31 16:52:25,714:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/new-order HTTP/1.1" 201 389
2018-08-31 16:52:25,714:DEBUG:acme.client:Received response:
HTTP 201
content-length: 389
expires: Fri, 31 Aug 2018 16:52:25 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
location: https://acme-staging-v02.api.letsencrypt.org/acme/order/6671828/6787515
pragma: no-cache
boulder-requester: 6671828
date: Fri, 31 Aug 2018 16:52:25 GMT
x-frame-options: DENY
content-type: application/json
replay-nonce: x5aF1YrWN78MGamD7uq_0bh08cMkkcdkvzIYz8MhSg4

{
"status": "ready",
"expires": "2018-09-07T16:52:25.639229831Z",
"identifiers": [
{
"type": "dns",
"value": "pod.nomorestars.com"
}
],
"authorizations": [
"https://acme-staging-v02.api.letsencrypt.org/acme/authz/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4"
],
"finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/6671828/6787515"
}
2018-08-31 16:52:25,715:DEBUG:acme.client:Storing nonce: x5aF1YrWN78MGamD7uq_0bh08cMkkcdkvzIYz8MhSg4
2018-08-31 16:52:25,715:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/acme/authz/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4.
2018-08-31 16:52:25,822:DEBUG:requests.packages.urllib3.connectionpool:"GET /acme/authz/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4 HTTP/1.1" 200 1343
2018-08-31 16:52:25,823:DEBUG:acme.client:Received response:
HTTP 200
content-length: 1343
expires: Fri, 31 Aug 2018 16:52:25 GMT
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
date: Fri, 31 Aug 2018 16:52:25 GMT
x-frame-options: DENY
content-type: application/json

events {
worker_connections 1024;
multi_accept on;
}

http {
include /etc/letsencrypt/le_http_01_cert_challenge.conf;
server_names_hash_bucket_size 128;

##
# Basic Settings
##

# server_names_hash_bucket_size 64;
# server_name_in_redirect off;

include /etc/nginx/mime.types;
default_type application/octet-streams;

##
# Logging Settings
##

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

##
# Gzip Settings
##

gzip on;
gzip_disable "msie6";

ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m;

# OCSP Stapling ---
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;

2018-08-31 16:52:25,853:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/pod:
server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot

}

2018-08-31 16:52:26,870:INFO:certbot.auth_handler:Waiting for verification...
2018-08-31 16:52:26,871:DEBUG:acme.client:JWS payload:
{
"keyAuthorization": "pcFoAnDfWxyCATr7K858ZV1RQHvJPj4LX2_aeRiV-YY.54F21uyFjrLqqhH_ekMa0JMXmltCohxlM_MJsbunmko",
"type": "http-01",
"resource": "challenge"
}
2018-08-31 16:52:26,873:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/challenge/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4/160659386:
{
"protected": "eyJub25jZSI6ICJ4NWFGMVlyV043OE1HYW1EN3VxXzBiaDA4Y01ra2Nka3Z6SVl6OE1oU2c0IiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsZW5nZS82WTJ1czdjQk5pSjdqWUpGeWZZOUZ3Wkxhc2FMdzNYRnJNR2tPYzlkZEI0LzE2MDY1OTM4NiIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzY2NzE4MjgiLCAiYWxnIjogIlJTMjU2In0",
"payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogInBjRm9BbkRmV3h5Q0FUcjdLODU4WlYxUlFIdkpQajRMWDJfYWVSaVYtWVkuNTRGMjF1eUZqckxxcWhIX2VrTWEwSk1YbWx0Q29oeGxNX01Kc2J1bm1rbyIsIAogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9",
"signature": "CnJmUiHOgskLBPnn--B1idoFs3VlHvmQsSdB3vdmorJeRb648LAFDGNYOL0cwyp71KtkrwGEE0iDNi-iM4Af2MHEPJlNoC4P7TMIufr5cWapo6AkFJcWAUr8ZjR3NAH7n1lBuI8H2VXpRTfqEY44LUFWywiU23trITSquT0eIAeW5I282j3yE242YMeJO0RIe32oaiQRzokWQxRBhURIEr3SqjBz7IM7d_f_bAaquCn4lzdoT_nckeHfYR_a_RLolVsFxg32dXfb5wdpMbqaMrc7Z1_fO25zbQh28NTGCnhlwznaiaMFhT3I0CaDEvcaz_tBEL93FxCrNZyIniwnzg"
}
2018-08-31 16:52:26,983:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/challenge/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4/160659386 HTTP/1.1" 200 595
2018-08-31 16:52:26,984:DEBUG:acme.client:Received response:
HTTP 200
content-length: 595
expires: Fri, 31 Aug 2018 16:52:26 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
link: <https://acme-staging-v02.api.letsencrypt.org/acme/authz/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4>;rel="nofollow"
location: https://acme-staging-v02.api.letsencrypt.org/acme/challenge/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4/160659386
pragma: no-cache
boulder-requester: 6671828
date: Fri, 31 Aug 2018 16:52:26 GMT
x-frame-options: DENY
content-type: application/json
replay-nonce: URSxQFVxr6m_B9X_pYyZfRsHlmgNoY_WkOOnWb304O8

