Cannot create cert ->DEBUG:acme.challenges:dns-01 was not recognized

[root@localhost ~]# cat /var/log/letsencrypt/letsencrypt.log
2016-05-01 02:05:18,868:DEBUG:letsencrypt.main:Root logging level set at 10
2016-05-01 02:05:18,869:INFO:letsencrypt.main:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2016-05-01 02:05:18,869:DEBUG:letsencrypt.main:letsencrypt version: 0.5.0
2016-05-01 02:05:18,869:DEBUG:letsencrypt.main:Arguments: ['-a', 'webroot', '--webroot-path=/var/www/letsencrypt', '--email', 'byduckdns@gmail.com', '-d', 'fool.duckdns.org', '--text', '-vv']
2016-05-01 02:05:18,869:DEBUG:letsencrypt.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
2016-05-01 02:05:18,870:DEBUG:letsencrypt.plugins.selection:Requested authenticator webroot and installer None
2016-05-01 02:05:18,874:DEBUG:letsencrypt.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = letsencrypt.plugins.webroot:Authenticator
Initialized: <letsencrypt.plugins.webroot.Authenticator object at 0x27156d0>
Prep: True
2016-05-01 02:05:18,874:DEBUG:letsencrypt.plugins.selection:Selected authenticator <letsencrypt.plugins.webroot.Authenticator object at 0x27156d0> and installer None
2016-05-01 02:05:19,062:DEBUG:letsencrypt.main:Picked account: <Account(c0a7fbb0ee8810ae7b38ae679b30b144)>
2016-05-01 02:05:19,062:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/directory. args: (), kwargs: {}
2016-05-01 02:05:19,067:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-05-01 02:05:24,694:DEBUG:requests.packages.urllib3.connectionpool:"GET /directory HTTP/1.1" 200 263
2016-05-01 02:05:24,697:DEBUG:root:Received <Response [200]>. Headers: {'Content-Length': '263', 'Expires': 'Sun, 01 May 2016 02:05:24 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Sun, 01 May 2016 02:05:24 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'yHpaPGzr5Uk5IQOl7iZuXgVbKe7gTm7W1QZdXP2Z-mg'}. Content: '{"new-authz":"https://acme-v01.api.letsencrypt.org/acme/new-authz","new-cert":"https://acme-v01.api.letsencrypt.org/acme/new-cert","new-reg":"https://acme-v01.api.letsencrypt.org/acme/new-reg","revoke-cert":"https://acme-v01.api.letsencrypt.org/acme/revoke-cert"}'
2016-05-01 02:05:24,699:DEBUG:acme.client:Received response <Response [200]> (headers: {'Content-Length': '263', 'Expires': 'Sun, 01 May 2016 02:05:24 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Sun, 01 May 2016 02:05:24 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'yHpaPGzr5Uk5IQOl7iZuXgVbKe7gTm7W1QZdXP2Z-mg'}): '{"new-authz":"https://acme-v01.api.letsencrypt.org/acme/new-authz","new-cert":"https://acme-v01.api.letsencrypt.org/acme/new-cert","new-reg":"https://acme-v01.api.letsencrypt.org/acme/new-reg","revoke-cert":"https://acme-v01.api.letsencrypt.org/acme/revoke-cert"}'
2016-05-01 02:05:24,701:DEBUG:root:Requesting fresh nonce
2016-05-01 02:05:24,701:DEBUG:root:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {}
2016-05-01 02:05:24,703:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-05-01 02:05:25,684:DEBUG:requests.packages.urllib3.connectionpool:"HEAD /acme/new-authz HTTP/1.1" 405 0
2016-05-01 02:05:25,687:DEBUG:root:Received <Response [405]>. Headers: {'Content-Length': '78', 'Pragma': 'no-cache', 'Expires': 'Sun, 01 May 2016 02:05:25 GMT', 'Server': 'nginx', 'Connection': 'keep-alive', 'Allow': 'POST', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Sun, 01 May 2016 02:05:25 GMT', 'Content-Type': 'application/problem+json', 'Replay-Nonce': 'QEQhNvntY2OoMBIYkdTwiW79d4vxibgyo6QFWNzJM3o'}. Content: ''
2016-05-01 02:05:25,689:DEBUG:acme.client:Storing nonce: '@D!6\xf9\xedcc\xa80\x12\x18\x91\xd4\xf0\x89n\xfdw\x8b\xf1\x89\xb82\xa3\xa4\x05X\xdc\xc93z'
2016-05-01 02:05:25,689:DEBUG:acme.jose.json_util:Omitted empty fields: expires=None, challenges=None, combinations=None, status=None
