Again issue renew my certs on my VM

m.aburugaya · May 31, 2025, 12:46pm

I need help renewing my certs on my VM running on ubuntu server.
I tried everything but now im lost.
Thanks.

My domains are:
www.peritia-itc.de and www.kgs-web.de

I ran this command:
certbot -v renew --dry-run
"certbot --webroot -w /var/www/html/presentation certonly -d www.peritia-itc.de"
"certbot certonly --webroot --cert-name www.peritia-itc.de -w /var/www/html/presentation -d www.peritia-itc.de"

It produced this output:
The first command produced the following output:
Failed to renew certificate www.peritia-itc.de with error: Some challenges have failed.

All simulated renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/www.peritia-itc.de/fullchain.pem (failure)

My web server is (include version):
Apache/2.4.58 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 24.04.2 LTS

My hosting provider, if applicable, is: Strato

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.9.0

orangepizza · May 31, 2025, 12:59pm

from let's debug result:

www.peritia-itc.de has an A (IPv4) record (85.88.29.82) but a request to this address over port 80 did not succeed. Your web server must have at least one working IPv4 or IPv6 address.
Get "http://www.peritia-itc.de/.well-known/acme-challenge/letsdebug-test": dial tcp 85.88.29.82:80: connect: connection refused

looks like they closed port 80 for some reason.

you may want to apache's mod_md module to use tls-alpn challange for it

Bruce5051 · May 31, 2025, 11:27pm

Adding more evidence to that

$ nmap -Pn -p80,443 www.kgs-web.de
Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-05-31 23:25 UTC
Nmap scan report for www.kgs-web.de (85.88.29.82)
Host is up (0.17s latency).

PORT    STATE  SERVICE
80/tcp  closed http
443/tcp open   https

Nmap done: 1 IP address (1 host up) scanned in 1.41 seconds

$ nmap -Pn -p80,443 www.peritia-itc.de
Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-05-31 23:26 UTC
Nmap scan report for www.peritia-itc.de (85.88.29.82)
Host is up (0.17s latency).

PORT    STATE  SERVICE
80/tcp  closed http
443/tcp open   https

Nmap done: 1 IP address (1 host up) scanned in 1.59 seconds

m.aburugaya · June 1, 2025, 2:25pm

Good afternoon,

thank you for your support.
Problem solved. Certs renewed.

Best regards
Mo

Topic		Replies	Views
I can't renew the certificate again Help	11	899	July 14, 2023
Could not renew certificates Help	7	1875	July 22, 2017
Cert Renewal Not Working Anymore Help	5	4045	May 13, 2019
Unable to renew certbot certificate Help	6	564	April 29, 2020
Can't renew certificate Help	19	1542	July 10, 2022

Again issue renew my certs on my VM

Related topics