Authority failed to download the temporary

Help
1

I changed nothing at the firewall settings, no idea what could be the renewal problem... Any same experiences? Thanks in advance

Processing /etc/letsencrypt/renewal/acloud.acawa.be.conf

Certificate is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Simulating renewal of an existing certificate for acloud.acawa.be
Performing the following challenges:
http-01 challenge for acloud.acawa.be
Using the webroot path /srv/www/htdocs/acloud for all unmatched domains.
Waiting for verification...
Challenge failed for domain acloud.acawa.be
http-01 challenge for acloud.acawa.be

Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: acloud.acawa.be
Type: connection
Detail: 78.23.160.141: Fetching https://acloud.acawa.be/.well-known/acme-challenge/Lh4BKynPRzZu0hAD4PkCzgmgYhFHol-OH-VhAoAEZxk: Timeout during connect (likely firewall problem)

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

Cleaning up challenges
Failed to renew certificate acloud.acawa.be with error: Some challenges have failed.

All simulated renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/acloud.acawa.be/fullchain.pem (failure)

1 renew failure(s), 0 parse failure(s)
Ask for help or search for solutions at https://community.letsencrypt.org.

2

Please see these Let’s Debug results
https://letsdebug.net/acloud.acawa.be/2255175

read these:

As well as

2 Likes
3

wow thank you so much for this insight! I temporarily removed the AAAA record and rerun the "certbot renew" and it did the trick! my isp renewed the docsys modem at the servers place and probably there is an issue with ipv6... which I have to investigate further now I know this was the origin of the problem...

thanks a million, server is running again! anyone any idea what could be the ipv6 problem? the ipv6 address of the server should be correct... and I changed nothing in the firewall...

3 Likes
4

You are very welcome @kleajmp!

Have a pleasant day. :slightly_smiling_face:

2 Likes
5

You could try running this

curl -6 https://ifconfig.io

That should return your public IPv6 address which should match the DNS

But apart from that you just need to check each component in the path

2 Likes
6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.