My domain is: www.severindouble.com and severindouble.com
I ran this command: sudo certbot -v renew and sudo certbot certonly --manual -d www.severindouble.com -d severindouble.com
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Processing /etc/letsencrypt/renewal/severindouble.com.conf
Certificate is due for renewal, auto-renewing...
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate for severindouble.com and www.severindouble.com
Performing the following challenges:
http-01 challenge for severindouble.com
http-01 challenge for www.severindouble.com
Waiting for verification...
Challenge failed for domain severindouble.com
Challenge failed for domain www.severindouble.com
http-01 challenge for severindouble.com
http-01 challenge for www.severindouble.com
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: severindouble.com
Type: connection
Detail: 86.9.177.236: Fetching http://severindouble.com/.well-known/acme-challenge/FKdO4GDGxkQE6taoz_b05akcfyIdsBT24UvM-Prxo-8: Timeout during connect (likely firewall problem)
Domain: www.severindouble.com
Type: connection
Detail: 86.9.177.236: Fetching http://www.severindouble.com/.well-known/acme-challenge/LG1EVmZdGodYlGMJynFoXZVwq749CzDIzFeyHkmgAVg: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.
Cleaning up challenges
Failed to renew certificate severindouble.com with error: Some challenges have failed.
Processing /etc/letsencrypt/renewal/www.severindouble.com.conf
Certificate is due for renewal, auto-renewing...
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate for www.severindouble.com
Performing the following challenges:
http-01 challenge for www.severindouble.com
Waiting for verification...
Challenge failed for domain www.severindouble.com
http-01 challenge for www.severindouble.com
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: www.severindouble.com
Type: connection
Detail: 86.9.177.236: Fetching http://www.severindouble.com/.well-known/acme-challenge/VJ21A5RWmWrC0S6SLoWUUzfG2XNruLc57izCwRyrHWU: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.
Cleaning up challenges
Failed to renew certificate www.severindouble.com with error: Some challenges have failed.
All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/severindouble.com/fullchain.pem (failure)
/etc/letsencrypt/live/www.severindouble.com/fullchain.pem (failure)
2 renew failure(s), 0 parse failure(s)
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
For the command sudo certbot certonly --manual -d www.severindouble.com -d severindouble.com it produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
An RSA certificate named severindouble.com already exists. Do you want to update
its key type to ECDSA?
(U)pdate key type/(K)eep existing key type: U
Renewing an existing certificate for www.severindouble.com and severindouble.com
Create a file containing just this data:
bbk1PvWiJLpLAvBbcqimjVP4r3ds4JIeS_veeHO17ng.W8BjMxWzYNngRLtf_mw0eE3UE6Rym5dwtG_I7Z7tQAo
And make it available on your web server at this URL:
http://severindouble.com/.well-known/acme-challenge/bbk1PvWiJLpLAvBbcqimjVP4r3ds4JIeS_veeHO17ng
Press Enter to Continue
Create a file containing just this data:
Yi_4Ejo9u0jYLR1CGwJsBody84dinBkm_c8h8AVCDD0.W8BjMxWzYNngRLtf_mw0eE3UE6Rym5dwtG_I7Z7tQAo
And make it available on your web server at this URL:
http://www.severindouble.com/.well-known/acme-challenge/Yi_4Ejo9u0jYLR1CGwJsBody84dinBkm_c8h8AVCDD0
(This must be set up in addition to the previous challenges; do not remove,
replace, or undo the previous challenge tasks yet.)
Press Enter to Continue
Certbot failed to authenticate some domains (authenticator: manual). The Certificate Authority reported these problems:
Domain: severindouble.com
Type: connection
Detail: 86.9.177.236: Fetching http://severindouble.com/.well-known/acme-challenge/bbk1PvWiJLpLAvBbcqimjVP4r3ds4JIeS_veeHO17ng: Timeout during connect (likely firewall problem)
Domain: www.severindouble.com
Type: connection
Detail: 86.9.177.236: Fetching http://www.severindouble.com/.well-known/acme-challenge/Yi_4Ejo9u0jYLR1CGwJsBody84dinBkm_c8h8AVCDD0: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to verify the manually created challenge files. Ensure that you created these in the correct location.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
My web server is (include version): Server version: Apache/2.4.52 (Raspbian)
Server built: 2022-01-03T21:27:14
The operating system my web server runs on is (include version):
PRETTY_NAME="Raspbian GNU/Linux 11 (bullseye)"
NAME="Raspbian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=raspbian
ID_LIKE=debian
HOME_URL="http://www.raspbian.org/"
SUPPORT_URL="RaspbianForums - Raspbian"
BUG_REPORT_URL="RaspbianBugs - Raspbian"
My hosting provider, if applicable, is: I have the domain name with godaddy.com and host the site myself on a raspberry pi 2b
I can login to a root shell on my machine (yes or no, or I don't know): Apparently you can't log in as root on raspberry pis
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.6.0
A little extra information: I made a backup of my raspberry pi with the dd command on the 26th of May 2022 then tried to unsuccessfully tried to restore it with the command gunzip -c /home/sev/piimage26052022 | ssh pi@192.168.0.10 "sudo dd of=/dev/mmcblk0". I have today successfully restored it by using an sd card reader/writer on the machine with the backup file on, using raspberry pi imager.