2016-05-01 02:05:25,690:DEBUG:acme.client:Serialized JSON: {"identifier": {"type": "dns", "value": "fool.duckdns.org"}, "resource": "new-authz"}
2016-05-01 02:05:25,692:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), crit=(), typ=None, jwk=None, x5u=None, kid=None, alg=None, cty=None, x5tS256=None, jku=None, x5t=None
2016-05-01 02:05:25,698:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), crit=(), typ=None, x5u=None, kid=None, cty=None, x5tS256=None, jku=None, x5t=None, nonce=None
2016-05-01 02:05:25,698:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "t00RHgCnuY4RIoRQ7FVmwiRxzMI_RW3AzfT68N5_5UrnnMz2lDR6_Qef6gcZPzaOjjaCdc1BI8GEbBixoBQiFEHXklBhA9JjQXRTxa_okqe-u2vSPrCopTL_vMgyO6j64754j9DcOCbkacEmo6FPTDvIKuVNSzvrfypH7CstpoSa__SrjJvYsYFuwexlaQ65omyyVXiLGbdRkUpvZ7MsZMDB5swwWwHO5DF0_GJ83vxXj-op8NVq0_NI7vrQ4F9oWoGrIsMg5Q7L7CAoa8TQKBvDXNjNHqqcGmKA7jIBZbW7B6DqYUOZc4VFLLKN8Bq295uOc7rG7kjXfOPJjeoUXQ"}}, "protected": "eyJub25jZSI6ICJRRVFoTnZudFkyT29NQklZa2RUd2lXNzlkNHZ4aWJneW82UUZXTnpKTTNvIn0", "payload": "eyJpZGVudGlmaWVyIjogeyJ0eXBlIjogImRucyIsICJ2YWx1ZSI6ICJmb29sLmR1Y2tkbnMub3JnIn0sICJyZXNvdXJjZSI6ICJuZXctYXV0aHoifQ", "signature": "MWB0YmV-OYb0qUk1HYfiL7Z1FckJ3N97-ndQseD52D0Se6C_C8fD5J95HMP9Rt41KT5WQbeCjsvpnsYrThyH089gQJfzyty4-Aw2fKYTaP4Q70SUKayLo-iPhdq03npLsgf6nIyt-q00ueM7BH2WSu-rQrJfnvrpwcATlclAhcQya96uJTJe4j_E8P-UuwtqMfOfNACxLz4OBV1ZNQDz03OU37ZRmEkNr2ybwH02GE_VESG_xCk73qjheBShHp_i62ubC1mSOWW2T5WiFETTs0kaz2nza6o1gks8IOhzRwPrAbU0ZWXSoeJNafX3lNjdbtTxdHl6qYMDPzBjDhaxRQ"}'}
2016-05-01 02:05:25,701:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-05-01 02:05:26,823:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/new-authz HTTP/1.1" 201 779
2016-05-01 02:05:26,826:DEBUG:root:Received <Response [201]>. Headers: {'Content-Length': '779', 'Expires': 'Sun, 01 May 2016 02:05:26 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': 'https://acme-v01.api.letsencrypt.org/acme/new-cert;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Sun, 01 May 2016 02:05:26 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': '04VDRI_Ntpjqwr2sqF9y3sEJdmlH56OUfIZDWg4Dddc'}. Content: '{"identifier":{"type":"dns","value":"fool.duckdns.org"},"status":"pending","expires":"2016-05-08T02:05:26.683429815Z","challenges":[{"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060150","token":"Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY"},{"type":"dns-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060151","token":"dtH-JcSnUKVFtDVxHuaRbJHqwz0u0Ch4mnfwqrA4DLA"},{"type":"tls-sni-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060152","token":"oh87G7f26myZ-XhGq5ijCS8yI1MSO-26lJjJQTeVLXE"}],"combinations":[[0],[1],[2]]}'
2016-05-01 02:05:26,828:DEBUG:acme.client:Storing nonce: '\xd3\x85CD\x8f\xcd\xb6\x98\xea\xc2\xbd\xac\xa8_r\xde\xc1\tviG\xe7\xa3\x94|\x86CZ\x0e\x03u\xd7'
2016-05-01 02:05:26,828:DEBUG:acme.client:Received response <Response [201]> (headers: {'Content-Length': '779', 'Expires': 'Sun, 01 May 2016 02:05:26 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': 'https://acme-v01.api.letsencrypt.org/acme/new-cert;rel="next"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/authz/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Sun, 01 May 2016 02:05:26 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': '04VDRI_Ntpjqwr2sqF9y3sEJdmlH56OUfIZDWg4Dddc'}): '{"identifier":{"type":"dns","value":"fool.duckdns.org"},"status":"pending","expires":"2016-05-08T02:05:26.683429815Z","challenges":[{"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060150","token":"Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY"},{"type":"dns-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060151","token":"dtH-JcSnUKVFtDVxHuaRbJHqwz0u0Ch4mnfwqrA4DLA"},{"type":"tls-sni-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060152","token":"oh87G7f26myZ-XhGq5ijCS8yI1MSO-26lJjJQTeVLXE"}],"combinations":[[0],[1],[2]]}'