{
"identifier": {
"type": "dns",
"value": "pod.nomorestars.com"
},
"status": "valid",
"expires": "2018-09-16T13:12:37Z",
"challenges": [
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4/160659385",
"token": "1nDp6-mxLjh4JxuOMux4lP1-BFZg06YvU77z_ZYQuXc"
},
{
"type": "http-01",
"status": "valid",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4/160659386",
"token": "pcFoAnDfWxyCATr7K858ZV1RQHvJPj4LX2_aeRiV-YY",
"validationRecord": [
{
"url": "http://pod.nomorestars.com/.well-known/acme-challenge/pcFoAnDfWxyCATr7K858ZV1RQHvJPj4LX2_aeRiV-YY",
"hostname": "pod.nomorestars.com",
"port": "80",
"addressesResolved": [
"206.189.255.48",
"2604:a880:400:d1::78b:7001"
],
"addressUsed": "2604:a880:400:d1::78b:7001"
}
]
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-staging-v02.api.letsencrypt.org/acme/challenge/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4/160659387",
"token": "6vzPey1HU4RKtLDcKYjVodq2Sk9VPsWL2YzXy5CxI-g"
}
]
}
2018-08-31 16:52:30,090:DEBUG:certbot.error_handler:Calling registered functions
2018-08-31 16:52:30,090:INFO:certbot.auth_handler:Cleaning up challenges
2018-08-31 16:52:31,310:DEBUG:certbot.client:CSR: CSR(file=None, data='-----BEGIN CERTIFICATE REQUEST-----\nMIICdjCCAV4CAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMWn\nx8P3dtdDP+eC3Jn0WumJ3vgwVMgJl9JAxZtrWO7AoKcLR6oRz6HgZSy9H2mD/1lR\nyEJB40DZKeKbUs/eLblLvzlmsHxRnhQQ1Z5bZIiQjiYjFoYTc7J4aGddbiuqsB4V\nq7IoNAa5BYo8uWXqvcYhHlAqE7G8GGlhuFdlvlOAqth8tFakBYT7FK6zpv8pN6Rg\nqBBBMLI04H7OGDuGTGu4kCkpPhh/5h22AhvQBkyzHnzszvRvNH/8ZuXUvnTh+j8z\n7ThTCEImSHMK1EkiusTrzGLCRoAOR9zyPJn+yQ25yMunVgnlWVBq8aXosiz2ejz9\nZYufaeDL/+3Y0hr4HOUCAwEAAaAxMC8GCSqGSIb3DQEJDjEiMCAwHgYDVR0RBBcw\nFYITcG9kLm5vbW9yZXN0YXJzLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAIsujQeD6\ncnmwSnX7b9eFCOWHJrSeIKuAsBcIHsn5+q/SJLwd6gq05IhZsQD8pi5qxrdQrmi4\nr0g5I//foTgP+vLo2GwjS0Z0OPeXOcwFx5VBou69qZuKbdSp2eKetpyW/la+fJQp\nnTMo5dJZs0OE/51YzvA1MR3VhPGn0Dq1wBSp7zjcXiWUbHQybUj2GhD6AShXuL29\n9InZLeBV1GMT23i3gerwwf095Swf9B5X/A+YVTX2RvchnDkktrRgP4EcpJjCBO1O\nw9uajZABToUiOVlQo3b+lS9HphDelC1xmjDjCvKsTwQfVzgJxYzW1ICAHxIs2adc\nsy4v5HaWSJmXEA==\n-----END CERTIFICATE REQUEST-----\n', form='pem')
