I have been using letsencrypt / certbot successfully since the early days and very much appreciate the project.
I set up a cron job for my renewals some time ago and everything has been working well with many renewals.
However, recently the cron job has been failing and sending me emails with the following error details for all of the subdomains.
I’ve checked the usual stuff - dns, ipv6 ping, configs, permissions as well as browsing successfully to test.txt page under .well-known. I’ve also used curl and got 301s and 200s to check out good response on ipv6.
I’m now stuck. Hope someone can help.
An example domain is: family.glynos.co.uk ( plus 4 other subdomains affected, same error)
I ran this command: certbot renew (via regular cron job)
It produced this output:
Cert is due for renewal, auto-renewing…
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for family.glynos.co.uk
Waiting for verification…
Cleaning up challenges
Unable to clean up challenge directory /var/www/family.glynos.co.uk/humogen/.well-known/acme-challenge
Attempting to renew cert from /etc/letsencrypt/renewal/family.glynos.co.uk.conf produced an unexpected error: Failed authorization procedure. family.glynos.co.uk (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://family.glynos.co.uk/.well-known/acme-challenge/vcuARt3uNFpH5BD0ieTRBRMNIh6AnhT1AJZfOGU70ZE: Timeout. Skipping.
My web server is (include version): Apache 2.4
The operating system my web server runs on is (include version): Debian jessie
My hosting provider, if applicable, is: own server
I can login to a root shell on my machine (yes or no, or I don’t know): Yes.
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No.