I was recently trying to renew the Let’s Encrypt certificate for this site, but doing so failed with the following error (and an accompanying 404 Not Found): Cert is due for renewal, auto-renewing... Renewing an existing certificate Performing the following challenges: http-01 challenge for lonesomecrowdedweb.com http-01 challenge for www.lonesomecrowdedweb.com Waiting for verification... Cleaning up challenges Attempting to renew cert from /etc/letsencrypt/renewal/lonesomecrowdedweb.com.conf produced an unexpected error: Failed authorization procedure. www.lonesomecrowdedweb.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization Domain: www.lonesomecrowdedweb.com Type: unauthorized Detail: Invalid response from http://www.lonesomecrowdedweb.com/.well-known/acme-challenge/ ... This was because my redirects in NGINX were not configured appropriately, and I didn’t notice due to my use of HTTP Strict-Transport-Security. Correcting the bindings allowed me to renew the certificate successfully. ...