2018-08-31 16:52:31,311:DEBUG:acme.client:JWS payload:
{
"resource": "new-cert",
"csr": "MIICdjCCAV4CAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMWnx8P3dtdDP-eC3Jn0WumJ3vgwVMgJl9JAxZtrWO7AoKcLR6oRz6HgZSy9H2mD_1lRyEJB40DZKeKbUs_eLblLvzlmsHxRnhQQ1Z5bZIiQjiYjFoYTc7J4aGddbiuqsB4Vq7IoNAa5BYo8uWXqvcYhHlAqE7G8GGlhuFdlvlOAqth8tFakBYT7FK6zpv8pN6RgqBBBMLI04H7OGDuGTGu4kCkpPhh_5h22AhvQBkyzHnzszvRvNH_8ZuXUvnTh-j8z7ThTCEImSHMK1EkiusTrzGLCRoAOR9zyPJn-yQ25yMunVgnlWVBq8aXosiz2ejz9ZYufaeDL_-3Y0hr4HOUCAwEAAaAxMC8GCSqGSIb3DQEJDjEiMCAwHgYDVR0RBBcwFYITcG9kLm5vbW9yZXN0YXJzLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAIsujQeD6cnmwSnX7b9eFCOWHJrSeIKuAsBcIHsn5-q_SJLwd6gq05IhZsQD8pi5qxrdQrmi4r0g5I__foTgP-vLo2GwjS0Z0OPeXOcwFx5VBou69qZuKbdSp2eKetpyW_la-fJQpnTMo5dJZs0OE_51YzvA1MR3VhPGn0Dq1wBSp7zjcXiWUbHQybUj2GhD6AShXuL299InZLeBV1GMT23i3gerwwf095Swf9B5X_A-YVTX2RvchnDkktrRgP4EcpJjCBO1Ow9uajZABToUiOVlQo3b-lS9HphDelC1xmjDjCvKsTwQfVzgJxYzW1ICAHxIs2adcsy4v5HaWSJmXEA"
}
2018-08-31 16:52:31,313:DEBUG:acme.client:Sending POST request to https://acme-staging-v02.api.letsencrypt.org/acme/finalize/6671828/6787515:
{
"protected": "eyJub25jZSI6ICJVUlN4UUZWeHI2bV9COVhfcFl5WmZSc0hsbWdOb1lfV2tPT25XYjMwNE84IiwgInVybCI6ICJodHRwczovL2FjbWUtc3RhZ2luZy12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2ZpbmFsaXplLzY2NzE4MjgvNjc4NzUxNSIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXN0YWdpbmctdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzY2NzE4MjgiLCAiYWxnIjogIlJTMjU2In0",
