Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: loganalysisclass1.cacr.camp
I ran this command: certbot --apache
It produced this output:
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: loganalysisclass1.cacr.camp
Type: connection
Detail: 149.165.175.20: Fetching http://loganalysisclass1.cacr.camp/.well-known/acme-challenge/6it5bjE9abAXl91nTaGyMoAanUUrg8MVnF_b1dV4Ezg: Error getting validation data
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.
Some challenges have failed.
My web server is (include version):
The operating system my web server runs on is (include version): Rocky Linux 9
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Certbt 2.5.0
Your domain cannot be reached using HTTP from the public internet. Use the Let's Debug test site to test your domain. Once that is working try getting a cert again. To me, it looks like only port 22 is open and port 80 is blocked by a firewall or some other network config problem.
The attempt to connect to HTTP on Port 80 is successful, but is being redirected to HTTPS on Port 443 (which in itself is not an issue) and that URL is failing.
The redirected URL is FAILING (i.e. HTTPS on Port 443).
$ curl -Ii https://loganalysisclass1.cacr.camp/.well-known/acme-challenge/sometestfile
curl: (7) Failed to connect to loganalysisclass1.cacr.camp port 443 after 100 ms: No route to host
And for those who like textual representation using nmap -Pn loganalysisclass1.cacr.camp
$ nmap -Pn loganalysisclass1.cacr.camp
Starting Nmap 7.80 ( https://nmap.org ) at 2023-04-27 15:28 UTC
Nmap scan report for loganalysisclass1.cacr.camp (149.165.175.20)
Host is up (0.67s latency).
rDNS record for 149.165.175.20: js-175-20.jetstream-cloud.org
Not shown: 997 filtered ports
PORT STATE SERVICE
80/tcp open http
Nmap done: 1 IP address (1 host up) scanned in 73.70 seconds
Thanks for your help, it worked. But when I run https://loganalysisclass1.cacr.camp:5601, I get
"This site cannot provide a secure connection".
5601 is where I have Kibana running. What am I doing wrong?
