AWS EC2 server problem: Failed to connect to host for DVSNI challenge


#1

Hi,

My domain is hosted on an AWS EC2 instance and I’ve received the whitelist email for my domain. When I run the letsencrypt-auto client on my server, I got error message of “The server could not connect to the client for DV :: Failed to connect to host for DVSNI challenge”. My question is does letsencrypt-auto script takes care of the case that EC2 instance uses private/public IP address mapping? For example, inside EC2 server ifconfig returns 172.30.0.130, however it has public address 54.88.214.63. More details below.

$ sudo ./letsencrypt-auto --apache --server https://acme-v01.api.letsencrypt.org/directory -d inthingnet.com --agree-dev-preview --verbose

                  │ Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org      │  
                  │ Performing the following challenges:                                │  
                  │ tls-sni-01 challenge for inthingnet.com                             │  
                  │ Created an SSL vhost at                                             │  
                  │ /etc/apache2/sites-available/000-default-le-ssl.conf                │  
                  │ Waiting for verification...                                         │  
                  │ Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org      │  
                  │ Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org      │  
                  │ Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org      │  
                  │ Reporting to user: The following 'connection' errors were reported   │  
                  │ by the server:                                                      │  
                  │ Domains: inthingnet.com                                             │  
                  │ Error: The server could not connect to the client for DV             │  
                  │ To fix these errors, please make sure that your domain name was      │  
                  │ entered correctly and the DNS A record(s) for that domain            │  
                  │ contain(s) the right IP address. Additionally, please check that     │  
                  │ your computer has a publicly routable IP address and that no         │  
                  │ firewalls are preventing the server from communicating with the      │  
                  │ client.                                                             │  
                  │ Cleaning up challenges

#2

The internal / external IP address shouldn’t be an issue. inthingnet.com gives me connection timeouts from my laptop. I would recommend double-checking your EC2 security groups and ensuring port 443 as allowed from all sources.


#3

You are absolutely right. It works now. Thanks!


#4

Hey there. I’m getting “The apache plugin is not working: there may be problems with your existing configuration The error was : NoinstallationError()”

HTTPD is stopped.

443 available to ALL

Any thoughts? when trying to run with other auto commands, I was getting an error about no installers available