2016-05-01 02:05:26,830:DEBUG:acme.challenges:dns-01 was not recognized, full message: {u'status': u'pending', u'token': u'dtH-JcSnUKVFtDVxHuaRbJHqwz0u0Ch4mnfwqrA4DLA', u'type': u'dns-01', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060151'}
2016-05-01 02:05:26,831:INFO:letsencrypt.auth_handler:Performing the following challenges:
2016-05-01 02:05:26,831:INFO:letsencrypt.auth_handler:http-01 challenge for fool.duckdns.org
2016-05-01 02:05:26,832:INFO:letsencrypt.plugins.webroot:Using the webroot path /var/www/letsencrypt for all unmatched domains.
2016-05-01 02:05:26,832:DEBUG:letsencrypt.plugins.webroot:Creating root challenges validation dir at /var/www/letsencrypt/.well-known/acme-challenge
2016-05-01 02:05:26,842:DEBUG:letsencrypt.plugins.webroot:Attempting to save validation to /var/www/letsencrypt/.well-known/acme-challenge/Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY
2016-05-01 02:05:26,843:INFO:letsencrypt.auth_handler:Waiting for verification...
2016-05-01 02:05:26,843:DEBUG:acme.client:Serialized JSON: {"keyAuthorization": "Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY.eaK7GMQB6OhyA2oyZ73gn-RzXpooptttd-Cya31AdH0", "type": "http-01", "resource": "challenge"}
2016-05-01 02:05:26,845:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), crit=(), typ=None, jwk=None, x5u=None, kid=None, alg=None, cty=None, x5tS256=None, jku=None, x5t=None
2016-05-01 02:05:26,850:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), crit=(), typ=None, x5u=None, kid=None, cty=None, x5tS256=None, jku=None, x5t=None, nonce=None
2016-05-01 02:05:26,850:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060150. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "t00RHgCnuY4RIoRQ7FVmwiRxzMI_RW3AzfT68N5_5UrnnMz2lDR6_Qef6gcZPzaOjjaCdc1BI8GEbBixoBQiFEHXklBhA9JjQXRTxa_okqe-u2vSPrCopTL_vMgyO6j64754j9DcOCbkacEmo6FPTDvIKuVNSzvrfypH7CstpoSa__SrjJvYsYFuwexlaQ65omyyVXiLGbdRkUpvZ7MsZMDB5swwWwHO5DF0_GJ83vxXj-op8NVq0_NI7vrQ4F9oWoGrIsMg5Q7L7CAoa8TQKBvDXNjNHqqcGmKA7jIBZbW7B6DqYUOZc4VFLLKN8Bq295uOc7rG7kjXfOPJjeoUXQ"}}, "protected": "eyJub25jZSI6ICIwNFZEUklfTnRwanF3cjJzcUY5eTNzRUpkbWxINTZPVWZJWkRXZzREZGRjIn0", "payload": "eyJrZXlBdXRob3JpemF0aW9uIjogIkF2M2lrNlJlVWUyaFBLYWZVZHdzdThqcFpCVlV1b195RVE5Q3lyN2VwVFkuZWFLN0dNUUI2T2h5QTJveVo3M2duLVJ6WHBvb3B0dHRkLUN5YTMxQWRIMCIsICJ0eXBlIjogImh0dHAtMDEiLCAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIn0", "signature": "THkR9xCWMIdpByGa9d2ID8Ro7qVGe_yEKxxyxLZ1ebjxI7RQu3SDVTX8W_Q8DKbHGjJC2Dh5mSi0ctjXjD-bHskPuRqKIFDlidNGlkvXEglAo1UDOLHvh6e3iPbBRJwpSJGxSMkaNeU07xYtWpxtnIR9HnQjAI-jLP6h8JTztQAILpnR_b3xIIrX1HFSMbbL1k3-pp1RQB9gPUuT-wUH8NAS2PPlaCiI5kCKfQO5n7fcGdOcmCFW8zQTrGEg5ieQ4jXojmLsNHjn33d8L-O6AxPJWPbfEcm48YgPkiMyJT0KfLg-qwR7Ou20oL_IXwHxGJnyWFBKV_mnorUKo8fBIQ"}'}
2016-05-01 02:05:26,852:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-05-01 02:05:27,874:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060150 HTTP/1.1" 202 313
2016-05-01 02:05:27,877:DEBUG:root:Received <Response [202]>. Headers: {'Content-Length': '313', 'Expires': 'Sun, 01 May 2016 02:05:27 GMT', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': 'https://acme-v01.api.letsencrypt.org/acme/authz/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs;rel="up"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060150', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Sun, 01 May 2016 02:05:27 GMT', 'Content-Type': 'application/json', 'Replay-Nonce': 'LKmtJc_CMKJze0b94Hm2XGO5ISnWOglPdoHNNG1ODOE'}. Content: '{"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060150","token":"Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY","keyAuthorization":"Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY.eaK7GMQB6OhyA2oyZ73gn-RzXpooptttd-Cya31AdH0"}'
