AuthorizationError('Some challenges have failed.')

Help
1

Hello mates, I need your support again here. Certbot failed to authenticate my domains.
Please could you consider my issue?

I attached log file

My domain is: email.eincenter.mn

I ran this command: sudo certbot --apache --agree-tos --redirect --hsts --staple-ocsp --email you@your-domain.com -d mail.your-domain.com

It produced this output:

Renewing an existing certificate for email.eincenter.mn

Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
  Domain: email.eincenter.mn
  Type:   connection
  Detail: 64.119.29.183: Fetching http://email.eincenter.mn/.well-known/acme-challenge/F65Pa6VnuzwG0uVStlQUcuZ5Xwf9_Doak6w0p-kcgME: Timeout during connect (likely firewall problem)

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

My web server is (include version): Apache/2.4.37

The operating system my web server runs on is (include version): Centos 8

My hosting provider, if applicable, is: vps

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.22.0
letsencrypt.txt (7.4 KB)

2

Hi @allsolution,

I find that checking the router, port forwarding, and the firewall by far the most common culprits.

Thus I suggest starting with them.

Here are some online tools to help:

Also please read these regarding geo blocking;

2 Likes
3

Hi @Bruce5051 Thanks for your reply. Actually I don't know how could I check the router and firewall settings. What settings does it should be? Where can I start to check it?

After many failure tries, now I got response like that: An unexpected error occurred: requests.exceptions.ConnectionError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f9d445be828>: Failed to establish a new connection: [Errno -2] Name or service not known',))

1 Like
4

And unfortunately @allsolution neither does anyone here since we don’t know your network setup and components.

Port forwarding possibly, firewall rule, things that say blocking or dropping. Possibly something that says DMZ.

2 Likes
5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.