2 identical servers - Certbot error on one of them

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:Networkingechnology.org and corp.networkingtechnology.org

I have TWO Alma 8 servers. Both were installed on the same day and with the same version of Alma 8

Server both installations were configured the same.
Server #1 had Postfix and Dovecot
Server #2 had phpBB Both were confiured with LetsEncrypt. I originally had problems but thanks to this site All was fixed and it's been working fine for months. Never had a problem with either.

Both server have been updated regularly I do #1 and then #2 so the only difference is the apps they run.

Server #1 is working fine Certbot renew works every day. The Logwatch entry is:

Reloading The Apache HTTP Server.: 1 Time(s)
certbot-renew.service: Succeeded.: 2 Time(s)

A few days ago Server #2 started having a problem. NOTHING has been added to or taken away from either server. The ONLY thing I do, is run the updates whenever they are available.

My Logwatch is now giving me errors
Reloading The Apache HTTP Server.: 13 Time(s)
certbot-renew.service: Failed with result 'exit-code'.: 2 Time(s)
certbot-renew.service: Main process exited, code=exited, status=1/FAILURE: 2 Time(s)

I haven't a clue WHY nether server has had anything other than updates. When it isn't broken, why fix it is my motto.

Can anyone shed any light on this strange behaviour and give me a clue on how to find the problem?

both your domains doesn't show webpage for me. maybe server 1 is renewed earlier and just doesn't need to renew yet?
btw which one is server #1?
and there is a report that abuseDB blocking LE IPs.. check your firewall

3 Likes

But the firewall is before both servers, so if it's the firewall it must block both servers and only one has the problem.

Sever #1 is Postfix (hermes)

Could Fail2ban block it?

Is it the same firewall in front of these two systems?:

Name:    corp.networkingtechnology.org
Address: 79.132.230.60

Name:    networkingtechnology.org
Address: 192.81.170.17
2 Likes

NO, networkingtechnology is hosted in Canada.
corp.networkingtechnology is hosted here in Belgium
I use an OPNSense Firewall. Covers ALL incoming and outgoing traffic, so if it was that, BOTH servers would have the same problem
I do run fail2ban in Server #2 (problem one) Could it be that?

Yes, that could be it.

2 Likes

what should I be looking for? I have a couple of hundred locked IPs with Fail2Ban and I lock them permanently!

I would bring in the death penalty for hackers (and Spammers)

I have millions of IPs blocked.
And I don't block port 80.

Simple:

  • I only block ports that I "conduct business" on/over
  • I don't block 80 [because that's not a business port]
3 Likes

I don't block port 80 or 443. Fail2Ban blocks script kiddies, false google bots and repeated attempts to access pages that give 404 errors.

ALL attempts to hack any of my servers get added to OPNSense. All the spammers get blocked by Blacklists on the mail server.
I use Fail2ban for the a-holes that keep trying when they get a 404 and the script kiddies.

Are you sure about Let'sEncrypt servers. If they can hack the Pentagon, then I think everyone is fair game, that's why I check my logs every day and DO something about them rather than just looking at them.

I'm not sure what you're asking.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.