Hello, I am having the same problem can someone help! I am using Vultr for my VPS hosting and I have linked it with my domain on Godaddy. I am trying to obtain the SSL certificate using PUTTY and a few prompts but it says that "Certbot failed to authenticate some domains (authenticator: nginx). The Certific ate Authority reported these problems:
Domain: fitnessrows.com
Type: connection
Detail: 199.247.4.145: Fetching http://fitnessrows.com/.well-known/acme-challe nge/PDaNyoY13qPDSlWQOMC973g2ee6ppQuqnikM9OG0Pss: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to verify the temporary nginx configurati on changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet."
I am not very tech savvy when it comes to these areas, I tried disabling my firewall on windows 10 but it still has not worked , can anyone help me with this? it would be much appreciated!!!
You'll have to do this on your Vultr Ubuntu server.
The first place you can look is in your Vultr control panel, to see whether there are any firewalls enabled there. You will need to open up access to ports 80 and 443 (TCP).
The second place you can look is on your Ubuntu server. A good place to start is to run:
ufw status
If it shows that the firewall is enabled, then you should allow those ports:
I only see Port 22 getting through, you need Port 80 (any probably want Port 443).
$ nmap -Pn fitnessrows.com
Starting Nmap 7.80 ( https://nmap.org ) at 2023-03-03 21:11 UTC
Nmap scan report for fitnessrows.com (199.247.4.145)
Host is up (0.16s latency).
rDNS record for 199.247.4.145: 199.247.4.145.vultrusercontent.com
Not shown: 999 filtered ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 16.45 seconds
$ nmap -Pn www.fitnessrows.com
Starting Nmap 7.80 ( https://nmap.org ) at 2023-03-03 21:11 UTC
Nmap scan report for www.fitnessrows.com (199.247.4.145)
Host is up (0.16s latency).
rDNS record for 199.247.4.145: 199.247.4.145.vultrusercontent.com
Not shown: 999 filtered ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 14.24 seconds
@Kay13, if you had created a new Help Topic you would have been presented with the questionnaire below. Filling it out is still helpful.
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Generally Windows does not have port 22 open. Are you sure Windows 10 is hosting the domain?
Using traceroute to port 22 (which shows as open) I see this trace
$ sudo traceroute -T -p22 fitnessrows.com
traceroute to fitnessrows.com (199.247.4.145), 30 hops max, 60 byte packets
1 EdgeRouter-4 (192.168.1.1) 0.196 ms 0.193 ms 0.158 ms
2 96.120.60.137 (96.120.60.137) 7.773 ms 7.759 ms 8.239 ms
3 162.151.125.157 (162.151.125.157) 9.840 ms 9.910 ms 9.952 ms
4 68.85.243.154 (68.85.243.154) 8.247 ms 8.232 ms 8.217 ms
5 96.216.60.245 (96.216.60.245) 8.137 ms 8.188 ms 8.233 ms
6 ae-69-ar01.troutdale.or.bverton.comcast.net (68.85.243.197) 9.294 ms 19.536 ms 19.517 ms
7 4.68.37.245 (4.68.37.245) 20.026 ms 11.636 ms 14.675 ms
8 * * *
9 CHOOPA-LLC.ear2.Frankfurt1.Level3.net (62.67.34.202) 167.856 ms 167.843 ms 166.506 ms
10 * * *
11 * * *
12 * * *
13 199.247.4.145.vultrusercontent.com (199.247.4.145) 166.209 ms 165.427 ms 165.343 ms
Using traceroute to port 80 (which shows as closed) I see this trace
$ sudo traceroute -T -p80 fitnessrows.com
traceroute to fitnessrows.com (199.247.4.145), 30 hops max, 60 byte packets
1 EdgeRouter-4 (192.168.1.1) 0.201 ms 0.146 ms 0.156 ms
2 96.120.60.137 (96.120.60.137) 8.710 ms 8.698 ms 8.684 ms
3 162.151.125.157 (162.151.125.157) 31.352 ms 31.339 ms 31.326 ms
4 68.85.243.154 (68.85.243.154) 16.904 ms 16.890 ms 16.877 ms
5 96.216.60.245 (96.216.60.245) 14.597 ms 14.583 ms 14.570 ms
6 ae-69-ar01.troutdale.or.bverton.comcast.net (68.85.243.197) 21.160 ms 19.484 ms 26.100 ms
7 4.68.37.245 (4.68.37.245) 20.564 ms 12.287 ms 12.192 ms
8 * * *
9 CHOOPA-LLC.ear2.Frankfurt1.Level3.net (62.67.34.202) 172.812 ms 172.797 ms 172.783 ms
10 * * *
.
.
.
30 * * *
$ nmap -Pn fitnessrows.com
Starting Nmap 7.80 ( https://nmap.org ) at 2023-03-04 21:04 UTC
Nmap scan report for fitnessrows.com (199.247.4.145)
Host is up (0.17s latency).
rDNS record for 199.247.4.145: 199.247.4.145.vultrusercontent.com
Not shown: 999 filtered ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 13.16 seconds
Hello Bruce, I wanted to say thank you I just managed to sort it out. My bad for the back and forth Im just learning I really appreciate the help, good day to you!
