Certbot failed to authenticate some domains (authenticator: webroot)


I tried several times to install kobotookbox on Digital Ocean and I couldn’t. The problem occur during the https configuration (I guess).

I already have a domain pointing to Digital Ocean.
I have already configured four A records on Digital Ocean: @, kf, kc and ee pointing to the droplet.
pings to the four subdomains are responding ok.
I selected “Auto-install HTTPS certificates with Let’s Encrypt?”: Yes
Installation goes ok until the “Requesting a certificate for kf.[domain] and 2 more domains”

The error:

Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:

Domain: ee.[domain]
Type: connection
Detail: Fetching http://ee.[domain]/.well-known/acme-challenge/SH3SnMF4dKzMPnSLzI-bX9bCimGGCDONVdvL_VD3uyg: Connection refused

Domain: kc.[domain]
Type: connection
Detail: Fetching http://kc.[domain]/.well-known/acme-challenge/b8FKHFdtjIyCAyhQE5QyKhwm-joBaCyjzwDbyreK2FA: Connection refused

Domain: kf.[domain]
Type: connection
Detail: Fetching http://kf.[domain]/.well-known/acme-challenge/2ywqRUjvn8hgYtiu24-sd3XMPhM4Z_HUXxh8BCaKR8w: Connection refused

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

Reloading nginx …

OCI runtime exec failed: exec failed: unable to start container process: error executing setns process: exit status 1: unknown

An error has occurred

And the installation process breaks
Its seems like front-ends are not running yet. Browser them doesn’t show anything.
I’m completely lost.
I appreciate your help, thanks.

I had no problems running kobotoolbox without certificates…

Any help?

Installation is working ok over http, I can’t understand how only me is stuck with this issue? I run a basic configuration on a Digital ocean droplet.

I’m thinking in install and configure a nginx server in front of kobo into the same server but two questions come to me:
1- New nginx will listen on 80 and 443, how can I change nginx kobo port’s?
2- Do I need to proxi_pass each subdomain?


Problem is on nginx-certbot-nginx_ssl_proxy-1 container:

[emerg] 1#1: host not found in upstream “nginx.internal” in /etc/nginx/conf.d/app.conf:29

I will continue digging.
See you later.

No matter if I select to use LetEncrypts or a different reverse proxy, when Do you want to use HTTPS? is YES solution never end running up. Never.