"payload": "ewogICJyZXNvdXJjZSI6ICJuZXctY2VydCIsIAogICJjc3IiOiAiTUlJQ2RqQ0NBVjRDQVFJd0FEQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQU1Xbng4UDNkdGREUC1lQzNKbjBXdW1KM3Znd1ZNZ0psOUpBeFp0cldPN0FvS2NMUjZvUno2SGdaU3k5SDJtRF8xbFJ5RUpCNDBEWktlS2JVc19lTGJsTHZ6bG1zSHhSbmhRUTFaNWJaSWlRamlZakZvWVRjN0o0YUdkZGJpdXFzQjRWcTdJb05BYTVCWW84dVdYcXZjWWhIbEFxRTdHOEdHbGh1RmRsdmxPQXF0aDh0RmFrQllUN0ZLNnpwdjhwTjZSZ3FCQkJNTEkwNEg3T0dEdUdUR3U0a0NrcFBoaF81aDIyQWh2UUJreXpIbnpzenZSdk5IXzhadVhVdm5UaC1qOHo3VGhUQ0VJbVNITUsxRWtpdXNUcnpHTENSb0FPUjl6eVBKbi15UTI1eU11blZnbmxXVkJxOGFYb3NpejJlano5Wll1ZmFlRExfLTNZMGhyNEhPVUNBd0VBQWFBeE1DOEdDU3FHU0liM0RRRUpEakVpTUNBd0hnWURWUjBSQkJjd0ZZSVRjRzlrTG01dmJXOXlaWE4wWVhKekxtTnZiVEFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBSXN1alFlRDZjbm13U25YN2I5ZUZDT1dISnJTZUlLdUFzQmNJSHNuNS1xX1NKTHdkNmdxMDVJaFpzUUQ4cGk1cXhyZFFybWk0cjBnNUlfX2ZvVGdQLXZMbzJHd2pTMFowT1BlWE9jd0Z4NVZCb3U2OXFadUtiZFNwMmVLZXRweVdfbGEtZkpRcG5UTW81ZEpaczBPRV81MVl6dkExTVIzVmhQR24wRHExd0JTcDd6amNYaVdVYkhReWJVajJHaEQ2QVNoWHVMMjk5SW5aTGVCVjFHTVQyM2kzZ2Vyd3dmMDk1U3dmOUI1WF9BLVlWVFgyUnZjaG5Ea2t0clJnUDRFY3BKakNCTzFPdzl1YWpaQUJUb1VpT1ZsUW8zYi1sUzlIcGhEZWxDMXhtakRqQ3ZLc1R3UWZWemdKeFl6VzFJQ0FIeElzMmFkY3N5NHY1SGFXU0ptWEVBIgp9",
"signature": "OzIbnslC2x-Ajyqd8crnyGHieF0y8KnZVsJJOdokMjrkDWwR-P-IPNj5XSoVFW4fNFppbNxDBZrj63QU8K_bQD4ThsJqR64NbAmZoAPVWZLLIBWnwc8cvyKb1C9irLBBfA9cQJ_Ro1-0_5G4p6oCKC43OV70W-VEpprN2YJrQzDf1w9tJy0ADrVulvUOsz2W2LZZXJaUnwQ3pOorlMlTuvzYvZeuhHEMA0dBvSPuZ9Hi4Ag_dG-lLfun7_JkIP8o_gcnkhXsifaUM5l8_fGUu0kOUSJ9ql0oe7f2nqT7HpmGsmNdzasFK8Vgw0b7IwxTON0f8RX4Zbnv3lYnvH3hyQ"
}
2018-08-31 16:52:32,783:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/finalize/6671828/6787515 HTTP/1.1" 200 491
2018-08-31 16:52:32,784:DEBUG:acme.client:Received response:
HTTP 200
content-length: 491
expires: Fri, 31 Aug 2018 16:52:32 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
location: https://acme-staging-v02.api.letsencrypt.org/acme/order/6671828/6787515
pragma: no-cache
boulder-requester: 6671828
date: Fri, 31 Aug 2018 16:52:32 GMT
x-frame-options: DENY
content-type: application/json
replay-nonce: btfA78PS0ICcMYrNCI68uIZ5JRGnLFrsm492uXfr4a4

