3 HTTP verification requests are received. For all 3 requests, the answer is the same and sent correctly. If the answer to the 1st request is wrong, the 2nd and 3rd requests will not come. All 3 requests and responses are the same. Tcpdump output is below but as a result letsencrypt response is timeout. What could be the reason?
Request and Response TcpDump:
02:32:37.857209 IP 23.178.112.209.29052 > 185.50.70.28.80: Flags [P.], seq 4001315321:4001315590, ack 3932783766, win 64240, length 269: HTTP: GET /.well-known/acme-challenge/9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE HTTP/1.1
E..5(.@.*..I..p..2F.q|.P..9..i..P...j...GET /.well-known/acme-challenge/9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE HTTP/1.1
Host: gizlihayatlar.com
User-Agent: Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)
Accept: */*
Accept-Encoding: gzip
Connection: close
02:32:37.857227 IP 185.50.70.28.80 > 23.178.112.209.29052: Flags [F.], seq 1:148, ack 269, win 11110, length 147: HTTP: HTTP/1.1 200 OK
E.....@....W.2F...p..Pq|.i....;.P.+f....HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE.xDCwF7RBAXTkVUKiF8ZQ-rphngrAJZ4TB7e3c4uwFEI
02:32:41.940985 IP 23.178.112.103.27688 > 185.50.70.28.80: Flags [P.], seq 1306214058:1306214327, ack 685863622, win 64240, length 269: HTTP: GET /.well-known/acme-challenge/9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE HTTP/1.1
E..5..@.2.8^..pg.2F.l(.PM.>.(.r.P.......GET /.well-known/acme-challenge/9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE HTTP/1.1
Host: gizlihayatlar.com
User-Agent: Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)
Accept: */*
Accept-Encoding: gzip
Connection: close
02:32:41.941010 IP 185.50.70.28.80 > 23.178.112.103.27688: Flags [F.], seq 1:148, ack 269, win 11110, length 147: HTTP: HTTP/1.1 200 OK
E.....@...
V.2F...pg.Pl((.r.M.?.P.+f....HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE.xDCwF7RBAXTkVUKiF8ZQ-rphngrAJZ4TB7e3c4uwFEI
02:32:45.750447 IP 23.178.112.103.27996 > 185.50.70.28.80: Flags [P.], seq 590126544:590126813, ack 3641224263, win 64240, length 269: HTTP: GET /.well-known/acme-challenge/9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE HTTP/1.1
E..5CU@.1.~...pg.2F.m\.P#,.....GP.......GET /.well-known/acme-challenge/9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE HTTP/1.1
Host: gizlihayatlar.com
User-Agent: Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)
Accept: */*
Accept-Encoding: gzip
Connection: close
02:32:45.750462 IP 185.50.70.28.80 > 23.178.112.103.27996: Flags [F.], seq 1:148, ack 269, win 11110, length 147: HTTP: HTTP/1.1 200 OK
E.....@......2F...pg.Pm\...G#,..P.+f....HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE.xDCwF7RBAXTkVUKiF8ZQ-rphngrAJZ4TB7e3c4uwFEI
Challenge Details:
{
"Header": {
"url": "https://acme-v02.api.letsencrypt.org/acme/authz-v3/149804918617",
"content_type": "application/json",
"http_code": 200,
"header_size": 327,
"request_size": 143,
"filetime": -1,
"ssl_verify_result": 0,
"redirect_count": 0,
"total_time": 0.738453,
"namelookup_time": 0.012275,
"connect_time": 0.013939,
"pretransfer_time": 0.556845,
"size_upload": 0,
"size_download": 1092,
"speed_download": 1478,
"speed_upload": 0,
"download_content_length": 1092,
"upload_content_length": 0,
"starttransfer_time": 0.7384200000000001,
"redirect_time": 0,
"redirect_url": "",
"primary_ip": "172.65.32.248",
"certinfo": [],
"primary_port": 443,
"local_ip": "185.50.71.44",
"local_port": 39612,
"server": "nginx",
"date": "Sun, 04 Sep 2022 23:33:36 GMT",
"content-type": "application/json",
"content-length": "1092",
"connection": "keep-alive",
"cache-control": "public, max-age=0, no-cache",
"link": {
"index": "https://acme-v02.api.letsencrypt.org/directory"
},
"x-frame-options": "DENY",
"strict-transport-security": "max-age=604800"
},
"Body": {
"identifier": {
"type": "dns",
"value": "gizlihayatlar.com"
},
"status": "invalid",
"expires": "2022-09-11T23:33:06Z",
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:connection",
"detail": "During secondary validation: 185.50.70.28: Fetching http://gizlihayatlar.com/.well-known/acme-challenge/9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE: Timeout during connect (likely firewall problem)",
"status": 400
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/149804918617/pyoNYw",
"token": "9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE",
"validationRecord": [
{
"url": "http://gizlihayatlar.com/.well-known/acme-challenge/9KYn3VGoVRp3f3Grp0sFoDlMB9uRvvQmNlNOJbd9QPE",
"hostname": "gizlihayatlar.com",
"port": "80",
"addressesResolved": [
"185.50.70.28"
],
"addressUsed": "185.50.70.28"
}
],
"validated": "2022-09-04T23:33:11Z"
}
]
}
}