2016-05-01 02:05:27,878:DEBUG:acme.client:Storing nonce: ',\xa9\xad%\xcf\xc20\xa2s{F\xfd\xe0y\xb6\c\xb9!)\xd6:\tOv\x81\xcd4mN\x0c\xe1'
2016-05-01 02:05:27,879:DEBUG:acme.client:Received response <Response [202]> (headers: {'Content-Length': '313', 'Expires': 'Sun, 01 May 2016 02:05:27 GMT', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': 'https://acme-v01.api.letsencrypt.org/acme/authz/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs;rel="up"', 'Location': 'https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060150', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Sun, 01 May 2016 02:05:27 GMT', 'Content-Type': 'application/json', 'Replay-Nonce': 'LKmtJc_CMKJze0b94Hm2XGO5ISnWOglPdoHNNG1ODOE'}): '{"type":"http-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060150","token":"Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY","keyAuthorization":"Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY.eaK7GMQB6OhyA2oyZ73gn-RzXpooptttd-Cya31AdH0"}'
2016-05-01 02:05:30,883:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs. args: (), kwargs: {}
2016-05-01 02:05:30,885:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2016-05-01 02:05:31,878:DEBUG:requests.packages.urllib3.connectionpool:"GET /acme/authz/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs HTTP/1.1" 200 1284
2016-05-01 02:05:31,881:DEBUG:root:Received <Response [200]>. Headers: {'Content-Length': '1284', 'Expires': 'Sun, 01 May 2016 02:05:31 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': 'https://acme-v01.api.letsencrypt.org/acme/new-cert;rel="next"', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Sun, 01 May 2016 02:05:31 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'DWx00WYmXS3wRMYBQEVSDk9-0VxQcH2Rc1UPqrnSCrA'}. Content: '{"identifier":{"type":"dns","value":"fool.duckdns.org"},"status":"invalid","expires":"2016-05-08T02:05:26Z","challenges":[{"type":"http-01","status":"invalid","error":{"type":"urn:acme:error:connection","detail":"Could not connect to http://fool.duckdns.org/.well-known/acme-challenge/Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY"},"uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060150","token":"Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY","keyAuthorization":"Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY.eaK7GMQB6OhyA2oyZ73gn-RzXpooptttd-Cya31AdH0","validationRecord":[{"url":"http://fool.duckdns.org/.well-known/acme-challenge/Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY","hostname":"fool.duckdns.org","port":"80","addressesResolved":["58.211.8.117"],"addressUsed":"58.211.8.117"}]},{"type":"dns-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060151","token":"dtH-JcSnUKVFtDVxHuaRbJHqwz0u0Ch4mnfwqrA4DLA"},{"type":"tls-sni-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060152","token":"oh87G7f26myZ-XhGq5ijCS8yI1MSO-26lJjJQTeVLXE"}],"combinations":[[0],[1],[2]]}'
2016-05-01 02:05:31,882:DEBUG:acme.client:Received response <Response [200]> (headers: {'Content-Length': '1284', 'Expires': 'Sun, 01 May 2016 02:05:31 GMT', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'nginx', 'Connection': 'keep-alive', 'Link': 'https://acme-v01.api.letsencrypt.org/acme/new-cert;rel="next"', 'Pragma': 'no-cache', 'Cache-Control': 'max-age=0, no-cache, no-store', 'Date': 'Sun, 01 May 2016 02:05:31 GMT', 'X-Frame-Options': 'DENY', 'Content-Type': 'application/json', 'Replay-Nonce': 