{
"status": "valid",
"expires": "2018-09-07T16:52:25Z",
"identifiers": [
{
"type": "dns",
"value": "pod.nomorestars.com"
}
],
"authorizations": [
"https://acme-staging-v02.api.letsencrypt.org/acme/authz/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4"
],
"finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/6671828/6787515",
"certificate": "https://acme-staging-v02.api.letsencrypt.org/acme/cert/fadd922db5f46c803741ca00a79c0c2112e1"
}
2018-08-31 16:52:32,784:DEBUG:acme.client:Storing nonce: btfA78PS0ICcMYrNCI68uIZ5JRGnLFrsm492uXfr4a4
2018-08-31 16:52:33,786:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/acme/order/6671828/6787515.
2018-08-31 16:52:33,885:DEBUG:requests.packages.urllib3.connectionpool:"GET /acme/order/6671828/6787515 HTTP/1.1" 200 491
2018-08-31 16:52:33,886:DEBUG:acme.client:Received response:
HTTP 200
content-length: 491
expires: Fri, 31 Aug 2018 16:52:33 GMT
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
date: Fri, 31 Aug 2018 16:52:33 GMT
x-frame-options: DENY
content-type: application/json

{
"status": "valid",
"expires": "2018-09-07T16:52:25Z",
"identifiers": [
{
"type": "dns",
"value": "pod.nomorestars.com"
}
],
"authorizations": [
"https://acme-staging-v02.api.letsencrypt.org/acme/authz/6Y2us7cBNiJ7jYJFyfY9FwZLasaLw3XFrMGkOc9ddB4"
],
"finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/6671828/6787515",
"certificate": "https://acme-staging-v02.api.letsencrypt.org/acme/cert/fadd922db5f46c803741ca00a79c0c2112e1"
}
2018-08-31 16:52:33,886:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/acme/cert/fadd922db5f46c803741ca00a79c0c2112e1.
2018-08-31 16:52:33,984:DEBUG:requests.packages.urllib3.connectionpool:"GET /acme/cert/fadd922db5f46c803741ca00a79c0c2112e1 HTTP/1.1" 200 3802
2018-08-31 16:52:33,985:DEBUG:acme.client:Received response:
HTTP 200
content-length: 3802
expires: Fri, 31 Aug 2018 16:52:33 GMT
strict-transport-security: max-age=604800
server: nginx
connection: keep-alive
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
date: Fri, 31 Aug 2018 16:52:33 GMT
x-frame-options: DENY
content-type: application/pem-certificate-chain

2018-08-31 16:52:34,015:DEBUG:certbot.renewal:Dry run: skipping updating lineage at /etc/letsencrypt/live/pod.nomorestars.com
2018-08-31 16:52:34,015:DEBUG:certbot.updater:Skipping renewal deployer in dry-run mode.
2018-08-31 16:52:35,035:DEBUG:certbot.updater:Skipping updaters in dry-run mode.
2018-08-31 16:52:35,035:ERROR:certbot.renewal:The following certs could not be renewed:
2018-08-31 16:52:35,036:ERROR:certbot.renewal: /etc/letsencrypt/live/nomorestars.com/fullchain.pem (failure)
2018-08-31 16:52:35,038:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 9, in <module>
load_entry_point('certbot==0.26.1', 'console_scripts', 'certbot')()
File "/usr/lib/python2.7/site-packages/certbot/main.py", line 1364, in main
return config.func(config, plugins)
File "/usr/lib/python2.7/site-packages/certbot/main.py", line 1276, in renew
renewal.handle_renewal_request(config)
File "/usr/lib/python2.7/site-packages/certbot/renewal.py", line 455, in handle_renewal_request
len(renew_failures), len(parse_failures)))
Error: 1 renew failure(s), 0 parse failure(s)