AWS EC2 server problem: Failed to connect to host for DVSNI challenge

chuyee · November 11, 2015, 1:45am

Hi,

My domain is hosted on an AWS EC2 instance and I’ve received the whitelist email for my domain. When I run the letsencrypt-auto client on my server, I got error message of “The server could not connect to the client for DV :: Failed to connect to host for DVSNI challenge”. My question is does letsencrypt-auto script takes care of the case that EC2 instance uses private/public IP address mapping? For example, inside EC2 server ifconfig returns 172.30.0.130, however it has public address 54.88.214.63. More details below.

$ sudo ./letsencrypt-auto --apache --server https://acme-v01.api.letsencrypt.org/directory -d inthingnet.com --agree-dev-preview --verbose

                  │ Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org      │  
                  │ Performing the following challenges:                                │  
                  │ tls-sni-01 challenge for inthingnet.com                             │  
                  │ Created an SSL vhost at                                             │  
                  │ /etc/apache2/sites-available/000-default-le-ssl.conf                │  
                  │ Waiting for verification...                                         │  
                  │ Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org      │  
                  │ Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org      │  
                  │ Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org      │  
                  │ Reporting to user: The following 'connection' errors were reported   │  
                  │ by the server:                                                      │  
                  │ Domains: inthingnet.com                                             │  
                  │ Error: The server could not connect to the client for DV             │  
                  │ To fix these errors, please make sure that your domain name was      │  
                  │ entered correctly and the DNS A record(s) for that domain            │  
                  │ contain(s) the right IP address. Additionally, please check that     │  
                  │ your computer has a publicly routable IP address and that no         │  
                  │ firewalls are preventing the server from communicating with the      │  
                  │ client.                                                             │  
                  │ Cleaning up challenges

jsha · November 11, 2015, 2:32am

The internal / external IP address shouldn’t be an issue. inthingnet.com gives me connection timeouts from my laptop. I would recommend double-checking your EC2 security groups and ensuring port 443 as allowed from all sources.

chuyee · November 11, 2015, 5:59am

You are absolutely right. It works now. Thanks!

parsoli · November 20, 2015, 3:14pm

Hey there. I’m getting “The apache plugin is not working: there may be problems with your existing configuration The error was : NoinstallationError()”

HTTPD is stopped.

443 available to ALL

Any thoughts? when trying to run with other auto commands, I was getting an error about no installers available

Topic		Replies	Views
Failed to connect to host for DVSNI challenge Server	17	2967	June 16, 2016
Debian Apache: The server could not connect to the client to verify the domain Server	4	2940	January 6, 2016
Error: The server could not connect to the client for DV Help	10	5374	November 12, 2015
Trouble verifying domains Help	17	24240	December 2, 2015
Failed DVSNI Challenge although everything configured well, I guess Help	1	1368	February 26, 2016

AWS EC2 server problem: Failed to connect to host for DVSNI challenge

Related topics