'DWx00WYmXS3wRMYBQEVSDk9-0VxQcH2Rc1UPqrnSCrA'}): '{"identifier":{"type":"dns","value":"fool.duckdns.org"},"status":"invalid","expires":"2016-05-08T02:05:26Z","challenges":[{"type":"http-01","status":"invalid","error":{"type":"urn:acme:error:connection","detail":"Could not connect to http://fool.duckdns.org/.well-known/acme-challenge/Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY"},"uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060150","token":"Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY","keyAuthorization":"Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY.eaK7GMQB6OhyA2oyZ73gn-RzXpooptttd-Cya31AdH0","validationRecord":[{"url":"http://fool.duckdns.org/.well-known/acme-challenge/Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY","hostname":"fool.duckdns.org","port":"80","addressesResolved":["58.211.8.117"],"addressUsed":"58.211.8.117"}]},{"type":"dns-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060151","token":"dtH-JcSnUKVFtDVxHuaRbJHqwz0u0Ch4mnfwqrA4DLA"},{"type":"tls-sni-01","status":"pending","uri":"https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060152","token":"oh87G7f26myZ-XhGq5ijCS8yI1MSO-26lJjJQTeVLXE"}],"combinations":[[0],[1],[2]]}'
2016-05-01 02:05:31,884:DEBUG:acme.challenges:dns-01 was not recognized, full message: {u'status': u'pending', u'token': u'dtH-JcSnUKVFtDVxHuaRbJHqwz0u0Ch4mnfwqrA4DLA', u'type': u'dns-01', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/g70lgWevnMyqo0iVIgnOKUph_TOO2J0RVoLSKcJQ7Qs/66060151'}
2016-05-01 02:05:31,885:INFO:letsencrypt.reporter:Reporting to user: The following errors were reported by the server:

Domain: fool.duckdns.org
Type: connection
Detail: Could not connect to http://fool.duckdns.org/.well-known/acme-challenge/Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY

To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2016-05-01 02:05:31,886:INFO:letsencrypt.auth_handler:Cleaning up challenges
2016-05-01 02:05:31,886:DEBUG:letsencrypt.plugins.webroot:Removing /var/www/letsencrypt/.well-known/acme-challenge/Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY
2016-05-01 02:05:31,887:DEBUG:letsencrypt.plugins.webroot:Challenges cleaned up but /var/www/letsencrypt/.well-known/acme-challenge not empty
2016-05-01 02:05:31,889:DEBUG:letsencrypt.main:Exiting abnormally:
Traceback (most recent call last):
File "/root/.local/share/letsencrypt/bin/letsencrypt", line 11, in
sys.exit(main())
File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/letsencrypt/main.py", line 692, in main
return config.func(config, plugins)
File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/letsencrypt/main.py", line 509, in obtain_cert
_, action = _auth_from_domains(le_client, config, domains, lineage)
File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/letsencrypt/main.py", line 93, in _auth_from_domains
lineage = le_client.obtain_and_enroll_certificate(domains)
File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/letsencrypt/client.py", line 274, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/letsencrypt/client.py", line 246, in obtain_certificate
self.config.allow_subset_of_names)
File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/letsencrypt/auth_handler.py", line 74, in get_authorizations
self._respond(resp, best_effort)
File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/letsencrypt/auth_handler.py", line 131, in _respond
self._poll_challenges(chall_update, best_effort)
File "/root/.local/share/letsencrypt/lib/python2.7/site-packages/letsencrypt/auth_handler.py", line 195, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. fool.duckdns.org (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to http://fool.duckdns.org/.well-known/acme-challenge/Av3ik6ReUe2hPKafUdwsu8jpZBVUuo_yEQ9Cyr7epTY

[root@localhost ~]#