Unfortunately I do not have the original log file for issuing the command sudo certbot -renew as when I issued the command:
sudo certbot certonly --manual -d www.severindouble.com -d severindouble.com seemed to overwrite the log file. The output for this command is:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
An RSA certificate named severindouble.com already exists. Do you want to update
its key type to ECDSA?
(U)pdate key type/(K)eep existing key type: U
Renewing an existing certificate for www.severindouble.com and severindouble.com
Create a file containing just this data:
bbk1PvWiJLpLAvBbcqimjVP4r3ds4JIeS_veeHO17ng.W8BjMxWzYNngRLtf_mw0eE3UE6Rym5dwtG_I7Z7tQAo
And make it available on your web server at this URL:
http://severindouble.com/.well-known/acme-challenge/bbk1PvWiJLpLAvBbcqimjVP4r3ds4JIeS_veeHO17ng
Press Enter to Continue
Create a file containing just this data:
Yi_4Ejo9u0jYLR1CGwJsBody84dinBkm_c8h8AVCDD0.W8BjMxWzYNngRLtf_mw0eE3UE6Rym5dwtG_I7Z7tQAo
And make it available on your web server at this URL:
http://www.severindouble.com/.well-known/acme-challenge/Yi_4Ejo9u0jYLR1CGwJsBody84dinBkm_c8h8AVCDD0
(This must be set up in addition to the previous challenges; do not remove,
replace, or undo the previous challenge tasks yet.)
Press Enter to Continue
Certbot failed to authenticate some domains (authenticator: manual). The Certificate Authority reported these problems:
Domain: severindouble.com
Type: connection
Detail: 86.9.177.236: Fetching http://severindouble.com/.well-known/acme-challenge/bbk1PvWiJLpLAvBbcqimjVP4r3ds4JIeS_veeHO17ng: Timeout during connect (likely firewall problem)
Domain: www.severindouble.com
Type: connection
Detail: 86.9.177.236: Fetching http://www.severindouble.com/.well-known/acme-challenge/Yi_4Ejo9u0jYLR1CGwJsBody84dinBkm_c8h8AVCDD0: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to verify the manually created challenge files. Ensure that you created these in the correct location.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
I then issued the command sudo certbot -v renew again and output the logfile to a seperate file and it was different from the logfile produced when I first issued the command; presumably because I updated the keys with the command
sudo certbot certonly --manual -d www.severindouble.com -d severindouble.com which I got from a topic on your site and thought I would try to use, hoping that would work, but it did not.
I then thought this is getting complicated so I decided to start the process of reinstalling snapd and certbot, but when I issued the command sudo certbot --apache it came up with a similar output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Which names would you like to activate HTTPS for?
We recommend selecting either all domains, or all domains in a VirtualHost/server block.
1: severindouble.com
2: www.severindouble.com
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
An RSA certificate named severindouble.com already exists. Do you want to update
its key type to ECDSA?
(U)pdate key type/(K)eep existing key type: U
Renewing an existing certificate for severindouble.com and www.severindouble.com
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: severindouble.com
Type: connection
Detail: 86.9.177.236: Fetching http://severindouble.com/.well-known/acme-challenge/8jJgmafBfY_SASZz63hCdVPa0df0L5SQek249RG4zms: Timeout during connect (likely firewall problem)
Domain: www.severindouble.com
Type: connection
Detail: 86.9.177.236: Fetching http://www.severindouble.com/.well-known/acme-challenge/ByItllSyHui7b0wxjeS5bBnObNUQpqeFX35euxJRUOw: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
Finally, I have made sure the firewalls on the router and raspberry pi is down, even though I had to install ufw on the raspberry pi to find out the status of inactive. Also port 443 for the raspberry pi is and the raspberry pi itself have been port forwarded. Sorry the post is so long. I have not included the 3 log files for the commands I issued, but I have them, if you want them. I hope you can pick your way through it and solve the problem. Thanks beforehand